Dokumentationsberechtigung fuer AG Orga ergaenzen

2026-05-01 17:49:42 +02:00
parent bd59e50a51
commit 7d23214a2d
3 changed files with 4 additions and 4 deletions
--- a/src/app/api/expenses/[id]/documented/route.ts
+++ b/src/app/api/expenses/[id]/documented/route.ts
@@ -27,7 +27,7 @@ export async function POST(request: Request, { params }: Context) {
  }
  if (!canDocumentExpense(viewer.role)) {
-    return NextResponse.json({ error: "Nur Vorstand allgemein oder AG Finanzen duerfen dokumentieren." }, { status: 403 });
+    return NextResponse.json({ error: "Nur Vorstand allgemein, AG Orga oder AG Finanzen duerfen dokumentieren." }, { status: 403 });
  }
  const expense = await prisma.expense.findUnique({
--- a/src/app/api/expenses/[id]/paid/route.ts
+++ b/src/app/api/expenses/[id]/paid/route.ts
@@ -20,7 +20,7 @@ export async function POST(_: Request, { params }: Context) {
  }
  if (!canMarkPaid(viewer.role)) {
-    return NextResponse.json({ error: "Nur Vorstand allgemein oder AG Finanzen duerfen Bezahlt setzen." }, { status: 403 });
+    return NextResponse.json({ error: "Nur Vorstand allgemein, AG Orga oder AG Finanzen duerfen Bezahlt setzen." }, { status: 403 });
  }
  const expense = await prisma.expense.findUnique({
--- a/src/lib/domain.ts
+++ b/src/lib/domain.ts
@@ -69,11 +69,11 @@ export function canManageUsers(role: AppRole) {
 }
 export function canMarkPaid(role: AppRole) {
-  return role === "BOARD" || role === "FINANCE";
+  return canDocumentExpense(role);
 }
 export function canDocumentExpense(role: AppRole) {
-  return role === "BOARD" || role === "FINANCE";
+  return role === "BOARD" || role === "ORGA" || role === "FINANCE";
 }
 export function canCreateExpenseForGroup(role: AppRole, viewerGroupId: string | null, targetGroupId: string) {