markus/next-ory
1
0
Fork 0
mirror of https://codeberg.org/MarkusThielker/next-ory.git synced 2025-04-19 09:01:18 +00:00
Code Releases Packages Activity

NORY-59: protect all missing cards in identity details

Browse source
This commit is contained in:
Markus Thielker 2025-04-06 15:08:05 +02:00
parent 328b827bf8
commit 77c2135e13
2 changed files with 118 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
dashboard/src/app/(inside)/user/[id]/page.tsx
View file

@ -92,7 +92,10 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
const pmEditUser = await checkPermission(permission.user.it, relation.edit, identityId);
const pmDeleteUser = await checkPermission(permission.user.it, relation.delete, identityId);
const pmAccessUserTraits = await checkPermission(permission.user.trait, relation.access, identityId);
const pmAccessUserTrait = await checkPermission(permission.user.trait, relation.access, identityId);
const pmEditUserTraits = await checkPermission(permission.user.trait, relation.edit, identityId);
const pmAccessUserAddress = await checkPermission(permission.user.address, relation.access, identityId);
const pmAccessUserCredential = await checkPermission(permission.user.credential, relation.access, identityId);
const pmEditUserState = await checkPermission(permission.user.state, relation.edit, identityId);
const pmAccessUserSession = await checkPermission(permission.user.session, relation.access, identityId);
const pmDeleteUserSession = await checkPermission(permission.user.session, relation.delete, identityId);
@ -114,7 +117,6 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
message="The identity you are trying to see exists but has no identifiable address"/>;
}
const detailIdentitySessions = pmAccessUserSession && await listIdentitySessions(detailIdentityId);
const detailIdentitySchema = await getIdentitySchema(detailIdentity.schema_id)
@ -133,7 +135,7 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
</div>
<div className="grid grid-cols-1 xl:grid-cols-2 gap-4">
{
pmAccessUserTraits ?
pmAccessUserTrait ?
<Card className="row-span-3">
<CardHeader>
<CardTitle>Traits</CardTitle>
@ -170,6 +172,8 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
/>
</CardContent>
</Card>
{
pmAccessUserAddress ?
<Card>
<CardHeader>
<CardTitle>Addresses</CardTitle>
@ -215,15 +219,32 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
</Table>
</CardContent>
</Card>
:
<InsufficientPermission
permission={permission.user.address}
relation={relation.access}
identityId={identityId}/>
}
{
pmAccessUserCredential ?
<Card>
<CardHeader>
<CardTitle>Credentials</CardTitle>
<CardDescription>All authentication mechanisms registered with this identity</CardDescription>
<CardDescription>All authentication mechanisms registered with this
identity</CardDescription>
</CardHeader>
<CardContent className="space-y-4">
<IdentityCredentials identity={detailIdentity}/>
</CardContent>
</Card>
:
<InsufficientPermission
permission={permission.user.credential}
relation={relation.access}
identityId={identityId}/>
}
{
pmAccessUserSession ?
<Card>
<CardHeader>
<CardTitle>Sessions</CardTitle>
@ -274,6 +295,12 @@ export default async function UserDetailsPage({ params }: { params: Promise<{ id
}
</CardContent>
</Card>
:
<InsufficientPermission
permission={permission.user.session}
relation={relation.access}
identityId={identityId}/>
}
</div>
</div>
);

1
dashboard/src/lib/permission.ts
View file

@ -5,6 +5,7 @@ export const permission = {
},
user: {
it: 'admin.user',
address: 'admin.user.address',
code: 'admin.user.code',
credential: 'admin.user.credential',
link: 'admin.user.link',