widget cache

2025-05-03 15:20:01 +02:00 · 2025-05-03 15:20:01 +02:00 · f71ae00eb5
commit f71ae00eb5
parent 826ad8d775
1 changed files with 24 additions and 36 deletions
--- a/lib/redis.ts
+++ b/lib/redis.ts
@ -730,57 +730,45 @@ export async function invalidateMessagesCache(
 }

 const hasRole = (requiredRole: string | string[] | undefined) => {
-  // Early returns for invalid cases
+  // If no role is required, don't restrict access
  if (!requiredRole) {
-    console.log('No required role specified');
-    return false;
+    return true;
  }
  
+  // If no session or user roles, deny access
  if (!session?.user?.role) {
-    console.log('No user roles found');
+    console.log('No user roles found in session');
    return false;
  }
  
-  // Extract user roles and normalize them consistently
+  // Get user roles and normalize them properly
  const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role];
-  const cleanUserRoles = userRoles.map(role => typeof role === 'string' ? 
-    role.replace(/^[\/]/, '')  // Remove leading slash
-        .replace(/^ROLE_/, '') // Remove ROLE_ prefix
-        .replace(/^default-roles-[^/]*\//i, '') // Remove realm prefix
-        .toLowerCase()
-    : '').filter(Boolean);
+  const cleanUserRoles = userRoles
+    .filter(role => typeof role === 'string')
+    .map(role => role
+      .replace(/^\//, '')               // Remove leading slash
+      .replace(/^ROLE_/i, '')           // Remove ROLE_ prefix, case insensitive
+      .replace(/^default-roles-[^/]*\//i, '') // Remove realm prefix like default-roles-cercle/
+      .toLowerCase()
+    );
  
-  console.log('Debug roles:', {
-    rawUserRoles: session.user.role,
-    processedUserRoles: cleanUserRoles,
-    requiredRole
+  // Log for debugging
+  console.log('Debug roles in sidebar:', {
+    requiredRole,
+    userRoles: session.user.role,
+    cleanedUserRoles: cleanUserRoles
  });
  
-  // Check against array of required roles
+  // Check array of required roles
  if (Array.isArray(requiredRole)) {
-    const cleanRequiredRoles = requiredRole.map(role => 
-      typeof role === 'string' ? role.toLowerCase() : ''
-    ).filter(Boolean);
-    
-    console.log('Checking multiple roles:', {
-      requiredRoles: requiredRole,
-      cleanRequiredRoles,
-      userRoles: cleanUserRoles,
-      hasAnyRole: cleanRequiredRoles.some(role => cleanUserRoles.includes(role))
-    });
+    const cleanRequiredRoles = requiredRole
+      .filter(role => typeof role === 'string')
+      .map(role => role.toLowerCase());
    
    return cleanRequiredRoles.some(role => cleanUserRoles.includes(role));
  }
  
-  // Check against single required role
-  const cleanRequiredRole = typeof requiredRole === 'string' ? requiredRole.toLowerCase() : '';
-  
-  console.log('Checking single role:', {
-    requiredRole,
-    cleanRequiredRole,
-    userRoles: cleanUserRoles,
-    hasRole: cleanUserRoles.includes(cleanRequiredRole)
-  });
-  
+  // Check single required role
+  const cleanRequiredRole = requiredRole.toLowerCase();
  return cleanUserRoles.includes(cleanRequiredRole);
 };