Skip to content

Commit 5218665

Browse files
PascalinDePascalinDe
authoredMay 3, 2024··
Merge pull request #158 from c4dt/156
Non-admins cannot access form management view
2 parents f9d43fe + 4205520 commit 5218665

File tree

2 files changed

+22
-7
lines changed

2 files changed

+22
-7
lines changed
 

‎web/frontend/src/layout/App.tsx

+8-1
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,14 @@ const App = () => {
6969
</RequireAuth>
7070
}
7171
/>
72-
<Route path={'/forms/:formId'} element={<FormShow />} />
72+
<Route
73+
path={'/forms/:formId'}
74+
element={
75+
<RequireAuth auth={['election', 'create']}>
76+
<FormShow />
77+
</RequireAuth>
78+
}
79+
/>
7380
<Route path={'/forms/:formId/result'} element={<FormResult />} />
7481
<Route
7582
path={ROUTE_BALLOT_SHOW + '/:formId'}

‎web/frontend/src/pages/form/components/FormRow.tsx

+14-6
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,21 @@
1-
import React, { FC, useEffect, useState } from 'react';
1+
import React, { FC, useContext, useEffect, useState } from 'react';
22
import { LightFormInfo } from 'types/form';
33
import { Link } from 'react-router-dom';
44
import FormStatus from './FormStatus';
55
import QuickAction from './QuickAction';
66
import { default as i18n } from 'i18next';
7+
import { AuthContext } from '../../..';
78

89
type FormRowProps = {
910
form: LightFormInfo;
1011
};
1112

13+
const SUBJECT_ELECTION = 'election';
14+
const ACTION_CREATE = 'create';
15+
1216
const FormRow: FC<FormRowProps> = ({ form }) => {
1317
const [titles, setTitles] = useState<any>({});
18+
const authCtx = useContext(AuthContext);
1419
useEffect(() => {
1520
if (form.Title === undefined) return;
1621
setTitles({ En: form.Title.En, Fr: form.Title.Fr, De: form.Title.De, URL: form.Title.URL });
@@ -25,14 +30,17 @@ const FormRow: FC<FormRowProps> = ({ form }) => {
2530
formRowI18n.addResource(lang.toLowerCase(), 'form', 'title', title);
2631
}
2732
});
33+
const formTitle = formRowI18n.t('title', { ns: 'form', fallbackLng: 'en' });
2834
return (
2935
<tr className="bg-white border-b hover:bg-gray-50 ">
3036
<td className="px-1.5 sm:px-6 py-4 font-medium text-gray-900 whitespace-nowrap truncate">
31-
<Link className="text-gray-700 hover:text-[#ff0000]" to={`/forms/${form.FormID}`}>
32-
<div className="max-w-[20vw] truncate">
33-
{formRowI18n.t('title', { ns: 'form', fallbackLng: 'en' })}
34-
</div>
35-
</Link>
37+
{authCtx.isLogged && authCtx.isAllowed(SUBJECT_ELECTION, ACTION_CREATE) ? (
38+
<Link className="text-gray-700 hover:text-[#ff0000]" to={`/forms/${form.FormID}`}>
39+
<div className="max-w-[20vw] truncate">{formTitle}</div>
40+
</Link>
41+
) : (
42+
<div className="max-w-[20vw] truncate">{formTitle}</div>
43+
)}
3644
</td>
3745
<td className="px-1.5 sm:px-6 py-4">{<FormStatus status={form.Status} />}</td>
3846
<td className="px-1.5 sm:px-6 py-4 text-right">

0 commit comments

Comments
 (0)
Please sign in to comment.