Expensify · stitesExpensify · Nov 2, 2023 · Oct 11, 2023 · Oct 11, 2023 · Oct 11, 2023
@@ -11,6 +11,7 @@ import tryResolveUrlFromApiRoot from '@libs/tryResolveUrlFromApiRoot';
 import * as Url from '@libs/Url';
 import styles from '@styles/styles';
 import * as Link from '@userActions/Link';
+import * as Session from '@userActions/Session';
 import CONFIG from '@src/CONFIG';
 import CONST from '@src/CONST';
 import ROUTES from '@src/ROUTES';
@@ -52,6 +53,10 @@ function AnchorRenderer(props) {
         // If we are handling a New Expensify link then we will assume this should be opened by the app internally. This ensures that the links are opened internally via react-navigation
         // instead of in a new tab or with a page refresh (which is the default behavior of an anchor tag)
         if (internalNewExpensifyPath && hasSameOrigin) {
+            if (Session.isAnonymousUser() && !Session.canAccessRouteByAnonymousUser(internalNewExpensifyPath)) {
+                Session.signOutAndRedirectToSignIn();
+                return;
+            }
             Navigation.navigate(internalNewExpensifyPath);
             return;
         }

@@ -1999,6 +1999,12 @@ function openReportFromDeepLink(url, isAuthenticated) {
                 navigateToConciergeChat(true);
                 return;
             }
+            if (Session.isAnonymousUser() && !Session.canAccessRouteByAnonymousUser(route)) {
+                Navigation.isNavigationReady().then(() => {
+                    Session.signOutAndRedirectToSignIn();
+                });
+                return;
+            }
             Navigation.navigate(route, CONST.NAVIGATION.TYPE.PUSH);
         });
     });

@@ -871,6 +871,33 @@ function waitForUserSignIn(): Promise<boolean> {
     });
 }
 
+/**
+ * check if the route can be accessed by anonymous user
+ *
+ * @param {string} route
+ */
+
+const canAccessRouteByAnonymousUser = (route: string) => {
+    const reportID = ReportUtils.getReportIDFromLink(route);
+    if (reportID) {
+        return true;
+    }
+    const parsedReportRouteParams = ReportUtils.parseReportRouteParams(route);
+    let routeRemovedReportId = route;
+    if ((parsedReportRouteParams as {reportID: string})?.reportID) {
+        routeRemovedReportId = route.replace((parsedReportRouteParams as {reportID: string})?.reportID, ':reportID');
+    }
+    if (route.startsWith('/')) {
+        routeRemovedReportId = routeRemovedReportId.slice(1);
+    }
+    const routesCanAccessByAnonymousUser = [ROUTES.SIGN_IN_MODAL, ROUTES.REPORT_WITH_ID_DETAILS.route, ROUTES.REPORT_WITH_ID_DETAILS_SHARE_CODE.route];
+
+    if ((routesCanAccessByAnonymousUser as string[]).includes(routeRemovedReportId)) {
+        return true;
+    }
+    return false;
+};
+
 export {
     beginSignIn,
     beginAppleSignIn,
@@ -900,4 +927,5 @@ export {
     toggleTwoFactorAuth,
     validateTwoFactorAuth,
     waitForUserSignIn,
+    canAccessRouteByAnonymousUser,
 };
@@ -24,7 +24,7 @@ function SignInModal() {
             shouldEnableMaxHeight
             testID={SignInModal.displayName}
         >
-            <HeaderWithBackButton />
+            <HeaderWithBackButton onBackButtonPress={Navigation.dismissModal} />
             <SignInPage isInModal />
         </ScreenWrapper>
     );