Prevent OC from seeing the download interface, fix audit issue.

bcgov · Feb 11, 2020 · 27686ec · 27686ec
1 parent 033ca10
commit 27686ec
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 13 deletions.
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
diff --git a/frontend/package.json b/frontend/package.json
@@ -44,7 +44,7 @@
     "jest-websocket-mock": "^2.0.0",
     "mini-css-extract-plugin": "^0.4.4",
     "mock-socket": "^9.0.2",
-    "node-sass": "^4.13.0",
+    "node-sass": "^4.13.1",
     "nodemon": "^1.18.11",
     "prettier": "^1.18.2",
     "redux-logger": "^3.0.6",

diff --git a/frontend/src/modules/app/components/app/index.jsx b/frontend/src/modules/app/components/app/index.jsx
@@ -72,7 +72,8 @@ class App extends React.Component {
         zone,
       };
 
-      if (!hasValidGroupAccess) {
+      // Don't let OC's to download or invalid group access
+      if ((hasOcRole && exporterMode === 'download') || !hasValidGroupAccess) {
         return <Unauthorized />;
       }
 
@@ -81,7 +82,7 @@ class App extends React.Component {
         el = <Reports />;
       } else if (hasOcRole && !hasExporterRole) {
         el = <OutputChecker {...props} />;
-      } else {
+      } else if (hasExporterRole) {
         el = <Exporter {...props} />;
       }
     } else if (authFetchStatus === 'loaded') {
@@ -118,6 +119,7 @@ App.propTypes = {
   initSockets: PropTypes.func.isRequired,
   isAuthenticated: PropTypes.bool.isRequired,
   user: PropTypes.shape({
+    groups: PropTypes.arrayOf(PropTypes.string),
     displayName: PropTypes.string,
   }).isRequired,
   zone: PropTypes.string.isRequired,