MS-BE-API-4: systemRole aus eventGuests entfernt, Auth auf compositeRole umgestellt #123
Labels
No labels
component/backend
component/docs
component/e2e
component/frontend
component/infra
component/keycloak
prio/high
prio/low
prio/medium
type/bug
type/chore
type/feature
type/refactor
type/test
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
WompSchmiede/FamilienFeierPlaner#123
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Beschreibung
eventGuests.systemRole (guest/organizer/event-admin) wird entfernt.
Die Berechtigungssteuerung erfolgt ausschliesslich ueber compositeRole
(Referenz auf eventRoles.permissions-JSONB-Array) und event.createdBy.
Aenderungen
Datenbank (Prisma + Migration)
Auth-Hooks (src/lib/auth.ts)
equireOrganizer(eventIdParam):
sonst 403
equireOrganizerOrEventAdmin(eventIdParam):
Wie requireOrganizer, zusaetzlich Permission 'event-admin' ? OK
equireSelfOrGroupMember(eventIdParam, personIdParam):
systemRole-Check ersetzt durch compositeRole-Permission-Check
equireAddressAccess(personIdParam):
event-admin-Check nutzt compositeRole.permissions 'event-admin'
openapi.yaml
equired)
Seed (prisma/seed.ts)
Tests
Abhaengigkeiten
equireOrganizer-Hook ohne systemRole funktionsfaehig