SESP/sgse-app
2
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: implement user authentication checks for queries in registro-pontos page

Browse Source 
- Added authentication verification to conditionally execute queries for fetching employees, point records, statistics, and configuration settings based on user authentication status.
- Introduced a derived variable to manage the authenticated state of the user, enhancing security and ensuring that data is only accessible to logged-in users.
This commit is contained in:
deyvisonwanderley
2025-11-22 21:01:27 -03:00
parent dc799504f6
commit 58ac3a4f1b
1 changed files with 21 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
apps/web/src/routes/(dashboard)/recursos-humanos/registro-pontos/+page.svelte
View File

@@ -33,6 +33,10 @@
let chartCanvas: HTMLCanvasElement; let chartCanvas: HTMLCanvasElement;
let chartInstance: Chart | null = null; let chartInstance: Chart | null = null;
// Verificar autenticação primeiro
const currentUserQuery = useQuery(api.auth.getCurrentUser, {});
const usuarioAutenticado = $derived(currentUserQuery?.data !== null && currentUserQuery?.data !== undefined);
// Parâmetros reativos para queries // Parâmetros reativos para queries
const registrosParams = $derived({ const registrosParams = $derived({
funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined, funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined,
@@ -45,11 +49,23 @@
funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined, funcionarioId: funcionarioIdFiltro && funcionarioIdFiltro !== '' ? funcionarioIdFiltro : undefined,
}); });
// Queries // Queries condicionais - só executar se usuário estiver autenticado
const funcionariosQuery = useQuery(api.funcionarios.getAll, {}); const funcionariosQuery = useQuery(
const registrosQuery = useQuery(api.pontos.listarRegistrosPeriodo, registrosParams); api.funcionarios.getAll,
const estatisticasQuery = useQuery(api.pontos.obterEstatisticas, estatisticasParams); usuarioAutenticado ? {} : 'skip'
const configQuery = useQuery(api.configuracaoPonto.obterConfiguracao, {}); );
const registrosQuery = useQuery(
api.pontos.listarRegistrosPeriodo,
usuarioAutenticado ? registrosParams : 'skip'
);
const estatisticasQuery = useQuery(
api.pontos.obterEstatisticas,
usuarioAutenticado ? estatisticasParams : 'skip'
);
const configQuery = useQuery(
api.configuracaoPonto.obterConfiguracao,
usuarioAutenticado ? {} : 'skip'
);
const funcionarios = $derived(funcionariosQuery?.data || []); const funcionarios = $derived(funcionariosQuery?.data || []);
const registros = $derived(registrosQuery?.data || []); const registros = $derived(registrosQuery?.data || []);