Skip to content

Issue with showing current user devices #297

New issue
New issue
Open
Open
Issue with showing current user devices#297
@lRoberth

Description

@lRoberth
lRoberth
opened on Jun 17, 2024

When trying to view the current devices from a specific user in the DA dashboard, an empty list will show:
image

While if going to the actual Auth0 Dashboard, the devices does show:
Screenshot 2024-06-17 at 17 21 49

Currently running version 4.3.0
Can't find if it's either permission issues or something related.

Every setting is on default, except logins are done through SSO and we're using the next Access Hook, which blacklists a set of roles depending on the role.

/*
Delegated Admin Allow Hook
Description:
    This code restricts a list of actions depending on the user role.
    By default, the code will restrict interactions with `change password, create user, delete user, block user` on all roles except administrator.
*/
function(ctx, callback){
    // Set this to true to make Administrator bypass the blacklist.
    var shouldAdminBypassRestrictions = true;
    
    var user = ctx.request.user;
    var action = ctx.payload.action;
    var userMetadata = user.app_metadata = user.app_metadata || {};
    var userRoles = userMetadata.roles || ['Delegated Admin - User'];
    

    // List of blacklisted actions per role.
    var role_blacklist = {
        "Delegated Admin - Administrator": [
          
        ],
        "Delegated Admin - Operator": [
            'delete:user',
          	'create:user'
        ],
        "Delegated Admin - User": [
            'delete:user',
          	'change:password',
          	'create:user'
        ],
        "Delegated Admin - Auditor": [
            'delete:user',
          	'change:password',
          	'create:user'
        ]
    };

    if(shouldAdminBypassRestrictions && userRoles.includes("Delegated Admin - Administrator")) {
        return callback();  // Allow execution immediately if the user is an administrator
    }

    // Loop through every role the user has
    for(var i = 0; i < userRoles.length; i++){
        let userRole = userRoles[i];

        // If the user role is in the list of blacklisted roles
        if(role_blacklist.hasOwnProperty(userRole)) {
            var blacklistedActions = role_blacklist[userRole];

            // Check if the action that is to be executed is blacklisted in the user role.
            if(blacklistedActions.includes(action)){
                return callback(new Error("You are not allowed to perform this action."));
            }
        }
    }
  
  return callback();
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions