From 5c73f6dd00fa8fc478490cdb62facb46d2fda3f3 Mon Sep 17 00:00:00 2001
From: Steven <stevenlgtm@gmail.com>
Date: Wed, 14 Sep 2022 23:19:22 +0800
Subject: [PATCH] chore: fix acl

---
 server/acl.go                 |  6 +++-
 web/src/components/Header.tsx | 56 +++++++++++++++++++----------------
 2 files changed, 36 insertions(+), 26 deletions(-)

diff --git a/server/acl.go b/server/acl.go
index 11c0aba..252a550 100644
--- a/server/acl.go
+++ b/server/acl.go
@@ -62,7 +62,7 @@ func aclMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
 
 		println("path", path)
 
-		if common.HasPrefixes(path, "/api/ping", "/api/status", "/api/user/:id", "/api/workspace/:workspaceName/shortcut/:shortcutName") && c.Request().Method == http.MethodGet {
+		if common.HasPrefixes(path, "/api/ping", "/api/status", "/api/user/:id") && c.Request().Method == http.MethodGet {
 			return next(c)
 		}
 
@@ -106,6 +106,10 @@ func aclMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
 			}
 		}
 
+		if common.HasPrefixes(path, "/api/workspace/:workspaceName/shortcut/:shortcutName") && c.Request().Method == http.MethodGet {
+			return next(c)
+		}
+
 		userID := c.Get(getUserIDContextKey())
 		if userID == nil {
 			return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
diff --git a/web/src/components/Header.tsx b/web/src/components/Header.tsx
index 51d77ed..697ccd9 100644
--- a/web/src/components/Header.tsx
+++ b/web/src/components/Header.tsx
@@ -20,31 +20,37 @@ const Header: React.FC = () => {
           Corgi
         </span>
         <div className="relative">
-          <Dropdown
-            trigger={
-              <div className="flex flex-row justify-end items-center cursor-pointer">
-                <span>{user?.name}</span>
-                <Icon.ChevronDown className="ml-1 w-5 h-auto text-gray-600" />
-              </div>
-            }
-            actions={
-              <>
-                <span
-                  className="w-full px-3 leading-8 cursor-pointer rounded whitespace-nowrap hover:bg-gray-100"
-                  onClick={() => navigate(`/user/${user?.id}`)}
-                >
-                  My information
-                </span>
-                <span
-                  className="w-full px-3 leading-8 cursor-pointer rounded whitespace-nowrap hover:bg-gray-100"
-                  onClick={() => handleSignOutButtonClick()}
-                >
-                  Sign out
-                </span>
-              </>
-            }
-            actionsClassName="!w-36"
-          ></Dropdown>
+          {user ? (
+            <Dropdown
+              trigger={
+                <div className="flex flex-row justify-end items-center cursor-pointer">
+                  <span>{user?.name}</span>
+                  <Icon.ChevronDown className="ml-1 w-5 h-auto text-gray-600" />
+                </div>
+              }
+              actions={
+                <>
+                  <span
+                    className="w-full px-3 leading-8 cursor-pointer rounded whitespace-nowrap hover:bg-gray-100"
+                    onClick={() => navigate(`/user/${user?.id}`)}
+                  >
+                    My information
+                  </span>
+                  <span
+                    className="w-full px-3 leading-8 cursor-pointer rounded whitespace-nowrap hover:bg-gray-100"
+                    onClick={() => handleSignOutButtonClick()}
+                  >
+                    Sign out
+                  </span>
+                </>
+              }
+              actionsClassName="!w-36"
+            ></Dropdown>
+          ) : (
+            <span className="cursor-pointer" onClick={() => navigate("/auth")}>
+              Sign in
+            </span>
+          )}
         </div>
       </div>
     </div>