From 3949acbc1d9646b1aa536b0c61736fda7e737f6f Mon Sep 17 00:00:00 2001 From: John Cowen Date: Tue, 21 Dec 2021 07:51:52 +0000 Subject: [PATCH] ui: Remove any route level auth checks (#11891) --- .changelog/11891.txt | 4 ++++ ui/packages/consul-ui/app/routing/route.js | 22 ---------------------- 2 files changed, 4 insertions(+), 22 deletions(-) create mode 100644 .changelog/11891.txt diff --git a/.changelog/11891.txt b/.changelog/11891.txt new file mode 100644 index 0000000000..3ddb9a09d5 --- /dev/null +++ b/.changelog/11891.txt @@ -0,0 +1,4 @@ +```release-note:bug +ui: Fixes an issue where once a 403 page is displayed in some circumstances its +diffcult to click back to where you where before receiving a 403 +``` diff --git a/ui/packages/consul-ui/app/routing/route.js b/ui/packages/consul-ui/app/routing/route.js index 02b1edf2d4..2eaabc8363 100644 --- a/ui/packages/consul-ui/app/routing/route.js +++ b/ui/packages/consul-ui/app/routing/route.js @@ -1,7 +1,6 @@ import Route from '@ember/routing/route'; import { get, setProperties, action } from '@ember/object'; import { inject as service } from '@ember/service'; -import HTTPError from 'consul-ui/utils/http/error'; // paramsFor import { routes } from 'consul-ui/router'; @@ -50,27 +49,6 @@ export default class BaseRoute extends Route { } } - /** - * Inspects a custom `abilities` array on the router for this route. Every - * abililty needs to 'pass' for the route not to throw a 403 error. Anything - * more complex then this (say ORs) should use a single ability and perform - * the OR logic in the test for the ability. Note, this ability check happens - * before any calls to the backend for this model/route. - */ - async beforeModel() { - // remove any references to index as it is the same as the root routeName - const routeName = this.routeName - .split('.') - .filter(item => item !== 'index') - .join('.'); - const abilities = get(routes, `${routeName}._options.abilities`) || []; - if (abilities.length > 0) { - if (!abilities.every(ability => this.permissions.can(ability))) { - throw new HTTPError('403'); - } - } - } - /** * By default any empty string query parameters should remove the query * parameter from the URL. This is the most common behavior if you don't