mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-21 11:35:34 +01:00
[SM-673] redirect from SM root to overview page (#5202)
* remove deprecated CanActivate; use CanActivateFn; redirect to available org from SM root * fix route * not working: redirect after login * add sync service workaround
This commit is contained in:
parent
d8b8bf5218
commit
53c81a2ee3
@ -5,10 +5,8 @@ import { SharedModule } from "@bitwarden/web-vault/app/shared";
|
|||||||
import { LayoutModule } from "./layout/layout.module";
|
import { LayoutModule } from "./layout/layout.module";
|
||||||
import { SecretsManagerSharedModule } from "./shared/sm-shared.module";
|
import { SecretsManagerSharedModule } from "./shared/sm-shared.module";
|
||||||
import { SecretsManagerRoutingModule } from "./sm-routing.module";
|
import { SecretsManagerRoutingModule } from "./sm-routing.module";
|
||||||
import { SMGuard } from "./sm.guard";
|
|
||||||
|
|
||||||
@NgModule({
|
@NgModule({
|
||||||
imports: [SharedModule, SecretsManagerSharedModule, SecretsManagerRoutingModule, LayoutModule],
|
imports: [SharedModule, SecretsManagerSharedModule, SecretsManagerRoutingModule, LayoutModule],
|
||||||
providers: [SMGuard],
|
|
||||||
})
|
})
|
||||||
export class SecretsManagerModule {}
|
export class SecretsManagerModule {}
|
||||||
|
@ -13,59 +13,70 @@ import { ProjectsModule } from "./projects/projects.module";
|
|||||||
import { SecretsModule } from "./secrets/secrets.module";
|
import { SecretsModule } from "./secrets/secrets.module";
|
||||||
import { ServiceAccountsModule } from "./service-accounts/service-accounts.module";
|
import { ServiceAccountsModule } from "./service-accounts/service-accounts.module";
|
||||||
import { SettingsModule } from "./settings/settings.module";
|
import { SettingsModule } from "./settings/settings.module";
|
||||||
import { SMGuard } from "./sm.guard";
|
import { canActivateSM } from "./sm.guard";
|
||||||
import { TrashModule } from "./trash/trash.module";
|
import { TrashModule } from "./trash/trash.module";
|
||||||
|
|
||||||
const routes: Routes = [
|
const routes: Routes = [
|
||||||
buildFlaggedRoute("secretsManager", {
|
buildFlaggedRoute("secretsManager", {
|
||||||
path: ":organizationId",
|
path: "",
|
||||||
component: LayoutComponent,
|
|
||||||
canActivate: [AuthGuard, OrganizationPermissionsGuard, SMGuard],
|
|
||||||
data: {
|
|
||||||
organizationPermissions: (org: Organization) => org.canAccessSecretsManager,
|
|
||||||
},
|
|
||||||
children: [
|
children: [
|
||||||
{
|
{
|
||||||
path: "",
|
path: "",
|
||||||
component: NavigationComponent,
|
canActivate: [canActivateSM],
|
||||||
outlet: "sidebar",
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "secrets",
|
|
||||||
loadChildren: () => SecretsModule,
|
|
||||||
data: {
|
|
||||||
titleId: "secrets",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "projects",
|
|
||||||
loadChildren: () => ProjectsModule,
|
|
||||||
data: {
|
|
||||||
titleId: "projects",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "service-accounts",
|
|
||||||
loadChildren: () => ServiceAccountsModule,
|
|
||||||
data: {
|
|
||||||
titleId: "serviceAccounts",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "trash",
|
|
||||||
loadChildren: () => TrashModule,
|
|
||||||
data: {
|
|
||||||
titleId: "trash",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "settings",
|
|
||||||
loadChildren: () => SettingsModule,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
path: "",
|
|
||||||
loadChildren: () => OverviewModule,
|
|
||||||
pathMatch: "full",
|
pathMatch: "full",
|
||||||
|
children: [],
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: ":organizationId",
|
||||||
|
component: LayoutComponent,
|
||||||
|
canActivate: [AuthGuard, OrganizationPermissionsGuard],
|
||||||
|
data: {
|
||||||
|
organizationPermissions: (org: Organization) => org.canAccessSecretsManager,
|
||||||
|
},
|
||||||
|
children: [
|
||||||
|
{
|
||||||
|
path: "",
|
||||||
|
component: NavigationComponent,
|
||||||
|
outlet: "sidebar",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "secrets",
|
||||||
|
loadChildren: () => SecretsModule,
|
||||||
|
data: {
|
||||||
|
titleId: "secrets",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "projects",
|
||||||
|
loadChildren: () => ProjectsModule,
|
||||||
|
data: {
|
||||||
|
titleId: "projects",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "service-accounts",
|
||||||
|
loadChildren: () => ServiceAccountsModule,
|
||||||
|
data: {
|
||||||
|
titleId: "serviceAccounts",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "trash",
|
||||||
|
loadChildren: () => TrashModule,
|
||||||
|
data: {
|
||||||
|
titleId: "trash",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "settings",
|
||||||
|
loadChildren: () => SettingsModule,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
path: "",
|
||||||
|
loadChildren: () => OverviewModule,
|
||||||
|
pathMatch: "full",
|
||||||
|
},
|
||||||
|
],
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
}),
|
}),
|
||||||
|
@ -1,10 +1,42 @@
|
|||||||
import { Injectable } from "@angular/core";
|
import { inject } from "@angular/core";
|
||||||
import { ActivatedRouteSnapshot, CanActivate } from "@angular/router";
|
import {
|
||||||
|
ActivatedRouteSnapshot,
|
||||||
|
CanActivateFn,
|
||||||
|
createUrlTreeFromSnapshot,
|
||||||
|
RouterStateSnapshot,
|
||||||
|
} from "@angular/router";
|
||||||
|
|
||||||
@Injectable()
|
import { AuthGuard } from "@bitwarden/angular/auth/guards/auth.guard";
|
||||||
export class SMGuard implements CanActivate {
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
async canActivate(route: ActivatedRouteSnapshot) {
|
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||||
// TODO: Verify org
|
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||||
return true;
|
import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirects from root `/sm` to first organization with access to SM
|
||||||
|
*/
|
||||||
|
export const canActivateSM: CanActivateFn = async (
|
||||||
|
route: ActivatedRouteSnapshot,
|
||||||
|
state: RouterStateSnapshot
|
||||||
|
) => {
|
||||||
|
const syncService = inject(SyncService);
|
||||||
|
const authService = inject(AuthService);
|
||||||
|
const orgService = inject(OrganizationService);
|
||||||
|
const authGuard = inject(AuthGuard);
|
||||||
|
|
||||||
|
/** Workaround to avoid service initialization race condition. */
|
||||||
|
if ((await syncService.getLastSync()) == null) {
|
||||||
|
await syncService.fullSync(false);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
if ((await authService.getAuthStatus()) !== AuthenticationStatus.Unlocked) {
|
||||||
|
return authGuard.canActivate(route, state);
|
||||||
|
}
|
||||||
|
|
||||||
|
const orgs = await orgService.getAll();
|
||||||
|
const smOrg = orgs.find((o) => o.canAccessSecretsManager);
|
||||||
|
if (smOrg) {
|
||||||
|
return createUrlTreeFromSnapshot(route, ["/sm", smOrg.id]);
|
||||||
|
}
|
||||||
|
return createUrlTreeFromSnapshot(route, ["/vault"]);
|
||||||
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user