fix(portal) : allow admin+client users to access both views and add admin link

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-15 20:06:09 +01:00
parent f8748c4061
commit 0c8fb654a9
2 changed files with 15 additions and 4 deletions
--- a/frontend/middleware/auth.global.ts
+++ b/frontend/middleware/auth.global.ts
@@ -11,12 +11,12 @@ export default defineNuxtRouteMiddleware(async (to) => {
    }

    if (isLogin && auth.isAuthenticated) {
-        const isClient = auth.user?.roles?.includes('ROLE_CLIENT') ?? false
-        return navigateTo(isClient ? '/portal' : '/')
+        const isClientOnly = auth.user?.roles?.includes('ROLE_CLIENT') && !auth.user?.roles?.includes('ROLE_ADMIN')
+        return navigateTo(isClientOnly ? '/portal' : '/')
    }

-    // ROLE_CLIENT: redirect to /portal, block internal pages
-    if (auth.isAuthenticated && auth.user?.roles?.includes('ROLE_CLIENT')) {
+    // ROLE_CLIENT without ROLE_ADMIN: redirect to /portal, block internal pages
+    if (auth.isAuthenticated && auth.user?.roles?.includes('ROLE_CLIENT') && !auth.user?.roles?.includes('ROLE_ADMIN')) {
        const isPortalRoute = to.path.startsWith('/portal')
        const isLoginRoute = to.path === '/login'
        if (!isPortalRoute && !isLoginRoute) {