Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: check authorities in app adapter [LIBS-370] #757

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

fix: check authorities in app adapter [LIBS-370] #757

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
ce2938b
fix(sw): return !ok navigation responses instead of hitting precache
KaiVandivier Oct 14, 2022
b5dcd5f
fix(sw): don't use SWR on .json and .action requests
KaiVandivier Oct 14, 2022
858546c
feat(adapter): check user app authorities before rendering app
KaiVandivier Oct 14, 2022
b03b858
fix(adapter): use proper app authority name
KaiVandivier Oct 17, 2022
b882ed0
feat(adapter): add ui for auth boundary
KaiVandivier Oct 17, 2022
ea3ae21
fix(adapter): production env check
KaiVandivier Oct 17, 2022
7f97ca5
refactor: clean up verifyLatestUser
KaiVandivier Oct 17, 2022
1fe6278
chore: fix comment
KaiVandivier Oct 17, 2022
768e48d
refactor: extract useVerifyLatestUser and wrap just app with authBoun…
KaiVandivier Oct 17, 2022
431fa72
fix: notice box text
KaiVandivier Oct 18, 2022
7fb97ef
chore: i18n
KaiVandivier Oct 18, 2022
6ddc7e1
chore: add name and title to pwa example app
KaiVandivier Oct 20, 2022
09b100c
fix: ensure core app name formatting and handle legacy versions
KaiVandivier Oct 20, 2022
0668608
test: fix tests
KaiVandivier Oct 21, 2022
d5ed304
Merge branch 'master' into fix/pwa-handle-navigations
KaiVandivier Feb 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat(adapter): add ui for auth boundary
  • Loading branch information
@KaiVandivier
KaiVandivier committed Oct 17, 2022
commit b882ed0e68e274b4f62f94e4c6151890a7e06957
44 changes: 35 additions & 9 deletions adapter/src/components/AuthBoundary.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,12 @@ import {
useDataQuery,
clearSensitiveCaches,
} from '@dhis2/app-runtime'
import { CenteredContent, NoticeBox } from '@dhis2/ui'
import PropTypes from 'prop-types'
import React, { useState } from 'react'
import i18n from '../locales'
import { LoadingMask } from './LoadingMask'
import styles from './styles/ErrorBoundary.style.js'

// TODO: Remove useVerifyLatestUser.js (and in app wrapper)

Expand Down Expand Up @@ -39,7 +42,7 @@ const isAppAvailable = (authorities) => {
// Skip check on dev
// TODO: should we check on dev environments too?
if (!IS_PRODUCTION_ENV) {
return true
// return true
}
// Check for three possible authorities
return authorities.some((authority) =>
Expand All @@ -49,13 +52,38 @@ const isAppAvailable = (authorities) => {
)
}

const ForbiddenScreen = ({ appName, baseUrl }) => {
KaiVandivier marked this conversation as resolved.
Show resolved Hide resolved
return (
<div className="mask fullscreen">
<style jsx>{styles}</style>
KaiVandivier marked this conversation as resolved.
Show resolved Hide resolved
<CenteredContent>
<NoticeBox error title={i18n.t('Forbidden')}>
<div>
{i18n.t(
"You don't have access to the {{appName}} app. Contact your system administrator if this seems to be an error.",
{ appName }
)}
</div>
<div>
<a href={baseUrl}>{i18n.t('Return to DHIS2 Home')}</a>
</div>
</NoticeBox>
</CenteredContent>
</div>
)
}
ForbiddenScreen.propTypes = {
appName: PropTypes.string,
baseUrl: PropTypes.string,
}

/**
* This hook is used to clear sensitive caches if a user other than the one
* that cached that data logs in
* @returns {Object} - { loading: boolean }
*/
export function AuthBoundary({ children }) {
const { pwaEnabled, appName } = useConfig()
const { pwaEnabled, appName, baseUrl } = useConfig()
const [finished, setFinished] = useState(false)
const { loading, error, data } = useDataQuery(USER_QUERY, {
onComplete: async ({ user }) => {
Expand All @@ -75,13 +103,11 @@ export function AuthBoundary({ children }) {
throw new Error('Failed to fetch user ID: ' + error)
}

if (isAppAvailable(data.user.authorities)) {
return children
} else {
throw new Error(
`Forbidden: you don't have access to the ${appName} app`
)
}
return isAppAvailable(data.user.authorities) ? (
children
) : (
<ForbiddenScreen appName={appName} baseUrl={baseUrl} />
)
}
AuthBoundary.propTypes = {
children: PropTypes.node,
Expand Down