chore: #1997 redirect to 404 if not admin

reapit · Jul 13, 2020 · 6680742 · 6680742
1 parent cd66789
commit 6680742
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/packages/admin-portal/src/core/__tests__/private-route.tsx b/packages/admin-portal/src/core/__tests__/private-route.tsx
@@ -157,5 +157,15 @@ describe('PrivateRouter', () => {
       fn()
       expect(history.replace).toBeCalledWith(`${Routes.AUTHENTICATION}/${mockAllow.toLowerCase()}`)
     })
+
+    it('should redirect to 404 page if land on admin page, and is not admin', () => {
+      const mockLoginIdentity = {
+        clientId: 'testClientId',
+      } as LoginIdentity
+      const mockAllow = 'ADMIN'
+      const fn = handleRedirectToAuthenticationPage(mockAllow, history, mockLoginIdentity)
+      fn()
+      expect(history.replace).toBeCalledWith(Routes.FOUR_O_FOUR)
+    })
   })
 })
diff --git a/packages/admin-portal/src/core/private-route.tsx b/packages/admin-portal/src/core/private-route.tsx
@@ -68,10 +68,14 @@ export const handleRedirectToAuthenticationPage = (
     if (!loginIdentity || isFetchingAccessToken) {
       return
     }
-    const { clientId, developerId } = loginIdentity
+    const { clientId, developerId, adminId } = loginIdentity
     if ((allow === 'CLIENT' && !clientId) || (allow === 'DEVELOPER' && !developerId)) {
       history.replace(`${Routes.AUTHENTICATION}/${allow.toLowerCase()}`)
     }
+
+    if (allow === 'ADMIN' && !adminId) {
+      history.replace(Routes.FOUR_O_FOUR)
+    }
   }
 }