From 8cdfde2b1b3af834dfef299e9a22b2a2bb1d89a8 Mon Sep 17 00:00:00 2001
From: Richard Cox <richard.cox@suse.com>
Date: Tue, 30 Mar 2021 16:55:28 +0100
Subject: [PATCH] Ensure the user stays logged in after attempting to change
 roles they cannot - As a restricted-user attempting to assign a group the
 'admin' global permission resulted in the user being logged out of the
 dashboard - We now show the raw error instead

---
 components/GlobalRoleBindings.vue | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/components/GlobalRoleBindings.vue b/components/GlobalRoleBindings.vue
index 7001debbcf..cfb04ab338 100644
--- a/components/GlobalRoleBindings.vue
+++ b/components/GlobalRoleBindings.vue
@@ -215,7 +215,8 @@ export default {
         globalRoleName: role,
       })));
 
-      await Promise.all(newBindings.map(newBinding => newBinding.save()));
+      // Save all changes (and ensure user isn't logged out if they don't have permissions to make a change)
+      await Promise.all(newBindings.map(newBinding => newBinding.save({ redirectUnauthorized: false })));
     },
     async saveRemovedRoles() {
       const existingBindings = await Promise.all(this.roleChanges.removeBindings.map(bindingId => this.$store.dispatch('management/find', {
@@ -223,7 +224,8 @@ export default {
         id:   bindingId
       })));
 
-      await Promise.all(existingBindings.map(existingBinding => existingBinding.remove()));
+      // Save all changes (and ensure user isn't logged out if they don't have permissions to make a change)
+      await Promise.all(existingBindings.map(existingBinding => existingBinding.remove({ redirectUnauthorized: false })));
     },
     /**
      * userId is optional, used when a user has just been created