Skip to content

Commit

Permalink
Merge pull request #284 from GluuFederation/admin-ui-issue-277
Browse files Browse the repository at this point in the history
fix: block user without proper roles #277
  • Loading branch information
mjatin-dev authored Jul 7, 2022
2 parents 207fcf4 + 98feedb commit 2cfe055
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 11 deletions.
2 changes: 1 addition & 1 deletion admin-ui/app/routes/Apps/Gluu/GluuNotification.js
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ function GluuNotification({ type, message, description, show }) {
<ToastContainer
style={{ width: '98%' }}
position="top-left"
autoClose={10000}
autoClose={100000}
closeOnClick
newestOnTop
draggable={false}
Expand Down
29 changes: 19 additions & 10 deletions admin-ui/app/utils/ApiKeyRedirect.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ function ApiKeyRedirect({
isLicenseValid,
islicenseCheckResultLoaded,
isLicenseActivationResultLoaded,
roleNotFound,
}) {
const { t } = useTranslation()

Expand Down Expand Up @@ -39,16 +40,24 @@ function ApiKeyRedirect({
</div>
)}

{!backendIsUp && (
<GluuNotification
type="error"
message={t('The UI backend service is down')}
description={t(
'Please contact the side administrator or make sure it is up and running.',
)}
show={true}
/>
)}
<GluuNotification
type="error"
message={t('The UI backend service is down')}
description={t(
'Please contact the side administrator or make sure it is up and running.',
)}
show={!backendIsUp}
/>

<GluuNotification
type="error"
message={t('Unauthorized User')}
description={t(
'The logged-in user do not have valid role. Logging out of Admin UI',
)}
show={roleNotFound}
/>

{isLicenseActivationResultLoaded && !isLicenseValid && (
<GluuNotification
type="error"
Expand Down
10 changes: 10 additions & 0 deletions admin-ui/app/utils/AppAuthProvider.js
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ export default function AppAuthProvider(props) {
const dispatch = useDispatch()
const location = useLocation()
const [showContent, setShowContent] = useState(false)
const [roleNotFound, setRoleNotFound] = useState(false)

const { config, userinfo, userinfo_jwt, token, backendIsUp } = useSelector(
(state) => state.authReducer,
Expand Down Expand Up @@ -91,6 +92,15 @@ export default function AppAuthProvider(props) {
setShowContent(false)
return null
} else {
if (userinfo.jansAdminUIRole || userinfo.length === 0) {
setShowContent(false)
setRoleNotFound(true)
alert('The logged-in user do not have valid role. Logging out of Admin UI')
const state = uuidv4()
const sessionEndpoint = `${config.endSessionEndpoint}?state=${state}&post_logout_redirect_uri=${config.postLogoutRedirectUri}`
window.location.href = sessionEndpoint
return null
}
if (!token) {
dispatch(getAPIAccessToken(userinfo_jwt))
}
Expand Down

0 comments on commit 2cfe055

Please sign in to comment.