Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure PartnerAdminAuthguard is checking whether the admin is still active #917

Open
4 tasks
eleanorreem opened this issue May 20, 2024 · 4 comments
Open
4 tasks

Ensure PartnerAdminAuthguard is checking whether the admin is still active #917

eleanorreem opened this issue May 20, 2024 · 4 comments
Assignees
@haydnba
Labels
complexity: moderate Time needed to do this ticket will be moderate e.g. 1-2 days priority: soon Should be prioritized soon. reserved-volunteers This issue is reserved for members of Chayn's open-source volunteer program. state: approved Ready to go. Not blocked or pending.
Milestone
02. Roadmaps

Comments

@eleanorreem
Copy link
Contributor

eleanorreem commented May 20, 2024
edited

Overview

We have recently created a new column for partner-admins. These partner-admins can now be set as "inactive". We need to check in our Auth guards that the partner admin is active.

Action Items

  • Look at Partner admin auth guard bloom-frontend/guards/partnerAdminGuard.tsx
  • Ensure that we are checking that the partner is active, looking at the state.partnerAdmin.active property
  • Manually test that this is working by updating one of the partner admins in the database as inactive.
  • Run Cypress tests to ensure nothing is broken

Resources/Instructions

  • to set up different user roles please look to /bloom-frontend/BLOOM_USERS.md
  • You will need to know how to manually change data in the database to update user roles. Or you can use Postman and ensure you have the authentication token for Bloom. You can look how to get one of these tokens in /bloom-frontend/CYPRESS.md
@eleanorreem eleanorreem added complexity: moderate Time needed to do this ticket will be moderate e.g. 1-2 days state: approved Ready to go. Not blocked or pending. priority: soon Should be prioritized soon. labels May 20, 2024
@kyleecodes kyleecodes added this to the 02. Roadmaps milestone May 23, 2024
@kyleecodes kyleecodes added the reserved-volunteers This issue is reserved for members of Chayn's open-source volunteer program. label May 23, 2024
@haydnba
Copy link

haydnba commented May 28, 2024

I would be interested in taking this one on @eleanorreem @kyleecodes (would be very happy to manage the new dependably dependencies upgrades to familiarise myself beforehand)

@github-actions GitHub Actions
Copy link
Contributor

Thank you for your interest in contributing to Chayn! Please carefully read the CONTRIBUTING.md file and the README.md file for guidance. Let us know if you have any questions. Good luck!

@kyleecodes
Copy link
Member

@haydnba you are assigned!

@haydnba haydnba mentioned this issue May 30, 2024
Draft
@haydnba
Copy link

haydnba commented Jun 2, 2024

Hello @eleanorreem @kyleecodes

I have implemented this ticket and opened a PR (currently in draft). As it stands this will break in production because the data that is required to make this check is not yet being provided by the backend... In particular:

  • The PartnerAdminGuard checks the partnerAdmin property of the authorised user held in state
  • The ticket suggests to look "at the state.partnerAdmin.active property"
  • Currently there is no such property since the backend does not yet append this data on the payload returned to the client on user authorisation

I think it is simple to remedy on Bloom Backend:

  • update the interface to include active at src/partner-admin/partner-admin.interface.ts
  • update the user payload formatter to include the active property on the appended partnerAdmin at src/utils/serialize.ts

Definitely likely I am missing something completely obvious but if not then I'd be very happy to create an issue and open the PR on Bloom Backend

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@haydnba haydnba

Labels
complexity: moderate Time needed to do this ticket will be moderate e.g. 1-2 days priority: soon Should be prioritized soon. reserved-volunteers This issue is reserved for members of Chayn's open-source volunteer program. state: approved Ready to go. Not blocked or pending.
Projects
Chayn Tech Volunteer Advancement
Status: In Progress
Milestone
02. Roadmaps
Development

No branches or pull requests
3 participants
@eleanorreem @haydnba @kyleecodes