DebaucheryLibrarian/traxxx-web
1
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Verifying abilities for admin panel access instead of relying on user role.

Browse Source
This commit is contained in:
DebaucheryLibrarian
2026-06-17 00:23:03 +02:00
parent d7964f6fc2
commit d1e8ff48c5
4 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pages/admin/revisions/actors/+onBeforeRender.js
View File

@@ -1,8 +1,10 @@
import { render } from 'vike/abort'; /* eslint-disable-line import/extensions */
import { fetchActorRevisions } from '#/src/actors.js';
import verifyAbility from '#/utils/verify-ability.js';
export async function onBeforeRender(pageContext) {
if (!pageContext.user || pageContext.user.role === 'user') {
if (!pageContext.user || !verifyAbility(pageContext.user, 'actor', 'update')) {
throw render(404);
}

4
pages/admin/revisions/scenes/+onBeforeRender.js
View File

@@ -1,8 +1,10 @@
import { render } from 'vike/abort'; /* eslint-disable-line import/extensions */
import { fetchSceneRevisions } from '#/src/scenes.js';
import verifyAbility from '#/utils/verify-ability.js';
export async function onBeforeRender(pageContext) {
if (!pageContext.user || pageContext.user.role === 'user') {
if (!pageContext.user || !verifyAbility(pageContext.user, 'scene', 'update')) {
throw render(404);
}