Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make sure global permissions are checked in the front- and back-end #177

Merged
merged 9 commits into from Sep 9, 2017

Conversation

@libre-man
Copy link
Collaborator

commented Sep 6, 2017

Description

Make sure can_edit_own_info, can_use_snippets and can_edit_own_password (new permission) is checked in the front- and back-end. This should close #174.

Checklist:

  • Linter & type checker OK
  • Tests
  • Added type information
  • Docs

Screenshot or -recording (if applicable)

@codecov

This comment has been minimized.

Copy link

commented Sep 6, 2017

Codecov Report

Merging #177 into master will increase coverage by 0.27%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #177      +/-   ##
==========================================
+ Coverage   91.79%   92.07%   +0.27%     
==========================================
  Files          22       22              
  Lines        2583     2573      -10     
==========================================
- Hits         2371     2369       -2     
+ Misses        212      204       -8
Impacted Files Coverage Δ
psef/models.py 98.38% <ø> (+1.37%) ⬆️
psef/v1/login.py 100% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c4d9cb0...37c8653. Read the comment docs.

@robindv robindv self-requested a review Sep 6, 2017

</b-input-group-button>
</b-input-group>
</b-form-fieldset>
<div v-if="canEdit">

This comment has been minimized.

Copy link
@olmokramer

olmokramer Sep 8, 2017

Collaborator

Why wouldn't someone be able to change their password?

This comment has been minimized.

Copy link
@libre-man

libre-man Sep 8, 2017

Author Collaborator

Because that is information about yourself. This should probably be an extra permission. I will add it.

This comment has been minimized.

Copy link
@olmokramer

olmokramer Sep 9, 2017

Collaborator

Well, I think you should ALWAYS be able to change your password. I'd also argue that is't not really information about yourself.

libre-man added 3 commits Sep 8, 2017

@libre-man libre-man changed the title Make sure `can_edit_own_info` is checked when updating user info Make sure global permissions are checked in the front- and back-end Sep 8, 2017

libre-man and others added 5 commits Sep 9, 2017
Fix failing tests updating user info
Now the given content is checked before the permissions, the tests
should reflect this.

@olmokramer olmokramer merged commit 967e91b into master Sep 9, 2017

5 checks passed

codecov/patch 100% of diff hit (target 91.79%)
Details
codecov/project 92.07% (+0.27%) compared to c4d9cb0
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
coverage/coveralls Coverage increased (+0.3%) to 92.072%
Details
pyup.io/safety-ci No dependencies with known security vulnerabilities.
Details

@olmokramer olmokramer deleted the fix-bug-can_edit_own_info-ignored branch Sep 12, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.