mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-14 18:52:05 +03:00
9bdb25d184
refs https://github.com/TryGhost/Team/issues/2110 - dynamically defined properties on the config service did not have autotracking set up properly if they were accessed in any way before the property was defined, this caused problems in a number of areas because we have both "unauthed" and "authed" sets of config and when not logged in we had parts of the app checking for authed config properties that don't exist until after sign-in and subsequent config re-fetch - renamed `config` service to `configManager` and updated to only contain methods for fetching config data - added a `config` instance initializer that sets up a `TrackedObject` instance with some custom properties/methods and registers it on `config:main` - uses application instance initializer rather than a standard initializer because standard initializers are only called once when setting up the test suite so we'd end up with config leaking across tests - added an `@inject` decorator that when used takes the property name and injects whatever is registered at `${propertyName}:main`, this allows us to use dependency injection for any object rather than just services or controllers - using `application.inject()` in the initializer was initially used but that only works for objects that extend from `EmberObject`, the injections weren't available in native-class glimmer components so this decorator keeps the injection syntax consistent - swapped all `@service config` uses to `@inject config`
152 lines
4.5 KiB
JavaScript
152 lines
4.5 KiB
JavaScript
import ESASessionService from 'ember-simple-auth/services/session';
|
|
import RSVP from 'rsvp';
|
|
import {configureScope} from '@sentry/ember';
|
|
import {getOwner} from '@ember/application';
|
|
import {inject} from 'ghost-admin/decorators/inject';
|
|
import {run} from '@ember/runloop';
|
|
import {inject as service} from '@ember/service';
|
|
import {task} from 'ember-concurrency';
|
|
import {tracked} from '@glimmer/tracking';
|
|
|
|
export default class SessionService extends ESASessionService {
|
|
@service configManager;
|
|
@service('store') dataStore;
|
|
@service feature;
|
|
@service notifications;
|
|
@service router;
|
|
@service frontend;
|
|
@service settings;
|
|
@service ui;
|
|
@service upgradeStatus;
|
|
@service whatsNew;
|
|
@service membersUtils;
|
|
|
|
@inject config;
|
|
|
|
@tracked user = null;
|
|
|
|
skipAuthSuccessHandler = false;
|
|
|
|
async populateUser(options = {}) {
|
|
if (this.user) {
|
|
return;
|
|
}
|
|
|
|
const id = options.id || 'me';
|
|
const user = await this.dataStore.queryRecord('user', {id});
|
|
this.user = user;
|
|
}
|
|
|
|
async postAuthPreparation() {
|
|
await RSVP.all([
|
|
this.configManager.fetchAuthenticated(),
|
|
this.feature.fetch(),
|
|
this.settings.fetch(),
|
|
this.membersUtils.fetch()
|
|
]);
|
|
|
|
await this.frontend.loginIfNeeded();
|
|
|
|
// update Sentry with the full Ghost version which we only get after authentication
|
|
if (this.config.sentry_dsn) {
|
|
configureScope((scope) => {
|
|
scope.addEventProcessor((event) => {
|
|
return new Promise((resolve) => {
|
|
resolve({
|
|
...event,
|
|
release: `ghost@${this.config.version}`
|
|
});
|
|
});
|
|
});
|
|
});
|
|
}
|
|
|
|
this.loadServerNotifications();
|
|
this.whatsNew.fetchLatest.perform();
|
|
}
|
|
|
|
async handleAuthentication() {
|
|
if (this.handleAuthenticationTask.isRunning) {
|
|
return this.handleAuthenticationTask.last;
|
|
}
|
|
|
|
return this.handleAuthenticationTask.perform(() => {
|
|
if (this.skipAuthSuccessHandler) {
|
|
this.skipAuthSuccessHandler = false;
|
|
return;
|
|
}
|
|
|
|
super.handleAuthentication('home');
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Always try to re-setup session & retry the original transition
|
|
* if user data is still available in session store although the
|
|
* ember-session is unauthenticated.
|
|
*
|
|
* If success, it will retry the original transition.
|
|
* If failed, it will be handled by the redirect to sign in.
|
|
*/
|
|
async requireAuthentication(transition, route) {
|
|
// Only when ember session invalidated
|
|
if (!this.isAuthenticated) {
|
|
transition.abort();
|
|
|
|
if (this.user) {
|
|
await this.setup();
|
|
this.notifications.clearAll();
|
|
transition.retry();
|
|
}
|
|
}
|
|
|
|
super.requireAuthentication(transition, route);
|
|
}
|
|
|
|
handleInvalidation() {
|
|
let transition = this.appLoadTransition;
|
|
|
|
if (transition) {
|
|
transition.send('authorizationFailed');
|
|
} else {
|
|
run.scheduleOnce('routerTransitions', this, 'triggerAuthorizationFailed');
|
|
}
|
|
}
|
|
|
|
// TODO: this feels hacky, find a better way than using .send
|
|
triggerAuthorizationFailed() {
|
|
getOwner(this).lookup(`route:${this.router.currentRouteName}`)?.send('authorizationFailed');
|
|
}
|
|
|
|
loadServerNotifications() {
|
|
if (this.isAuthenticated) {
|
|
if (!this.user.isAuthorOrContributor) {
|
|
this.dataStore.findAll('notification', {reload: true}).then((serverNotifications) => {
|
|
serverNotifications.forEach((notification) => {
|
|
if (notification.top || notification.custom) {
|
|
this.notifications.handleNotification(notification);
|
|
} else {
|
|
this.upgradeStatus.handleUpgradeNotification(notification);
|
|
}
|
|
});
|
|
});
|
|
}
|
|
}
|
|
}
|
|
|
|
@task({drop: true})
|
|
*handleAuthenticationTask(callback) {
|
|
if (!this.user) {
|
|
try {
|
|
yield this.populateUser();
|
|
} catch (err) {
|
|
yield this.invalidate();
|
|
}
|
|
|
|
yield this.postAuthPreparation();
|
|
}
|
|
|
|
callback();
|
|
}
|
|
}
|