zias/stats
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

dashboard: ensure you only access what you have access to

Browse Source
This commit is contained in:
Carl-Gerhard Lindesvärd
2024-03-14 20:39:28 +01:00
parent 7300631630
commit 2057fe083b
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/dashboard/src/app/(app)/[organizationId]/[projectId]/layout.tsx
View File

@@ -1,7 +1,9 @@
import { notFound } from 'next/navigation';
import {
getCurrentOrganizations,
getDashboardsByOrganization,
getDashboardsByProjectId,
getProjectsByOrganizationSlug,
} from '@openpanel/db';
import { LayoutSidebar } from './layout-sidebar';
@@ -18,11 +20,20 @@ export default async function AppLayout({
children,
params: { organizationId, projectId },
}: AppLayoutProps) {
const [organizations, dashboards] = await Promise.all([
const [organizations, projects, dashboards] = await Promise.all([
getCurrentOrganizations(),
getProjectsByOrganizationSlug(organizationId),
getDashboardsByProjectId(projectId),
]);
if (!organizations.find((item) => item.slug === organizationId)) {
return notFound();
}
if (!projects.find((item) => item.id === projectId)) {
return notFound();
}
return (
<div id="dashboard">
<LayoutSidebar