Redirect to /user/edit path only needed if we are admin.

[jpbostic]

to:
cc: @subspacecommunity/subspace-maintainers
related to:
resolves: #134

Background

While evaluating an instance of Subspace running in its docker container (subspacecommunity/subspace:latest), I noticed that when I login as a normal user (via SAML), deletion of device profiles works but I get an error page after I click the "Delete device?" popup.

Running in debug mode showed a "permission denied" on the /user/edit path. When looking at a clone of the repo, I realized that the profileDeleteHandler is trying to redirect back to the /user/edit path even when I'm not logged in as an admin. Normal behavior should be to only redirect to /user/edit if I'm admin and otherwise move on (the redirect to the normal "success" path is immediately below this and it was obviously never being reached).

Changes

• HTTP redirect after successful device profile deletion only goes to /user/edit if the current user is an admin. Otherwise, continues and is redirected to the normal URL.

Testing

This was tested on a VM running a docker image built from these changes. Profiles were added to a normal account and then deleted using both an admin account and that regular account. Both ways now work without error.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 0 Security Hotspots to review)
0 Code Smells

No Coverage information
No Duplication information

[jack1902]

I no longer work on this project, so leaving this review to remove it from my list of PRs on Github

[gchamon]

@jpbostic just deployed in production with my fork at https://github.com/waycarbon/subspace with no issues. Thanks!

[gchamon]

@subspacecommunity/subspace-maintainers I believe this is ok to merge. Need a couple more eyes on it though.

[agonbar]

Yup, worked just fine.

Many thanks for the contribution!

[agonbar]

@all-contributors please add @jpbostic for code

[allcontributors]

@agonbar

I've put up a pull request to add @jpbostic! 🎉