From 518e417b1da4aaf55146dd89c5e779fe5eaace41 Mon Sep 17 00:00:00 2001 From: Lars Date: Thu, 19 Mar 2026 06:28:48 +0100 Subject: [PATCH] =?UTF-8?q?fix:=20admins=20k=C3=B6nnen=20jetzt=20alle=20Pr?= =?UTF-8?q?ompts=20sehen=20und=20bearbeiten?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - /api/prompts checkt nun ob User admin ist - Admins sehen ALLE Prompts (inkl. pipeline_ und inaktive) - Normale User sehen nur aktive Einzelanalysen (wie bisher) - Frontend (Analysis.jsx) zeigt Pipeline-Prompts bereits korrekt: * Gruppiert nach "Einzelanalysen" und "Mehrstufige Pipeline" * JSON-Prompts (Stage 1) mit oranger Border und Badge * Warnung über JSON-Format bereits vorhanden - CSS-Variablen --warn, --warn-bg, --warn-text bereits definiert Co-Authored-By: Claude Opus 4.6 --- backend/main.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/backend/main.py b/backend/main.py index f10acff..c30b46b 100644 --- a/backend/main.py +++ b/backend/main.py @@ -1063,10 +1063,22 @@ async def analyze_pipeline(x_profile_id: Optional[str]=Header(default=None), ses @app.get("/api/prompts") def list_prompts(session: dict=Depends(require_auth)): - """List all available AI prompts.""" + """ + List AI prompts. + - Admins: see ALL prompts (including pipeline and inactive) + - Users: see only active single-analysis prompts + """ with get_db() as conn: cur = get_cursor(conn) - cur.execute("SELECT * FROM ai_prompts WHERE active=true AND slug NOT LIKE 'pipeline_%' ORDER BY sort_order") + is_admin = session.get('role') == 'admin' + + if is_admin: + # Admin sees everything + cur.execute("SELECT * FROM ai_prompts ORDER BY sort_order, slug") + else: + # Users see only active, non-pipeline prompts + cur.execute("SELECT * FROM ai_prompts WHERE active=true AND slug NOT LIKE 'pipeline_%' ORDER BY sort_order") + return [r2d(r) for r in cur.fetchall()] @app.put("/api/prompts/{prompt_id}")