From 827a87a734caf25a4922b50d5233a4c020556188 Mon Sep 17 00:00:00 2001 From: Nicolas Kempf Le Stanc Date: Fri, 17 Apr 2026 14:24:58 +0200 Subject: [PATCH 1/3] fix(activity): show activities pages for org admin --- components/TabLinks.vue | 12 +++++++++--- middleware/auth.ts | 15 ++++++++++++--- pages/admin/dataservices/[id]/activities.vue | 2 +- pages/admin/datasets/[id]/activities.vue | 2 +- .../organizations/[oid]/profile/activities.vue | 2 +- pages/admin/reuses/[id]/activities.vue | 2 +- 6 files changed, 25 insertions(+), 10 deletions(-) diff --git a/components/TabLinks.vue b/components/TabLinks.vue index c3c282fae..9f5c428e3 100644 --- a/components/TabLinks.vue +++ b/components/TabLinks.vue @@ -30,10 +30,16 @@ const isCurrentUrl = useIsCurrentUrl() function show(href: string) { const router = useRouter() const route = router.resolve(href) - const me = useMaybeMe() - if (route.meta.requiredRole) { - return me.value?.roles?.includes(route.meta.requiredRole as string) ?? false + + if (route.meta.requiredOrganizationPermission) { + const { currentOrganization } = useCurrentOwned() + if (currentOrganization.value) { + return currentOrganization.value.permissions[route.meta.requiredOrganizationPermission] ?? false + } + + return false } + return true } diff --git a/middleware/auth.ts b/middleware/auth.ts index d957ac715..59ff90403 100644 --- a/middleware/auth.ts +++ b/middleware/auth.ts @@ -1,8 +1,10 @@ +import type { OrganizationReference } from '@datagouv/components-next' + export default defineNuxtRouteMiddleware(async (to, _from) => { // console.log(`Calling auth middleware ${from.path} -> ${to.path}`) const me = useMaybeMe() - const requiredRole = to.meta.requiredRole as string ?? '' + const requiredOrganizationPermission = to.meta.requiredOrganizationPermission as keyof OrganizationReference['permissions'] ?? '' if (to.path !== '/en/login' && !me.value) { // console.log('-> redirecting to login…') @@ -10,7 +12,14 @@ export default defineNuxtRouteMiddleware(async (to, _from) => { return navigateTo({ path: '/login', query: { next: route.fullPath } }, { external: true }) } - if (requiredRole && !me.value?.roles?.includes(requiredRole)) { - throw createError({ statusCode: 401, statusMessage: 'Unauthorized' }) + if (requiredOrganizationPermission) { + const { currentOrganization } = useCurrentOwned() + + if (currentOrganization.value) { + const permissionValue = currentOrganization.value.permissions[requiredOrganizationPermission] + if (!permissionValue) { + throw createError({ statusCode: 401, statusMessage: 'Unauthorized' }) + } + } } }) diff --git a/pages/admin/dataservices/[id]/activities.vue b/pages/admin/dataservices/[id]/activities.vue index 548b3b077..577181d2e 100644 --- a/pages/admin/dataservices/[id]/activities.vue +++ b/pages/admin/dataservices/[id]/activities.vue @@ -7,7 +7,7 @@ import { ActivityList } from '@datagouv/components-next' import type { Dataservice } from '@datagouv/components-next' definePageMeta({ - requiredRole: 'admin', + requiredOrganizationPermission: 'edit', }) defineProps<{ diff --git a/pages/admin/datasets/[id]/activities.vue b/pages/admin/datasets/[id]/activities.vue index 508eb198d..d0d1058d6 100644 --- a/pages/admin/datasets/[id]/activities.vue +++ b/pages/admin/datasets/[id]/activities.vue @@ -6,7 +6,7 @@ import { ActivityList, type Dataset } from '@datagouv/components-next' definePageMeta({ - requiredRole: 'admin', + requiredOrganizationPermission: 'edit', }) defineProps<{ diff --git a/pages/admin/organizations/[oid]/profile/activities.vue b/pages/admin/organizations/[oid]/profile/activities.vue index b9a9e65db..215121879 100644 --- a/pages/admin/organizations/[oid]/profile/activities.vue +++ b/pages/admin/organizations/[oid]/profile/activities.vue @@ -6,7 +6,7 @@ import { ActivityList, type Organization } from '@datagouv/components-next' definePageMeta({ - requiredRole: 'admin', + requiredOrganizationPermission: 'edit', }) defineProps<{ diff --git a/pages/admin/reuses/[id]/activities.vue b/pages/admin/reuses/[id]/activities.vue index f52d15728..bfed42e57 100644 --- a/pages/admin/reuses/[id]/activities.vue +++ b/pages/admin/reuses/[id]/activities.vue @@ -6,7 +6,7 @@ import { ActivityList, type Reuse } from '@datagouv/components-next' definePageMeta({ - requiredRole: 'admin', + requiredOrganizationPermission: 'edit', }) defineProps<{ From 4d52dc074e16c932eda474f1d0ee750af739da71 Mon Sep 17 00:00:00 2001 From: Nicolas Kempf Le Stanc Date: Fri, 17 Apr 2026 14:26:25 +0200 Subject: [PATCH 2/3] feat: missing change --- pages/admin/topics/[id]/activities.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/admin/topics/[id]/activities.vue b/pages/admin/topics/[id]/activities.vue index b09435fc6..08afacd65 100644 --- a/pages/admin/topics/[id]/activities.vue +++ b/pages/admin/topics/[id]/activities.vue @@ -6,7 +6,7 @@ import { ActivityList, type TopicV2 } from '@datagouv/components-next' definePageMeta({ - requiredRole: 'admin', + requiredOrganizationPermission: 'edit', }) defineProps<{ From d30725b3d6b850a7f6ed74f9661c86016c9bc953 Mon Sep 17 00:00:00 2001 From: Nicolas Kempf Le Stanc Date: Fri, 17 Apr 2026 14:31:42 +0200 Subject: [PATCH 3/3] fix: type --- components/TabLinks.vue | 8 +++++--- middleware/auth.ts | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/components/TabLinks.vue b/components/TabLinks.vue index 9f5c428e3..078c4a347 100644 --- a/components/TabLinks.vue +++ b/components/TabLinks.vue @@ -21,6 +21,8 @@