diff --git a/app/[section]/page.tsx b/app/[section]/page.tsx index 0736fa5b..9d6d04e0 100644 --- a/app/[section]/page.tsx +++ b/app/[section]/page.tsx @@ -11,7 +11,7 @@ const menuItems = { } export default async function SectionPage({ params }: { params: { section: string } }) { - const { section } = params; + const section = params.section; const iframeUrl = menuItems[section as keyof typeof menuItems] if (!iframeUrl) { diff --git a/components/sidebar.tsx b/components/sidebar.tsx index 8f2dd26d..0fcf51e6 100644 --- a/components/sidebar.tsx +++ b/components/sidebar.tsx @@ -71,46 +71,56 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) { // Function to check if user has a specific role const hasRole = (requiredRole: string | string[] | undefined) => { - if (!requiredRole || !session?.user?.role) { - console.log('No required role or user roles found', { - requiredRole, - userRoles: session?.user?.role - }); + // If no role is required, allow access + if (!requiredRole) { + return true; + } + + // If no session or user roles, deny access + if (!session?.user?.role) { + console.log('No user roles found in session'); return false; } + // Get user roles and normalize them properly const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role]; - const cleanUserRoles = userRoles.map(role => role.toLowerCase()); + const cleanUserRoles = userRoles + .filter(Boolean) // Remove any null/undefined values + .map(role => { + if (typeof role !== 'string') return ''; + return role + .replace(/^\//, '') // Remove leading slash + .replace(/^ROLE_/i, '') // Remove ROLE_ prefix, case insensitive + .replace(/^default-roles-[^/]*\//i, '') // Remove realm prefix like default-roles-cercle/ + .toLowerCase(); + }) + .filter(role => role !== ''); // Remove empty strings - console.log('Debug roles:', { - rawUserRoles: session.user.role, - processedUserRoles: cleanUserRoles, - requiredRole, - pathname - }); - - // If requiredRole is an array, check if user has any of the roles - if (Array.isArray(requiredRole)) { - const cleanRequiredRoles = requiredRole.map(role => role.toLowerCase()); - console.log('Checking multiple roles:', { - requiredRoles: requiredRole, - cleanRequiredRoles, - userRoles: cleanUserRoles, - hasAnyRole: cleanRequiredRoles.some(role => cleanUserRoles.includes(role)), - matchingRoles: cleanRequiredRoles.filter(role => cleanUserRoles.includes(role)) + // For debugging only + if (process.env.NODE_ENV === 'development') { + console.log(`Role check for: ${JSON.stringify(requiredRole)}`, { + userRoles: session.user.role, + cleanedUserRoles: cleanUserRoles }); + } + + // Check against array of required roles + if (Array.isArray(requiredRole)) { + const cleanRequiredRoles = requiredRole + .filter(Boolean) + .map(role => typeof role === 'string' ? role.toLowerCase() : '') + .filter(role => role !== ''); + return cleanRequiredRoles.some(role => cleanUserRoles.includes(role)); } - // For single role requirement - const cleanRequiredRole = requiredRole.toLowerCase(); - console.log('Checking single role:', { - requiredRole, - cleanRequiredRole, - userRoles: cleanUserRoles, - hasRole: cleanUserRoles.includes(cleanRequiredRole) - }); - return cleanUserRoles.includes(cleanRequiredRole); + // Check against single required role + if (typeof requiredRole === 'string') { + const cleanRequiredRole = requiredRole.toLowerCase(); + return cleanUserRoles.includes(cleanRequiredRole); + } + + return false; }; // Base menu items (available for everyone) @@ -264,6 +274,23 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) { {item.title} ))} + + {/* Debug display only in development */} + {process.env.NODE_ENV === 'development' && ( +
+

Debug Info:

+
+

User: {session?.user?.name}

+

Email: {session?.user?.email}

+
+ User Roles + 
+                      {JSON.stringify(session?.user?.role, null, 2)}
+
+
+
+
+ )} diff --git a/lib/redis.ts b/lib/redis.ts index 0528b8f6..80bd3825 100644 --- a/lib/redis.ts +++ b/lib/redis.ts @@ -727,48 +727,4 @@ export async function invalidateMessagesCache( } catch (error) { console.error(`Error invalidating messages cache for user ${userId}:`, error); } -} - -const hasRole = (requiredRole: string | string[] | undefined) => { - // If no role is required, don't restrict access - if (!requiredRole) { - return true; - } - - // If no session or user roles, deny access - if (!session?.user?.role) { - console.log('No user roles found in session'); - return false; - } - - // Get user roles and normalize them properly - const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role]; - const cleanUserRoles = userRoles - .filter(role => typeof role === 'string') - .map(role => role - .replace(/^\//, '') // Remove leading slash - .replace(/^ROLE_/i, '') // Remove ROLE_ prefix, case insensitive - .replace(/^default-roles-[^/]*\//i, '') // Remove realm prefix like default-roles-cercle/ - .toLowerCase() - ); - - // Log for debugging - console.log('Debug roles in sidebar:', { - requiredRole, - userRoles: session.user.role, - cleanedUserRoles: cleanUserRoles - }); - - // Check array of required roles - if (Array.isArray(requiredRole)) { - const cleanRequiredRoles = requiredRole - .filter(role => typeof role === 'string') - .map(role => role.toLowerCase()); - - return cleanRequiredRoles.some(role => cleanUserRoles.includes(role)); - } - - // Check single required role - const cleanRequiredRole = requiredRole.toLowerCase(); - return cleanUserRoles.includes(cleanRequiredRole); -}; \ No newline at end of file +} \ No newline at end of file