Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add role and permission guard decorators to some existing routes #112

Merged
merged 10 commits into from
Mar 19, 2024

Conversation

cherylli
Copy link
Contributor

@cherylli cherylli commented Mar 7, 2024

Description

Add role and permission guard decorators to all routes except sprints, resources, and part of ideations, as I would like to look at adding additional permissions for these routes.

TODO - for future, not in this PR
#112 (comment)

Issue link

Fixes # (issue)

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • Feature updates / changes
  • Tests
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

image

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules
  • I have updated the change log

siasktv
siasktv previously approved these changes Mar 8, 2024
Copy link
Contributor

@siasktv siasktv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow, this look like a massive amount of work. All tests passed!

Copy link
Contributor

@timDeHof timDeHof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we have tests for the guards?

@cherylli
Copy link
Contributor Author

cherylli commented Mar 8, 2024

do we have tests for the guards?

yes we should have e2e tests on each endpoint for the permission, but I think we might need to go through each of them and add more soon, as i'm thinking to add more permissions

But I don't think we have tests for the role guard

@cherylli cherylli marked this pull request as draft March 11, 2024 02:28
@cherylli
Copy link
Contributor Author

I decided to only add role check for forms (also did some refactoring while i'm there) because

  • ideations: will need to redo to match our current format/standard, too much for this PR
  • teams: has no tests yet so it would be another PR itself to add the tests

Resources, sprints, users endpoints I have not touched so I don't intervere with the tests Josh, Curt, and Piero are working on - will need to add decorators to them - also because I want to add more permissions for these endpoints

image

@cherylli cherylli marked this pull request as ready for review March 11, 2024 14:15
@cherylli cherylli requested a review from timDeHof March 11, 2024 14:16
@cherylli cherylli marked this pull request as draft March 11, 2024 14:26
@cherylli
Copy link
Contributor Author

cherylli commented Mar 11, 2024

back to draft again - I want to add missing swagger docs to the forms endpoints

@cherylli
Copy link
Contributor Author

ready for review again
image
image

@cherylli cherylli marked this pull request as ready for review March 12, 2024 11:32
Copy link
Contributor

@timDeHof timDeHof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like how you moved the utility functions to a separate file. We should properly do something similar to the function in the other test files.

Copy link
Contributor

@curtwl curtwl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully gave 403 for non-admin logged in user

@cherylli cherylli requested a review from timDeHof March 16, 2024 03:28
Copy link
Contributor

@timDeHof timDeHof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great job! looks really clean.

@cherylli cherylli merged commit 231fa53 into dev Mar 19, 2024
1 check passed
@cherylli cherylli deleted the chore/decorators branch March 19, 2024 01:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants