admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(pos): route settings button by user role (admin vs staff)

Browse Source 
POS settings button (gear icon) and sidebar "Quản lý" link always
navigated to /admin/shop/{shopId}/overview regardless of user role.
Staff members could access admin pages they shouldn't see.

Now routes by role:
- owner/admin/branch → /admin/shop/{shopId}/overview (shop management)
- staff → /staff/dashboard (staff portal)
- unknown role → /auth/login

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Ho Ngoc Hai
2026-03-30 12:00:34 +07:00
parent 1b90b0119d
commit 46402f3e67
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
apps/web-client-tpos-net/src/WebClientTpos.Client/Layout/PosLayout.razor
View File

@@ -98,7 +98,7 @@
</a>
</div>
<div class="pos-sidebar__footer">
<a class="pos-sidebar__link" href="@(!string.IsNullOrEmpty(_shopIdStr) ? $"/admin/shop/{_shopIdStr}/overview" : AuthState.GetPortalUrl())" @onclick="CloseSidebar">
<a class="pos-sidebar__link" href="@GetPortalHref()" @onclick="CloseSidebar">
<i data-lucide="settings" style="width:18px;height:18px;"></i>
<span>Quản lý</span>
</a>
@@ -219,14 +219,23 @@
private void GoToPortal()
{
// EN: Navigate to shop admin page if shopId is available, otherwise fallback to portal URL
// VI: Điều hướng đến trang admin shop nếu có shopId, nếu không fallback về portal URL
if (!string.IsNullOrEmpty(_shopIdStr))
// EN: Navigate based on user role — admin/owner go to shop admin, staff go to staff dashboard
// VI: Điều hướng theo role — admin/owner vào trang quản lý shop, staff vào dashboard nhân viên
var role = AuthState.UserRole?.ToLowerInvariant();
if (role is "owner" or "admin" or "branch" && !string.IsNullOrEmpty(_shopIdStr))
NavigationManager.NavigateTo($"/admin/shop/{_shopIdStr}/overview");
else
NavigationManager.NavigateTo(AuthState.GetPortalUrl());
}
private string GetPortalHref()
{
var role = AuthState.UserRole?.ToLowerInvariant();
if (role is "owner" or "admin" or "branch" && !string.IsNullOrEmpty(_shopIdStr))
return $"/admin/shop/{_shopIdStr}/overview";
return AuthState.GetPortalUrl();
}
private void ToggleSidebar() => _sidebarOpen = !_sidebarOpen;
private void CloseSidebar() => _sidebarOpen = false;