fixing login guard

Author: amyfromandi

pages/maps/ingestion/+Page.ts

@@ -92,14 +92,14 @@ function TagFilterManager({ tags, setIngestFilter, ingestFilter }) {
     h("h3", ["Filter by tag"]),
     h(Tag, {
       value: "pending",
-      active: ingestFilter?.getAll("state").includes("eq.pending"),
+      active: (ingestFilter?.getAll("state") ?? []).includes("eq.pending"),
       onClick: async () => {
         updateUrl("state", "eq.pending", setIngestFilter);
       },
     }),
     h(Tag, {
       value: "ingested",
-      active: ingestFilter?.getAll("state").includes("eq.ingested"),
+      active: (ingestFilter?.getAll("state") ?? []).includes("eq.ingested"),
       onClick: async () => {
         updateUrl("state", "eq.ingested", setIngestFilter);
       },
@@ -108,7 +108,7 @@ function TagFilterManager({ tags, setIngestFilter, ingestFilter }) {
       return h(Tag, {
         key: tag,
         value: tag,
-        active: ingestFilter?.getAll("tags").includes(`eq.${tag}`),
+        active: (ingestFilter?.getAll("tags")  ?? []).includes(`eq.${tag}`),
         onClick: async () => {
           updateUrl("tags", `eq.${tag}`, setIngestFilter);
         },
@@ -130,19 +130,12 @@ function AddMapButton({ user }) {
   );
 }
 
-const toggleUrlParam = (
-  urlSearchParam: URLSearchParams,
-  key: string,
-  value: string
-) => {
+const toggleUrlParam = (urlSearchParam: URLSearchParams | undefined, key: string, value: string) => {
   // Check if this key value pair is already in the search params iteratively
-  if (urlSearchParam.getAll(key).includes(value)) {
-    urlSearchParam.delete(key, value);
-  } else {
-    urlSearchParam.append(key, value);
-  }
-
-  return new URLSearchParams(urlSearchParam.toString());
+  const sp = urlSearchParam ? new URLSearchParams(urlSearchParam) : new URLSearchParams()
+  if (sp.getAll(key).includes(value)) sp.delete(key, value)
+  else sp.append(key, value)
+  return sp
 };
 
 const updateUrl = (

pages/maps/ingestion/+guard.ts

@@ -1,22 +1,40 @@
 import { redirect, render } from "vike/abort";
-import { ingestPrefix } from "@macrostrat-web/settings";
 
-export const guard = (pageContext) => {
-  const { user } = pageContext;
+export default function guard(pageContext: any) {
+  const path = pageContext?.urlParsed?.pathname ?? pageContext?.urlPathname;
+  if (!path?.startsWith("/maps/ingestion/add")) return; // only gate /add
 
-  // if (user === undefined) {
-  //   // Render the login page while preserving the URL. (This is novel technique
-  //   // which we explain down below.)
-  //   // throw redirect(
-  //   //   `${ingestPrefix}/security/login?return_url=${pageContext.urlParsed.pathname}`
-  //   // );
-  //   /* The more traditional way, redirect the user:
-  //   throw redirect('/login')
-  //   */
-  //   return;
-  // }
-  // if (!user.groups.includes(1)) {
-  //   // Render the error page and show message to the user
-  //   throw render(403, "Only admins are allowed to access this page.");
-  // }
-};
+  const user = pageContext?.user;
+  const roles: string[] = Array.isArray(user?.roles)
+    ? user.roles
+    : user?.role
+    ? [user.role]
+    : [];
+
+  // pick the correct admin role names for your app:
+  const allowed =
+    roles.includes("ingestion_admin") ||
+    roles.includes("admin") ||
+    roles.includes("web_admin"); // keep/remove as needed
+
+  if (!allowed) {
+    throw render(403, "Only admins are allowed to access this page.");
+    // or: throw redirect(`/security/login?return_url=${path}`);
+  }
+}
+
+// if (user === undefined) {
+//   // Render the login page while preserving the URL. (This is novel technique
+//   // which we explain down below.)
+//   // throw redirect(
+//   //   `${ingestPrefix}/security/login?return_url=${pageContext.urlParsed.pathname}`
+//   // );
+//   /* The more traditional way, redirect the user:
+//   throw redirect('/login')
+//   */
+//   return;
+// }
+// if (!user.groups.includes(1)) {
+//   // Render the error page and show message to the user
+//   throw render(403, "Only admins are allowed to access this page.");
+// }