From 13cc669e2cb27761458be3b7549f9fe5505b4720 Mon Sep 17 00:00:00 2001 From: Jarrod Flesch <30633324+JarrodMFlesch@users.noreply.github.com> Date: Mon, 10 Apr 2023 15:38:49 -0400 Subject: [PATCH] fix: prevents rendering of version actions when a user does not have permission --- src/admin/components/Routes.tsx | 11 +++++++--- .../components/elements/Status/index.tsx | 7 ++++-- .../forms/field-types/Array/index.tsx | 3 +-- .../forms/field-types/Blocks/index.tsx | 3 +-- .../utilities/DocumentInfo/index.tsx | 8 +++---- .../utilities/DocumentInfo/types.ts | 4 ---- .../components/views/Version/Version.tsx | 22 ++++++++++++------- 7 files changed, 33 insertions(+), 25 deletions(-) diff --git a/src/admin/components/Routes.tsx b/src/admin/components/Routes.tsx index b264c01269..d4423ee211 100644 --- a/src/admin/components/Routes.tsx +++ b/src/admin/components/Routes.tsx @@ -273,10 +273,15 @@ const Routes = () => { render={(routeProps) => { if (permissions?.collections?.[collection.slug]?.readVersions?.permission) { return ( - + id={routeProps.match.params.id} + > + + ); } diff --git a/src/admin/components/elements/Status/index.tsx b/src/admin/components/elements/Status/index.tsx index 17b0e5a371..5a502f473c 100644 --- a/src/admin/components/elements/Status/index.tsx +++ b/src/admin/components/elements/Status/index.tsx @@ -24,6 +24,7 @@ const Status: React.FC = () => { global, id, getVersions, + docPermissions, } = useDocumentInfo(); const { toggleModal } = useModal(); const { @@ -114,12 +115,14 @@ const Status: React.FC = () => { } }, [collection, global, publishedDoc, serverURL, api, id, i18n, locale, resetForm, getVersions, t, toggleModal, revertModalSlug, unPublishModalSlug]); + const canUpdate = docPermissions?.update?.permission; + if (statusToRender) { return ( {t(statusToRender)} - {statusToRender === 'published' && ( + {canUpdate && statusToRender === 'published' && ( — = () => { )} - {statusToRender === 'changed' && ( + {canUpdate && statusToRender === 'changed' && ( — = (props) => { const CustomRowLabel = components?.RowLabel || undefined; - const { preferencesKey } = useDocumentInfo(); + const { preferencesKey, id } = useDocumentInfo(); const { getPreference } = usePreferences(); const { setPreference } = usePreferences(); const [rows, dispatchRows] = useReducer(reducer, undefined); const formContext = useForm(); const { user } = useAuth(); - const { id } = useDocumentInfo(); const locale = useLocale(); const operation = useOperation(); const { t, i18n } = useTranslation('fields'); diff --git a/src/admin/components/forms/field-types/Blocks/index.tsx b/src/admin/components/forms/field-types/Blocks/index.tsx index a2c4cd48ab..b6d66dbe3d 100644 --- a/src/admin/components/forms/field-types/Blocks/index.tsx +++ b/src/admin/components/forms/field-types/Blocks/index.tsx @@ -65,13 +65,12 @@ const BlocksField: React.FC = (props) => { const path = pathFromProps || name; - const { preferencesKey } = useDocumentInfo(); + const { preferencesKey, id } = useDocumentInfo(); const { getPreference } = usePreferences(); const { setPreference } = usePreferences(); const [rows, dispatchRows] = useReducer(reducer, undefined); const formContext = useForm(); const { user } = useAuth(); - const { id } = useDocumentInfo(); const locale = useLocale(); const operation = useOperation(); const { dispatchFields, setModified } = formContext; diff --git a/src/admin/components/utilities/DocumentInfo/index.tsx b/src/admin/components/utilities/DocumentInfo/index.tsx index 5183cd6009..8e99ca5895 100644 --- a/src/admin/components/utilities/DocumentInfo/index.tsx +++ b/src/admin/components/utilities/DocumentInfo/index.tsx @@ -5,7 +5,7 @@ import qs from 'qs'; import { useTranslation } from 'react-i18next'; import { useConfig } from '../Config'; import { PaginatedDocs } from '../../../../mongoose/types'; -import { ContextType, DocumentPermissions, EntityType, Props, Version } from './types'; +import { ContextType, DocumentPermissions, Props, Version } from './types'; import { TypeWithID } from '../../../../globals/config/types'; import { TypeWithTimestamps } from '../../../../collections/config/types'; import { Where } from '../../../../types'; @@ -15,6 +15,8 @@ import { useAuth } from '../Auth'; const Context = createContext({} as ContextType); +export const useDocumentInfo = (): ContextType => useContext(Context); + export const DocumentInfoProvider: React.FC = ({ children, global, @@ -32,7 +34,7 @@ export const DocumentInfoProvider: React.FC = ({ const baseURL = `${serverURL}${api}`; let slug: string; - let type: EntityType; + let type: 'global' | 'collection'; let pluralType: 'globals' | 'collections'; let preferencesKey: string; @@ -233,5 +235,3 @@ export const DocumentInfoProvider: React.FC = ({ ); }; - -export const useDocumentInfo = (): ContextType => useContext(Context); diff --git a/src/admin/components/utilities/DocumentInfo/types.ts b/src/admin/components/utilities/DocumentInfo/types.ts index a4a57727cf..8f8ffa3125 100644 --- a/src/admin/components/utilities/DocumentInfo/types.ts +++ b/src/admin/components/utilities/DocumentInfo/types.ts @@ -9,13 +9,9 @@ export type Version = TypeWithVersion export type DocumentPermissions = null | GlobalPermission | CollectionPermission -export type EntityType = 'global' | 'collection' - export type ContextType = { collection?: SanitizedCollectionConfig global?: SanitizedGlobalConfig - type: EntityType - /** Slug of the collection or global */ slug?: string id?: string | number preferencesKey?: string diff --git a/src/admin/components/views/Version/Version.tsx b/src/admin/components/views/Version/Version.tsx index c189636dab..0c41f2635c 100644 --- a/src/admin/components/views/Version/Version.tsx +++ b/src/admin/components/views/Version/Version.tsx @@ -3,6 +3,7 @@ import { useRouteMatch } from 'react-router-dom'; import { useTranslation } from 'react-i18next'; import { useConfig } from '../../utilities/Config'; import { useAuth } from '../../utilities/Auth'; +import { useDocumentInfo } from '../../utilities/DocumentInfo'; import usePayloadAPI from '../../../hooks/usePayloadAPI'; import Eyebrow from '../../elements/Eyebrow'; import { useStepNav } from '../../elements/StepNav'; @@ -36,6 +37,7 @@ const VersionView: React.FC = ({ collection, global }) => { const { permissions } = useAuth(); const locale = useLocale(); const { t, i18n } = useTranslation('version'); + const { docPermissions } = useDocumentInfo(); let originalDocFetchURL: string; let versionFetchURL: string; @@ -163,6 +165,8 @@ const VersionView: React.FC = ({ collection, global }) => { comparison = publishedDoc; } + const canUpdate = docPermissions?.update?.permission; + return ( @@ -179,14 +183,16 @@ const VersionView: React.FC = ({ collection, global }) => { {formattedCreatedAt} - + {canUpdate && ( + + )}