boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity

fix: trips admin shows only users with trips.record permission

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
BOHA
2026-03-28 08:56:14 +01:00
parent 000a77ccf4
commit 35fa172d36
2 changed files with 41 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/admin/pages/TripsAdmin.tsx
View File

@@ -127,7 +127,7 @@ export default function TripsAdmin() {
try {
const [vRes, uRes, csRes] = await Promise.all([
apiFetch(`${API_BASE}/vehicles`),
apiFetch(`${API_BASE}/users?limit=1000`),
apiFetch(`${API_BASE}/trips/users`),
apiFetch(`${API_BASE}/company-settings`),
]);
const vJson = await vRes.json();
@@ -136,14 +136,7 @@ export default function TripsAdmin() {
if (vJson.success) setVehicles(vJson.data);
if (csJson.success) setCompanyName(csJson.data.company_name || "");
if (uJson.success) {
setUsers(
uJson.data.map(
(u: { id: number; first_name: string; last_name: string }) => ({
id: u.id,
name: `${u.first_name} ${u.last_name}`,
}),
),
);
setUsers(uJson.data);
}
} catch {
// silently fail, filters will just be empty

39
src/routes/admin/trips.ts
View File

@@ -66,6 +66,45 @@ export default async function tripsRoutes(
});
});
// GET /api/admin/trips/users — users with trips.record permission
fastify.get(
"/users",
{ preHandler: requireAuth },
async (_request, reply) => {
const users = await prisma.users.findMany({
where: {
is_active: true,
roles: {
is: {
OR: [
{ name: "admin" },
{
role_permissions: {
some: { permissions: { name: "trips.record" } },
},
},
],
},
},
},
select: {
id: true,
first_name: true,
last_name: true,
username: true,
},
orderBy: { last_name: "asc" },
});
return success(
reply,
users.map((u) => ({
id: u.id,
name: `${u.first_name} ${u.last_name}`.trim() || u.username,
})),
);
},
);
// GET /api/admin/trips/print — print data for trip report
fastify.get(
"/print",