front: enable authorization

[kmer2016]

closes #8049

Warning

There is currently an authorization bug between the core service and the Editoast service that prevents retrieving the infraId. This issue is being worked on and will be fixed soon. Because of this, the ManageTrainSchedule and STDCM views may have refresh problems.

New Functionalities:

• Allows specific parts of the interface to be accessible based on the user's role and the required role for access.
  • When the user is Operational Studies , they are redirected directly to the STDCM page.
  • When the user is Railway Undertaking, they are taken to the homepage, with the STDCM application grayed out.
  • When the user is a Superuser, they have full access to everything.
  • If the user has no role, they will have no access to any part of the app from the homepage.
  • If a user tries to access an application directly via URL without the proper role, they are redirected to a 403 page. For instance, if an Operational Studies user tries to access anything other than STDCM, or if a user with no role tries to access any page, they will be blocked.
  • The button to access the STDCM debug mode is now restricted to users with the Superuser role.
  • The creation of a project, study, or scenario is limited to users with the OpsWrite role.

Technical Updates:

• User roles are now fetched and stored in the Redux store.
• Added the REQUIRED_USER_ROLES_FOR object, which describes the required roles for accessing various views, features and those associated with different user profiles.
• Improved the RoleBasedComponent wrapper by adding the disabledIfUnauthorized property, which grays out the wrapped component instead of hiding it when the user lacks proper authorization.
• use the same componenet to handle project,study and scenario creation.

How to Test:

1. Enable Authorization on Editoast:
   Add the environment variable EDITOAST_DISABLE_AUTHORIZATION: "false" to the docker-compose.yml file, just below OSRD_MQ_URL.

2. Rebuild the Editoast Docker Image:
   Rebuild the Editoast Docker image and restart it.

3. Apply the SQL Scripts:
   Depending on the user profile and the feature access you want to test, apply the following SQL scripts:

Operational Studies profil

   DELETE FROM authz_role WHERE subject = 1;
   INSERT INTO authz_role (id, subject, role) VALUES 
   (1, 1, 'Stdcm'),
   (2, 1, 'RollingStockCollectionRead'),
   (3, 1, 'WorkScheduleRead'),
   (4, 1, 'InfraRead'),
   (5, 1, 'DocumentRead'),
   (6, 1, 'MapRead'),
   (7, 1, 'TimetableRead');

Railway Undertaking profil

DELETE FROM authz_role WHERE subject = 1;
INSERT INTO authz_role (id, subject, role) VALUES 
(1, 1, 'OpsRead'),
(2, 1, 'OpsWrite'),
(3, 1, 'InfraRead'),
(4, 1, 'InfraWrite'),
(5, 1, 'RollingStockCollectionRead'),
(6, 1, 'RollingStockCollectionWrite'),
(7, 1, 'WorkScheduleRead'),
(8, 1, 'TimetableRead'),
(9, 1, 'TimetableWrite'),
(10, 1, 'DocumentRead'),
(11, 1, 'DocumentWrite'),
(12, 1, 'MapRead');

Superuser

DELETE FROM authz_role WHERE subject = 1;
INSERT INTO authz_role (id, subject, role) VALUES 
(1, 1, 'Superuser'),

No Authorization to create projet/study/scenario

DELETE FROM authz_role WHERE subject = 1;
INSERT INTO authz_role (id, subject, role) VALUES 
(1, 1, 'OpsRead'),
(3, 1, 'InfraRead'),
(5, 1, 'RollingStockCollectionRead'),
(6, 1, 'RollingStockCollectionWrite'),
(7, 1, 'WorkScheduleRead'),
(8, 1, 'TimetableRead'),
(9, 1, 'TimetableWrite'),
(10, 1, 'DocumentRead'),
(11, 1, 'DocumentWrite'),
(12, 1, 'MapRead');

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.49%. Comparing base (2e51022) to head (4753119).
Report is 25 commits behind head on dev.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@              Coverage Diff              @@
##                dev    #9237       +/-   ##
=============================================
+ Coverage     36.92%   87.49%   +50.56%     
=============================================
  Files          1255       31     -1224     
  Lines        116971     1535   -115436     
  Branches       3270        0     -3270     
=============================================
- Hits          43190     1343    -41847     
+ Misses        71836      192    -71644     
+ Partials       1945        0     -1945     

Flag	Coverage Δ
core	?
editoast	?
front	?
gateway	?
osrdyne	?
railjson_generator	87.49% <ø> (ø)
tests	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.