fixed auth handling for access control

2025-12-01 06:55:45 +01:00 · 2025-10-21 10:23:17 +02:00
parent 5254d3823a
commit 59b09b663e
3 changed files with 8 additions and 10 deletions
--- a/backend/src/routes/employees.ts
+++ b/backend/src/routes/employees.ts
@@ -19,7 +19,7 @@ const router = express.Router();
 router.use(authMiddleware);

 // Employee CRUD Routes
-router.get('/', requireRole(['admin']), getEmployees);
+router.get('/', authMiddleware, getEmployees);
 router.get('/:id', requireRole(['admin', 'instandhalter']), getEmployee);
 router.post('/', requireRole(['admin']), createEmployee);
 router.put('/:id', requireRole(['admin']), updateEmployee);