🚫 fix(permissions): update unauthorized access alerts for member and election management pages

2025-12-13 05:26:47 +00:00 · 2024-10-07 14:26:49 +02:00
parent ef109b87a3
commit 5b0f55ba95
4 changed files with 5 additions and 6 deletions
--- a/resources/views/pages/association/election/[Election:year].blade.php
+++ b/resources/views/pages/association/election/[Election:year].blade.php
@@ -59,7 +59,7 @@ on([
        $this->currentPubkey = $pubkey;
        $this->currentPleb = \App\Models\EinundzwanzigPleb::query()->where('pubkey', $pubkey)->first();
        if ($this->currentPleb->association_status->value < 3) {
-            return redirect()->route('association.profile');
+            return $this->js('alert("Du bist nicht berechtigt, an der Wahl teilzunehmen.")');
        }
        $logPubkeys = [
            '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
--- a/resources/views/pages/association/election/admin/[Election:year].blade.php
+++ b/resources/views/pages/association/election/admin/[Election:year].blade.php
@@ -74,9 +74,8 @@ on([
            '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
            '430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279',
        ],
-        !in_array($this->currentPubkey, $allowedPubkeys, true) ? redirect()->route(
-            'association.profile',
-        ) : $this->isAllowed = true,
+        !in_array($this->currentPubkey, $allowedPubkeys, true) ?
+            $this->js('alert("Du bist hierzu nicht berechtigt.")') : $this->isAllowed = true,
    ],
    'echo:votes,.newVote' => fn()
        => [
--- a/resources/views/pages/association/election/index.blade.php
+++ b/resources/views/pages/association/election/index.blade.php
@@ -37,7 +37,7 @@ on([
        $this->currentPleb = \App\Models\EinundzwanzigPleb::query()
            ->where('pubkey', $pubkey)->first();
        if ($this->currentPubkey !== '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033') {
-            return redirect()->route('association.profile');
+            return $this->js('alert("Du bist nicht berechtigt, Wahlen zu bearbeiten.")');
        }
        $this->isAllowed = true;
    },
--- a/resources/views/pages/association/members/admin.blade.php
+++ b/resources/views/pages/association/members/admin.blade.php
@@ -34,7 +34,7 @@ on([
            '430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279',
        ];
        if (!in_array($this->currentPubkey, $allowedPubkeys, true)) {
-            return redirect()->route('association.profile');
+            return $this->js('alert("Du bist nicht berechtigt, Mitglieder zu bearbeiten.")');
        }
        $this->isAllowed = true;
    },