-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
front: enable authorization #9237
base: dev
Are you sure you want to change the base?
Conversation
…es are fetched Signed-off-by: nncluzu <[email protected]>
- Add `REQUIRED_USER_ROLES_FOR` object to define the roles required for each view and associate them with user profiles. - Replace placeholder condition with the correct role-checking logic in useUserRoleCheck custom hook. - Improve `RoleBasedComponent` by adding a new prop `disabledIfUnauthorized` to disable (grey out) the wrapped component if the user lacks the necessary access. Signed-off-by: nncluzu <[email protected]>
Signed-off-by: nncluzu <[email protected]>
Signed-off-by: nncluzu <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## dev #9237 +/- ##
=============================================
+ Coverage 36.92% 87.49% +50.56%
=============================================
Files 1255 31 -1224
Lines 116971 1535 -115436
Branches 3270 0 -3270
=============================================
- Hits 43190 1343 -41847
+ Misses 71836 192 -71644
+ Partials 1945 0 -1945
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Signed-off-by: nncluzu <[email protected]>
…reation. This is a first step to add an authorization on project, study and scenario creation. Signed-off-by: nncluzu <[email protected]>
…psWrite role. Signed-off-by: nncluzu <[email protected]>
…OR variable Centralize the roles required for accessing different views, user profiles, and features within the REQUIRED_USER_ROLES_FOR variable. This allows for easier maintenance and role-checking across the application. Signed-off-by: nncluzu <[email protected]>
closes #8049
Warning
There is currently an authorization bug between the core service and the Editoast service that prevents retrieving the
infraId
. This issue is being worked on and will be fixed soon. Because of this, theManageTrainSchedule
andSTDCM
views may have refresh problems.New Functionalities:
Technical Updates:
REQUIRED_USER_ROLES_FOR
object, which describes the required roles for accessing various views, features and those associated with different user profiles.RoleBasedComponent
wrapper by adding thedisabledIfUnauthorized
property, which grays out the wrapped component instead of hiding it when the user lacks proper authorization.How to Test:
Enable Authorization on Editoast:
Add the environment variable
EDITOAST_DISABLE_AUTHORIZATION: "false"
to thedocker-compose.yml
file, just belowOSRD_MQ_URL
.Rebuild the Editoast Docker Image:
Rebuild the Editoast Docker image and restart it.
Apply the SQL Scripts:
Depending on the user profile and the feature access you want to test, apply the following SQL scripts:
Operational Studies profil
Railway Undertaking profil
Superuser
No Authorization to create projet/study/scenario