mirror of
https://github.com/hcengineering/platform.git
synced 2025-03-14 18:15:01 +00:00
fix: check guest access with cookie token (#8122)
Signed-off-by: Alexander Onnikov <Alexander.Onnikov@xored.com>
This commit is contained in:
parent
496535f3ec
commit
90371ecada
@ -1,22 +1,37 @@
|
|||||||
|
import {
|
||||||
|
type AccountClient,
|
||||||
|
type WorkspaceLoginInfo,
|
||||||
|
getClient as getAccountClientRaw
|
||||||
|
} from '@hcengineering/account-client'
|
||||||
import client from '@hcengineering/client'
|
import client from '@hcengineering/client'
|
||||||
import { type Doc, AccountRole } from '@hcengineering/core'
|
import { type Doc, AccountRole } from '@hcengineering/core'
|
||||||
import login from '@hcengineering/login'
|
import login from '@hcengineering/login'
|
||||||
import { getMetadata, getResource } from '@hcengineering/platform'
|
import { getMetadata, getResource, setMetadata } from '@hcengineering/platform'
|
||||||
import presentation from '@hcengineering/presentation'
|
import presentation from '@hcengineering/presentation'
|
||||||
import { getCurrentLocation, navigate } from '@hcengineering/ui'
|
import { getCurrentLocation, navigate } from '@hcengineering/ui'
|
||||||
import view from '@hcengineering/view'
|
import view from '@hcengineering/view'
|
||||||
import { getObjectLinkFragment } from '@hcengineering/view-resources'
|
import { getObjectLinkFragment } from '@hcengineering/view-resources'
|
||||||
import { workbenchId } from '@hcengineering/workbench'
|
import { workbenchId } from '@hcengineering/workbench'
|
||||||
|
|
||||||
|
function getAccountClient (token: string | undefined | null): AccountClient {
|
||||||
|
const accountsUrl = getMetadata(login.metadata.AccountsUrl)
|
||||||
|
return getAccountClientRaw(accountsUrl, token !== null ? token : undefined)
|
||||||
|
}
|
||||||
|
|
||||||
export async function checkAccess (doc: Doc): Promise<void> {
|
export async function checkAccess (doc: Doc): Promise<void> {
|
||||||
const loc = getCurrentLocation()
|
const loc = getCurrentLocation()
|
||||||
const ws = loc.path[1]
|
const ws = loc.path[1]
|
||||||
|
|
||||||
const selectWorkspace = await getResource(login.function.SelectWorkspace)
|
let wsLoginInfo: WorkspaceLoginInfo | undefined
|
||||||
const wsLoginInfo = (await selectWorkspace(ws, null))[1]
|
|
||||||
if (wsLoginInfo === undefined || wsLoginInfo.role === AccountRole.DocGuest) return
|
|
||||||
|
|
||||||
const token = wsLoginInfo.token
|
try {
|
||||||
|
wsLoginInfo = await getAccountClient(null).selectWorkspace(ws)
|
||||||
|
if (wsLoginInfo === undefined || wsLoginInfo.role === AccountRole.DocGuest) return
|
||||||
|
} catch (err: any) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
const token = wsLoginInfo?.token
|
||||||
const endpoint = getMetadata(presentation.metadata.Endpoint)
|
const endpoint = getMetadata(presentation.metadata.Endpoint)
|
||||||
if (token === undefined || endpoint === undefined) return
|
if (token === undefined || endpoint === undefined) return
|
||||||
|
|
||||||
@ -33,7 +48,7 @@ export async function checkAccess (doc: Doc): Promise<void> {
|
|||||||
loc.path[0] = workbenchId
|
loc.path[0] = workbenchId
|
||||||
loc.path[1] = ws
|
loc.path[1] = ws
|
||||||
// We have access, let's set correct tokens and redirect)
|
// We have access, let's set correct tokens and redirect)
|
||||||
// setMetadata(presentation.metadata.Token, token)
|
setMetadata(presentation.metadata.Token, token)
|
||||||
navigate(loc)
|
navigate(loc)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -159,7 +159,7 @@ test.describe('Tracker tests', () => {
|
|||||||
await issuesPage.clickAssignee()
|
await issuesPage.clickAssignee()
|
||||||
await issuesPage.setEstimation()
|
await issuesPage.setEstimation()
|
||||||
await issuesPage.inputTextPlaceholderFill('1')
|
await issuesPage.inputTextPlaceholderFill('1')
|
||||||
await issuesPage.setDueDate('24')
|
await issuesPage.setDueDate('19')
|
||||||
await issuesPage.pressEscapeTwice()
|
await issuesPage.pressEscapeTwice()
|
||||||
await issuesPage.clickOnNewIssue()
|
await issuesPage.clickOnNewIssue()
|
||||||
await checkIssueDraft(page, {
|
await checkIssueDraft(page, {
|
||||||
@ -169,7 +169,7 @@ test.describe('Tracker tests', () => {
|
|||||||
priority: 'Urgent',
|
priority: 'Urgent',
|
||||||
assignee: 'Appleseed John',
|
assignee: 'Appleseed John',
|
||||||
estimation: '1',
|
estimation: '1',
|
||||||
dueDate: '24'
|
dueDate: '19'
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user