show admin pages only when permissions are correct

src/routes/admin/+layout.server.ts

@@ -6,7 +6,7 @@ export const load: LayoutServerLoad = async ({ cookies }) => {
 	const session = getSession(cookies);
 
 	return {
-		userCount: session?.permissions.userRead() ? await User.count() : 0,
-		adminCount: session?.permissions.adminRead() ? await Admin.count() : 0
+		userCount: session?.permissions.userRead() ? await User.count() : null,
+		adminCount: session?.permissions.adminRead() ? await Admin.count() : null
 	};
 };

src/routes/admin/+layout.svelte

@@ -19,27 +19,31 @@
 	}
 
 	export let data: LayoutData;
-	$adminCount = data.adminCount;
+	if (data.adminCount) $adminCount = data.adminCount;
 </script>
 
 {#if $page.url.pathname !== `${env.PUBLIC_BASE_PATH}/admin/login`}
 	<div class="flex h-screen">
-		<div class="h-full w-max">
-			<ul class="menu p-4 w-fit h-full bg-base-200 text-base-content">
-				<li>
-					<a href="{env.PUBLIC_BASE_PATH}/admin/users">
-						<IconOutline name="user-group-outline" />
-						<span class="ml-1">Registrierte Nutzer</span>
-						<div class="badge">{data.userCount}</div>
-					</a>
-				</li>
-				<li>
-					<a href="{env.PUBLIC_BASE_PATH}/admin/admin">
-						<IconOutline name="users-outline" />
-						<span class="ml-1">Website Admins</span>
-						<div class="badge">{$adminCount}</div>
-					</a>
-				</li>
+		<div class="h-full">
+			<ul class="menu p-4 w-max h-full bg-base-200 text-base-content">
+				{#if data.userCount != null}
+					<li>
+						<a href="{env.PUBLIC_BASE_PATH}/admin/users">
+							<IconOutline name="user-group-outline" />
+							<span class="ml-1">Registrierte Nutzer</span>
+							<div class="badge">{data.userCount}</div>
+						</a>
+					</li>
+				{/if}
+				{#if data.adminCount != null}
+					<li>
+						<a href="{env.PUBLIC_BASE_PATH}/admin/admin">
+							<IconOutline name="users-outline" />
+							<span class="ml-1">Website Admins</span>
+							<div class="badge">{$adminCount}</div>
+						</a>
+					</li>
+				{/if}
 				<li class="mt-auto">
 					<button on:click={(e) => buttonTriggeredRequest(e, logout())}>
 						<IconOutline name="arrow-left-on-rectangle-outline" />

src/routes/admin/admin/+page.server.ts

@@ -2,8 +2,13 @@ import type { PageServerLoad } from './$types';
 import { Admin } from '$lib/server/database';
 import { getSession } from '$lib/server/session';
 import { Permissions } from '$lib/permissions';
+import { redirect } from '@sveltejs/kit';
+import { env } from '$env/dynamic/public';
+
+export const load: PageServerLoad = async ({ parent, cookies }) => {
+	const { adminCount } = await parent();
+	if (adminCount == null) throw redirect(302, `${env.PUBLIC_BASE_PATH}/admin`);
 
-export const load: PageServerLoad = async ({ cookies }) => {
 	let admins: (typeof Admin.prototype)[] = [];
 	if (getSession(cookies, { permissions: [Permissions.AdminRead] }) != null) {
 		admins = await Admin.findAll({ raw: true, attributes: { exclude: ['password'] } });

src/routes/admin/users/+page.server.ts

@@ -2,8 +2,13 @@ import type { PageServerLoad } from './$types';
 import { User } from '$lib/server/database';
 import { getSession } from '$lib/server/session';
 import { Permissions } from '$lib/permissions';
+import { redirect } from '@sveltejs/kit';
+import { env } from '$env/dynamic/public';
+
+export const load: PageServerLoad = async ({ parent, cookies }) => {
+	const { userCount } = await parent();
+	if (userCount == null) throw redirect(302, `${env.PUBLIC_BASE_PATH}/admin`);
 
-export const load: PageServerLoad = async ({ cookies }) => {
 	return {
 		count:
 			getSession(cookies, { permissions: [Permissions.UserRead] }) != null ? await User.count() : 0