update

backend/src/routes/booking.routes.ts

@@ -23,6 +23,7 @@ router.patch('/:id', authenticate, requirePermission('bookings:write'), bookingC
 
 // Soft-cancel (sets abgesagt=TRUE)
 router.delete('/:id',       authenticate, requirePermission('bookings:write'), bookingController.cancel.bind(bookingController));
+router.patch('/:id/cancel', authenticate, requirePermission('bookings:write'), bookingController.cancel.bind(bookingController));
 
 // Hard-delete (admin only)
 router.delete('/:id/force', authenticate, requirePermission('bookings:delete'), bookingController.hardDelete.bind(bookingController));