Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Company - Filter response data based on user #95

Open
Anclagen opened this issue Jun 8, 2023 · 1 comment
Open

Company - Filter response data based on user #95

Anclagen opened this issue Jun 8, 2023 · 1 comment

Comments

@Anclagen
Copy link
Contributor

Anclagen commented Jun 8, 2023

A regular user should be able to see a company and its public details, but an admin to that company should have access to view more information regarding its listings, applications and offers.
@chrisbekk chrisbekk assigned chrisbekk and unassigned chrisbekk Jan 17, 2024
@chrisbekk
Copy link

A solution for this issue seems to be related to the controller, specifically findCompanyById.js. When a user queries the database, a generic response is returned, where some company data is excluded by default.

Screenshot 2024-01-19 at 11 58 42

As the image above illustrates, verifiedAdminis set to false by default, but a logic check is never run in order to change this value depending on the user's role. A solution to this issue is therefore to inject an if-block and check if the user is of role 'admin' or not, and change the value of verifiedAdmin according to this check.

Screenshot 2024-01-19 at 11 59 31

It looks like this solution was already thought about when the code was written, but it was never fully implemented.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Backend Team Board
Status: 📋 To do
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Anclagen @chrisbekk