// frontend/app/(protected)/layout.jsx import Link from "next/link"; import { redirect } from "next/navigation"; import { usePathname } from 'next/navigation'; import { cookies, headers } from "next/headers"; import { can } from "@/lib/rbac"; import { Home, FileText, Users, Settings } from 'lucide-react'; // เพิ่ม Users, Settings หรือไอคอนที่ต้องการ export const metadata = { title: "DMS | Protected" }; const API_BASE = (process.env.NEXT_PUBLIC_API_BASE || "").replace(/\/$/, ""); async function fetchSessionFromAPI() { const cookieStore = await cookies(); // ✅ ต้อง await const cookieHeader = cookieStore.toString(); const hdrs = await headers(); // ✅ ต้อง await const hostHdr = hdrs.get("host"); const protoHdr = hdrs.get("x-forwarded-proto") || "https"; const res = await fetch(`${API_BASE}/api/auth/me`, { method: "GET", headers: { Cookie: cookieHeader, "X-Forwarded-Host": hostHdr || "", "X-Forwarded-Proto": protoHdr, Accept: "application/json", }, cache: "no-store", }); if (!res.ok) return null; try { const data = await res.json(); return data?.ok ? data : null; } catch { return null; } } export default async function ProtectedLayout({ children }) { const session = await fetchSessionFromAPI(); if (!session) { redirect("/login?next=/dashboard"); } const { user } = session; return (
Document Management System — LCBP3 Phase 3
{can(user, "admin:view") && Admin} {can(user, "users:manage") && ผู้ใช้/บทบาท} {can(user, "health:view") && Health} {can(user, "workflow:view") && Workflow} {can(user, "rfa:create") && + RFA} {can(user, "drawing:upload") && + Upload Drawing} {can(user, "transmittal:create") && + Transmittal} {can(user, "correspondence:create") && + หนังสือสื่อสาร}
{children}
); }