luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

backport of commit 6acd2921c5d78382b0a554674cd4f7c81a9a126a (#21622) 

Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
This commit is contained in:
hc-github-team-secure-vault-core 2023-07-06 12:15:50 -04:00 committed by GitHub
parent 7e8c0a1cae
commit a3334cb526
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ui/app/services/permissions.js
View File

@ -97,13 +97,15 @@ export default Service.extend({
hasNavPermission(navItem, routeParams, requireAll) {
if (routeParams) {
// viewing the entity and groups pages require the list capability, while the others require the default, which is anything other than deny
const capability = routeParams === 'entities' || routeParams === 'groups' ? ['list'] : [null];
// check that the user has permission to access all (requireAll = true) or any of the routes when array is passed
// useful for hiding nav headings when user does not have access to any of the links
const params = Array.isArray(routeParams) ? routeParams : [routeParams];
const evalMethod = !Array.isArray(routeParams) || requireAll ? 'every' : 'some';
return params[evalMethod]((param) => this.hasPermission(API_PATHS[navItem][param], capability));
return params[evalMethod]((param) => {
// viewing the entity and groups pages require the list capability, while the others require the default, which is anything other than deny
const capability = param === 'entities' || param === 'groups' ? ['list'] : [null];
return this.hasPermission(API_PATHS[navItem][param], capability);
});
}
return Object.values(API_PATHS[navItem]).some((path) => this.hasPermission(path));
},