fix: use verified routes in navbar and improve can_access_page?

Use ~p verified routes instead of string paths in navbar template. Update can_access_page? to handle both string and verified route paths for better type safety.
2026-01-08 15:54:47 +01:00 · 2026-01-08 15:54:47 +01:00 · ddb4da266d
commit ddb4da266d
parent ce395ec112
2 changed files with 8 additions and 4 deletions
--- a/lib/mv_web/authorization.ex
+++ b/lib/mv_web/authorization.ex
@ -106,14 +106,18 @@ defmodule MvWeb.Authorization do
      iex> can_access_page?(mitglied, "/members")
      false
  """
-  @spec can_access_page?(map() | nil, String.t()) :: boolean()
+  @spec can_access_page?(map() | nil, String.t() | Phoenix.VerifiedRoutes.unverified_path()) ::
+          boolean()
  def can_access_page?(nil, _page_path), do: false

  def can_access_page?(user, page_path) do
+    # Convert verified route to string if needed
+    page_path_str = if is_binary(page_path), do: page_path, else: to_string(page_path)
+
    with %{role: %{permission_set_name: ps_name}} when not is_nil(ps_name) <- user,
         {:ok, ps_atom} <- PermissionSets.permission_set_name_to_atom(ps_name),
         permissions <- PermissionSets.get_permissions(ps_atom) do
-      page_matches?(permissions.pages, page_path)
+      page_matches?(permissions.pages, page_path_str)
    else
      _ -> false
    end