From c2473d64e09b66c77f8873cbf0071f3810813384 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Florian=20B=C3=A9matol?= Date: Thu, 19 Dec 2024 16:38:25 +0100 Subject: [PATCH] BDE-239: Skip api calls for non-admin user --- .gitignore | 1 + package.json | 15 +++---- pnpm-lock.yaml | 12 ++++++ src/main/server-connector.js | 78 +++++++++++++++++++----------------- src/popup/index.js | 10 ++--- 5 files changed, 67 insertions(+), 49 deletions(-) diff --git a/.gitignore b/.gitignore index 608effe1..8a7e46d1 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,4 @@ selenium-standalone.txt .env.chrome .env.firefox .env.local +app diff --git a/package.json b/package.json index 60db59bd..7418c99f 100644 --- a/package.json +++ b/package.json @@ -24,6 +24,7 @@ "@rollup/plugin-inject": "^5.0.5", "chai": "^5.1.1", "concurrently": "^8.2.2", + "cross-env": "^7.0.3", "cssnano": "^7.0.4", "dotenv": "^16.4.5", "eslint-config-airbnb-base": "^14.2.1", @@ -63,13 +64,13 @@ "private": true, "scripts": { "env:build": "node vite.env.js", - "build:chrome:about": "BUILD_ENTRY=about vite build --mode=chrome", - "build:chrome:content": "BUILD_ENTRY=content vite build --mode=chrome", - "build:chrome:es-reindex": "BUILD_ENTRY=es-reindex vite build --mode=chrome", - "build:chrome:json": "BUILD_ENTRY=json vite build --mode=chrome", - "build:chrome:main": "BUILD_ENTRY=main vite build --mode=chrome", - "build:chrome:options": "BUILD_ENTRY=options vite build --mode=chrome", - "build:chrome:popup": "BUILD_ENTRY=popup vite build --mode=chrome", + "build:chrome:about": "cross-env BUILD_ENTRY=about vite build --mode=chrome", + "build:chrome:content": "cross-env BUILD_ENTRY=content vite build --mode=chrome", + "build:chrome:es-reindex": "cross-env BUILD_ENTRY=es-reindex vite build --mode=chrome", + "build:chrome:json": "cross-env BUILD_ENTRY=json vite build --mode=chrome", + "build:chrome:main": "cross-env BUILD_ENTRY=main vite build --mode=chrome", + "build:chrome:options": "cross-env BUILD_ENTRY=options vite build --mode=chrome", + "build:chrome:popup": "cross-env BUILD_ENTRY=popup vite build --mode=chrome", "build:chrome": "pnpm run env:build chrome && concurrently --kill-others-on-fail 'npm:build:chrome:*'" }, "type": "module", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e6764139..5fb3c03d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -72,6 +72,9 @@ importers: concurrently: specifier: ^8.2.2 version: 8.2.2 + cross-env: + specifier: ^7.0.3 + version: 7.0.3 cssnano: specifier: ^7.0.4 version: 7.0.4(postcss@8.4.39) @@ -1291,6 +1294,11 @@ packages: core-js-compat@3.37.1: resolution: {integrity: sha512-9TNiImhKvQqSUkOvk/mMRZzOANTiEVC7WaBNhHcKM7x+/5E1l5NvsysR19zuDQScE8k+kfQXWRN3AtS/eOSHpg==} + cross-env@7.0.3: + resolution: {integrity: sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==} + engines: {node: '>=10.14', npm: '>=6', yarn: '>=1'} + hasBin: true + cross-spawn@7.0.3: resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} engines: {node: '>= 8'} @@ -4217,6 +4225,10 @@ snapshots: dependencies: browserslist: 4.23.2 + cross-env@7.0.3: + dependencies: + cross-spawn: 7.0.3 + cross-spawn@7.0.3: dependencies: path-key: 3.1.1 diff --git a/src/main/server-connector.js b/src/main/server-connector.js index b3f911c5..4fc25093 100644 --- a/src/main/server-connector.js +++ b/src/main/server-connector.js @@ -115,43 +115,47 @@ This extension is only compatible with Nuxeo Platform servers. return Promise.reject(this.connectionErrorOf(`Connection to ${serverUrl.host} is forbidden`, notification)); } - connect(serverUrl, tabInfo, connectOptions = { forceForbiddenDomains: false }) { - return this.checkOperableDomain(serverUrl, connectOptions) - .then(() => new Nuxeo({ baseURL: serverUrl }) - .connect() - .then((nuxeo) => { - this.nuxeo = nuxeo; - this.serverUrl = serverUrl; - return Promise.all([ - this.asInstalledAddons().catch(() => []), // Return empty array on error - this.asConnectRegistration().catch(() => ({})), // Return empty object on error - ]) - .then(([installedAddons, connectRegistration]) => ({ - nuxeo, - serverUrl: nuxeo._baseURL, - installedAddons, - connectRegistration, - })) - .then((runtimeInfo) => { - this.disconnect = () => { - this.nuxeo = undefined; - this.runtimeInfo = undefined; - this.serverUrl = undefined; - this.worker.tabNavigationHandler.disableTabExtension(tabInfo); - }; - this.nuxeo = nuxeo; - this.runtimeInfo = runtimeInfo; - this.worker.tabNavigationHandler.enableTabExtension(tabInfo); - }); - }) - .catch((cause) => { - this.disconnect = this.noop; - this.nuxeo = undefined; - this.runtimeInfo = undefined; - this.serverUrl = undefined; - const notification = this.notifyError(cause); - return Promise.reject(this.connectionErrorOf(`Cannot establish connection with ${serverUrl}`, notification)); - })); + async connect(serverUrl, tabInfo, connectOptions = { forceForbiddenDomains: false }) { + await this.checkOperableDomain(serverUrl, connectOptions); + + try { + this.nuxeo = await new Nuxeo({ baseURL: serverUrl }).connect(); + this.serverUrl = serverUrl; + } catch (cause) { + this.disconnect = this.noop; + this.nuxeo = undefined; + this.runtimeInfo = undefined; + this.serverUrl = undefined; + + const notification = this.notifyError(cause); + this.connectionErrorOf(`Cannot establish connection with ${serverUrl}`, notification); + return; + } + + let installedAddons = []; + let connectRegistration = []; + if (this.nuxeo.user.isAdministrator) { + try { + installedAddons = await this.asInstalledAddons(); + connectRegistration = await this.asConnectRegistration(); + } catch (_) { + } + } + + this.runtimeInfo = { + nuxeo: this.nuxeo, + serverUrl: this.nuxeo._baseURL, + installedAddons: installedAddons, + connectRegistration: connectRegistration + }; + this.disconnect = () => { + this.nuxeo = undefined; + this.runtimeInfo = undefined; + this.serverUrl = undefined; + this.worker.tabNavigationHandler.disableTabExtension(tabInfo); + }; + + this.worker.tabNavigationHandler.enableTabExtension(tabInfo); } isConnected() { diff --git a/src/popup/index.js b/src/popup/index.js index 0f9597e4..322a5004 100644 --- a/src/popup/index.js +++ b/src/popup/index.js @@ -523,10 +523,10 @@ function loadPage(worker, options = { forceForbiddenDomains: false }) { }); } return Promise.all([ - worker.serverConnector - .asConnectRegistration(), - worker.serverConnector - .asDevelopedStudioProjects() + nuxeo.user.isAdministrator ? worker.serverConnector + .asConnectRegistration() : Promise.resolve({}), + nuxeo.user.isAdministrator ? worker.serverConnector + .asDevelopedStudioProjects() : Promise.resolve([]) .then((projects) => { // Remove any existing options while (selectBox[0].firstChild) { @@ -579,7 +579,7 @@ function loadPage(worker, options = { forceForbiddenDomains: false }) { new URL(connectLocation), registeredPackage ); - } else { + } else if (nuxeo.user.isAdministrator) { noStudioPackageFound(); } })