Merge branch 'develop' into dist/ubuntu/bionic/develop

client/src/components/App.tsx

@@ -13,6 +13,7 @@ import { Modal } from './Modal';
 import { createClient } from '../util/apollo';
 import { ApolloProvider } from '@apollo/client';
 import { LogoutPage } from './LogoutPage';
+import { UnauthorizedPage } from './UnauthorizedPage/UnauthorizedPage';
 
 export interface AppProps {
 
@@ -41,6 +42,7 @@ export const App: FunctionComponent<AppProps> = () => {
         <BrowserRouter>
           <Switch>
             <Route path="/" exact component={HomePage} />
+            <Route path="/unauthorized" exact component={UnauthorizedPage} />
             <PrivateRoute path="/profile" exact component={ProfilePage} />
             <PrivateRoute path="/workgroups/:id" exact component={WorkgroupPage} />
             <PrivateRoute path="/decisions/:id" exact component={DecisionSupportFilePage} />

client/src/components/UnauthorizedPage/UnauthorizedPage.tsx

@@ -0,0 +1,37 @@
+import React, { FunctionComponent } from 'react';
+import { Config } from '../../config';
+import { Page } from '../Page';
+
+export interface UnauthorizedPageProps {
+
+}
+
+export const UnauthorizedPage:FunctionComponent<UnauthorizedPageProps> = () => {
+  return (
+    <Page title="Non autorisé">
+      <div className="container is-fluid">
+        <section className="section">
+          <div className="columns">
+            <div className="column is-6 is-offset-3">
+              <div className="message is-danger">
+                <div className="message-header">
+                  <p><i className="fa fa-ban"></i> Non autorisé</p>
+                </div>
+                <div className="message-body">
+                  <p>Vous n'êtes pas autorisé à accéder à cette page.</p>
+                  <br />
+                  <p>Votre compte est peut être désactivé, votre adresse courriel ne fait peut être
+                  pas partie des domaines autorisés ou vous n'avez peut être pas les droits nécessaires pour effectuer cette opération.</p>
+                  <div className="has-text-centered mt-5">
+                    <a href={Config.logoutURL} className="is-warning button"><i className="fa fa-sign-out-alt"></i>&nbsp; Forcer la déconnexion</a>
+                  </div>
+                
+                </div>
+              </div>
+            </div>
+          </div>
+        </section>
+      </div>
+    </Page>
+  );
+}

internal/route/login.go

@@ -1,7 +1,6 @@
 package route
 
 import (
-	"fmt"
 	"net/http"
 
 	"forge.cadoles.com/Cadoles/daddy/internal/auth"
@@ -80,11 +79,8 @@ func handleLoginCallback(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if !authorized {
-		message := fmt.Sprintf(
-			"You are not authorized to access this application. Disconnect by navigating to %s.",
-			"http://"+r.Host+"/logout",
-		)
-		http.Error(w, message, http.StatusForbidden)
+		redirectURL := conf.HTTP.FrontendURL + "/unauthorized"
+		http.Redirect(w, r, redirectURL, http.StatusTemporaryRedirect)
 
 		return
 	}

internal/route/mount.go

@@ -72,10 +72,17 @@ func Mount(r *chi.Mux, config *config.Config) error {
 	}
 
 	// List of paths handled directly by the client
-	r.Get("/workgroups/*", serveClientIndex)
-	r.Get("/profile", serveClientIndex)
-	r.Get("/dashboard", serveClientIndex)
-	r.Get("/decisions/*", serveClientIndex)
+	clientRoutes := []string{
+		"/workgroups/*",
+		"/profile",
+		"/dashboard",
+		"/decisions/*",
+		"/unauthorized",
+	}
+
+	for _, cr := range clientRoutes {
+		r.Get(cr, serveClientIndex)
+	}
 
 	// Serve static files
 	notFoundHandler := r.NotFoundHandler()