From d5e4cc731543c9a7a7cf73154a93d7a43d8d7cc0 Mon Sep 17 00:00:00 2001
From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com>
Date: Wed, 29 Nov 2023 17:18:08 +0700
Subject: [PATCH 1/2] fix: auth role and rename dir

---
 Services/server/src/controllers/cabinetController.ts   | 3 ++-
 Services/server/src/controllers/drawerController.ts    | 3 ++-
 Services/server/src/controllers/folderController.ts    | 3 ++-
 Services/server/src/controllers/subFolderController.ts | 3 ++-
 Services/server/src/utils/auth.ts                      | 6 +++++-
 5 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/Services/server/src/controllers/cabinetController.ts b/Services/server/src/controllers/cabinetController.ts
index 3c3bf10..40af2d5 100644
--- a/Services/server/src/controllers/cabinetController.ts
+++ b/Services/server/src/controllers/cabinetController.ts
@@ -138,7 +138,8 @@ export class CabinetController extends Controller {
             await esClient.update({
               index: DEFAULT_INDEX!,
               id: data._id,
-              doc: { pathname: destination },
+              doc: { pathname: destination, path },
+              refresh: "wait_for",
             });
 
             await minioClient.removeObject(DEFAULT_BUCKET!, current.name);
diff --git a/Services/server/src/controllers/drawerController.ts b/Services/server/src/controllers/drawerController.ts
index 746c045..3c30b97 100644
--- a/Services/server/src/controllers/drawerController.ts
+++ b/Services/server/src/controllers/drawerController.ts
@@ -157,7 +157,8 @@ export class DrawerController extends Controller {
             await esClient.update({
               index: DEFAULT_INDEX!,
               id: data._id,
-              doc: { pathname: destination },
+              doc: { pathname: destination, path },
+              refresh: "wait_for",
             });
 
             await minioClient.removeObject(DEFAULT_BUCKET!, current.name);
diff --git a/Services/server/src/controllers/folderController.ts b/Services/server/src/controllers/folderController.ts
index b0e5abf..05c2e67 100644
--- a/Services/server/src/controllers/folderController.ts
+++ b/Services/server/src/controllers/folderController.ts
@@ -164,7 +164,8 @@ export class FolderController extends Controller {
             await esClient.update({
               index: DEFAULT_INDEX!,
               id: data._id,
-              doc: { pathname: destination },
+              doc: { pathname: destination, path },
+              refresh: "wait_for",
             });
 
             await minioClient.removeObject(DEFAULT_BUCKET!, current.name);
diff --git a/Services/server/src/controllers/subFolderController.ts b/Services/server/src/controllers/subFolderController.ts
index b748d16..fb81506 100644
--- a/Services/server/src/controllers/subFolderController.ts
+++ b/Services/server/src/controllers/subFolderController.ts
@@ -165,7 +165,8 @@ export class SubFolderController extends Controller {
             await esClient.update({
               index: DEFAULT_INDEX!,
               id: data._id,
-              doc: { pathname: destination },
+              doc: { pathname: destination, path },
+              refresh: "wait_for",
             });
 
             await minioClient.removeObject(DEFAULT_BUCKET!, current.name);
diff --git a/Services/server/src/utils/auth.ts b/Services/server/src/utils/auth.ts
index 5d71bec..2b601fa 100644
--- a/Services/server/src/utils/auth.ts
+++ b/Services/server/src/utils/auth.ts
@@ -35,7 +35,11 @@ export async function expressAuthentication(
     throw new HttpError(HttpStatusCode.UNAUTHORIZED, "Invalid token provided.");
   }
 
-  if (scopes && !scopes.some((v) => payload.resource_access[payload.azp].roles.includes(v))) {
+  if (
+    scopes &&
+    scopes.length > 0 &&
+    scopes.some((v) => !payload.resource_access[payload.azp].roles.includes(v))
+  ) {
     throw new HttpError(HttpStatusCode.FORBIDDEN, "You are not allowed to perform this action.");
   }
 

From 11e1231a09e853fce3901ba3365a6f180f38f65f Mon Sep 17 00:00:00 2001
From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com>
Date: Wed, 29 Nov 2023 17:18:30 +0700
Subject: [PATCH 2/2] fix: role check

---
 Services/client/src/router/index.ts | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/Services/client/src/router/index.ts b/Services/client/src/router/index.ts
index ed79c86..e8ec4a4 100644
--- a/Services/client/src/router/index.ts
+++ b/Services/client/src/router/index.ts
@@ -31,7 +31,15 @@ const router = createRouter({
       beforeEnter: async (_to, _from, next) => {
         const token = await getToken()
 
-        if (token) return next()
+        if (token) {
+          const roles = getRole()
+
+          if (token && roles.includes('admin')) {
+            return next()
+          }
+
+          return next('/')
+        }
 
         await login(async () => {
           const token = await getToken()