Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Non-admins can click on certification details, but the page errors out #9

Open
zyphlar opened this issue Oct 25, 2020 · 1 comment
Open

Non-admins can click on certification details, but the page errors out #9

zyphlar opened this issue Oct 25, 2020 · 1 comment

Comments

@zyphlar
Copy link
Member

zyphlar commented Oct 25, 2020

i.e. if an admin goes to https://hslmembers.netlify.app/certs/1 it works, but if a non-admin goes there it throws an error in members_api and causes a crash in members_ui on line 99 of cert_detail.js (const { name, description } = await this.props.read(id); which loads /certs/{id})

Possible fixes include:

  • expanding the {auth.isAdmin} logic to preclude line 99 from running, not just hiding the edit form
  • allowing members_api to show cert details, just deny PUT/POST/DELETE on a cert
  • not displaying links to the cert details page for non-admins
@JulienTant
Copy link
Contributor

FIY this has been fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zyphlar @JulienTant