Skip to content

fix: About read permission#4365

Merged
zhanweizhang7 merged 1 commit intov2from
pr@v2@fix_about_read_permission
Nov 17, 2025
Merged

fix: About read permission#4365
zhanweizhang7 merged 1 commit intov2from
pr@v2@fix_about_read_permission

Conversation

@shaohuzhang1
Copy link
Copy Markdown
Contributor

@shaohuzhang1 shaohuzhang1 commented Nov 17, 2025

fix: About read permission

@f2c-ci-robot
Copy link
Copy Markdown

f2c-ci-robot bot commented Nov 17, 2025

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@f2c-ci-robot
Copy link
Copy Markdown

f2c-ci-robot bot commented Nov 17, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

shaohuzhang1
shaohuzhang1 commented Nov 17, 2025
View reviewed changes
Comment thread ui/src/layout/layout-header/avatar/index.vue
"
>
{{ $t('layout.about.title') }}
</el-dropdown-item>
Copy link
Copy Markdown
Contributor Author

@shaohuzhang1 shaohuzhang1 Nov 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, there is an issue with this code snippet. The second v-if condition uses a variable that is not defined:

hasPermission(new ComplexPermission([...], [...]), 'OR')

The ComplexPermission constructor takes four parameters: permissions for users/roles ([...].concat([ RoleConst.WORKSPACE_MANAGE])). However, inside the constructor call, you are only concatenating [ RoleConst.WORKSPACE_MANAGE]. This means that the permission array will be [ RoleConst.WORKSPACE_MANAGE ], which does not include any roles or permissions.

If no role/permission exists in this array, calling hasPermission(...) may result in unexpected behavior.

To correct this, ensure that all required arguments are passed correctly to new ComplexPermission(...): either both arrays (for users/roles and permissions) or one of them empty.

Here's how you can fix it:

Incorrect:

new ComplexPermission([RoleConst.ADMIN, RoleConst.USER, RoleConst.WORKSPACE_MANAGE], [PermissionConst.ABOUT_READ])

Corrected:

new ComplexPermission([
  ...[RoleConst ADMIN, RoleConst.USER]
  RoleConst.WORKSPACE_MANAGE,
],[
  PermissionConst.BLOG_DELETE,
  PermissionConst.ANNOUNCE_COMMENT_CREATE,
])

Ensure that every role or permission is added to at least one of those two arrays when using ComplexPermission.

Also, keep these considerations in mind when creating instances of complex permission classes to avoid runtime errors due to incorrect argument lengths.

@zhanweizhang7 zhanweizhang7 merged commit 9f8d7d6 into v2 Nov 17, 2025
3 of 6 checks passed
@zhanweizhang7 zhanweizhang7 deleted the pr@v2@fix_about_read_permission branch November 17, 2025 03:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

do-not-merge/release-note-label-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shaohuzhang1 @zhanweizhang7