From 2f2e93ffcea2d4882276441d996526a7b38af67d Mon Sep 17 00:00:00 2001 From: beo3000 Date: Sat, 3 Jan 2026 14:28:45 +0100 Subject: [PATCH] K4: add Kassenwart role + policy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - UserRole.Treasurer = "Kassenwart" - IdentityRoleSeeder: seed Kassenwart role - ClubRoleRequirement: rank Admin=4, Kassenwart=3 - ClubTreasurer policy in DI 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- docs/IMPLEMENTATION_PLAN.md | 2 +- src/Koogle.Domain/Enums/UserRole.cs | 6 ++++++ src/Koogle.Infrastructure/DependencyInjection.cs | 1 + src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs | 3 ++- src/Koogle.Infrastructure/Security/IdentityRoleSeeder.cs | 2 +- 5 files changed, 11 insertions(+), 3 deletions(-) diff --git a/docs/IMPLEMENTATION_PLAN.md b/docs/IMPLEMENTATION_PLAN.md index e215cc4..6b945e7 100644 --- a/docs/IMPLEMENTATION_PLAN.md +++ b/docs/IMPLEMENTATION_PLAN.md @@ -1702,7 +1702,7 @@ public enum CashBookEntryType { Income = 0, Expense = 1 } | ✓ | K1 | Domain | Entities + Enums | 5 | | ✓ | K2 | Infrastructure | EF Configurations | 4 | | ✓ | K3 | Infrastructure | Migration | - | -| ☐ | K4 | Security | Kassenwart Role + Policy | 4 | +| ✓ | K4 | Security | Kassenwart Role + Policy | 4 | | ☐ | K5 | Infrastructure | Repositories | 5 | | ☐ | K6 | Application | DTOs | 3 | | ☐ | K7 | Application | Service Interfaces | 2 | diff --git a/src/Koogle.Domain/Enums/UserRole.cs b/src/Koogle.Domain/Enums/UserRole.cs index e4e2e94..d0a9be5 100644 --- a/src/Koogle.Domain/Enums/UserRole.cs +++ b/src/Koogle.Domain/Enums/UserRole.cs @@ -25,6 +25,12 @@ namespace Koogle.Domain.Enums /// public const string Admin = "Admin"; + /// + /// With this role, the user can manage the cash book within a club. + /// Rank between Editor and Admin. + /// + public const string Treasurer = "Kassenwart"; + /// /// With this role, the user can edit content within a club but does not have administrative rights. /// diff --git a/src/Koogle.Infrastructure/DependencyInjection.cs b/src/Koogle.Infrastructure/DependencyInjection.cs index 5fe664e..32f6ecd 100644 --- a/src/Koogle.Infrastructure/DependencyInjection.cs +++ b/src/Koogle.Infrastructure/DependencyInjection.cs @@ -74,6 +74,7 @@ public static class DependencyInjection { options.AddPolicy("ClubViewer", p => p.Requirements.Add(new ClubRoleRequirement("Viewer"))); options.AddPolicy("ClubEditor", p => p.Requirements.Add(new ClubRoleRequirement("Editor"))); + options.AddPolicy("ClubTreasurer", p => p.Requirements.Add(new ClubRoleRequirement("Kassenwart"))); options.AddPolicy("ClubAdmin", p => p.Requirements.Add(new ClubRoleRequirement("Admin"))); }); services.AddSingleton(); diff --git a/src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs b/src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs index e7ca08d..0025943 100644 --- a/src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs +++ b/src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs @@ -16,7 +16,8 @@ public static class ClubRoleHelper { static int Rank(string role) => role switch { - "Admin" => 3, + "Admin" => 4, + "Kassenwart" => 3, "Editor" => 2, "Viewer" => 1, _ => 0 diff --git a/src/Koogle.Infrastructure/Security/IdentityRoleSeeder.cs b/src/Koogle.Infrastructure/Security/IdentityRoleSeeder.cs index a1b55a6..49fae73 100644 --- a/src/Koogle.Infrastructure/Security/IdentityRoleSeeder.cs +++ b/src/Koogle.Infrastructure/Security/IdentityRoleSeeder.cs @@ -16,7 +16,7 @@ public static class IdentityRoleSeeder { var roleManager = services.GetRequiredService>(); - string[] roles = { "SuperAdmin", "Admin", "Editor", "Viewer" }; + string[] roles = { "SuperAdmin", "Admin", "Kassenwart", "Editor", "Viewer" }; foreach (var roleName in roles) {