wieerwill/platform
1
0
Fork 0
mirror of https://github.com/hcengineering/platform.git synced 2025-03-14 10:09:59 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fix: check guest access with cookie token (#8122)

Browse Source 
Signed-off-by: Alexander Onnikov <Alexander.Onnikov@xored.com>
This commit is contained in:
Alexander Onnikov 2025-03-03 09:47:15 +03:00 committed by GitHub
parent 496535f3ec
commit 90371ecada
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
plugins/guest-resources/src/utils.ts
View File

@ -1,22 +1,37 @@
import {
type AccountClient,
type WorkspaceLoginInfo,
getClient as getAccountClientRaw
} from '@hcengineering/account-client'
import client from '@hcengineering/client'
import { type Doc, AccountRole } from '@hcengineering/core'
import login from '@hcengineering/login'
import { getMetadata, getResource } from '@hcengineering/platform'
import { getMetadata, getResource, setMetadata } from '@hcengineering/platform'
import presentation from '@hcengineering/presentation'
import { getCurrentLocation, navigate } from '@hcengineering/ui'
import view from '@hcengineering/view'
import { getObjectLinkFragment } from '@hcengineering/view-resources'
import { workbenchId } from '@hcengineering/workbench'
function getAccountClient (token: string | undefined | null): AccountClient {
const accountsUrl = getMetadata(login.metadata.AccountsUrl)
return getAccountClientRaw(accountsUrl, token !== null ? token : undefined)
}
export async function checkAccess (doc: Doc): Promise<void> {
const loc = getCurrentLocation()
const ws = loc.path[1]
const selectWorkspace = await getResource(login.function.SelectWorkspace)
const wsLoginInfo = (await selectWorkspace(ws, null))[1]
if (wsLoginInfo === undefined || wsLoginInfo.role === AccountRole.DocGuest) return
let wsLoginInfo: WorkspaceLoginInfo | undefined
const token = wsLoginInfo.token
try {
wsLoginInfo = await getAccountClient(null).selectWorkspace(ws)
if (wsLoginInfo === undefined || wsLoginInfo.role === AccountRole.DocGuest) return
} catch (err: any) {
return
}
const token = wsLoginInfo?.token
const endpoint = getMetadata(presentation.metadata.Endpoint)
if (token === undefined || endpoint === undefined) return
@ -33,7 +48,7 @@ export async function checkAccess (doc: Doc): Promise<void> {
loc.path[0] = workbenchId
loc.path[1] = ws
// We have access, let's set correct tokens and redirect)
// setMetadata(presentation.metadata.Token, token)
setMetadata(presentation.metadata.Token, token)
navigate(loc)
}
}

4
tests/sanity/tests/tracker/tracker.spec.ts
View File

@ -159,7 +159,7 @@ test.describe('Tracker tests', () => {
await issuesPage.clickAssignee()
await issuesPage.setEstimation()
await issuesPage.inputTextPlaceholderFill('1')
await issuesPage.setDueDate('24')
await issuesPage.setDueDate('19')
await issuesPage.pressEscapeTwice()
await issuesPage.clickOnNewIssue()
await checkIssueDraft(page, {
@ -169,7 +169,7 @@ test.describe('Tracker tests', () => {
priority: 'Urgent',
assignee: 'Appleseed John',
estimation: '1',
dueDate: '24'
dueDate: '19'
})
})