i.e. if an admin goes to https://hslmembers.netlify.app/certs/1 it works, but if a non-admin goes there it throws an error in members_api and causes a crash in members_ui on line 99 of cert_detail.js (const { name, description } = await this.props.read(id); which loads /certs/{id})
Possible fixes include:
expanding the {auth.isAdmin} logic to preclude line 99 from running, not just hiding the edit form
allowing members_api to show cert details, just deny PUT/POST/DELETE on a cert
not displaying links to the cert details page for non-admins
JulienTant
commented
1 year ago
i.e. if an admin goes to https://hslmembers.netlify.app/certs/1 it works, but if a non-admin goes there it throws an error in members_api and causes a crash in members_ui on line 99 of cert_detail.js (
const { name, description } = await this.props.read(id);which loads /certs/{id})Possible fixes include:
{auth.isAdmin}logic to preclude line 99 from running, not just hiding the edit form