Skip to content
Snippets Groups Projects
Commit ac6d9ba0 authored by john's avatar john
Browse files

only admin can view teams and users && redirect all non-found routes to the book list

parent 3ee74785
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/authsome_editoria.js
+ 2
0
View file @ ac6d9ba0
...@@ -55,6 +55,8 @@ var editoria = function (user, operation, object) { ...@@ -55,6 +55,8 @@ var editoria = function (user, operation, object) {
if (!user) return false if (!user) return false
if (user.admin) return true if (user.admin) return true
if (operation === 'admin') return false
// object might be an array of objects (eg. teams, users, etc.) // object might be an array of objects (eg. teams, users, etc.)
// pick up if that is the case and use the first one to define the type of those objects // pick up if that is the case and use the first one to define the type of those objects
if (Array.isArray(object)) { if (Array.isArray(object)) {
......
app/components/Navigation/Navigation.jsx
+ 2
3
View file @ ac6d9ba0
...@@ -48,18 +48,17 @@ export default class Navigation extends React.Component { ...@@ -48,18 +48,17 @@ export default class Navigation extends React.Component {
<NavItem>Books</NavItem> <NavItem>Books</NavItem>
</LinkContainer> </LinkContainer>
<Authorize operation='read' object={currentUser.user}> <Authorize operation='read' object='users'>
<LinkContainer to='/users'> <LinkContainer to='/users'>
<NavItem>Users</NavItem> <NavItem>Users</NavItem>
</LinkContainer> </LinkContainer>
</Authorize> </Authorize>
<Authorize operation='read'> <Authorize operation='read' object='teams'>
<LinkContainer to='/teams'> <LinkContainer to='/teams'>
<NavItem>Teams</NavItem> <NavItem>Teams</NavItem>
</LinkContainer> </LinkContainer>
</Authorize> </Authorize>
</Nav> </Nav>
{ logoutButtonIfAuthenticated } { logoutButtonIfAuthenticated }
......
app/main.scss deleted 100644 → 0
+ 0
7
View file @ 3ee74785
// @import '~pubsweet-component-pepper-theme/main';
// $icon-font-path: '~bootstrap-sass/assets/fonts/bootstrap/';
//
// .bootstrap {
// @import '~bootstrap-sass/assets/stylesheets/_bootstrap';
// }
app/routes.jsx
+ 12
2
View file @ ac6d9ba0
...@@ -22,6 +22,14 @@ const AuthenticatedManage = requireAuthentication( ...@@ -22,6 +22,14 @@ const AuthenticatedManage = requireAuthentication(
Manage, 'create', (state) => state.collections[0] Manage, 'create', (state) => state.collections[0]
) )
const AdminOnlyUsersManager = requireAuthentication(
UsersManager, 'admin', (state) => state.collections[0]
)
const AdminOnlyTeamsManager = requireAuthentication(
TeamsManager, 'admin', (state) => state.collections[0]
)
export default ( export default (
<Route> <Route>
<Redirect from='/' to='books' /> <Redirect from='/' to='books' />
...@@ -33,11 +41,13 @@ export default ( ...@@ -33,11 +41,13 @@ export default (
<Route path='books/:id/book-builder' component={BookBuilder} /> <Route path='books/:id/book-builder' component={BookBuilder} />
<Route path='books/:bookId/fragments/:fragmentId' component={SimpleEditorWrapper} /> <Route path='books/:bookId/fragments/:fragmentId' component={SimpleEditorWrapper} />
<Route path='users' component={UsersManager} /> <Route path='users' component={AdminOnlyUsersManager} />
<Route path='teams' component={TeamsManager} /> <Route path='teams' component={AdminOnlyTeamsManager} />
</Route> </Route>
<Route path='/login' component={Login} /> <Route path='/login' component={Login} />
<Route path='/signup' component={Signup} /> <Route path='/signup' component={Signup} />
<Redirect path='*' to='books' />
</Route> </Route>
) )
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment