rick/rosterchirp-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.9.39 bugs fixes

Browse Source
This commit is contained in:
Ricky Stretch
2026-03-16 18:29:51 -04:00
parent 5025f0043d
commit de5912c206
6 changed files with 30 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
backend/src/middleware/auth.js
View File

@@ -43,6 +43,24 @@ function adminMiddleware(req, res, next) {
next();
}
// Allows admins OR members of groups designated as Group Managers or Schedule Managers
function teamManagerMiddleware(req, res, next) {
if (req.user?.role === 'admin') return next();
const db = getDb();
const gmSetting = db.prepare("SELECT value FROM settings WHERE key = 'team_group_managers'").get();
const smSetting = db.prepare("SELECT value FROM settings WHERE key = 'team_schedule_managers'").get();
const allowedGroupIds = [
...JSON.parse(gmSetting?.value || '[]'),
...JSON.parse(smSetting?.value || '[]'),
];
if (allowedGroupIds.length === 0) return res.status(403).json({ error: 'Access denied' });
const member = db.prepare(`
SELECT 1 FROM user_group_members WHERE user_id = ? AND user_group_id IN (${allowedGroupIds.map(() => '?').join(',')})
`).get(req.user.id, ...allowedGroupIds);
if (!member) return res.status(403).json({ error: 'Access denied' });
next();
}
function generateToken(userId) {
return jwt.sign({ id: userId }, JWT_SECRET, { expiresIn: '30d' });
}
@@ -70,4 +88,4 @@ function clearActiveSession(userId, device) {
}
}
module.exports = { authMiddleware, adminMiddleware, generateToken, setActiveSession, clearActiveSession, getDeviceClass };
module.exports = { authMiddleware, adminMiddleware, teamManagerMiddleware, generateToken, setActiveSession, clearActiveSession, getDeviceClass };