fix: Prevent non-member org users to access portal without privileges (!677) · Merge requests · Eclipse Foundation / IT / Websites / membership.eclipse.org

Olivier Goulet requested to merge oliviergoulet/membership.eclipse.org:oliviergoulet/main/602 into main Sep 26, 2023

Tightens up authorization. There was an infinite loop occurring because of a contradiction between the portal and the protected route permissions.

Non-member orgs were being treated as authorized on /portal, yet unauthorized on /portal/dashboard/. This lead to an infinite loop where redirects were looping:

/portal/login -> /portal/ --- authorized --> /portal/dashboard/ --- unauthorized --> /portal/login/ --> /portal/ --> etc.

The fix was to simply add the authorization requirement to /portal

Edited Sep 28, 2023 by Olivier Goulet

fix: Prevent non-member org users to access portal without privileges

Merge request reports