Merge pull request #4090 from sbwalker/dev

fix #4088 - redirect to login if not authenticated
2024-04-01 12:01:04 -04:00 · 2024-04-01 12:01:04 -04:00 · 273b4f20db
commit 273b4f20db
parent 60ae1ec1e8 9843dccdf0
1 changed files with 73 additions and 81 deletions
--- a/Oqtane.Client/UI/SiteRouter.razor
+++ b/Oqtane.Client/UI/SiteRouter.razor
@ -251,10 +251,8 @@
                }
            }

-            if (page != null)
-            {
            // check if user is authorized to view page
-                if (UserSecurity.IsAuthorized(user, PermissionNames.View, page.PermissionList) && (Utilities.IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate) || UserSecurity.IsAuthorized(user, PermissionNames.Edit, page.PermissionList)))
+            if (page != null && UserSecurity.IsAuthorized(user, PermissionNames.View, page.PermissionList) && (Utilities.IsPageModuleVisible(page.EffectiveDate, page.ExpiryDate) || UserSecurity.IsAuthorized(user, PermissionNames.Edit, page.PermissionList)))
            {
                // edit mode
                if (user != null)
@ -313,32 +311,28 @@
            }
            else
            {
-                    // Need to redirect 404 as page doesnot exist in a Permission or Timeframe
-                    if (route.PagePath != "404")
+                if (page == null)
                {
-                        // redirect to 404 page
-                        NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "404", ""));
-                    }
-                }
-            }
-            else // page not found
-            {
-                // look for url mapping
+                    // check for url mapping
                    var urlMapping = await UrlMappingService.GetUrlMappingAsync(site.SiteId, route.PagePath);
                    if (urlMapping != null && !string.IsNullOrEmpty(urlMapping.MappedUrl))
                    {
                        var url = (urlMapping.MappedUrl.StartsWith("http")) ? urlMapping.MappedUrl : route.SiteUrl + "/" + urlMapping.MappedUrl + route.Query;
                        NavigationManager.NavigateTo(url, false);
+                        return;
                    }
-                else // not mapped
+                }
+                else
                {
                    if (user == null)
                    {
                        // redirect to login page if user not logged in as they may need to be authenticated
                        NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "login", "?returnurl=" + WebUtility.UrlEncode(route.PathAndQuery)));
+                        return;
                    }
-                    else
-                    {
+                }
+
+                // page not found or user does not have sufficient access
                if (route.PagePath != "404")
                {
                    // redirect to 404 page
@ -351,8 +345,6 @@
                }
            }
        }
-            }
-        }
        else
        {
            // site does not exist