ui: Remove any route level auth checks (#11891)
This commit is contained in:
parent
cf68ef8646
commit
a34bf96559
|
@ -0,0 +1,4 @@
|
|||
```release-note:bug
|
||||
ui: Fixes an issue where once a 403 page is displayed in some circumstances its
|
||||
diffcult to click back to where you where before receiving a 403
|
||||
```
|
|
@ -1,7 +1,6 @@
|
|||
import Route from '@ember/routing/route';
|
||||
import { get, setProperties, action } from '@ember/object';
|
||||
import { inject as service } from '@ember/service';
|
||||
import HTTPError from 'consul-ui/utils/http/error';
|
||||
|
||||
// paramsFor
|
||||
import { routes } from 'consul-ui/router';
|
||||
|
@ -50,27 +49,6 @@ export default class BaseRoute extends Route {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Inspects a custom `abilities` array on the router for this route. Every
|
||||
* abililty needs to 'pass' for the route not to throw a 403 error. Anything
|
||||
* more complex then this (say ORs) should use a single ability and perform
|
||||
* the OR logic in the test for the ability. Note, this ability check happens
|
||||
* before any calls to the backend for this model/route.
|
||||
*/
|
||||
async beforeModel() {
|
||||
// remove any references to index as it is the same as the root routeName
|
||||
const routeName = this.routeName
|
||||
.split('.')
|
||||
.filter(item => item !== 'index')
|
||||
.join('.');
|
||||
const abilities = get(routes, `${routeName}._options.abilities`) || [];
|
||||
if (abilities.length > 0) {
|
||||
if (!abilities.every(ability => this.permissions.can(ability))) {
|
||||
throw new HTTPError('403');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* By default any empty string query parameters should remove the query
|
||||
* parameter from the URL. This is the most common behavior if you don't
|
||||
|
|
Loading…
Reference in New Issue