sartography/spiff-arena
1
0
Fork 0
mirror of https://github.com/sartography/spiff-arena.git synced 2025-03-01 01:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed guest user access w/ burnettk

Browse Source
This commit is contained in:
jasquat 2023-11-29 12:04:49 -05:00
parent 74de2063d6
commit 7d086a8580
2 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
spiffworkflow-frontend/src/helpers.tsx
View File

@ -140,6 +140,11 @@ export const truncateString = (text: string, len: number) => {
return text; return text;
}; };
export const pathFromFullUrl = (fullUrl: string) => {
const parsedURL = new URL(fullUrl);
return parsedURL.pathname;
};
// Because of limitations in the way openapi defines parameters, we have to modify process models ids // Because of limitations in the way openapi defines parameters, we have to modify process models ids
// which are basically paths to the models // which are basically paths to the models
export const modifyProcessIdentifierForPathParam = (path: string) => { export const modifyProcessIdentifierForPathParam = (path: string) => {

11
spiffworkflow-frontend/src/services/UserService.ts
View File

@ -2,6 +2,7 @@ import jwt from 'jwt-decode';
import cookie from 'cookie'; import cookie from 'cookie';
import { BACKEND_BASE_URL } from '../config'; import { BACKEND_BASE_URL } from '../config';
import { AuthenticationOption } from '../interfaces'; import { AuthenticationOption } from '../interfaces';
import { pathFromFullUrl } from '../helpers';
// NOTE: this currently stores the jwt token in local storage // NOTE: this currently stores the jwt token in local storage
// which is considered insecure. Server set cookies seem to be considered // which is considered insecure. Server set cookies seem to be considered
@ -32,10 +33,14 @@ const getCurrentLocation = (queryParams: string = window.location.search) => {
); );
}; };
const checkPathForTaskShowParams = () => { const checkPathForTaskShowParams = (
redirectUrl: string = window.location.pathname
) => {
const path = pathFromFullUrl(redirectUrl);
// expected url pattern: // expected url pattern:
// /tasks/[process_instance_id]/[task_guid] // /tasks/[process_instance_id]/[task_guid]
const pathSegments = window.location.pathname.match( const pathSegments = path.match(
/^\/tasks\/(\d+)\/([0-9a-z]{8}-([0-9a-z]{4}-){3}[0-9a-z]{12})$/ /^\/tasks\/(\d+)\/([0-9a-z]{8}-([0-9a-z]{4}-){3}[0-9a-z]{12})$/
); );
if (pathSegments) { if (pathSegments) {
@ -48,7 +53,7 @@ const doLogin = (
authenticationOption?: AuthenticationOption, authenticationOption?: AuthenticationOption,
redirectUrl?: string | null redirectUrl?: string | null
) => { ) => {
const taskShowParams = checkPathForTaskShowParams(); const taskShowParams = checkPathForTaskShowParams(redirectUrl || undefined);
const loginParams = [`redirect_url=${redirectUrl || getCurrentLocation()}`]; const loginParams = [`redirect_url=${redirectUrl || getCurrentLocation()}`];
if (taskShowParams) { if (taskShowParams) {
loginParams.push( loginParams.push(