Merge remote-tracking branch 'origin/master'

2026-02-14 11:11:13 +03:00
parent 7b0850eb4e
commit 1d15b619f9
1 changed files with 50 additions and 3 deletions
--- a/ui/src/stores/authStore.js
+++ b/ui/src/stores/authStore.js
@@ -3,6 +3,40 @@ import { defineStore } from 'pinia'
 import api from 'src/services/api'
 import { usePermissionStore } from 'stores/permissionStore'

+function normalizeRoleCode (value) {
+  return String(value || '').trim().toLowerCase()
+}
+
+function roleCodeFromUser (user) {
+  if (!user || typeof user !== 'object') return ''
+
+  return normalizeRoleCode(
+    user.role_code ??
+    user.roleCode ??
+    user.RoleCode
+  )
+}
+
+function decodeJwtPayload (token) {
+  const raw = String(token || '').trim()
+  if (!raw) return null
+
+  const parts = raw.split('.')
+  if (parts.length !== 3) return null
+
+  try {
+    const base64 = parts[1]
+      .replace(/-/g, '+')
+      .replace(/_/g, '/')
+      .padEnd(Math.ceil(parts[1].length / 4) * 4, '=')
+
+    const json = atob(base64)
+    return JSON.parse(json)
+  } catch {
+    return null
+  }
+}
+
 export const useAuthStore = defineStore('auth', {
  state: () => {
    let user = null
@@ -29,8 +63,13 @@ export const useAuthStore = defineStore('auth', {
    mustChangePassword: s => !!s.forcePasswordChange,

    // 🔥 TEK ADMIN KURALI
-    isAdmin: s =>
-      String(s.user?.role_code || '').toLowerCase() === 'admin'
+    isAdmin: s => {
+      const fromUser = roleCodeFromUser(s.user)
+      if (fromUser) return fromUser === 'admin'
+
+      const payload = decodeJwtPayload(s.token)
+      return normalizeRoleCode(payload?.role_code) === 'admin'
+    }
  },

  actions: {
@@ -39,7 +78,15 @@ export const useAuthStore = defineStore('auth', {
    ========================================================= */
    setSession ({ token, user }) {
      this.token = token
-      this.user = user ?? null
+      if (user) {
+        // Keep prior role fields if backend returns partial user payload.
+        this.user = {
+          ...(this.user || {}),
+          ...user
+        }
+      } else {
+        this.user = null
+      }
      this.forcePasswordChange = !!user?.force_password_change

      localStorage.setItem('token', token)