Rollen Freigaben Push und Beleg Upload ueberarbeiten

src/app/api/import/csv/route.ts

@@ -28,9 +28,24 @@ function toNumber(value: string | undefined) {
   return Number.isFinite(parsed) ? parsed : null;
 }
 
+function toRole(value: string | undefined): "BOARD" | "ORGA" | "FINANCE" | "MEMBER" {
+  switch (value) {
+    case "ADMIN":
+    case "BOARD":
+      return "BOARD";
+    case "ORGA":
+      return "ORGA";
+    case "FINANCE":
+      return "FINANCE";
+    case "MEMBER":
+    default:
+      return "MEMBER";
+  }
+}
+
 function toApprovalPermissions(
   value: string | undefined,
-  role: "ADMIN" | "FINANCE" | "MEMBER",
+  role: "BOARD" | "ORGA" | "FINANCE" | "MEMBER",
   approvalPreference: "CHAIR_A" | "CHAIR_B" | "FINANCE" | null
 ) {
   const explicitPermissions = value
@@ -51,7 +66,7 @@ export async function POST(request: Request) {
   }
 
   if (!canManageUsers(viewer.role)) {
-    return NextResponse.json({ error: "Nur Vorstand oder Finanz-AG duerfen Backups einspielen." }, { status: 403 });
+    return NextResponse.json({ error: "Nur Vorstand allgemein, AG Orga oder AG Finanzen duerfen Backups einspielen." }, { status: 403 });
   }
 
   const formData = await request.formData().catch(() => null);
@@ -145,7 +160,7 @@ export async function POST(request: Request) {
       }
 
       for (const row of userRows) {
-        const role = row.role as "ADMIN" | "FINANCE" | "MEMBER";
+        const role = toRole(row.role);
         const approvalPreference = toNullable(row.approvalPreference) as "CHAIR_A" | "CHAIR_B" | "FINANCE" | null;
         const approvalPermissions = toApprovalPermissions(row.approvalPermissions, role, approvalPreference);