From 4fc1c2eeb825554073df14e7ad1552b1f5231c9b Mon Sep 17 00:00:00 2001
From: schn33fuchs <silas.raffauf@raffauf-clan.de>
Date: Fri, 1 May 2026 17:07:20 +0200
Subject: [PATCH] Non admin only see their tickets

---
 frontend/src/pages/ticket.rs | 50 +++++++++++++++++++++++++++++++++++-
 1 file changed, 49 insertions(+), 1 deletion(-)

diff --git a/frontend/src/pages/ticket.rs b/frontend/src/pages/ticket.rs
index 8fa1c1c..b093142 100644
--- a/frontend/src/pages/ticket.rs
+++ b/frontend/src/pages/ticket.rs
@@ -37,6 +37,12 @@ pub struct TicketProps {
     pub id: i32,
 }
 
+#[derive(Clone, Debug, PartialEq)]
+pub struct ActiveUser {
+    id: Option<i16>,
+    is_admin: bool,
+}
+
 #[derive(Deserialize, Debug)]
 struct ApiError {
     message: String,
@@ -344,6 +350,10 @@ pub fn all_tickets_component() -> Html {
     let tickets = use_state(|| Vec::<Ticket>::new());
     let error = use_state(|| None::<String>);
     let loading = use_state(|| false);
+    let user = use_state(|| ActiveUser {
+        id: None,
+        is_admin: false,
+    });
 
     {
         let tickets = tickets.clone();
@@ -376,6 +386,37 @@ pub fn all_tickets_component() -> Html {
         });
     }
 
+    {
+        let user = user.clone();
+        use_effect_with((), move |_| {
+            let user = user.clone();
+            spawn_local(async move {
+                if let Ok(response) = Request::get("/api/users/current")
+                    .credentials(web_sys::RequestCredentials::Include)
+                    .send()
+                    .await
+                {
+                    if response.status() == 200 {
+                        if let Ok(json) = response.json::<serde_json::Value>().await {
+                            let id = json
+                                .get("data")
+                                .and_then(|d| d.get("id"))
+                                .and_then(|v| v.as_i64())
+                                .and_then(|n| i16::try_from(n).ok());
+                            let is_admin = json
+                                .get("data")
+                                .and_then(|d| d.get("is_admin"))
+                                .and_then(|v| v.as_bool())
+                                .unwrap_or(false);
+                            user.set(ActiveUser { id, is_admin });
+                        }
+                    }
+                }
+            });
+            || ()
+        });
+    }
+
     if *loading {
         html! {<p>{ "Loading" }</p>}
     } else if let Some(e) = &*error {
@@ -383,10 +424,17 @@ pub fn all_tickets_component() -> Html {
     } else {
         html! {
             <ul>
-            { for tickets.iter().map(|t| html! {
+            { for tickets.iter().filter(|t| if user.is_admin { true } else if let Some(uid) = user.id { t.user_id == uid } else { false }).map(|t| html! {
                     <li key={t.id.to_string()}>
                         <h3>{ format!("{} - #{}", t.betreff, t.id) }</h3>
                         <p>{ &t.description }</p>
+                        <p>{ match t.status.as_str() {
+                            "ToDo" => "Zu tun",
+                            "InProgress" => "In Bearbeitung",
+                            "Completed" => "Erledigt",
+                            "Archived" => "Archiviert",
+                            _ => "Ungültiger Status"
+                        }}</p>
                     </li>
                 })}
             </ul>