From d96f4a840cde1ee8effa1afecc9b0f4db4e75bcb Mon Sep 17 00:00:00 2001 From: Aditya Hegde Date: Wed, 8 Jan 2025 21:24:50 +0530 Subject: [PATCH] fix: public projects with logged out user fetching billing and bookmark data (#6377) * Fix public projects fetching uninteded data * PR comments --- web-admin/src/routes/+layout.ts | 18 ++++++++++++++++++ web-admin/src/routes/[organization]/+layout.ts | 5 +++-- .../[project]/explore/[dashboard]/+layout.ts | 5 +++-- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/web-admin/src/routes/+layout.ts b/web-admin/src/routes/+layout.ts index e692c242926..756ba3fbb16 100644 --- a/web-admin/src/routes/+layout.ts +++ b/web-admin/src/routes/+layout.ts @@ -7,8 +7,12 @@ export const ssr = false; import { dev } from "$app/environment"; import { + adminServiceGetCurrentUser, + getAdminServiceGetCurrentUserQueryKey, + type V1GetCurrentUserResponse, type V1OrganizationPermissions, type V1ProjectPermissions, + type V1User, } from "@rilldata/web-admin/client"; import { redirectToLoginOrRequestAccess } from "@rilldata/web-admin/features/authentication/checkUserAccess"; import { fetchOrganizationPermissions } from "@rilldata/web-admin/features/organizations/selectors"; @@ -49,9 +53,21 @@ export const load = async ({ params, url, route }) => { } } + let user: V1User | undefined; + try { + const userQuery = await queryClient.fetchQuery({ + queryKey: getAdminServiceGetCurrentUserQueryKey(), + queryFn: () => adminServiceGetCurrentUser(), + }); + user = userQuery.user; + } catch { + // no-op + } + // If no organization or project, return empty permissions if (!organization) { return { + user, organizationPermissions: {}, projectPermissions: {}, }; @@ -72,6 +88,7 @@ export const load = async ({ params, url, route }) => { if (!project) { return { + user, organizationPermissions, projectPermissions: {}, }; @@ -93,6 +110,7 @@ export const load = async ({ params, url, route }) => { ); return { + user, organizationPermissions, projectPermissions, project: proj, diff --git a/web-admin/src/routes/[organization]/+layout.ts b/web-admin/src/routes/[organization]/+layout.ts index 21d6edf9afc..4127205a5fd 100644 --- a/web-admin/src/routes/[organization]/+layout.ts +++ b/web-admin/src/routes/[organization]/+layout.ts @@ -3,11 +3,12 @@ import { fetchOrganizationBillingIssues } from "@rilldata/web-admin/features/bil import { error } from "@sveltejs/kit"; export const load = async ({ params: { organization }, parent }) => { - const { organizationPermissions } = await parent(); + const { user, organizationPermissions } = await parent(); let issues: V1BillingIssue[] = []; - if (organizationPermissions.readOrg) { + if (user && organizationPermissions.readOrg) { // only try to get issues if the user can read org + // also public projects will not have a user but will have `readOrg` permission try { issues = await fetchOrganizationBillingIssues(organization); } catch (e) { diff --git a/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts b/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts index b905022109c..618ae2db6b3 100644 --- a/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts +++ b/web-admin/src/routes/[organization]/[project]/explore/[dashboard]/+layout.ts @@ -15,7 +15,7 @@ import { } from "@rilldata/web-common/runtime-client"; export const load = async ({ params, depends, parent }) => { - const { project, runtime } = await parent(); + const { user, project, runtime } = await parent(); const { dashboard: exploreName } = params; @@ -38,7 +38,8 @@ export const load = async ({ params, depends, parent }) => { bookmarks, ] = await Promise.all([ fetchExploreSpec(runtime?.instanceId, exploreName), - fetchBookmarks(project.id, exploreName), + // public projects might not have a logged-in user. bookmarks are not available in this case + user ? fetchBookmarks(project.id, exploreName) : Promise.resolve([]), ]); } catch { // error handled in +page.svelte for now