zias/stats
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

dashboard: ensure you only access what you have access to

Browse Source
This commit is contained in:
Carl-Gerhard Lindesvärd
2024-03-14 20:39:28 +01:00
parent 7300631630
commit 2057fe083b
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/dashboard/src/app/(app)/[organizationId]/[projectId]/layout.tsx
View File

@@ -1,7 +1,9 @@
import { notFound } from 'next/navigation';
import { import {
getCurrentOrganizations, getCurrentOrganizations,
getDashboardsByOrganization,
getDashboardsByProjectId, getDashboardsByProjectId,
getProjectsByOrganizationSlug,
} from '@openpanel/db'; } from '@openpanel/db';
import { LayoutSidebar } from './layout-sidebar'; import { LayoutSidebar } from './layout-sidebar';
@@ -18,11 +20,20 @@ export default async function AppLayout({
children, children,
params: { organizationId, projectId }, params: { organizationId, projectId },
}: AppLayoutProps) { }: AppLayoutProps) {
const [organizations, dashboards] = await Promise.all([ const [organizations, projects, dashboards] = await Promise.all([
getCurrentOrganizations(), getCurrentOrganizations(),
getProjectsByOrganizationSlug(organizationId),
getDashboardsByProjectId(projectId), getDashboardsByProjectId(projectId),
]); ]);
if (!organizations.find((item) => item.slug === organizationId)) {
return notFound();
}
if (!projects.find((item) => item.id === projectId)) {
return notFound();
}
return ( return (
<div id="dashboard"> <div id="dashboard">
<LayoutSidebar <LayoutSidebar