fix(settings): guard isAdmin access when getCurrentUser returns null

vitormattos · backportbot-libresign[bot] · commit d6d0782e92e6 · 2026-02-27T17:50:21.000Z
Signed-off-by: Vitor Mattos &lt;1079143+vitormattos@users.noreply.github.com&gt;
diff --git a/src/components/Settings/Settings.vue b/src/components/Settings/Settings.vue
@@ -56,7 +56,7 @@ export default {
 	},
 	data() {
 		return {
-			isAdmin: getCurrentUser().isAdmin,
+			isAdmin: getCurrentUser()?.isAdmin ?? false,
 		}
 	},
 	methods: {
diff --git a/src/tests/components/Settings/Settings.spec.ts b/src/tests/components/Settings/Settings.spec.ts
@@ -258,6 +258,54 @@ describe('Settings', () => {
 		})
 	})
 
+	describe('RULE: unauthenticated users (signing via email link) do not crash the component', () => {
+		const createUnauthenticatedWrapper = () => {
+			getCurrentUserMock.mockReturnValue(null)
+
+			return mount(Settings, {
+				global: {
+					stubs: {
+						NcAppNavigationItem: {
+							name: 'NcAppNavigationItem',
+							props: ['name', 'to', 'href', 'icon'],
+							template: '<li><slot name="icon" /><span class="item-name">{{ name }}</span><slot /></li>',
+						},
+						AccountIcon: { template: '<div class="account-icon"></div>' },
+						StarIcon: { template: '<div class="star-icon"></div>' },
+						TuneIcon: { template: '<div class="tune-icon"></div>' },
+					},
+					mocks: { t },
+				},
+			})
+		}
+
+		it('mounts without throwing when getCurrentUser returns null', () => {
+			expect(() => createUnauthenticatedWrapper()).not.toThrow()
+		})
+
+		it('isAdmin is false when getCurrentUser returns null', () => {
+			wrapper = createUnauthenticatedWrapper()
+
+			expect(getWrapper().vm.isAdmin).toBe(false)
+		})
+
+		it('hides the Administration link when user is unauthenticated', () => {
+			wrapper = createUnauthenticatedWrapper()
+			const items = getItems()
+			const adminItem = findItemByName(items, 'Administration')
+
+			expect(adminItem).toBeUndefined()
+		})
+
+		it('shows 2 navigation items for unauthenticated user', () => {
+			wrapper = createUnauthenticatedWrapper()
+			const items = getItems()
+
+			// Account + Rate = 2
+			expect(items.length).toBe(2)
+		})
+	})
+
 	describe('RULE: navigation items count depends on admin status', () => {
 		it('shows 2 items for non-admin', () => {
 			wrapper = createWrapper(false)

Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ export default {`
`56`	`56`	`},`
`57`	`57`	`data() {`
`58`	`58`	`return {`
`59`		`- isAdmin: getCurrentUser().isAdmin,`
	`59`	`+ isAdmin: getCurrentUser()?.isAdmin ?? false,`
`60`	`60`	`}`
`61`	`61`	`},`
`62`	`62`	`methods: {`