fix: public projects with logged out user fetching billing and bookma…

…rk data (#6377) * Fix public projects fetching uninteded data * PR comments
rilldata · Jan 8, 2025 · 7c20140 · 7c20140
1 parent 1d29daa
commit 7c20140
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 4 deletions.
diff --git a/web-admin/src/routes/+layout.ts b/web-admin/src/routes/+layout.ts
@@ -7,8 +7,12 @@ export const ssr = false;
 
 import { dev } from "$app/environment";
 import {
+  adminServiceGetCurrentUser,
+  getAdminServiceGetCurrentUserQueryKey,
+  type V1GetCurrentUserResponse,
   type V1OrganizationPermissions,
   type V1ProjectPermissions,
+  type V1User,
 } from "@rilldata/web-admin/client";
 import { redirectToLoginOrRequestAccess } from "@rilldata/web-admin/features/authentication/checkUserAccess";
 import { fetchOrganizationPermissions } from "@rilldata/web-admin/features/organizations/selectors";
@@ -49,9 +53,21 @@ export const load = async ({ params, url, route }) => {
     }
   }
 
+  let user: V1User | undefined;
+  try {
+    const userQuery = await queryClient.fetchQuery<V1GetCurrentUserResponse>({
+      queryKey: getAdminServiceGetCurrentUserQueryKey(),
+      queryFn: () => adminServiceGetCurrentUser(),
+    });
+    user = userQuery.user;
+  } catch {
+    // no-op
+  }
+
   // If no organization or project, return empty permissions
   if (!organization) {
     return {
+      user,
       organizationPermissions: <V1OrganizationPermissions>{},
       projectPermissions: <V1ProjectPermissions>{},
     };
@@ -72,6 +88,7 @@ export const load = async ({ params, url, route }) => {
 
   if (!project) {
     return {
+      user,
       organizationPermissions,
       projectPermissions: <V1ProjectPermissions>{},
     };
@@ -93,6 +110,7 @@ export const load = async ({ params, url, route }) => {
     );
 
     return {
+      user,
       organizationPermissions,
       projectPermissions,
       project: proj,

diff --git a/web-admin/src/routes/[organization]/+layout.ts b/web-admin/src/routes/[organization]/+layout.ts
@@ -3,11 +3,12 @@ import { fetchOrganizationBillingIssues } from "@rilldata/web-admin/features/bil
 import { error } from "@sveltejs/kit";
 
 export const load = async ({ params: { organization }, parent }) => {
-  const { organizationPermissions } = await parent();
+  const { user, organizationPermissions } = await parent();
 
   let issues: V1BillingIssue[] = [];
-  if (organizationPermissions.readOrg) {
+  if (user && organizationPermissions.readOrg) {
     // only try to get issues if the user can read org
+    // also public projects will not have a user but will have `readOrg` permission
     try {
       issues = await fetchOrganizationBillingIssues(organization);
     } catch (e) {

diff --git a/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts b/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts
@@ -15,7 +15,7 @@ import {
 } from "@rilldata/web-common/runtime-client";
 
 export const load = async ({ params, depends, parent }) => {
-  const { project, runtime } = await parent();
+  const { user, project, runtime } = await parent();
 
   const { dashboard: exploreName } = params;
 
@@ -38,7 +38,8 @@ export const load = async ({ params, depends, parent }) => {
       bookmarks,
     ] = await Promise.all([
       fetchExploreSpec(runtime?.instanceId, exploreName),
-      fetchBookmarks(project.id, exploreName),
+      // public projects might not have a logged-in user. bookmarks are not available in this case
+      user ? fetchBookmarks(project.id, exploreName) : Promise.resolve([]),
     ]);
   } catch {
     // error handled in +page.svelte for now