From 7d23214a2d65acb85244bba631c845b618db8676 Mon Sep 17 00:00:00 2001
From: jan <jannihanewinkel@gmail.com>
Date: Fri, 1 May 2026 17:49:42 +0200
Subject: [PATCH] Dokumentationsberechtigung fuer AG Orga ergaenzen

---
 src/app/api/expenses/[id]/documented/route.ts | 2 +-
 src/app/api/expenses/[id]/paid/route.ts       | 2 +-
 src/lib/domain.ts                             | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/app/api/expenses/[id]/documented/route.ts b/src/app/api/expenses/[id]/documented/route.ts
index 2127d79..faedd22 100644
--- a/src/app/api/expenses/[id]/documented/route.ts
+++ b/src/app/api/expenses/[id]/documented/route.ts
@@ -27,7 +27,7 @@ export async function POST(request: Request, { params }: Context) {
   }
 
   if (!canDocumentExpense(viewer.role)) {
-    return NextResponse.json({ error: "Nur Vorstand allgemein oder AG Finanzen duerfen dokumentieren." }, { status: 403 });
+    return NextResponse.json({ error: "Nur Vorstand allgemein, AG Orga oder AG Finanzen duerfen dokumentieren." }, { status: 403 });
   }
 
   const expense = await prisma.expense.findUnique({
diff --git a/src/app/api/expenses/[id]/paid/route.ts b/src/app/api/expenses/[id]/paid/route.ts
index 3857b50..dd5801b 100644
--- a/src/app/api/expenses/[id]/paid/route.ts
+++ b/src/app/api/expenses/[id]/paid/route.ts
@@ -20,7 +20,7 @@ export async function POST(_: Request, { params }: Context) {
   }
 
   if (!canMarkPaid(viewer.role)) {
-    return NextResponse.json({ error: "Nur Vorstand allgemein oder AG Finanzen duerfen Bezahlt setzen." }, { status: 403 });
+    return NextResponse.json({ error: "Nur Vorstand allgemein, AG Orga oder AG Finanzen duerfen Bezahlt setzen." }, { status: 403 });
   }
 
   const expense = await prisma.expense.findUnique({
diff --git a/src/lib/domain.ts b/src/lib/domain.ts
index 36f1288..2396836 100644
--- a/src/lib/domain.ts
+++ b/src/lib/domain.ts
@@ -69,11 +69,11 @@ export function canManageUsers(role: AppRole) {
 }
 
 export function canMarkPaid(role: AppRole) {
-  return role === "BOARD" || role === "FINANCE";
+  return canDocumentExpense(role);
 }
 
 export function canDocumentExpense(role: AppRole) {
-  return role === "BOARD" || role === "FINANCE";
+  return role === "BOARD" || role === "ORGA" || role === "FINANCE";
 }
 
 export function canCreateExpenseForGroup(role: AppRole, viewerGroupId: string | null, targetGroupId: string) {