Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue with roles in route meta #655

Open
TCURT15 opened this issue Jul 8, 2021 · 4 comments
Open

Issue with roles in route meta #655

TCURT15 opened this issue Jul 8, 2021 · 4 comments

Comments

@TCURT15
Copy link

TCURT15 commented Jul 8, 2021

Using

"vue": "^2.6.12",
"@websanova/vue-auth": "^4.1.3",
"vue-router": "^3.5.1",

Auth User

{
   "id":2,
   "first_name":"Test",
   "last_name":"User",
   "email":"[email protected]",
   "security":{
      "roles":["admin"],
      "permissions":["manage billing"]
   }
}

Vue Auth Options

options: {
    rolesKey: 'security.permissions',
}

If I run the following it returns true

this.$auth.check('manage billing')

However if I use the same permission on a route, it redirects to the forbidden route every time no matter how many different formats I have tried.

{
path: 'home',
name: 'home',
component: () => import('@app/views/Home'),
meta: {
   title: 'Home',
   auth: {
      roles: 'manage billing', 
      rolesKey: 'security.permissions' // with or without
   }
},
{
path: 'home',
name: 'home',
component: () => import('@app/views/Home'),
meta: {
   title: 'Home',
   auth: 'manage billing',
},
{
path: 'home',
name: 'home',
component: () => import('@app/views/Home'),
meta: {
   title: 'Home',
   auth: ['manage billing'],
},

Any assistance would be appreciated.

@websanova
Copy link
Owner

Good find, I've pushed up a fix in 4.1.4, let me know if that works :-)

@TCURT15
Copy link
Author

TCURT15 commented Jul 9, 2021

@websanova That did it. Thanks!

@TCURT15 TCURT15 closed this as completed Jul 9, 2021
@TCURT15
Copy link
Author

TCURT15 commented Jul 21, 2021

I seem to be having another issue with auth meta and child routes. If a parent route has a role defined (or in my case permission) and the child route has no auth meta defined, it throws a forbidden error when visiting the child route. However if that child route has any auth defined it works. Not a huge deal to just set the child routes to true, just wasn't sure if that was an easy fix.

Won't work:

{ 
   path: '/admin', 
   component: () => import(/* webpackChunkName: "admin" */ '@admin/views/Layout'),
   meta: {
	title: 'Dashboard',
	auth: 'see admin',
   },
   children: [
      {
	   path: 'test',
           component: () => import(/* webpackChunkName: "admin_index" */ '@admin/views/Index'),
	   meta: {
	      title: 'Dashboard',
	   }
      }
   ]
},

Works:

{ 
   path: '/admin', 
   component: () => import(/* webpackChunkName: "admin" */ '@admin/views/Layout'),
   meta: {
	title: 'Dashboard',
	auth: 'see admin',
   },
   children: [
      {
	   path: 'test',
           component: () => import(/* webpackChunkName: "admin_index" */ '@admin/views/Index'),
	   meta: {
	      title: 'Dashboard',
              auth: true
	   }
      }
   ]
},

@TCURT15 TCURT15 reopened this Jul 21, 2021
@websanova
Copy link
Owner

Hmm, ya, because you have a string there, and it's checking for true, I think if you set the parent to true as well it should be fine. Otherwise it's just following the normal check, so probably just that parent check is failing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants