36 lines
1.0 KiB
JavaScript
36 lines
1.0 KiB
JavaScript
// Dashboard-Route
|
|
|
|
const { hasRole } = require('../helpers/utils');
|
|
const { requireAuth } = require('../middleware/auth');
|
|
|
|
// Routes registrieren
|
|
function registerDashboardRoutes(app) {
|
|
// Dashboard für Mitarbeiter
|
|
app.get('/dashboard', requireAuth, (req, res) => {
|
|
// Prüfe ob User Mitarbeiter-Rolle hat
|
|
if (!hasRole(req, 'mitarbeiter')) {
|
|
// Wenn User keine Mitarbeiter-Rolle hat, aber andere Rollen, redirecte entsprechend
|
|
if (hasRole(req, 'admin')) {
|
|
return res.redirect('/admin');
|
|
}
|
|
if (hasRole(req, 'verwaltung')) {
|
|
return res.redirect('/verwaltung');
|
|
}
|
|
return res.status(403).send('Zugriff verweigert');
|
|
}
|
|
|
|
res.render('dashboard', {
|
|
user: {
|
|
id: req.session.userId,
|
|
firstname: req.session.firstname,
|
|
lastname: req.session.lastname,
|
|
username: req.session.username,
|
|
roles: req.session.roles || [],
|
|
currentRole: req.session.currentRole || 'mitarbeiter'
|
|
}
|
|
});
|
|
});
|
|
}
|
|
|
|
module.exports = registerDashboardRoutes;
|