[frontend] Change behavior of invalid access to display 404 instead o…

…f login redirect (OpenCTI-Platform#9860) - Improve root 404 pages detection
fbicyber · Feb 13, 2025 · a0b469b · a0b469b
1 parent 7a01796
commit a0b469b
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 54 deletions.
diff --git a/opencti-platform/opencti-front/src/private/Index.tsx b/opencti-platform/opencti-front/src/private/Index.tsx
@@ -99,7 +99,6 @@ const Index = ({ settings }: IndexProps) => {
           <Suspense fallback={<Loader />}>
             <Routes>
               <Route path="/" element={boundaryWrapper(Dashboard)}/>
-
               {/* Search need to be rework */}
               <Route path="/search/*" element={boundaryWrapper(RootSearch)} />
               <Route path="/id/:id" element={boundaryWrapper(StixObjectOrStixRelationship)} />
@@ -111,51 +110,17 @@ const Index = ({ settings }: IndexProps) => {
               <Route path="/arsenal/*" element={boundaryWrapper(RootArsenal)} />
               <Route path="/techniques/*" element={boundaryWrapper(RootTechnique)} />
               {/* Need to refactor below */}
-              <Route
-                path="/entities/*"
-                element={boundaryWrapper(RootEntities)}
-              />
-              <Route
-                path="/locations/*"
-                element={boundaryWrapper(RootLocation)}
-              />
-              <Route path="/data/*"
-                element={boundaryWrapper(RootData)}
-              />
-              {isTrashEnable() && (
-                <Route
-                  path="/trash/*"
-                  element={boundaryWrapper(RootTrash)}
-                />
-              )}
-              {isDraftFeatureEnabled && (
-                <Route path="/drafts/*"
-                  element={boundaryWrapper(RootDrafts)}
-                />
-              )}
-              <Route
-                path="/workspaces/*"
-                element={boundaryWrapper(RootWorkspaces)}
-              />
-              <Route
-                path="/settings/*"
-                element={boundaryWrapper(RootSettings)}
-              />
-              <Route
-                path="/audits/*"
-                element={boundaryWrapper(RootAudit)}
-              />
-              <Route
-                path="/profile/*"
-                element={boundaryWrapper(RootProfile)}
-              />
-              <Route
-                path="/observations/*"
-                element={boundaryWrapper(RootObservations)}
-              />
-              <Route
-                element={<NoMatch/>}
-              />
+              <Route path="/entities/*" element={boundaryWrapper(RootEntities)}/>
+              <Route path="/locations/*" element={boundaryWrapper(RootLocation)}/>
+              <Route path="/data/*" element={boundaryWrapper(RootData)}/>
+              {isTrashEnable() && (<Route path="/trash/*" element={boundaryWrapper(RootTrash)}/>)}
+              {isDraftFeatureEnabled && (<Route path="/drafts/*" element={boundaryWrapper(RootDrafts)}/>)}
+              <Route path="/workspaces/*" element={boundaryWrapper(RootWorkspaces)}/>
+              <Route path="/settings/*" element={boundaryWrapper(RootSettings)}/>
+              <Route path="/audits/*" element={boundaryWrapper(RootAudit)}/>
+              <Route path="/profile/*" element={boundaryWrapper(RootProfile)}/>
+              <Route path="/observations/*" element={boundaryWrapper(RootObservations)}/>
+              <Route path="/*" element={<NoMatch/>}/>
             </Routes>
           </Suspense>
         </Box>

diff --git a/opencti-platform/opencti-front/src/private/components/AuthBoundary.jsx b/opencti-platform/opencti-front/src/private/components/AuthBoundary.jsx
@@ -20,10 +20,6 @@ class AuthBoundaryComponent extends React.Component {
       const baseErrors = this.state.error.res?.errors ?? [];
       const retroErrors = this.state.error.data?.res?.errors ?? [];
       const types = map((e) => e.extensions.code, [...baseErrors, ...retroErrors]);
-      // If access is forbidden, just redirect to home page
-      if (includes('FORBIDDEN_ACCESS', types)) {
-        return <LoginRoot type="LOGIN" />;
-      }
       // If user not authenticated, redirect to login with encoded path
       if (includes('AUTH_REQUIRED', types)) {
         return <LoginRoot type="LOGIN" />;

diff --git a/opencti-platform/opencti-front/src/private/components/Error.jsx b/opencti-platform/opencti-front/src/private/components/Error.jsx
@@ -1,5 +1,5 @@
 import React from 'react';
-import { includes, map } from 'ramda';
+import { compose, includes, map } from 'ramda';
 import * as PropTypes from 'prop-types';
 import Alert from '@mui/material/Alert';
 import AlertTitle from '@mui/material/AlertTitle';
@@ -8,6 +8,7 @@ import { Link } from 'react-router-dom';
 import ErrorNotFound from '../../components/ErrorNotFound';
 import { useFormatter } from '../../components/i18n';
 import { commitMutation } from '../../relay/environment';
+import withRouter from '../../utils/compat_router/withRouter';
 
 // Highest level of error catching, do not rely on any tierce (intl, theme, ...) pure fallback
 export const HighLevelError = () => (
@@ -76,6 +77,13 @@ class ErrorBoundaryComponent extends React.Component {
     }
   }
 
+  componentDidUpdate(prevProps, _prevState) {
+    // Reset the error state when browsing
+    if (prevProps.location.pathname !== this.props.location.pathname) {
+      this.setState({ error: null });
+    }
+  }
+
   render() {
     if (this.state.error) {
       const baseErrors = this.state.error.res?.errors ?? [];
@@ -86,7 +94,10 @@ class ErrorBoundaryComponent extends React.Component {
         return <DedicatedWarning title={'Complex search'} description={'Your search have too much terms to be executed. Please limit the number of words or the complexity'} />;
       }
       // Access error must be forwarded
-      if (includes('FORBIDDEN_ACCESS', types) || includes('AUTH_REQUIRED', types)) {
+      if (includes('FORBIDDEN_ACCESS', types)) {
+        return <ErrorNotFound/>;
+      }
+      if (includes('AUTH_REQUIRED', types)) {
         // eslint-disable-next-line @typescript-eslint/no-throw-literal
         throw this.state.error;
       }
@@ -101,7 +112,7 @@ ErrorBoundaryComponent.propTypes = {
   display: PropTypes.object,
   children: PropTypes.node,
 };
-export const ErrorBoundary = ErrorBoundaryComponent;
+export const ErrorBoundary = compose(withRouter)(ErrorBoundaryComponent);
 
 export const boundaryWrapper = (Component) => {
   // eslint-disable-next-line react/display-name

diff --git a/opencti-platform/opencti-front/src/private/components/RootSearch.tsx b/opencti-platform/opencti-front/src/private/components/RootSearch.tsx
@@ -1,5 +1,6 @@
 import { Navigate, Route, Routes } from 'react-router-dom';
 import React from 'react';
+import { NoMatch } from '@components/Error';
 import Search from './Search';
 import SearchContainerQuery from './search/SearchContainerQuery';
 import SearchIndexedFiles from './search/SearchIndexedFiles';
@@ -27,8 +28,8 @@ const RootSearch = () => {
       <Route path="/knowledge/:keyword" element={<SearchKnowledge />} />
       <Route path="/files" element={<SearchFiles />} />
       <Route path="/files/:keyword" element={<SearchFiles />} />
-
       <Route path="/" element={<Navigate to="/dashboard/search/knowledge" replace={true} />} />
+      <Route path="/*" element={<NoMatch/>}/>
     </Routes>
   );
 };