fix issues

apps/website/lib/blockers/AuthorizationBlocker.ts

@@ -46,19 +46,23 @@ export class AuthorizationBlocker extends Blocker {
       return 'unauthenticated';
     }
 
-    // Note: SessionViewModel doesn't currently have role property
-    // This is a known architectural gap. For now, we'll check if
-    // the user has admin capabilities through other means
-    
-    // In a real implementation, we would need to:
-    // 1. Add role to SessionViewModel
-    // 2. Add role to AuthenticatedUserDTO
-    // 3. Add role to User entity
-    
-    // For now, we'll simulate based on email or other indicators
-    // This is a temporary workaround until the backend role system is implemented
-    
-    return 'enabled'; // Allow access for demo purposes
+    // If no roles are required, allow access
+    if (this.requiredRoles.length === 0) {
+      return 'enabled';
+    }
+
+    // Check if user has a role
+    if (!this.currentSession.role) {
+      return 'unauthorized';
+    }
+
+    // Check if user's role matches any of the required roles
+    if (this.requiredRoles.includes(this.currentSession.role)) {
+      return 'enabled';
+    }
+
+    // User has a role but it's not in the required list
+    return 'insufficient_role';
   }
 
   /**