From 564c0ce4f9fcdfd6fc77293b5f0b0c797cd20876 Mon Sep 17 00:00:00 2001 From: joker-x Date: Sun, 30 Aug 2020 16:07:15 +0200 Subject: [PATCH] Avoid listing without permissions from client side --- client/src/channels/CUD.js | 5 +++++ client/src/channels/List.js | 8 ++++++++ client/src/lists/CUD.js | 5 +++++ client/src/lists/List.js | 13 +++++++++---- client/src/lists/subscriptions/CUD.js | 6 ++++++ client/src/lists/subscriptions/List.js | 7 ++++++- 6 files changed, 39 insertions(+), 5 deletions(-) diff --git a/client/src/channels/CUD.js b/client/src/channels/CUD.js index 6ef6da1c..98eda0e0 100644 --- a/client/src/channels/CUD.js +++ b/client/src/channels/CUD.js @@ -37,6 +37,7 @@ import {getCampaignLabels, ListsSelectorHelper} from "../campaigns/helpers"; import {withComponentMixins} from "../lib/decorator-helpers"; import interoperableErrors from "../../../shared/interoperable-errors"; import {Trans} from "react-i18next"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -254,6 +255,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageChannels) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageChannels'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); diff --git a/client/src/channels/List.js b/client/src/channels/List.js index 1d03efe6..2b5a32be 100644 --- a/client/src/channels/List.js +++ b/client/src/channels/List.js @@ -10,6 +10,7 @@ import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRe import {withComponentMixins} from "../lib/decorator-helpers"; import styles from "./styles.scss"; import PropTypes from 'prop-types'; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -31,6 +32,13 @@ export default class List extends Component { permissions: PropTypes.object } + componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageChannels) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageChannels'); + } + } + render() { const t = this.props.t; diff --git a/client/src/lists/CUD.js b/client/src/lists/CUD.js index 588282fa..e187349f 100644 --- a/client/src/lists/CUD.js +++ b/client/src/lists/CUD.js @@ -27,6 +27,7 @@ import {FieldWizard, UnsubscriptionMode} from '../../../shared/lists'; import styles from "../lib/styles.scss"; import {getMailerTypes} from "../send-configurations/helpers"; import {withComponentMixins} from "../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -73,6 +74,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); diff --git a/client/src/lists/List.js b/client/src/lists/List.js index 1573a02a..78fa55e1 100644 --- a/client/src/lists/List.js +++ b/client/src/lists/List.js @@ -27,6 +27,13 @@ export default class List extends Component { tableRestActionDialogInit(this); } + componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } + } + static propTypes = { permissions: PropTypes.object } @@ -118,7 +125,6 @@ export default class List extends Component { ]; return ( - {(mailtrainConfig.user.admin || mailtrainConfig.globalPermissions.manageList) ?
{tableRestActionDialogRender(this)} @@ -134,8 +140,7 @@ export default class List extends Component { this.table = node} withHeader dataUrl="rest/lists-table" columns={columns} /> - : -

No tienes permisos para manejar listas

} - ); + ) + } } diff --git a/client/src/lists/subscriptions/CUD.js b/client/src/lists/subscriptions/CUD.js index 22c2c6f2..56f20ead 100644 --- a/client/src/lists/subscriptions/CUD.js +++ b/client/src/lists/subscriptions/CUD.js @@ -25,6 +25,7 @@ import {getFieldColumn, SubscriptionStatus} from '../../../../shared/lists'; import {getFieldTypes, getSubscriptionStatusLabels} from './helpers'; import moment from 'moment-timezone'; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -89,6 +90,11 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } + if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); diff --git a/client/src/lists/subscriptions/List.js b/client/src/lists/subscriptions/List.js index 1938643a..db5d784f 100644 --- a/client/src/lists/subscriptions/List.js +++ b/client/src/lists/subscriptions/List.js @@ -21,6 +21,7 @@ import { } from "../../lib/modals"; import listStyles from "../styles.scss"; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -58,6 +59,10 @@ export default class List extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.user.admin && !mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } this.populateFormValues({ segment: this.props.segmentId || '' }); @@ -188,4 +193,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +}