Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add create-vaults role #296

Merged
merged 10 commits into from
Oct 18, 2024
Merged

Add create-vaults role #296

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
8e82fd5
require `create-vauilts` role for:
overheadhunter Oct 11, 2024
2124f36
changed `isAdmin()` → `hasRole('admin')`
overheadhunter Oct 11, 2024
192f6f8
require `create-vaults` role for:
overheadhunter Oct 11, 2024
e6c2d74
disable "add vault" button if role is missing
overheadhunter Oct 11, 2024
8aee735
updated changelog
overheadhunter Oct 11, 2024
460b3fa
minor tweaks after code review
overheadhunter Oct 11, 2024
f9eda5c
conditional tooltip & label for missing permission
overheadhunter Oct 17, 2024
f5ac752
add fallback realm role to `@VaultRole` annotation
overheadhunter Oct 17, 2024
508c651
apply new `@VaultRole(realmRole=...)` property
overheadhunter Oct 17, 2024
7ec3ad0
adjust tests
overheadhunter Oct 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
changed isAdmin()hasRole('admin')
  • Loading branch information
@overheadhunter
overheadhunter committed Oct 11, 2024
commit 2124f368f09cc6161f3ca0763157f252a5da8eee
8 changes: 2 additions & 6 deletions frontend/src/common/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,8 @@ class Auth {
return this.keycloak.token;
}

public isAdmin(): boolean {
return this.keycloak.tokenParsed?.realm_access?.roles.includes('admin') ?? false;
}

public isUser(): boolean {
return this.keycloak.tokenParsed?.realm_access?.roles.includes('user') ?? false;
public hasRole(role: string): boolean {
return this.keycloak.tokenParsed?.realm_access?.roles.includes(role) ?? false;
}
}

Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/NavigationBar.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ const props = defineProps<{
}>();

onMounted(async () => {
if ((await auth).isAdmin()) {
if ((await auth).hasRole('admin')) {
profileDropdown.value = [profileDropdownSections.infoSection, profileDropdownSections.adminSection, profileDropdownSections.hubSection];
} else {
profileDropdown.value = [profileDropdownSections.infoSection, profileDropdownSections.hubSection];
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/VaultDetails.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -283,7 +283,7 @@ onMounted(fetchData);
async function fetchData() {
onFetchError.value = null;
try {
isAdmin.value = (await auth).isAdmin();
isAdmin.value = (await auth).hasRole('admin');
vault.value = await backend.vaults.get(props.vaultId);
me.value = await userdata.me;
license.value = await backend.license.getUserInfo();
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/VaultList.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ onMounted(fetchData);
async function fetchData() {
onFetchError.value = null;
try {
isAdmin.value = (await auth).isAdmin();
isAdmin.value = (await auth).hasRole('admin');

if (isAdmin.value) {
filterOptions.value['allVaults'] = t('vaultList.filter.entry.allVaults');
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/router/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ const routes: RouteRecordRaw[] = [
path: 'admin',
beforeEnter: async () => {
const auth = await authPromise;
return auth.isAdmin(); //TODO: reroute to NotFound Screen/ AccessDeniedScreen?
return auth.hasRole('admin'); //TODO: reroute to NotFound Screen/ AccessDeniedScreen?
},
children: [
{
Expand Down