feat: add more group permissions (#1453)

* feat: add more group permissions * feat: restrict access with app permissions * feat: restrict access with search-engine permissions * feat: restrict access with media permissions * refactor: remove permissions for users, groups and invites * test: adjust app router tests with app permissions * fix: integration page accessible without session * fix: search for users, groups and integrations shown to unauthenticated users * chore: address pull request feedback
2024-11-17 21:31:25 +01:00
parent 879aa1152f
commit 0ee343b99e
31 changed files with 575 additions and 208 deletions
--- a/apps/nextjs/src/errors/trpc-catch-error.ts
+++ b/apps/nextjs/src/errors/trpc-catch-error.ts
@@ -0,0 +1,23 @@
+import "server-only";
+
+import { notFound, redirect } from "next/navigation";
+import { TRPCError } from "@trpc/server";
+
+import { logger } from "@homarr/log";
+
+export const catchTrpcNotFound = (err: unknown) => {
+  if (err instanceof TRPCError && err.code === "NOT_FOUND") {
+    notFound();
+  }
+
+  throw err;
+};
+
+export const catchTrpcUnauthorized = (err: unknown) => {
+  if (err instanceof TRPCError && err.code === "UNAUTHORIZED") {
+    logger.info("Somebody tried to access a protected route without being authenticated, redirecting to login page");
+    redirect("/auth/login");
+  }
+
+  throw err;
+};
--- a/apps/nextjs/src/errors/trpc-not-found.ts
+++ b/apps/nextjs/src/errors/trpc-not-found.ts
@@ -1,12 +0,0 @@
-import "server-only";
-
-import { notFound } from "next/navigation";
-import { TRPCError } from "@trpc/server";
-
-export const catchTrpcNotFound = (err: unknown) => {
-  if (err instanceof TRPCError && err.code === "NOT_FOUND") {
-    notFound();
-  }
-
-  throw err;
-};