From 819b83ba31661994ad7f12287de86dbdc2978d8e Mon Sep 17 00:00:00 2001 From: R-Sourabh Date: Wed, 9 Oct 2024 16:10:00 +0530 Subject: [PATCH 1/3] Implemented: support for permissions in the app and added suppot to make api calls on redirection oms(#323) --- .env.example | 2 +- src/api/index.ts | 9 +- src/authorization/Actions.ts | 3 + src/authorization/Rules.ts | 3 + src/authorization/index.ts | 124 +++++++++++++++++++++++ src/main.ts | 7 ++ src/services/UserService.ts | 92 +++++++++++++++++ src/store/index.ts | 3 + src/store/modules/user/UserState.ts | 1 + src/store/modules/user/actions.ts | 32 +++++- src/store/modules/user/getters.ts | 3 + src/store/modules/user/index.ts | 1 + src/store/modules/user/mutation-types.ts | 3 +- src/store/modules/user/mutations.ts | 4 + 14 files changed, 282 insertions(+), 5 deletions(-) create mode 100644 src/authorization/Actions.ts create mode 100644 src/authorization/Rules.ts create mode 100644 src/authorization/index.ts diff --git a/.env.example b/.env.example index cfcf6146..9d1a8910 100644 --- a/.env.example +++ b/.env.example @@ -5,7 +5,7 @@ VUE_APP_VIEW_SIZE=10 VUE_APP_JOB_FREQUENCY_TYPE={"JOB_IMP_PROD_THRSHLD":"default","JOB_EXP_PROD_THRSHLD":"default"} VUE_APP_JOB_ENUMS=["JOB_IMP_PROD_THRSHLD","JOB_EXP_PROD_THRSHLD"] VUE_APP_BASE_URL= -VUE_APP_PERMISSION_ID= +VUE_APP_PERMISSION_ID="ATP_APP_VIEW" VUE_APP_ALIAS={} VUE_APP_DEFAULT_ALIAS="" VUE_APP_DEFAULT_LOG_LEVEL="error" diff --git a/src/api/index.ts b/src/api/index.ts index e0972972..77915d1a 100644 --- a/src/api/index.ts +++ b/src/api/index.ts @@ -10,11 +10,16 @@ let apiConfig = {} as any axios.interceptors.request.use((config: any) => { // TODO: pass csrf token const token = store.getters["user/getUserToken"]; - if (token) { + if (token && !apiConfig.useOmsRedirection) { config.headers["api_key"] = token; config.headers["Content-Type"] = "application/json"; } - + + const omsRedirectionInfo = store.getters["user/getOmsRedirectionInfo"] + if (apiConfig.useOmsRedirection && omsRedirectionInfo.token) { + config.headers["Authorization"] = `Bearer ${omsRedirectionInfo.token}`; + config.headers["Content-Type"] = "application/json"; + } return config; }); diff --git a/src/authorization/Actions.ts b/src/authorization/Actions.ts new file mode 100644 index 00000000..03e1e6a2 --- /dev/null +++ b/src/authorization/Actions.ts @@ -0,0 +1,3 @@ +export default { + "ATP_APP_VIEW": "ATP_APP_VIEW" +} as any \ No newline at end of file diff --git a/src/authorization/Rules.ts b/src/authorization/Rules.ts new file mode 100644 index 00000000..03e1e6a2 --- /dev/null +++ b/src/authorization/Rules.ts @@ -0,0 +1,3 @@ +export default { + "ATP_APP_VIEW": "ATP_APP_VIEW" +} as any \ No newline at end of file diff --git a/src/authorization/index.ts b/src/authorization/index.ts new file mode 100644 index 00000000..4ac0f6a5 --- /dev/null +++ b/src/authorization/index.ts @@ -0,0 +1,124 @@ +import { AbilityBuilder, PureAbility } from '@casl/ability'; +import { getEvaluator, parse } from 'boon-js'; +import { Tokens } from 'boon-js/lib/types' + +// TODO Improve this +// We will move this code to an external plugin and use below Actions and Rules accordlingly +let Actions = {} as any; +let Rules = {} as any; + +// We are using CASL library to define permissions. +// Instead of using Action-Subject based authorisation we are going with Claim based Authorization. +// We would be defining the permissions for each action and case, map with server permissiosn based upon certain rules. +// https://casl.js.org/v5/en/cookbook/claim-authorization +// Following the comment of Sergii Stotskyi, author of CASL +// https://github.com/stalniy/casl/issues/525 +// We are defining a PureAbility and creating an instance with AbilityBuilder. +type ClaimBasedAbility = PureAbility; +const { build } = new AbilityBuilder(PureAbility); +const ability = build(); + +/** + * The method returns list of permissions required for the rules. We are having set of rules, + * through which app permissions are defined based upon the server permissions. + * When getting server permissions, as all the permissions are not be required. + * Specific permissions used defining the rules are extracted and sent to server. + * @returns permissions + */ +const getServerPermissionsFromRules = () => { + // Iterate for each rule + const permissions = Object.keys(Rules).reduce((permissions: any, rule: any) => { + const permissionRule = Rules[rule]; + // some rules may be empty, no permission is required from server + if (permissionRule) { + // Each rule may have multiple permissions along with operators + // Boon js parse rules into tokens, each token may be operator or server permission + // permissionId will have token name as identifier. + const permissionTokens = parse(permissionRule); + permissions = permissionTokens.reduce((permissions: any, permissionToken: any) => { + // Token object with name as identifier has permissionId + if (Tokens.IDENTIFIER === permissionToken.name) { + permissions.add(permissionToken.value); + } + return permissions; + }, permissions) + } + return permissions; + }, new Set()) + return [...permissions]; +} + +/** + * The method is used to prepare app permissions from the server permissions. + * Rules could be defined such that each app permission could be defined based upon certain one or more server permissions. + * @param serverPermissions + * @returns appPermissions + */ +const prepareAppPermissions = (serverPermissions: any) => { + const serverPermissionsInput = serverPermissions.reduce((serverPermissionsInput: any, permission: any) => { + serverPermissionsInput[permission] = true; + return serverPermissionsInput; + }, {}) + // Boonjs evaluator needs server permissions as object with permissionId and boolean value + // Each rule is passed to evaluator along with the server permissions + // if the server permissions and rule matches, app permission is added to list + const permissions = Object.keys(Rules).reduce((permissions: any, rule: any) => { + const permissionRule = Rules[rule]; + // If for any app permission, we have empty rule we user is assigned the permission + // If rule is not defined, the app permisions is still evaluated or provided to all the users. + if (!permissionRule || (permissionRule && getEvaluator(permissionRule)(serverPermissionsInput))) { + permissions.push(rule); + } + return permissions; + }, []) + const { can, rules } = new AbilityBuilder(PureAbility); + permissions.map((permission: any) => { + can(permission); + }) + return rules; +} + +/** + * + * Sets the current app permissions. This should be used after perparing the app permissions from the server permissions + * @param permissions + * @returns + */ +const setPermissions = (permissions: any) => { + // If the user has passed undefined or null, it should not break the code + if (!permissions) permissions = []; + ability.update(permissions) + return true; +}; + +/** + * Resets the permissions list. Used for cases like logout + */ +const resetPermissions = () => setPermissions([]); + +/** + * + * @param permission + * @returns + */ +const hasPermission = (permission: string) => ability.can(permission); + +export { Actions, getServerPermissionsFromRules, hasPermission, prepareAppPermissions, resetPermissions, setPermissions}; + +// TODO Move this code to an external plugin, to be used across the apps +export default { + install(app: any, options: any) { + + // Rules and Actions could be app and OMS package specific + Rules = options.rules; + Actions = options.actions; + + // TODO Check why global properties is not working and apply across. + app.config.globalProperties.$permission = this; + }, + getServerPermissionsFromRules, + hasPermission, + prepareAppPermissions, + resetPermissions, + setPermissions +} \ No newline at end of file diff --git a/src/main.ts b/src/main.ts index 3068c93e..3de8695d 100644 --- a/src/main.ts +++ b/src/main.ts @@ -32,6 +32,9 @@ import { dxpComponents } from "@hotwax/dxp-components" import { login, logout, loader } from "@/user-utils"; import { getConfig, initialise } from '@/adapter'; import localeMessages from './locales'; +import permissionPlugin from '@/authorization'; +import permissionRules from '@/authorization/Rules'; +import permissionActions from '@/authorization/Actions'; const app = createApp(App) @@ -44,6 +47,10 @@ const app = createApp(App) }) .use(router) .use(store) + .use(permissionPlugin, { + rules: permissionRules, + actions: permissionActions + }) .use(dxpComponents, { defaultImgUrl: require("@/assets/images/defaultImage.png"), login, diff --git a/src/services/UserService.ts b/src/services/UserService.ts index 8911333d..bad10361 100644 --- a/src/services/UserService.ts +++ b/src/services/UserService.ts @@ -31,6 +31,97 @@ const login = async (token: string): Promise => { return Promise.resolve(api_key) } +const getUserPermissions = async (payload: any, url: string, token: any): Promise => { + // Currently, making this request in ofbiz + const omsRedirectionInfo = store.getters["user/getOmsRedirectionInfo"] + const baseURL = omsRedirectionInfo.url.startsWith('http') ? omsRedirectionInfo.url.includes('/api') ? omsRedirectionInfo.url : `${omsRedirectionInfo.url}/api/` : `https://${omsRedirectionInfo.url}.hotwax.io/api/`; + let serverPermissions = [] as any; + + // If the server specific permission list doesn't exist, getting server permissions will be of no use + // It means there are no rules yet depending upon the server permissions. + if (payload.permissionIds && payload.permissionIds.length == 0) return serverPermissions; + // TODO pass specific permissionIds + let resp; + // TODO Make it configurable from the environment variables. + // Though this might not be an server specific configuration, + // we will be adding it to environment variable for easy configuration at app level + const viewSize = 200; + + try { + const params = { + "viewIndex": 0, + viewSize, + permissionIds: payload.permissionIds + } + resp = await client({ + url: "getPermissions", + method: "post", + baseURL, + data: params, + headers: { + Authorization: 'Bearer ' + token, + 'Content-Type': 'application/json' + } + }) + if(resp.status === 200 && resp.data.docs?.length && !hasError(resp)) { + serverPermissions = resp.data.docs.map((permission: any) => permission.permissionId); + const total = resp.data.count; + const remainingPermissions = total - serverPermissions.length; + if (remainingPermissions > 0) { + // We need to get all the remaining permissions + const apiCallsNeeded = Math.floor(remainingPermissions / viewSize) + ( remainingPermissions % viewSize != 0 ? 1 : 0); + const responses = await Promise.all([...Array(apiCallsNeeded).keys()].map(async (index: any) => { + const response = await client({ + url: "getPermissions", + method: "post", + baseURL, + data: { + "viewIndex": index + 1, + viewSize, + permissionIds: payload.permissionIds + }, + headers: { + Authorization: 'Bearer ' + token, + 'Content-Type': 'application/json' + } + }) + if(!hasError(response)){ + return Promise.resolve(response); + } else { + return Promise.reject(response); + } + })) + const permissionResponses = { + success: [], + failed: [] + } + responses.reduce((permissionResponses: any, permissionResponse: any) => { + if (permissionResponse.status !== 200 || hasError(permissionResponse) || !permissionResponse.data?.docs) { + permissionResponses.failed.push(permissionResponse); + } else { + permissionResponses.success.push(permissionResponse); + } + return permissionResponses; + }, permissionResponses) + + serverPermissions = permissionResponses.success.reduce((serverPermissions: any, response: any) => { + serverPermissions.push(...response.data.docs.map((permission: any) => permission.permissionId)); + return serverPermissions; + }, serverPermissions) + + // If partial permissions are received and we still allow user to login, some of the functionality might not work related to the permissions missed. + // Show toast to user intimiting about the failure + // Allow user to login + // TODO Implement Retry or improve experience with show in progress icon and allowing login only if all the data related to user profile is fetched. + if (permissionResponses.failed.length > 0) Promise.reject("Something went wrong while getting complete user permissions."); + } + } + return serverPermissions; + } catch(error: any) { + return Promise.reject(error); + } +} + const getUserProfile = async (token: any): Promise => { const url = store.getters["user/getBaseUrl"]; const baseURL = url.startsWith('http') ? url.includes('/rest/s1/available-to-promise') ? url : `${url}/rest/s1/available-to-promise/` : `https://${url}.hotwax.io/rest/s1/available-to-promise/`; @@ -95,6 +186,7 @@ export const UserService = { getAvailableTimeZones, getEComStores, getUserProfile, + getUserPermissions, login, setUserTimeZone } \ No newline at end of file diff --git a/src/store/index.ts b/src/store/index.ts index a11e5fb7..c8dd2d47 100644 --- a/src/store/index.ts +++ b/src/store/index.ts @@ -8,6 +8,7 @@ import userModule from './modules/user'; import utilModule from './modules/util'; import ruleModule from './modules/rule'; import channelModule from "./modules/channel" +import { setPermissions } from "@/authorization" // TODO check how to register it from the components only @@ -39,6 +40,8 @@ const store = createStore({ }, }) +setPermissions(store.getters['user/getUserPermissions']); + export default store export function useStore(): typeof store { return useVuexStore() diff --git a/src/store/modules/user/UserState.ts b/src/store/modules/user/UserState.ts index 99e98b35..70e5099c 100644 --- a/src/store/modules/user/UserState.ts +++ b/src/store/modules/user/UserState.ts @@ -8,4 +8,5 @@ export default interface UserState { token: string; } pwaState: any; + permissions: any; } \ No newline at end of file diff --git a/src/store/modules/user/actions.ts b/src/store/modules/user/actions.ts index 1bfd6ff6..ee8c95bd 100644 --- a/src/store/modules/user/actions.ts +++ b/src/store/modules/user/actions.ts @@ -10,6 +10,7 @@ import emitter from '@/event-bus' import { Settings } from "luxon" import { useAuthStore } from '@hotwax/dxp-components' import { resetConfig } from '@/adapter' +import { getServerPermissionsFromRules, prepareAppPermissions, resetPermissions, setPermissions } from "@/authorization" const actions: ActionTree = { @@ -24,6 +25,33 @@ const actions: ActionTree = { const { token, oms, omsRedirectionUrl } = payload; dispatch("setUserInstanceUrl", oms); + // Getting the permissions list from server + const permissionId = process.env.VUE_APP_PERMISSION_ID; + // Prepare permissions list + const serverPermissionsFromRules = getServerPermissionsFromRules(); + if (permissionId) serverPermissionsFromRules.push(permissionId); + if(omsRedirectionUrl && token) { + dispatch("setOmsRedirectionInfo", { url: omsRedirectionUrl, token }) + } + const serverPermissions: Array = await UserService.getUserPermissions({ + permissionIds: [...new Set(serverPermissionsFromRules)] + }, omsRedirectionUrl, token); + const appPermissions = prepareAppPermissions(serverPermissions); + // Checking if the user has permission to access the app + // If there is no configuration, the permission check is not enabled + if (permissionId) { + // As the token is not yet set in the state passing token headers explicitly + // TODO Abstract this out, how token is handled should be part of the method not the callee + const hasPermission = appPermissions.some((appPermission: any) => appPermission.action === permissionId ); + // If there are any errors or permission check fails do not allow user to login + if (!hasPermission) { + const permissionError = 'You do not have permission to access the app.'; + showToast(translate(permissionError)); + logger.error("error", permissionError); + return Promise.reject(new Error(permissionError)); + } + } + emitter.emit("presentLoader", { message: "Logging in...", backdropDismiss: false }) const api_key = await UserService.login(token) @@ -39,9 +67,11 @@ const actions: ActionTree = { if(omsRedirectionUrl && token) { dispatch("setOmsRedirectionInfo", { url: omsRedirectionUrl, token }) } + setPermissions(appPermissions); commit(types.USER_TOKEN_CHANGED, { newToken: api_key }) emitter.emit("dismissLoader") commit(types.USER_INFO_UPDATED, userProfile); + commit(types.USER_PERMISSIONS_UPDATED, appPermissions); commit(types.USER_CURRENT_ECOM_STORE_UPDATED, userProfile.stores.length ? userProfile.stores[0] : {}); } catch (err: any) { emitter.emit("dismissLoader") @@ -63,7 +93,7 @@ const actions: ActionTree = { this.dispatch("util/clearUtilState") dispatch("setOmsRedirectionInfo", { url: "", token: "" }) resetConfig(); - + resetPermissions(); // reset plugin state on logout authStore.$reset() }, diff --git a/src/store/modules/user/getters.ts b/src/store/modules/user/getters.ts index 9c7e75c8..118fa768 100644 --- a/src/store/modules/user/getters.ts +++ b/src/store/modules/user/getters.ts @@ -31,5 +31,8 @@ const getters: GetterTree = { getPwaState(state) { return state.pwaState; }, + getUserPermissions (state) { + return state.permissions; + }, } export default getters; \ No newline at end of file diff --git a/src/store/modules/user/index.ts b/src/store/modules/user/index.ts index 02c6ed70..3dd16348 100644 --- a/src/store/modules/user/index.ts +++ b/src/store/modules/user/index.ts @@ -16,6 +16,7 @@ const userModule: Module = { url: "", token: "" }, + permissions: [], pwaState: { updateExists: false, registration: null, diff --git a/src/store/modules/user/mutation-types.ts b/src/store/modules/user/mutation-types.ts index 21406679..69aa8e9e 100644 --- a/src/store/modules/user/mutation-types.ts +++ b/src/store/modules/user/mutation-types.ts @@ -5,4 +5,5 @@ export const USER_INFO_UPDATED = SN_USER + '/INFO_UPDATED' export const USER_INSTANCE_URL_UPDATED = SN_USER + '/INSTANCE_URL_UPDATED' export const USER_CURRENT_ECOM_STORE_UPDATED = SN_USER + '/CURRENT_ECOM_STORE_UPDATED' export const USER_OMS_REDIRECTION_INFO_UPDATED = SN_USER + '/OMS_REDIRECTION_INFO_UPDATED' -export const USER_PWA_STATE_UPDATED = SN_USER + '/PWA_STATE_UPDATED' \ No newline at end of file +export const USER_PWA_STATE_UPDATED = SN_USER + '/PWA_STATE_UPDATED' +export const USER_PERMISSIONS_UPDATED = SN_USER + '/PERMISSIONS_UPDATED' \ No newline at end of file diff --git a/src/store/modules/user/mutations.ts b/src/store/modules/user/mutations.ts index dfde20c4..f5a37183 100644 --- a/src/store/modules/user/mutations.ts +++ b/src/store/modules/user/mutations.ts @@ -10,6 +10,7 @@ const mutations: MutationTree = { state.token = '' state.current = {} state.currentEComStore = {} + state.permissions = [] }, [types.USER_INFO_UPDATED] (state, payload) { state.current = payload @@ -27,5 +28,8 @@ const mutations: MutationTree = { state.pwaState.registration = payload.registration; state.pwaState.updateExists = payload.updateExists; }, + [types.USER_PERMISSIONS_UPDATED] (state, payload) { + state.permissions = payload + } } export default mutations; \ No newline at end of file From 28c7978c08a4ebab6fdd0944a18f511ac8bea1a5 Mon Sep 17 00:00:00 2001 From: R-Sourabh Date: Wed, 9 Oct 2024 16:45:39 +0530 Subject: [PATCH 2/3] Update actions.ts --- src/store/modules/user/actions.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/store/modules/user/actions.ts b/src/store/modules/user/actions.ts index ee8c95bd..4be0453f 100644 --- a/src/store/modules/user/actions.ts +++ b/src/store/modules/user/actions.ts @@ -64,9 +64,6 @@ const actions: ActionTree = { Settings.defaultZone = userProfile.timeZone; } - if(omsRedirectionUrl && token) { - dispatch("setOmsRedirectionInfo", { url: omsRedirectionUrl, token }) - } setPermissions(appPermissions); commit(types.USER_TOKEN_CHANGED, { newToken: api_key }) emitter.emit("dismissLoader") From 46ef00730e42740726c36f882b658af3c1bf9e16 Mon Sep 17 00:00:00 2001 From: R-Sourabh Date: Mon, 14 Oct 2024 17:04:30 +0530 Subject: [PATCH 3/3] Improved: client method to not honor the interceptors and removed logic to use api method for making ofbiz calls --- src/api/index.ts | 29 ++++++++++------------------- src/services/UserService.ts | 3 +-- src/store/modules/user/actions.ts | 10 +++++----- 3 files changed, 16 insertions(+), 26 deletions(-) diff --git a/src/api/index.ts b/src/api/index.ts index 77915d1a..a4b8f032 100644 --- a/src/api/index.ts +++ b/src/api/index.ts @@ -5,24 +5,19 @@ import emitter from "@/event-bus" import store from "@/store"; import { StatusCodes } from "http-status-codes"; -let apiConfig = {} as any axios.interceptors.request.use((config: any) => { // TODO: pass csrf token const token = store.getters["user/getUserToken"]; - if (token && !apiConfig.useOmsRedirection) { + if (token) { config.headers["api_key"] = token; config.headers["Content-Type"] = "application/json"; } - - const omsRedirectionInfo = store.getters["user/getOmsRedirectionInfo"] - if (apiConfig.useOmsRedirection && omsRedirectionInfo.token) { - config.headers["Authorization"] = `Bearer ${omsRedirectionInfo.token}`; - config.headers["Content-Type"] = "application/json"; - } + return config; }); + // TODO: need to update this as per the changes in the Moqui response format, if required. axios.interceptors.response.use(function (response: any) { // Any status code that lie within the range of 2xx cause this function to trigger @@ -50,12 +45,12 @@ axios.interceptors.response.use(function (response: any) { if (error.response) { // TODO Handle case for failed queue request const { status } = error.response; - if (status === StatusCodes.UNAUTHORIZED) { - store.dispatch("user/logout"); - const redirectUrl = window.location.origin + '/login'; - // Explicitly passing isLoggedOut as in case of maarg apps we need to call the logout api in launchpad - window.location.href = `${process.env.VUE_APP_LOGIN_URL}?redirectUrl=${redirectUrl}&isLoggedOut=true`; - } + // if (status === StatusCodes.UNAUTHORIZED) { + // store.dispatch("user/logout"); + // const redirectUrl = window.location.origin + '/login'; + // // Explicitly passing isLoggedOut as in case of maarg apps we need to call the logout api in launchpad + // window.location.href = `${process.env.VUE_APP_LOGIN_URL}?redirectUrl=${redirectUrl}&isLoggedOut=true`; + // } } // Any status codes that falls outside the range of 2xx cause this function to trigger // Do something with response error @@ -84,7 +79,6 @@ const axiosCache = setupCache({ * @return {Promise} Response from API as returned by Axios */ const api = async (customConfig: any) => { - apiConfig = customConfig // Prepare configuration const config: any = { @@ -96,11 +90,8 @@ const api = async (customConfig: any) => { } const baseURL = store.getters["user/getInstanceUrl"]; - const omsRedirectionInfo = store.getters["user/getOmsRedirectionInfo"] - if(customConfig.useOmsRedirection) { - config.baseURL = omsRedirectionInfo.url.startsWith('http') ? omsRedirectionInfo.url.includes('/api') ? omsRedirectionInfo.url : `${omsRedirectionInfo.url}/api/` : `https://${omsRedirectionInfo.url}.hotwax.io/api/`; - } else if (baseURL) { + if (baseURL) { config.baseURL = baseURL.startsWith('http') ? baseURL.includes('/rest/s1/available-to-promise') ? baseURL : `${baseURL}/rest/s1/available-to-promise/` : `https://${baseURL}.hotwax.io/rest/s1/available-to-promise/`; } diff --git a/src/services/UserService.ts b/src/services/UserService.ts index bad10361..f545ef07 100644 --- a/src/services/UserService.ts +++ b/src/services/UserService.ts @@ -33,8 +33,7 @@ const login = async (token: string): Promise => { const getUserPermissions = async (payload: any, url: string, token: any): Promise => { // Currently, making this request in ofbiz - const omsRedirectionInfo = store.getters["user/getOmsRedirectionInfo"] - const baseURL = omsRedirectionInfo.url.startsWith('http') ? omsRedirectionInfo.url.includes('/api') ? omsRedirectionInfo.url : `${omsRedirectionInfo.url}/api/` : `https://${omsRedirectionInfo.url}.hotwax.io/api/`; + const baseURL = url.startsWith('http') ? url.includes('/api') ? url : `${url}/api/` : `https://${url}.hotwax.io/api/`; let serverPermissions = [] as any; // If the server specific permission list doesn't exist, getting server permissions will be of no use diff --git a/src/store/modules/user/actions.ts b/src/store/modules/user/actions.ts index 4be0453f..f3039e16 100644 --- a/src/store/modules/user/actions.ts +++ b/src/store/modules/user/actions.ts @@ -30,9 +30,6 @@ const actions: ActionTree = { // Prepare permissions list const serverPermissionsFromRules = getServerPermissionsFromRules(); if (permissionId) serverPermissionsFromRules.push(permissionId); - if(omsRedirectionUrl && token) { - dispatch("setOmsRedirectionInfo", { url: omsRedirectionUrl, token }) - } const serverPermissions: Array = await UserService.getUserPermissions({ permissionIds: [...new Set(serverPermissionsFromRules)] }, omsRedirectionUrl, token); @@ -51,7 +48,7 @@ const actions: ActionTree = { return Promise.reject(new Error(permissionError)); } } - + emitter.emit("presentLoader", { message: "Logging in...", backdropDismiss: false }) const api_key = await UserService.login(token) @@ -63,8 +60,11 @@ const actions: ActionTree = { if (userProfile.timeZone) { Settings.defaultZone = userProfile.timeZone; } - + setPermissions(appPermissions); + if(omsRedirectionUrl && token) { + dispatch("setOmsRedirectionInfo", { url: omsRedirectionUrl, token }) + } commit(types.USER_TOKEN_CHANGED, { newToken: api_key }) emitter.emit("dismissLoader") commit(types.USER_INFO_UPDATED, userProfile);