Wrong Type for `enabled` Variables in Configs
(Using https://gitlab.esrf.fr/icat/E-DataPortal/-/blob/master/src/config/icat.js#L5 as an example to explain the issue.)
Currently, in src/config/icat.js
different authentication mechanisms can be enabled or disabled by setting their corresponding enabled
variable.
const ICAT = {
authentication: {
sso: {
enabled: process.env.REACT_APP_SSO_AUTH_ENABLED
. . .
},
}
Environment variables are stored as strings and will therefore always be evaluated to true
as long as they are set to anything.
My suggestion is to change it to the following pattern, to force all enabled
variables to actually be boolean:
const ICAT = {
authentication: {
sso: {
enabled: (process.env.REACT_APP_SSO_AUTH_ENABLED?.toLowerCase() === 'true')
. . .
},
}
. . .