mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-22 18:31:57 +03:00
683a8584ce
no issue Mixins are deprecated in Ember so we want to remove their usage. The `CurrentUserSettings` mixin was used in Route files to provide `transitionAuthor()` (that also transitions contributors) and `transitionEditor()` methods so the the consuming route could use them to prevent access to authors/editors. In practice the only reason this was used was to prevent access to admin-only routes. - added an `AdminRoute` class that inherits from our `AuthenticatedRoute` class - when any route inherits from this class it will only allow access to admins and owners, any other user will be redirected to the home screen (dashboard or site depending on permissions) - updated all of our admin-only routes to use the new `AdminRoute` - allowed for removal of `CurrentUserSettings` mixin usage - allowed for `beforeModel()` hooks to be removed from consuming routes in many cases - some admin-only routes were extending/inheriting directly from Ember's `Route` based on the assumption that the router hierarchy would have a parent route perform the redirect. Those have also been switched to `AdminRoute` for consistency and to prevent accidentally making them available if the router hierarchy changes - `/#/settings` does not use the `AdminRoute` so that it can redirect to the current user's setting page for non-admin users - removed `CurrentUserSettings` mixin file - cleaned up unnecessary computed property and function used for redirect-when-disabled in the Zapier route
15 lines
353 B
JavaScript
15 lines
353 B
JavaScript
import AuthenticatedRoute from './authenticated';
|
|
import {inject as service} from '@ember/service';
|
|
|
|
export default class AdminRoute extends AuthenticatedRoute {
|
|
@service session;
|
|
|
|
beforeModel() {
|
|
super.beforeModel(...arguments);
|
|
|
|
if (!this.session.user.isAdmin) {
|
|
return this.transitionTo('home');
|
|
}
|
|
}
|
|
}
|