gdpr audit implemented, email log, vollmachten, pdf delete cancel data privacy and vollmachten, removed message no id card in engergy car, and other contracts that are not telecom contracts, added insert counter for engery

2026-03-21 11:59:53 +01:00
parent 89cf92eaf5
commit f2876f877e
1491 changed files with 265550 additions and 1292 deletions
@@ -88,9 +88,13 @@ function requireCustomerAccess(req, res, next) {
        next();
        return;
    }
-    // Customers can only access their own data
+    // Customers can only access their own data + represented customers
    const customerId = parseInt(req.params.customerId || req.params.id);
-    if (req.user.customerId && req.user.customerId === customerId) {
+    const allowedIds = [
+        req.user.customerId,
+        ...(req.user.representedCustomerIds || []),
+    ].filter(Boolean);
+    if (allowedIds.includes(customerId)) {
        next();
        return;
    }