diff --git a/server/backend/internal/httpapi/manage/templates.go b/server/backend/internal/httpapi/manage/templates.go index 28cf738..a754863 100644 --- a/server/backend/internal/httpapi/manage/templates.go +++ b/server/backend/internal/httpapi/manage/templates.go @@ -957,6 +957,7 @@ const manageTmpl = `
+ {{if ne .UserRole "restricted"}}

Display

@@ -969,6 +970,7 @@ const manageTmpl = ` onclick="sendDisplayCmd('off')">Ausschalten
+ {{end}} {{if ne .UserRole "restricted"}}
diff --git a/server/backend/internal/httpapi/manage/ui.go b/server/backend/internal/httpapi/manage/ui.go index 287d033..ffb2da0 100644 --- a/server/backend/internal/httpapi/manage/ui.go +++ b/server/backend/internal/httpapi/manage/ui.go @@ -439,7 +439,7 @@ func HandleManageUI( case "admin": isAdmin = true accessibleScreens, _ = screens.ListAll(r.Context()) - case "screen_user": + case "screen_user", "restricted": accessibleScreens, _ = screens.GetAccessibleScreens(r.Context(), u.ID) default: // tenant_user und ähnliche Rollen: alle Screens des eigenen Tenants. diff --git a/server/backend/internal/store/auth.go b/server/backend/internal/store/auth.go index 2ab98ac..d963364 100644 --- a/server/backend/internal/store/auth.go +++ b/server/backend/internal/store/auth.go @@ -190,7 +190,7 @@ func (s *AuthStore) CreateScreenUser(ctx context.Context, tenantSlug, username, return u, nil } -// ListScreenUsers returns all users with role 'screen_user' for the given tenant. +// ListScreenUsers returns all users with role 'screen_user' or 'restricted' for the given tenant. func (s *AuthStore) ListScreenUsers(ctx context.Context, tenantSlug string) ([]*User, error) { rows, err := s.pool.Query(ctx, `select u.id, u.tenant_id, coalesce(t.slug, ''), u.username, u.password_hash, u.role, u.created_at