From 0dd0c1bf4ce5fa6a942b88ee91d5c81d8c76584a Mon Sep 17 00:00:00 2001 From: "a.beging@eas-solutions.de" Date: Wed, 29 Apr 2026 15:54:23 +0200 Subject: [PATCH] Enhance AuditView and NavMenu: restrict access for non-admin users in InitializeDataAsync and OnReadData methods, and refactor NavMenu structure for better readability Co-authored-by: Copilot --- FoodsharingSiegen.Server/Pages/AuditView.razor.cs | 4 ++++ FoodsharingSiegen.Server/Shared/NavMenu.razor | 14 +++++++------- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/FoodsharingSiegen.Server/Pages/AuditView.razor.cs b/FoodsharingSiegen.Server/Pages/AuditView.razor.cs index 89e4076..f3e003d 100644 --- a/FoodsharingSiegen.Server/Pages/AuditView.razor.cs +++ b/FoodsharingSiegen.Server/Pages/AuditView.razor.cs @@ -1,5 +1,6 @@ using Blazorise.DataGrid; using FoodsharingSiegen.Contracts.Entity; +using FoodsharingSiegen.Contracts.Helper; using FoodsharingSiegen.Server.Data.Service; using Microsoft.AspNetCore.Components; @@ -39,6 +40,7 @@ namespace FoodsharingSiegen.Server.Pages /// protected override Task InitializeDataAsync() { + if (!CurrentUser.IsAdmin()) NavigationManager.NavigateTo("/"); return Task.CompletedTask; } @@ -52,6 +54,8 @@ namespace FoodsharingSiegen.Server.Pages /// The params private async Task OnReadData(DataGridReadDataEventArgs e) { + if (!CurrentUser.IsAdmin()) return; + var countLoad = await AuditService?.GetCount()!; if (countLoad.Success) TotalAudits = countLoad.Data; diff --git a/FoodsharingSiegen.Server/Shared/NavMenu.razor b/FoodsharingSiegen.Server/Shared/NavMenu.razor index f877225..e47457d 100644 --- a/FoodsharingSiegen.Server/Shared/NavMenu.razor +++ b/FoodsharingSiegen.Server/Shared/NavMenu.razor @@ -64,15 +64,15 @@ - } -
-
- - Aktivitäten - +
+
+ + Aktivitäten + +
-
+ }