mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-04-02 13:45:10 -05:00
Redirect and notify for perms guard, add frontend tests
This commit is contained in:
parent
28d70438ec
commit
4279ba13e9
68
src-ui/cypress/e2e/auth/auth.cy.ts
Normal file
68
src-ui/cypress/e2e/auth/auth.cy.ts
Normal file
@ -0,0 +1,68 @@
|
||||
describe('settings', () => {
|
||||
beforeEach(() => {
|
||||
// also uses global fixtures from cypress/support/e2e.ts
|
||||
|
||||
// mock restricted permissions
|
||||
cy.intercept('http://localhost:8000/api/ui_settings/', {
|
||||
fixture: 'ui_settings/settings_restricted.json',
|
||||
})
|
||||
})
|
||||
|
||||
it('should not allow user to edit settings', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Settings').should('not.exist')
|
||||
cy.visit('/settings').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view documents', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Documents').should('not.exist')
|
||||
cy.visit('/documents').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
cy.visit('/documents/1').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view correspondents', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Correspondents').should('not.exist')
|
||||
cy.visit('/correspondents').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view tags', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Tags').should('not.exist')
|
||||
cy.visit('/tags').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view document types', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Document Types').should('not.exist')
|
||||
cy.visit('/documenttypes').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view storage paths', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Storage Paths').should('not.exist')
|
||||
cy.visit('/storagepaths').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view logs', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Logs').should('not.exist')
|
||||
cy.visit('/logs').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
|
||||
it('should not allow user to view tasks', () => {
|
||||
cy.visit('/dashboard')
|
||||
cy.contains('Tasks').should('not.exist')
|
||||
cy.visit('/tasks').wait(2000)
|
||||
cy.contains("You don't have permissions to do that").should('exist')
|
||||
})
|
||||
})
|
85
src-ui/cypress/fixtures/ui_settings/settings_restricted.json
Normal file
85
src-ui/cypress/fixtures/ui_settings/settings_restricted.json
Normal file
@ -0,0 +1,85 @@
|
||||
{
|
||||
"user_id": 1,
|
||||
"username": "admin",
|
||||
"display_name": "Admin",
|
||||
"settings": {
|
||||
"language": "",
|
||||
"bulk_edit": {
|
||||
"confirmation_dialogs": true,
|
||||
"apply_on_close": false
|
||||
},
|
||||
"documentListSize": 50,
|
||||
"dark_mode": {
|
||||
"use_system": true,
|
||||
"enabled": "false",
|
||||
"thumb_inverted": "true"
|
||||
},
|
||||
"theme": {
|
||||
"color": "#b198e5"
|
||||
},
|
||||
"document_details": {
|
||||
"native_pdf_viewer": false
|
||||
},
|
||||
"date_display": {
|
||||
"date_locale": "",
|
||||
"date_format": "mediumDate"
|
||||
},
|
||||
"notifications": {
|
||||
"consumer_new_documents": true,
|
||||
"consumer_success": true,
|
||||
"consumer_failed": true,
|
||||
"consumer_suppress_on_dashboard": true
|
||||
}
|
||||
},
|
||||
"permissions": [
|
||||
"add_token",
|
||||
"change_token",
|
||||
"delete_token",
|
||||
"view_token",
|
||||
"add_tokenproxy",
|
||||
"change_tokenproxy",
|
||||
"delete_tokenproxy",
|
||||
"view_tokenproxy",
|
||||
"add_contenttype",
|
||||
"change_contenttype",
|
||||
"delete_contenttype",
|
||||
"view_contenttype",
|
||||
"add_chordcounter",
|
||||
"change_chordcounter",
|
||||
"delete_chordcounter",
|
||||
"view_chordcounter",
|
||||
"add_groupresult",
|
||||
"change_groupresult",
|
||||
"delete_groupresult",
|
||||
"view_groupresult",
|
||||
"add_failure",
|
||||
"change_failure",
|
||||
"delete_failure",
|
||||
"view_failure",
|
||||
"add_ormq",
|
||||
"change_ormq",
|
||||
"delete_ormq",
|
||||
"view_ormq",
|
||||
"add_schedule",
|
||||
"change_schedule",
|
||||
"delete_schedule",
|
||||
"view_schedule",
|
||||
"add_success",
|
||||
"change_success",
|
||||
"delete_success",
|
||||
"view_success",
|
||||
"add_task",
|
||||
"change_task",
|
||||
"delete_task",
|
||||
"view_task",
|
||||
"add_comment",
|
||||
"add_frontendsettings",
|
||||
"change_frontendsettings",
|
||||
"delete_frontendsettings",
|
||||
"view_frontendsettings",
|
||||
"add_session",
|
||||
"change_session",
|
||||
"delete_session",
|
||||
"view_session"
|
||||
]
|
||||
}
|
@ -2,18 +2,34 @@ import {
|
||||
CanActivate,
|
||||
ActivatedRouteSnapshot,
|
||||
RouterStateSnapshot,
|
||||
UrlTree,
|
||||
Router,
|
||||
} from '@angular/router'
|
||||
import { Injectable } from '@angular/core'
|
||||
import { PermissionsService } from '../services/permissions.service'
|
||||
import { ToastService } from '../services/toast.service'
|
||||
|
||||
@Injectable()
|
||||
export class PermissionsGuard implements CanActivate {
|
||||
constructor(private permissionsService: PermissionsService) {}
|
||||
constructor(
|
||||
private permissionsService: PermissionsService,
|
||||
private router: Router,
|
||||
private toastService: ToastService
|
||||
) {}
|
||||
|
||||
canActivate(
|
||||
route: ActivatedRouteSnapshot,
|
||||
state: RouterStateSnapshot
|
||||
): boolean {
|
||||
return this.permissionsService.currentUserCan(route.data.requiredPermission)
|
||||
): boolean | UrlTree {
|
||||
if (
|
||||
!this.permissionsService.currentUserCan(route.data.requiredPermission)
|
||||
) {
|
||||
this.toastService.showError(
|
||||
$localize`You don't have permissions to do that`
|
||||
)
|
||||
return this.router.parseUrl('/dashboard')
|
||||
} else {
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user