From 0503ce5f35f4f4c3b2ea3b7906c9792b3db75e7a Mon Sep 17 00:00:00 2001
From: Peter Zimon <zimo@ghost.org>
Date: Wed, 24 Feb 2021 15:33:00 +0100
Subject: [PATCH] Updated Dashboard visibility

- only owner/admins can view Dashboard, everyone else is redirected to "View site"
---
 ghost/admin/app/components/gh-nav-menu/footer.hbs | 4 +++-
 ghost/admin/app/components/gh-nav-menu/main.hbs   | 2 ++
 ghost/admin/app/routes/dashboard.js               | 9 +++++++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/ghost/admin/app/components/gh-nav-menu/footer.hbs b/ghost/admin/app/components/gh-nav-menu/footer.hbs
index 94e69ecde5..697bea29cf 100644
--- a/ghost/admin/app/components/gh-nav-menu/footer.hbs
+++ b/ghost/admin/app/components/gh-nav-menu/footer.hbs
@@ -86,7 +86,9 @@
             </GhBasicDropdown>
         </div>
         <div class="flex items-center">
-            <LinkTo class="gh-nav-bottom-tabicon" @route="settings" @current-when={{this.isSettingsRoute}} data-test-nav="settings">{{svg-jar "settings"}}</LinkTo>
+            {{#if (gh-user-can-admin this.session.user)}}
+                <LinkTo class="gh-nav-bottom-tabicon" @route="settings" @current-when={{this.isSettingsRoute}} data-test-nav="settings">{{svg-jar "settings"}}</LinkTo>
+            {{/if}}
             <div class="nightshift-toggle-container">
                 <div class="nightshift-toggle {{if this.feature.nightShift "on"}}" {{action (toggle "nightShift" this.feature)}}>
                     <div class="sun">{{svg-jar "sun"}}</div>
diff --git a/ghost/admin/app/components/gh-nav-menu/main.hbs b/ghost/admin/app/components/gh-nav-menu/main.hbs
index 3b37453ca8..75c162f69d 100644
--- a/ghost/admin/app/components/gh-nav-menu/main.hbs
+++ b/ghost/admin/app/components/gh-nav-menu/main.hbs
@@ -17,9 +17,11 @@
 <section class="gh-nav-body">
     <div class="gh-nav-top">
         <ul class="gh-nav-list gh-nav-main">
+            {{#if (gh-user-can-admin this.session.user)}}
             <li class="relative">
                 <LinkTo @route="dashboard" @alt="Dashboard" @title="Dashboard" data-test-nav="dashboard">{{svg-jar "house"}} Dashboard</LinkTo>
             </li>
+            {{/if}}
             <li class="relative">
                 <span {{action "transitionToOrRefreshSite" on="click"}}>
                     <LinkTo @route="site" data-test-nav="site" @current-when={{this.isOnSite}} @preventDefault={{false}}>
diff --git a/ghost/admin/app/routes/dashboard.js b/ghost/admin/app/routes/dashboard.js
index 64755ee064..3b8324fd25 100644
--- a/ghost/admin/app/routes/dashboard.js
+++ b/ghost/admin/app/routes/dashboard.js
@@ -1,6 +1,15 @@
 import AuthenticatedRoute from 'ghost-admin/routes/authenticated';
 
 export default class DashboardRoute extends AuthenticatedRoute {
+    beforeModel() {
+        super.beforeModel(...arguments);
+        return this.session.user.then((user) => {
+            if (!user.isOwnerOrAdmin) {
+                return this.transitionTo('site');
+            }
+        });
+    }
+
     buildRouteInfoMetadata() {
         return {
             mainClasses: ['gh-main-wide']