From 5494233e59f0972af28751792c459c7ab190d20c Mon Sep 17 00:00:00 2001 From: Markus Thielker Date: Sun, 6 Apr 2025 15:08:05 +0200 Subject: [PATCH] NORY-59: protect all missing cards in identity details --- dashboard/src/app/(inside)/user/[id]/page.tsx | 207 ++++++++++-------- dashboard/src/lib/permission.ts | 1 + 2 files changed, 118 insertions(+), 90 deletions(-) diff --git a/dashboard/src/app/(inside)/user/[id]/page.tsx b/dashboard/src/app/(inside)/user/[id]/page.tsx index e590abc..2fff21c 100644 --- a/dashboard/src/app/(inside)/user/[id]/page.tsx +++ b/dashboard/src/app/(inside)/user/[id]/page.tsx @@ -92,7 +92,10 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id const pmEditUser = await checkPermission(permission.user.it, relation.edit, identityId); const pmDeleteUser = await checkPermission(permission.user.it, relation.delete, identityId); - const pmAccessUserTraits = await checkPermission(permission.user.trait, relation.access, identityId); + const pmAccessUserTrait = await checkPermission(permission.user.trait, relation.access, identityId); + const pmEditUserTraits = await checkPermission(permission.user.trait, relation.edit, identityId); + const pmAccessUserAddress = await checkPermission(permission.user.address, relation.access, identityId); + const pmAccessUserCredential = await checkPermission(permission.user.credential, relation.access, identityId); const pmEditUserState = await checkPermission(permission.user.state, relation.edit, identityId); const pmAccessUserSession = await checkPermission(permission.user.session, relation.access, identityId); const pmDeleteUserSession = await checkPermission(permission.user.session, relation.delete, identityId); @@ -114,7 +117,6 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id message="The identity you are trying to see exists but has no identifiable address"/>; } - const detailIdentitySessions = pmAccessUserSession && await listIdentitySessions(detailIdentityId); const detailIdentitySchema = await getIdentitySchema(detailIdentity.schema_id) @@ -133,7 +135,7 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
{ - pmAccessUserTraits ? + pmAccessUserTrait ? Traits @@ -170,98 +172,44 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id /> - - - Addresses - All linked addresses for verification and recovery - - + { + pmAccessUserAddress ? + + + Addresses + All linked addresses for verification and recovery + + - - - - Type - Value - - - - { - addresses.map((address) => { - return ( - - {address.value} - {address.via} - - {address.verifiable_id && - - Verifiable - { - address.verified ? - - : - - } - - } - {address.recovery_id && - Recovery - } - - - ); - }) - } - -
- - - - - Credentials - All authentication mechanisms registered with this identity - - - - - - - - Sessions - See and manage all sessions of this identity - - - { - detailIdentitySessions ? - OS - Browser - Active since + Type + Value { - detailIdentitySessions.map((session) => { - - const device = session.devices![0]; - const parser = new UAParser(device.user_agent); - const result = parser.getResult(); - + addresses.map((address) => { return ( - - - {result.os.name} - {result.os.version} - - - {result.browser.name} - {result.browser.version} - + + {address.value} + {address.via} - {new Date(session.authenticated_at!).toLocaleString()} + {address.verifiable_id && + + Verifiable + { + address.verified ? + + : + + } + + } + {address.recovery_id && + Recovery + } ); @@ -269,11 +217,90 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id }
- : -

This user has no active sessions

- } - - + + + : + + } + { + pmAccessUserCredential ? + + + Credentials + All authentication mechanisms registered with this + identity + + + + + + : + + } + { + pmAccessUserSession ? + + + Sessions + See and manage all sessions of this identity + + + { + detailIdentitySessions ? + + + + OS + Browser + Active since + + + + { + detailIdentitySessions.map((session) => { + + const device = session.devices![0]; + const parser = new UAParser(device.user_agent); + const result = parser.getResult(); + + return ( + + + {result.os.name} + {result.os.version} + + + {result.browser.name} + {result.browser.version} + + + {new Date(session.authenticated_at!).toLocaleString()} + + + ); + }) + } + +
+ : +

This user has no active sessions

+ } + + + : + + }
); diff --git a/dashboard/src/lib/permission.ts b/dashboard/src/lib/permission.ts index 69a8523..9fc8ba0 100644 --- a/dashboard/src/lib/permission.ts +++ b/dashboard/src/lib/permission.ts @@ -5,6 +5,7 @@ export const permission = { }, user: { it: 'admin.user', + address: 'admin.user.address', code: 'admin.user.code', credential: 'admin.user.credential', link: 'admin.user.link',