Hopefully better and easier to understand site key allow access permissions....

2024-11-21 14:57:58 -05:00
parent cffde76c88
commit 2ef3c8bab5
2 changed files with 68 additions and 65 deletions
--- a/src/lib/ae_stores.ts
+++ b/src/lib/ae_stores.ts
@@ -67,7 +67,7 @@ export let ae_app_local_data_struct: key_val = {
    'account_id': ae_account_id, // OSIT Demo _XY7DXtc9MY
    'account_code': 'not_set',
    'account_name': 'Account Name Not Set',
-    'allow_access': false, // Set to key if access is allowed.
+    'allow_access': true, // Set to key site key was used, otherwise set to true.
    'site_domain': null, // https://example.com, https://dev.example.com, etc.
    'site_access_key': null, // This is the general site access key
    'site_domain_access_key': null, // This is specific to a (sub)domain.
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -190,46 +190,75 @@ if ($ae_loc.site_cfg_json.slct__sponsorship_cfg_id) {


 // This needs to be re-worked ASAP! 2024-11-21
-if ($ae_loc.iframe) {
-    $ae_loc.allow_access = true;
-} else {
+// Is most of this even needed? Just check every time. Why do we care if we checked recently or ever.
+// Instead: Check if the access key is set and if it is the same as the site or domain access key.
+// What happens if the access key is set and it is not the same as the site or domain access key? I guess the restriction was removed so  it can be used without the key.

-    if ($ae_loc.allow_access && !$ae_loc.key_checked) {
-        console.log(`PASS: The access key was checked earlier.`);
+if ($ae_loc.site_access_key || $ae_loc.site_domain_access_key) {
+    console.log(`We need to do a current check against the allow_access value.`);

-        // allow_access should equal true or the access key.
-        if ($ae_loc.site_access_key || $ae_loc.site_domain_access_key) {
-            console.log(`We need to do a current check against the allow_access value.`);
-            if ($ae_loc.site_access_key == $ae_loc.allow_access || $ae_loc.site_domain_access_key == $ae_loc.allow_access) {
-                console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
-            } else {
-                console.log(`FAIL: The access key was checked earlier, but just now failed.`);
-                if ($ae_loc.trusted_access) {
-                    console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
-                    $ae_loc.allow_access = true;
-                } else {
-                    $ae_loc.allow_access = false;
-                }
-            }
-        } else {
-            // This means this site and domain do not require an access key.
-            // Do nothing to change the allow_access here at this time.
-        }
-    } else if ($ae_loc.allow_access && $ae_loc.key_checked) {
+    if ($ae_loc.site_access_key === $ae_loc.allow_access || $ae_loc.site_domain_access_key === $ae_loc.allow_access) {
        console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
-    } else if (!$ae_loc.allow_access && $ae_loc.key_checked) {
-        console.log(`FAIL: The access key was checked earlier and failed.`);
+    } else {
+        console.log(`FAIL: The access key was checked earlier, but just now failed.`);
        if ($ae_loc.trusted_access) {
            console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
            $ae_loc.allow_access = true;
+        } else {
+            $ae_loc.allow_access = false;
        }
-    } else {
-        console.log(`FAIL: The access key was not checked earlier.`);
-        // $ae_loc.key_checked = true;
    }
-
+} else {
+    // This means this site and domain do not require an access key.
+    $ae_loc.allow_access = true;
 }

+
+
+
+
+
+
+// if ($ae_loc.iframe) {
+//     $ae_loc.allow_access = true;
+// } else {
+
+//     if ($ae_loc.allow_access && !$ae_loc.key_checked) {
+//         console.log(`PASS: The access key was checked earlier.`);
+
+//         // allow_access should equal true or the access key.
+//         if ($ae_loc.site_access_key || $ae_loc.site_domain_access_key) {
+//             console.log(`We need to do a current check against the allow_access value.`);
+//             if ($ae_loc.site_access_key == $ae_loc.allow_access || $ae_loc.site_domain_access_key == $ae_loc.allow_access) {
+//                 console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
+//             } else {
+//                 console.log(`FAIL: The access key was checked earlier, but just now failed.`);
+//                 if ($ae_loc.trusted_access) {
+//                     console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
+//                     $ae_loc.allow_access = true;
+//                 } else {
+//                     $ae_loc.allow_access = false;
+//                 }
+//             }
+//         } else {
+//             // This means this site and domain do not require an access key.
+//             // Do nothing to change the allow_access here at this time.
+//         }
+//     } else if ($ae_loc.allow_access && $ae_loc.key_checked) {
+//         console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
+//     } else if (!$ae_loc.allow_access && $ae_loc.key_checked) {
+//         console.log(`FAIL: The access key was checked earlier and failed.`);
+//         if ($ae_loc.trusted_access) {
+//             console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
+//             $ae_loc.allow_access = true;
+//         }
+//     } else {
+//         console.log(`FAIL: The access key was not checked earlier.`);
+//         // $ae_loc.key_checked = true;
+//     }
+
+// }
+
 // $: access_key = data.url.searchParams.get('key');
 // console.log(`access_key = `, access_key);

@@ -315,7 +344,6 @@ if (browser) {
 onMount(() => {
    console.log('Root: +layout.svelte');

-    // Waiting until the browser exists.
    // save_ds_to_local(ae_acct.ds);

    // $ae_sess.site_appshell_header = JSON.parse(localStorage.getItem('ae_ds__hub__site__appshell_header'));
@@ -325,21 +353,20 @@ onMount(() => {
    let iframe = data.url.searchParams.get('iframe');
    if (iframe == 'true') {
        console.log('Use iframe layout!');
-        // data_struct['iframe'] = iframe;
        $ae_loc.iframe = true;

        document.getElementsByTagName('html')[0].classList.add('iframe');
-        document.getElementsByTagName('html')[0].classList.remove('dark');
-        document.getElementsByTagName('html')[0].classList.remove('light');
+        // document.getElementsByTagName('html')[0].classList.remove('dark');
+        // document.getElementsByTagName('html')[0].classList.remove('light');

        $ae_loc.hub.show_element__access_type = false;
        $ae_loc.hub.show_element__cfg = false;
    } else if (iframe == 'false') {
-        // data_struct['iframe'] = false;
        $ae_loc.iframe = false;

        document.getElementsByTagName('html')[0].classList.remove('iframe');
-        document.getElementsByTagName('html')[0].classList.add('light');
+        // document.getElementsByTagName('html')[0].classList.add('light');
+        // document.getElementsByTagName('html')[0].classList.add('dark');
    }

 	if (!$ae_loc.iframe && $ae_loc.trusted_access) {
@@ -364,17 +391,6 @@ onMount(() => {
    }


-    // TESTING TESTING TESTING
-    // WARNING: This needs to be tied to an object type and ID. This is a temporary solution.
-    // $ae_sess.download = {
-    //     'endpoint': '/event/file/abc123/download',
-    //     'filename': 'example.txt',
-    //     'size_total': 0,
-    //     'size_loaded': 0,
-    //     'percent_completed': 0,
-    // };
-
-
    // This is how the download and upload progress is tracked.
    window.addEventListener('message', function(event) {
        if (log_lvl) {
@@ -389,16 +405,6 @@ onMount(() => {

            let task_id = event.data.task_id;

-            // $ae_sess.download[event.data.endpoint] = {
-            //     'status': event.data.status,
-            //     'task_id': task_id,
-            //     'endpoint': event.data.endpoint,
-            //     'filename': event.data.filename,
-            //     'size_total': event.data.size_total,
-            //     'size_loaded': event.data.size_loaded,
-            //     'percent_completed': event.data.percent_completed,
-            // };
-
            $ae_sess.api_download_kv[task_id] =
                {
                    'status': event.data.status,
@@ -430,9 +436,6 @@ onMount(() => {
                };
        }
    });
-
-    // console.log(`access_key = `, access_key);
-
 });
 </script>

@@ -451,7 +454,7 @@ onMount(() => {
 <!-- regionFooter="flex justify-end space-x-2" -->

 {#if
-    $ae_loc.allow_access}
+    $ae_loc?.allow_access}

 <Modal components={modalRegistry}
    regionBackdrop=''
@@ -549,12 +552,12 @@ onMount(() => {

    <div
        data-sveltekit-preload-data="false"
-        class="flex flex-col items-center justify-center h-full"
+        class="flex flex-col items-center justify-center h-full max-w-lg mx-auto space-y-4"
        >
        <h1 class="text-4xl font-bold text-red-500">Access Denied</h1>
-        <p class="text-lg text-gray-500">You do not have access to this site.</p>
+        <p class="text-lg text-center text-gray-500">You do not have access to this site. You may need a passcode and or URL site key.</p>
        <button
-            class="btn btn-sm m-1 variant-glass-surface hover:variant-outline-warning text-error-300 hover:text-error-800"
+            class="btn btn-sm m-1 variant-glass-surface hover:variant-outline-warning hover:variant-glass-warning text-error-400 hover:text-error-800"
            title="Reload and clear the page cache"
            on:click={() => {
                localStorage.clear();