feat(geschichten): frontend foundation — canBlogWrite, sanitize util, nav, i18n

- Derives canBlogWrite in +layout.server.ts the same way as canAnnotate. - Adds Geschichten link to AppNav (desktop + mobile, between Stammbaum and Admin). - Adds error_geschichte_not_found mapping to errors.ts and translation keys for the Geschichten index, detail, editor, and confirmation copy in de/en/es. - Adds isomorphic-dompurify-backed safeHtml() helper with allow-list matching the backend OWASP policy (p/br/strong/em/h2/h3/ul/ol/li), plus Vitest spec. - Updates legacy spec test data so the new required canBlogWrite layout prop type-checks. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-02 17:43:29 +02:00
parent afd6d0b20d
commit 9e7861fa03
18 changed files with 998 additions and 28 deletions
--- a/frontend/src/routes/+layout.server.ts
+++ b/frontend/src/routes/+layout.server.ts
@@ -7,6 +7,7 @@ export const load: LayoutServerLoad = async ({ locals }) => {
 		canWrite: groups.some((g) => g.permissions.includes('WRITE_ALL')),
 		canAnnotate: groups.some(
 			(g) => g.permissions.includes('WRITE_ALL') || g.permissions.includes('ANNOTATE_ALL')
-		)
+		),
+		canBlogWrite: groups.some((g) => g.permissions.includes('BLOG_WRITE'))
 	};
 };