authConfig persistence bug, session vars bug

Author: HarveyKandola

app/app/pods/customize/auth/route.js

@@ -30,16 +30,20 @@ export default Ember.Route.extend(AuthenticatedRouteMixin, {
 			authConfig: null,
 		};
 
-		switch (data.authProvider) {
-			case constants.AuthProvider.Keycloak:
-				data.authConfig = this.get('appMeta.authConfig');
-				break;
-			case constants.AuthProvider.Documize:
-				data.authConfig = '';
-				break;
-		}
+		return new Ember.RSVP.Promise((resolve) => {
+			this.get('global').getAuthConfig().then((config) => {
+				switch (data.authProvider) {
+					case constants.AuthProvider.Keycloak:
+						data.authConfig = config;
+						break;
+					case constants.AuthProvider.Documize:
+						data.authConfig = '';
+						break;
+				}
 
-		return data;
+				resolve(data);
+			});
+		});
 	},
 
 	activate() {

app/app/services/global.js

@@ -65,6 +65,17 @@ export default Ember.Service.extend({
 		}
 	},
 
+	// Returns auth config for Documize instance.
+	getAuthConfig() {
+		if(this.get('sessionService.isGlobalAdmin')) {
+			return this.get('ajax').request(`global/auth`, {
+				method: 'GET'
+			}).then((response) => {
+				return response;
+			});
+		}
+	},	
+
 	// Saves auth config for Documize instance.
 	saveAuthConfig(config) {
 		if(this.get('sessionService.isGlobalAdmin')) {

app/app/services/session.js

@@ -26,20 +26,25 @@ export default SimpleAuthSession.extend({
 	currentFolder: null,
 	isMac: false,
 	isMobile: false,
-	authenticated: computed('user.id', function () {
-		return this.get('user.id') !== '0';
+
+	user: computed('isAuthenticated', 'session.content.authenticated.user', function () {
+		if (this.get('isAuthenticated')) {
+			let user = this.get('session.content.authenticated.user') || { id: '' };
+			let data = this.get('store').normalize('user', user);
+			return this.get('store').push(data);
+		}
+	}),
+	authenticated: computed('session.content.authenticated.user', function () {
+		return this.get('session.content.authenticated.user.id') !== '0';
 	}),
-	isAdmin: computed('user', function () {
-		let data = this.get('user');
-		return data.get('admin');
+	isAdmin: computed('session.content.authenticated.user', function () {
+		return this.get('session.content.authenticated.user.admin') === true;
 	}),
-	isEditor: computed('user', function () {
-		let data = this.get('user');
-		return data.get('editor');
+	isEditor: computed('session.content.authenticated.user', function () {
+		return this.get('session.content.authenticated.user.editor') === true;
 	}),
-	isGlobalAdmin: computed('user', function () {
-		let data = this.get('user');
-		return data.get('global');
+	isGlobalAdmin: computed('session.content.authenticated.user', function () {
+		return this.get('session.content.authenticated.user.global') === true;
 	}),
 
 	init() {
@@ -49,14 +54,6 @@ export default SimpleAuthSession.extend({
 		this.set('isMobile', is.mobile());
 	},
 
-	user: computed('isAuthenticated', 'session.content.authenticated.user', function () {
-		if (this.get('isAuthenticated')) {
-			let user = this.get('session.content.authenticated.user') || { id: '' };
-			let data = this.get('store').normalize('user', user);
-			return this.get('store').push(data);
-		}
-	}),
-
 	logout() {
 		this.get('localStorage').clearAll();
 	}

app/package.json

@@ -40,7 +40,7 @@
     "ember-export-application-global": "^1.0.5",
     "ember-load-initializers": "^0.6.0",
     "ember-resolver": "^2.0.3",
-    "ember-simple-auth": "1.2.0",
+    "ember-simple-auth": "1.2.2",
     "ember-source": "~2.12.0",
     "loader.js": "^4.2.3"
   },

core/api/endpoint/global_endpoint.go

@@ -233,3 +233,21 @@ type authData struct {
 	AuthProvider string `json:"authProvider"`
 	AuthConfig   string `json:"authConfig"`
 }
+
+// GetAuthConfig returns installation-wide auth configuration
+func GetAuthConfig(w http.ResponseWriter, r *http.Request) {
+	p := request.GetPersister(r)
+
+	if !p.Context.Global {
+		writeForbiddenError(w)
+		return
+	}
+
+	org, err := p.GetOrganization(p.Context.OrgID)
+	if err != nil {
+		writeForbiddenError(w)
+		return
+	}
+
+	util.WriteJSON(w, org.AuthConfig)
+}

core/api/endpoint/router.go

@@ -236,6 +236,7 @@ func init() {
 	log.IfErr(Add(RoutePrefixPrivate, "global/smtp", []string{"PUT", "OPTIONS"}, nil, SaveSMTPConfig))
 	log.IfErr(Add(RoutePrefixPrivate, "global/license", []string{"GET", "OPTIONS"}, nil, GetLicense))
 	log.IfErr(Add(RoutePrefixPrivate, "global/license", []string{"PUT", "OPTIONS"}, nil, SaveLicense))
+	log.IfErr(Add(RoutePrefixPrivate, "global/auth", []string{"GET", "OPTIONS"}, nil, GetAuthConfig))
 	log.IfErr(Add(RoutePrefixPrivate, "global/auth", []string{"PUT", "OPTIONS"}, nil, SaveAuthConfig))
 
 	// Pinned items

core/api/endpoint/server.go

@@ -165,6 +165,9 @@ func cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 	w.Header().Set("Access-Control-Expose-Headers", "x-documize-version")
 
 	if r.Method == "OPTIONS" {
+		w.Header().Add("X-Documize-Version", Product.Version)
+		w.Header().Add("Cache-Control", "no-cache")
+
 		if _, err := w.Write([]byte("")); err != nil {
 			log.Error("cors", err)
 		}
@@ -177,7 +180,6 @@ func cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 func metrics(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 	w.Header().Add("X-Documize-Version", Product.Version)
 	w.Header().Add("Cache-Control", "no-cache")
-
 	// Prevent page from being displayed in an iframe
 	w.Header().Add("X-Frame-Options", "DENY")