Skip to content

Commit

Permalink
Update pages unauthorized responses (minmatarfleet#993)
Browse files Browse the repository at this point in the history 
* Updated unauth responses

* Updated winter seasonal date

* Added error 403 custom page
  • Loading branch information
@beautifulmim
beautifulmim authored Jan 8, 2025
1 parent 81a826c commit 9559193
Show file tree
Hide file tree
Showing 70 changed files with 184 additions and 154 deletions.
1 change: 1 addition & 0 deletions frontend/app/.astro/types.d.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
/// <reference types="astro/client" />
Binary file modified frontend/app/bun.lockb
View file
Binary file not shown.
2 changes: 0 additions & 2 deletions frontend/app/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,8 @@
"astro": "astro"
},
"dependencies": {
"@astrojs/alpinejs": "0.4.0",
"@astrojs/check": "0.5.7",
"@astrojs/node": "8.2.3",
"@astrojs/svelte": "5.2.0",
"@astrojs/tailwind": "5.1.0",
"@fontsource-variable/montserrat": "^5.0.17",
"@fontsource/norwester": "^5.0.7",
Expand Down
9 changes: 7 additions & 2 deletions frontend/app/src/components/blocks/FleetDetails.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ import TextBox from '@components/layout/TextBox.astro';
import Flexblock from '@components/compositions/Flexblock.astro';
import FlexInline from '@components/compositions/FlexInline.astro';
import Wrapper from '@components/compositions/Wrapper.astro';
import FleetCompositionBlock from '@components/blocks/FleetCompositionBlock.astro';
import Button from '@components/blocks/Button.astro';
Expand Down Expand Up @@ -199,7 +200,11 @@ const eve_time_text = eve_time.toLocaleDateString(lang, JSON.parse(import.meta.e
}
</Flexblock>

<SRPTable fleet_id={fleet.id} fleet_srps={fleet_srps as SRPUI[]} readonly={!can_remove_fleet} />
<Wrapper padding_block='0' padding_inline='var(--space-l-xl)'>
<SRPTable fleet_id={fleet.id} fleet_srps={fleet_srps as SRPUI[]} readonly={!can_remove_fleet} />
</Wrapper>

<FleetCombatLogTable saved_logs={saved_logs} fleet_id={fleet.id} />
<Wrapper padding_block='0' padding_inline='var(--space-l-xl)'>
<FleetCombatLogTable saved_logs={saved_logs} fleet_id={fleet.id} />
</Wrapper>
</Flexblock>
4 changes: 2 additions & 2 deletions frontend/app/src/components/blocks/FleetFeed.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -11,7 +11,7 @@ const auth_token = Astro.cookies.has('auth_token') ? (Astro.cookies.get('auth_to
const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : false
if (!user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { prod_error_messages } from '@helpers/env'
import type { FleetItem } from '@dtypes/layout_components'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/components/blocks/MumbleLaunchButton.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ const {
} = Astro.props
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -21,7 +21,7 @@ const auth_token = Astro.cookies.has(token_name) ? (Astro.cookies.get(token_name
const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : false
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import type { MumbleInformation } from '@dtypes/api.minmatar.org'
import { get_mumble_connection } from '@helpers/api.minmatar.org/mumble'
Expand Down
1 change: 1 addition & 0 deletions frontend/app/src/env.d.ts
View file
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
/// <reference path="../.astro/types.d.ts" />
/// <reference types="astro/client" />
56 changes: 43 additions & 13 deletions frontend/app/src/helpers/http_responses.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,54 @@ export const HTTP_404_Not_Found = (body:BodyInit | null = null):Response => {
});
}

/*import Page_403 from '@/pages/403.astro'
import { experimental_AstroContainer as AstroContainer } from 'astro/container';*/

export const HTTP_403_Forbidden = async () => {
/*const container = await AstroContainer.create();
export const HTTP_403_Forbidden = () => {
return new Response(
await container.renderToString(Page_403), {
`<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>403 Unauthorized</title>
<meta name="description" content="Docking request denied!">
<link rel="icon" type="image/svg+xml" href="/images/fleet-logo.png">
<style>
body {
background-color: #121212;
}
</style>
<script>
async function fetchAndReplace(url) {
try {
// Fetch the new page content
const response = await fetch(url);
if (!response.ok) {
throw new Error(\`Error fetching the page: \${response.status} \${response.statusText}\`);
}
// Get the response as text
const newHTML = await response.text();
// Replace the entire page's HTML
document.open(); // Clear the current document
document.write(newHTML); // Write the new content
document.close(); // Close the document to finalize changes
} catch (error) {
console.error("Error replacing page content:", error);
}
}
fetchAndReplace("/403");
</script>
</head>
<body></body>
</html>`, {
status: 403,
headers: { 'Content-type': 'text/html' },
statusText: 'Forbidden',
}
) as Response;*/

return new Response(null, {
status: 403,
statusText: 'Forbidden'
});
) as Response;
}

export const HTTP_200_Success = (body:BodyInit | null = null):Response => {
Expand Down
7 changes: 5 additions & 2 deletions ...d/app/src/pages/alliance/corporations/application/[corporation_id]/[application_id].astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_404_Not_Found, HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -22,7 +22,10 @@ const application_id = parseInt(Astro.params?.application_id ?? '0')
const valid_request = (corporation_id > 0 && application_id > 0)
if (!can_view_page || !valid_request)
if (!can_view_page)
return HTTP_403_Forbidden()
if (!valid_request)
return HTTP_404_Not_Found()
import type { ApplicationDetail, CorporationBasic } from '@dtypes/layout_components'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/pages/alliance/corporations/applications.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { lang, t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -17,7 +17,7 @@ const user_permissions = (user ? await get_user_permissions(user?.username) : []
const can_view_page = is_superuser || user_permissions.includes('applications.change_evecorporationapplication')
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_applications_data } from '@helpers/pages/applications'
import type { ApplicationsData } from '@helpers/pages/applications'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/pages/alliance/corporations/applications/records.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { lang, t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -17,7 +17,7 @@ const user_permissions = (user ? await get_user_permissions(user?.username) : []
const can_view_page = is_superuser || user_permissions.includes('applications.change_evecorporationapplication')
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_applications_data } from '@helpers/pages/applications'
import type { ApplicationsData } from '@helpers/pages/applications'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/pages/alliance/corporations/members.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { lang, t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -17,7 +17,7 @@ const user_permissions = (user ? await get_user_permissions(user?.username) : []
const can_view_page = is_superuser || user_permissions.includes('eveonline.view_evecorporation')
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_corporations_members_data } from '@helpers/pages/corporations_members'
import type { CorporationsMembersData } from '@helpers/pages/corporations_members'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/pages/alliance/corporations/members/mains.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { lang, t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -17,7 +17,7 @@ const user_permissions = (user ? await get_user_permissions(user?.username) : []
const can_view_page = is_superuser || user_permissions.includes('eveonline.view_evecorporation')
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_mains_data } from '@helpers/pages/mains'
import type { MainsData } from '@helpers/pages/mains'
Expand Down
4 changes: 2 additions & 2 deletions frontend/app/src/pages/alliance/corporations/members/unregistered.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
import { i18n } from '@helpers/i18n'
const { lang, t, translatePath } = i18n(Astro.url)
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -17,7 +17,7 @@ const user_permissions = (user ? await get_user_permissions(user?.username) : []
const can_view_page = is_superuser || user_permissions.includes('eveonline.view_evecorporation')
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_corporations_members_data } from '@helpers/pages/corporations_members'
import type { CorporationsMembersData } from '@helpers/pages/corporations_members'
Expand Down
5 changes: 2 additions & 3 deletions frontend/app/src/pages/alliance/posts/[post_id].astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ const slug = param?.split('-') ?? ''
const post_id = parseInt(slug[slug.length - 1])
if (isNaN(post_id))
return Astro.redirect(translatePath('/alliance/'))
return HTTP_404_Not_Found()
let post:PostUI | null = null
let get_post_error:string | false = false
Expand All @@ -31,9 +31,8 @@ try {
is_user_post = (user ? user.user_id : 0) === post?.user_id
if (post?.state !== 'published' && !is_user_post)
return Astro.redirect(translatePath('/alliance/'))
return HTTP_404_Not_Found()
} catch (error) {
console.log(error)
return HTTP_404_Not_Found()
}
Expand Down
6 changes: 3 additions & 3 deletions frontend/app/src/pages/alliance/sigs/members.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -13,13 +13,13 @@ const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : fals
const is_superuser = (user ? user?.is_superuser : false)
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { is_officer } from '@helpers/fetching/groups'
const can_view_page = is_superuser || (auth_token && user ? await is_officer(auth_token, user.user_id) : false)
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import type { GroupMembersUI, SelectOptions } from '@dtypes/layout_components'
import { get_all_groups_members } from '@helpers/fetching/groups'
Expand Down
6 changes: 3 additions & 3 deletions frontend/app/src/pages/alliance/sigs/requests.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -13,13 +13,13 @@ const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : fals
const is_superuser = (user ? user?.is_superuser : false)
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { is_officer } from '@helpers/fetching/groups'
const can_view_page = is_superuser || (auth_token && user ? await is_officer(auth_token, user.user_id) : false)
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import type { GroupRequestListUI } from '@dtypes/layout_components'
import { get_all_groups_requests } from '@helpers/fetching/group_requests'
Expand Down
6 changes: 3 additions & 3 deletions frontend/app/src/pages/alliance/teams/members.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -13,13 +13,13 @@ const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : fals
const is_superuser = (user ? user?.is_superuser : false)
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { is_director } from '@helpers/fetching/groups'
const can_view_page = is_superuser || (auth_token && user ? await is_director(auth_token, user.user_id) : false)
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import type { GroupMembersUI, SelectOptions } from '@dtypes/layout_components'
import { get_all_groups_members } from '@helpers/fetching/groups'
Expand Down
6 changes: 3 additions & 3 deletions frontend/app/src/pages/alliance/teams/requests.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -13,13 +13,13 @@ const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : fals
const is_superuser = (user ? user?.is_superuser : false)
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { is_director } from '@helpers/fetching/groups'
const can_view_page = is_superuser || (auth_token && user ? await is_director(auth_token, user.user_id) : false)
if (!can_view_page)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import type { GroupRequestListUI } from '@dtypes/layout_components'
import { get_all_groups_requests } from '@helpers/fetching/group_requests'
Expand Down
6 changes: 3 additions & 3 deletions frontend/app/src/pages/character/assets.astro
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { i18n } from '@helpers/i18n'
const { t, translatePath } = i18n(Astro.url)
import { prod_error_messages } from '@helpers/env'
import { HTTP_404_Not_Found } from '@helpers/http_responses'
import { HTTP_404_Not_Found, HTTP_403_Forbidden } from '@helpers/http_responses'
import type { User } from '@dtypes/jwt'
import * as jose from 'jose'
Expand All @@ -12,13 +12,13 @@ const auth_token = Astro.cookies.has('auth_token') ? (Astro.cookies.get('auth_to
const user:User | false = auth_token ? jose.decodeJwt(auth_token) as User : false
if (!auth_token || !user)
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
import { get_user_permissions } from '@helpers/permissions'
const user_permissions = (user ? await get_user_permissions(user?.username) : [])
if (!user.is_superuser && !user_permissions.includes('eveonline.view_evecharacter'))
return HTTP_404_Not_Found()
return HTTP_403_Forbidden()
const character_id = parseInt(Astro.url.searchParams.get('character_id') as string)
if (isNaN(character_id))
Expand Down
Loading

0 comments on commit 9559193

Please sign in to comment.