T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/lavocat.quebec/private_html/src/components/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/lavocat.quebec/private_html/src/components/AccessControl.tsx
import React from 'react';
import { useSession } from 'next-auth/react';
import { useRouter } from 'next/router';
import { USER_ROLES, UserRole, canAccessPage } from '../lib/auth-utils';

interface AccessControlProps {
  children: React.ReactNode;
  allowedRoles?: UserRole[];
  allowedPages?: string[];
  currentPage?: string;
  redirectTo?: string;
  fallback?: React.ReactNode;
}

const AccessControl: React.FC<AccessControlProps> = ({
  children,
  allowedRoles = [],
  allowedPages = [],
  currentPage,
  redirectTo = '/',
  fallback = null,
}) => {
  const { data: session, status } = useSession();
  const router = useRouter();
  const [isChecking, setIsChecking] = React.useState(true);
  const [hasAccess, setHasAccess] = React.useState(false);

  React.useEffect(() => {
    if (status === 'loading') return;

    // If no session, redirect to login
    if (!session || !session.user) {
      router.push('/auth/login');
      return;
    }

    const userRole = session.user.role as UserRole;
    let accessGranted = false;

    // Check role-based access
    if (allowedRoles.length > 0) {
      accessGranted = allowedRoles.includes(userRole);
    }

    // Check page-based access
    if (allowedPages.length > 0 && currentPage) {
      accessGranted = accessGranted || canAccessPage(userRole, currentPage);
    }

    // If no specific restrictions, allow access
    if (allowedRoles.length === 0 && allowedPages.length === 0) {
      accessGranted = true;
    }

    setHasAccess(accessGranted);
    setIsChecking(false);

    if (!accessGranted) {
      router.push(redirectTo);
    }
  }, [session, status, router, allowedRoles, allowedPages, currentPage, redirectTo]);

  if (status === 'loading' || isChecking) {
    return (
      <div className="flex items-center justify-center min-h-screen">
        <div className="text-center">
          <div className="animate-spin rounded-full h-12 w-12 border-b-2 border-primary mx-auto"></div>
          <p className="mt-4 text-gray-600">Checking access...</p>
        </div>
      </div>
    );
  }

  if (!hasAccess) {
    return fallback ? (
      <>{fallback}</>
    ) : (
      <div className="flex items-center justify-center min-h-screen">
        <div className="text-center">
          <div className="text-red-500 text-6xl mb-4">🚫</div>
          <h1 className="text-2xl font-bold text-gray-900 mb-2">Access Denied</h1>
          <p className="text-gray-600 mb-4">
            You don't have permission to access this page.
          </p>
          <button
            onClick={() => router.push(redirectTo)}
            className="bg-primary text-white px-4 py-2 rounded-lg hover:bg-primary-dark transition-colors"
          >
            Go Back
          </button>
        </div>
      </div>
    );
  }

  return <>{children}</>;
};

export default AccessControl;

CasperSecurity Mini