Check user permissions and metadata every CMS load.
Before, if the CMS was loading user OAuth credentials from `localStorage`, then user write access would not be checked again. However, the `config.yml` repo could be changed, which would cause the user to be still logged in even if they did not have write permissions. Also, if the user had updated their metadata (avatar, etc.), the CMS would not update that either.
This commit is contained in:
@ -78,7 +78,10 @@ class Backend {
|
||||
if (this.user) { return this.user; }
|
||||
const stored = this.authStore && this.authStore.retrieve();
|
||||
if (stored) {
|
||||
return Promise.resolve(this.implementation.setUser(stored)).then(() => stored);
|
||||
return Promise.resolve(this.implementation.setUser(stored)).then((user) => {
|
||||
this.authStore.store(user);
|
||||
return user;
|
||||
});
|
||||
}
|
||||
return Promise.resolve(null);
|
||||
}
|
||||
|
Reference in New Issue
Block a user