diff options
| author | Yoshie Muranaka <yoshiemuranaka@gmail.com> | 2019-07-17 15:30:00 -0500 |
|---|---|---|
| committer | Gunnar Mills <gmills@us.ibm.com> | 2019-07-24 14:40:00 +0000 |
| commit | eaa40dd340995e053d9f2f9ba47ea0575849f292 (patch) | |
| tree | afc332d534d505bff2e82f7039854aa40995240f | |
| parent | 22d7822d5c2e045613e95b8a29df9bc27812b287 (diff) | |
| download | phosphor-webui-eaa40dd340995e053d9f2f9ba47ea0575849f292.tar.gz phosphor-webui-eaa40dd340995e053d9f2f9ba47ea0575849f292.zip | |
Add 403 $location redirect to http interceptor service
This is a temporary solution to redirect any 403 responses to
a dedicated 403 'Unauthorized' page. This could occur on inital
navigation to a page or while attempting an operation.
Once permission role mapping is defined, the code should be updated
to handle 403 responses in context of user attempted actions.
Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: Ia207f2bcdd87fb20888fe6a1588d0ccd310e484c
| -rw-r--r-- | app/403.html | 8 | ||||
| -rw-r--r-- | app/common/services/apiInterceptor.js | 11 | ||||
| -rw-r--r-- | app/common/styles/elements/alerts.scss | 9 | ||||
| -rw-r--r-- | app/index.js | 2 |
4 files changed, 28 insertions, 2 deletions
diff --git a/app/403.html b/app/403.html new file mode 100644 index 0000000..a0ef50f --- /dev/null +++ b/app/403.html @@ -0,0 +1,8 @@ +<div class="column row"> + <div class="column small-12"> + <h1>Unauthorized</h1> + <div class="message-container"> + <p>The attempted action is not accessible from the logged in account. Contact your system administrator to check your privilege role.</p> + </div> + </div> +</div>
\ No newline at end of file diff --git a/app/common/services/apiInterceptor.js b/app/common/services/apiInterceptor.js index ce47b67..8033f74 100644 --- a/app/common/services/apiInterceptor.js +++ b/app/common/services/apiInterceptor.js @@ -11,8 +11,8 @@ window.angular && (function(angular) { 'use strict'; angular.module('app.common.services').service('apiInterceptor', [ - '$q', '$rootScope', 'dataService', - function($q, $rootScope, dataService) { + '$q', '$rootScope', 'dataService', '$location', + function($q, $rootScope, dataService, $location) { return { 'request': function(config) { dataService.loading = true; @@ -51,6 +51,13 @@ window.angular && (function(angular) { if (dataService.path != '/login') { $rootScope.$emit('timedout-user', {}); } + } else if (rejection.status == 403) { + // TODO: when permission role mapping ready, remove + // this global redirect and handle forbidden + // requests in context of user action + if (dataService.path != '/login') { + $location.url('/unauthorized'); + } } else if (rejection.status == -1) { dataService.server_unreachable = true; } diff --git a/app/common/styles/elements/alerts.scss b/app/common/styles/elements/alerts.scss index 70fc247..947320c 100644 --- a/app/common/styles/elements/alerts.scss +++ b/app/common/styles/elements/alerts.scss @@ -13,3 +13,12 @@ color: $primary-dark; text-align: left; } + +.message-container { + background-color: $background-02; + padding: 1em 1.5em; + display: inline-block; + >*:last-child { + margin-bottom: 0; + } +} diff --git a/app/index.js b/app/index.js index 5997457..cbc763b 100644 --- a/app/index.js +++ b/app/index.js @@ -116,6 +116,8 @@ window.angular && (function(angular) { '$routeProvider', '$locationProvider', function($routeProvider, $locationProvider) { $locationProvider.hashPrefix(''); + $routeProvider.when( + '/unauthorized', {'template': require('./403.html')}) $routeProvider.otherwise({'redirectTo': '/login'}); } ]) |
