added permission check to routes

fleetbase · Aug 18, 2024 · 6afe77e · 6afe77e
1 parent 237072a
commit 6afe77e
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 13 deletions.
diff --git a/addon/components/permission-picker.hbs b/addon/components/permission-picker.hbs
@@ -21,7 +21,7 @@
                 <a href="javascript:;" class="ml-2 text-xs text-blue-500 hover:opacity-50" {{on "click" this.toggleSelected}}>Toggle Selected</a>
             </div>
         </div>
-        <div class="text-sm dark:text-gray-100">
+        <div class="text-xs dark:text-gray-100">
             {{t "iam.components.permission-picker.selected"}}
             {{this.selected.length}}
         </div>

diff --git a/addon/routes/groups.js b/addon/routes/groups.js
@@ -1,3 +1,16 @@
 import Route from '@ember/routing/route';
+import { inject as service } from '@ember/service';
 
-export default class GroupsRoute extends Route {}
+export default class GroupsRoute extends Route {
+    @service abilities;
+    @service notifications;
+    @service hostRouter;
+    @service intl;
+
+    beforeModel() {
+        if (this.abilities.cannot('iam list group')) {
+            this.notifications.warning(this.intl.t('common.unauthorized-access'));
+            return this.hostRouter.transitionTo('console.iam.home');
+        }
+    }
+}
diff --git a/addon/routes/home.js b/addon/routes/home.js
@@ -1,10 +1,3 @@
 import Route from '@ember/routing/route';
-import { inject as service } from '@ember/service';
 
-export default class HomeRoute extends Route {
-    @service fetch;
-
-    model() {
-        return this.fetch.get('metrics/iam');
-    }
-}
+export default class HomeRoute extends Route {}
diff --git a/addon/routes/policies.js b/addon/routes/policies.js
@@ -1,3 +1,16 @@
 import Route from '@ember/routing/route';
+import { inject as service } from '@ember/service';
 
-export default class PoliciesRoute extends Route {}
+export default class PoliciesRoute extends Route {
+    @service abilities;
+    @service notifications;
+    @service hostRouter;
+    @service intl;
+
+    beforeModel() {
+        if (this.abilities.cannot('iam list policy')) {
+            this.notifications.warning(this.intl.t('common.unauthorized-access'));
+            return this.hostRouter.transitionTo('console.iam.home');
+        }
+    }
+}
diff --git a/addon/routes/roles.js b/addon/routes/roles.js
@@ -1,3 +1,16 @@
 import Route from '@ember/routing/route';
+import { inject as service } from '@ember/service';
 
-export default class RolesRoute extends Route {}
+export default class RolesRoute extends Route {
+    @service abilities;
+    @service notifications;
+    @service hostRouter;
+    @service intl;
+
+    beforeModel() {
+        if (this.abilities.cannot('iam list role')) {
+            this.notifications.warning(this.intl.t('common.unauthorized-access'));
+            return this.hostRouter.transitionTo('console.iam.home');
+        }
+    }
+}
diff --git a/addon/routes/users.js b/addon/routes/users.js
@@ -1,3 +1,16 @@
 import Route from '@ember/routing/route';
+import { inject as service } from '@ember/service';
 
-export default class UsersRoute extends Route {}
+export default class UsersRoute extends Route {
+    @service abilities;
+    @service notifications;
+    @service hostRouter;
+    @service intl;
+
+    beforeModel() {
+        if (this.abilities.cannot('iam list user')) {
+            this.notifications.warning(this.intl.t('common.unauthorized-access'));
+            return this.hostRouter.transitionTo('console.iam.home');
+        }
+    }
+}