diff --git a/app/models/user.js b/app/models/user.js index 57a74fd..c6a5dac 100644 --- a/app/models/user.js +++ b/app/models/user.js @@ -13,6 +13,14 @@ export default DS.Model.extend({ return this.get('role') === 'A'; }.property('role'), + isWriter: function() { + return this.get('role') === 'W'; + }.property('role'), + + isReader: function() { + return this.get('role') === 'R'; + }.property('role'), + fullRole: function() { let role = this.get('role'); if (role === 'R') { diff --git a/app/pods/not-found/route.js b/app/pods/not-found/route.js new file mode 100644 index 0000000..5be93bf --- /dev/null +++ b/app/pods/not-found/route.js @@ -0,0 +1,11 @@ +import Ember from 'ember'; + +export default Ember.Route.extend({ + redirect: function() { + let url = this.router.location.formatURL('/not-found'); + + if (window.location.pathname !== url) { + this.transitionTo('/not-found'); + } + } +}); diff --git a/app/pods/not-found/template.hbs b/app/pods/not-found/template.hbs new file mode 100644 index 0000000..4952a23 --- /dev/null +++ b/app/pods/not-found/template.hbs @@ -0,0 +1,3 @@ +{{#x-application invalidateSession="invalidateSession"}} +

404 Not Found

+{{/x-application}} diff --git a/app/pods/protected/characteristics/edit/route.js b/app/pods/protected/characteristics/edit/route.js index 3ab3562..1c04a5d 100644 --- a/app/pods/protected/characteristics/edit/route.js +++ b/app/pods/protected/characteristics/edit/route.js @@ -2,6 +2,15 @@ import Ember from 'ember'; import AuthenticatedRouteMixin from 'simple-auth/mixins/authenticated-route-mixin'; export default Ember.Route.extend(AuthenticatedRouteMixin, { + beforeModel: function(transition) { + this._super(transition); + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.characteristics.index'); + } + }); + }, + model: function(params) { return this.store.findRecord('characteristic', params.characteristic_id, { reload: true }); }, diff --git a/app/pods/protected/characteristics/new/route.js b/app/pods/protected/characteristics/new/route.js index 6ddb337..677a5fc 100644 --- a/app/pods/protected/characteristics/new/route.js +++ b/app/pods/protected/characteristics/new/route.js @@ -3,9 +3,11 @@ import Ember from 'ember'; export default Ember.Route.extend({ beforeModel: function(transition) { this._super(transition); - if (this.get('session.currentUser.role') === 'R') { - this.transitionTo('characteristics.index'); - } + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.characteristics.index'); + } + }); }, model: function() { diff --git a/app/pods/protected/route.js b/app/pods/protected/route.js index a665e94..acb1442 100644 --- a/app/pods/protected/route.js +++ b/app/pods/protected/route.js @@ -1,12 +1,12 @@ import Ember from 'ember'; import AuthenticatedRouteMixin from 'simple-auth/mixins/authenticated-route-mixin'; -import parseBase64 from '../../utils/parse-base64'; export default Ember.Route.extend(AuthenticatedRouteMixin, { - model: function() { - let token = this.get('session.secure.token'); - let user = parseBase64(token); - return this.store.find('user', user.sub); + actions: { + error: function() { + this.transitionTo('/not-found'); + }, + }, }); diff --git a/app/pods/protected/species/edit/route.js b/app/pods/protected/species/edit/route.js index 59dcc15..6d09cb9 100644 --- a/app/pods/protected/species/edit/route.js +++ b/app/pods/protected/species/edit/route.js @@ -1,6 +1,15 @@ import Ember from 'ember'; export default Ember.Route.extend({ + beforeModel: function(transition) { + this._super(transition); + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.species.index'); + } + }); + }, + afterModel: function(species) { if (!species.get('canEdit')) { this.transitionTo('species.show', species.get('id')); diff --git a/app/pods/protected/species/new/route.js b/app/pods/protected/species/new/route.js index 3d15e44..3f813d2 100644 --- a/app/pods/protected/species/new/route.js +++ b/app/pods/protected/species/new/route.js @@ -3,9 +3,11 @@ import Ember from 'ember'; export default Ember.Route.extend({ beforeModel: function(transition) { this._super(transition); - if (this.get('session.currentUser.role') === 'R') { - this.transitionTo('species.index'); - } + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.species.index'); + } + }); }, model: function() { diff --git a/app/pods/protected/strains/edit/route.js b/app/pods/protected/strains/edit/route.js index 6bb9b2f..328d89d 100644 --- a/app/pods/protected/strains/edit/route.js +++ b/app/pods/protected/strains/edit/route.js @@ -2,6 +2,15 @@ import Ember from 'ember'; import AuthenticatedRouteMixin from 'simple-auth/mixins/authenticated-route-mixin'; export default Ember.Route.extend(AuthenticatedRouteMixin, { + beforeModel: function(transition) { + this._super(transition); + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.strains.index'); + } + }); + }, + model: function(params) { return Ember.RSVP.hash({ strain: this.store.find('strain', params.strain_id), diff --git a/app/pods/protected/strains/new/route.js b/app/pods/protected/strains/new/route.js index 8c0ee68..45ca831 100644 --- a/app/pods/protected/strains/new/route.js +++ b/app/pods/protected/strains/new/route.js @@ -3,9 +3,11 @@ import Ember from 'ember'; export default Ember.Route.extend({ beforeModel: function(transition) { this._super(transition); - if (this.get('session.currentUser.role') === 'R') { - this.transitionTo('strains.index'); - } + this.get('session.currentUser').then((user) => { + if (user.get('isReader')) { + this.transitionTo('protected.strains.index'); + } + }); }, model: function() { diff --git a/app/pods/protected/users/changepassword/route.js b/app/pods/protected/users/changepassword/route.js index 982b827..2e3f295 100644 --- a/app/pods/protected/users/changepassword/route.js +++ b/app/pods/protected/users/changepassword/route.js @@ -5,8 +5,11 @@ export default Ember.Route.extend({ this._super(transition); let user_id = transition.params['protected.users.changepassword'].user_id; - if (this.get('session.currentUser.id') !== user_id) { - this.transitionTo('protected.users.index'); - } + + this.get('session.currentUser').then((user) => { + if (user.get('id') !== user_id) { + this.transitionTo('protected.users.index'); + } + }); } }); diff --git a/app/pods/protected/users/edit/route.js b/app/pods/protected/users/edit/route.js index bc22dc0..e11116f 100644 --- a/app/pods/protected/users/edit/route.js +++ b/app/pods/protected/users/edit/route.js @@ -1,6 +1,18 @@ import Ember from 'ember'; export default Ember.Route.extend({ + beforeModel: function(transition) { + this._super(transition); + + let user_id = transition.params['protected.users.edit'].user_id; + + this.get('session.currentUser').then((user) => { + if (user.get('id') !== user_id || user.get('isAdmin')) { + this.transitionTo('protected.users.index'); + } + }); + }, + model: function(params) { return this.store.findRecord('user', params.user_id, { reload: true }); }, diff --git a/app/pods/users/lockoutauthenticate/route.js b/app/pods/users/lockoutauthenticate/route.js index 131628c..f77c5dc 100644 --- a/app/pods/users/lockoutauthenticate/route.js +++ b/app/pods/users/lockoutauthenticate/route.js @@ -2,6 +2,8 @@ import Ember from 'ember'; export default Ember.Route.extend({ beforeModel: function(transition) { + this._super(transition); + let token = Ember.get(transition, 'queryParams.token'); this.get('session').authenticate('authenticator:jwt-resolved', token); }, diff --git a/app/router.js b/app/router.js index 3b3655a..f5cc4af 100644 --- a/app/router.js +++ b/app/router.js @@ -16,6 +16,8 @@ Router.map(function() { }); }); + this.route('not-found', { path: '/*path' }); + this.route('protected', { path: '/' }, function() { this.route('about');