fix: reviewed-user-sms-lock#16016
Conversation
|
@TaduJR is attempting to deploy a commit to the cal Team on Vercel. A member of the Team first needs to authorize it. |
github-actions
Bot
added
teams
Graphite Automations"Add community label" took an action on this PR • (07/31/24)1 label was added to this PR based on Keith Williams's automation. "Add consumer team as reviewer" took an action on this PR • (07/31/24)1 reviewer was added to this PR based on Keith Williams's automation. |
There was a problem hiding this comment.
Thanks for the PR @TaduJR , but I guess you are misunderstanding the issue. Your changes doesn't solve the issue.
This is where accounts are flagged and set for review. What we want is if an account was previously marked as reviewed and later unlocked by an admin, we do not want to mark it for review again
| @@ -16,6 +16,20 @@ type GetOptions = { | |||
| const setSMSLockState = async ({ input }: GetOptions) => { | |||
There was a problem hiding this comment.
This mutation is only called inside apps/web/pages/settings/admin/lockedSMS/lockedSMSView.tsx where admin can mark the user or team as LOCKED or UNLOCKED only. These changes aren't required
| const userToUpdate = await prisma.user.findUnique({ | ||
| where: { | ||
| id: userId, | ||
| }, | ||
| }); | ||
| if (!userToUpdate) { | ||
| throw new TRPCError({ code: "BAD_REQUEST", message: "User not found" }); | ||
| } | ||
| if (userToUpdate.smsLockState === SMSLockState.UNLOCKED) { | ||
| throw new TRPCError({ | ||
| code: "BAD_REQUEST", | ||
| message: "Re-review for unlocked user or team is not allowed", | ||
| }); | ||
| } |
There was a problem hiding this comment.
Also, this is not correct, you checked whether the user's smslockstate is unlocked or not, but all users smslockstate UNLOCKED by default in the database.
|
Hello @Amit91848, and @anikdhabal. Thank you so much for your comments and review. Now I fully understand the requirement. I will work on it. |
TaduJR
force-pushed
the
fix-reviewed-user-sms-lock
branch
from
875fbb5 to
0c4ef91
Compare
|
Hello @Amit91848. I have made a new push. But I have one question? As you can see I am throwing a trpc error for re-review sms. I think the trpc error is shown as toast on the frontend. Should continue on with the current approach? |
There was a problem hiding this comment.
Hello @Amit91848. I have made a new push. But I have one question? As you can see I am throwing a trpc error for re-review sms. I think the trpc error is shown as toast on the frontend. Should continue on with the current approach?
Hey @TaduJR , this is close but we don't want to throw errors as it will halt the process. If admin has reviewed and unlocked the team or user, that means it is safe and does not need to be reviewed or locked again.
| smsLockState SMSLockState @default(UNLOCKED) | ||
| OutOfOfficeReasons OutOfOfficeReason[] | ||
| smsLockState SMSLockState @default(UNLOCKED) | ||
| isSMSLockStateReviewedBefore Boolean @default(false) |
There was a problem hiding this comment.
NIT: Better variable naming
| isSMSLockStateReviewedBefore Boolean @default(false) | |
| reviewedByAdmin Boolean @default(false) |
|
Thank you so much @Amit91848. |
|
|
||
| if (userId) { | ||
| const user = await prisma.user.findUnique({ where: { id: userId, profiles: { none: {} } } }); | ||
| if (status === SMSLockState.REVIEW_NEEDED && user?.smsLockReviewedByAdmin) return; |
There was a problem hiding this comment.
| if (status === SMSLockState.REVIEW_NEEDED && user?.smsLockReviewedByAdmin) return; | |
| if (status === SMSLockState.UNLOCKED && user?.smsLockReviewedByAdmin) return; |
If it was unlocked by admin then we don't need to mark it for review or locked again
There was a problem hiding this comment.
I think this one needs to be if (user?.smsLockReviewedByAdmin) return; by removing SMSLockState.UNLOCKED condition because as you can see on changeSMSRateLimit function, the status (rate limiting type) is either LOCKED or REVIEW_NEED so no need to check for UNLOCKED.
| const team = await prisma.team.findUnique({ | ||
| where: { id: teamId, parentId: null, isOrganization: false }, | ||
| }); | ||
| if (status === SMSLockState.REVIEW_NEEDED && team?.smsLockReviewedByAdmin) return; |
There was a problem hiding this comment.
| if (status === SMSLockState.REVIEW_NEEDED && team?.smsLockReviewedByAdmin) return; | |
| if (status === SMSLockState.UNLOCKED && team?.smsLockReviewedByAdmin) return; |
Same here
| if (!userToUpdate) throw new TRPCError({ code: "BAD_REQUEST", message: "User not found" }); | ||
| const userUpdateInput = { | ||
| smsLockState: lock ? SMSLockState.LOCKED : SMSLockState.UNLOCKED, | ||
| ...(userToUpdate.smsLockState === SMSLockState.REVIEW_NEEDED && !lock | ||
| ? { smsLockReviewedByAdmin: true } | ||
| : {}), | ||
| }; |
There was a problem hiding this comment.
This is unnecessary. setSMSLockState is a privileged endpoint only accessible by admin, so you just have to update the reviewedByAdmin to true.
smsLockReviewedByAdmin means the LockState whether Reviewe_Needed, unlocked locked etc is being done by admin, so we will just mark it true no matter the state.
| data: { | ||
| smsLockState: lock ? SMSLockState.LOCKED : SMSLockState.UNLOCKED, | ||
| }, | ||
| data: userUpdateInput, |
There was a problem hiding this comment.
| data: userUpdateInput, | |
| data: { | |
| smsLockState: lock ? SMSLockState.LOCKED : SMSLockState.UNLOCKED, | |
| smsLockReviewedByAdmin: true, | |
| }, |
setSMSLockState is a privileged endpoint only accessible by admin, so you just have to update the reviewedByAdmin to true.
| if (!teamToUpdate) throw new TRPCError({ code: "BAD_REQUEST", message: "Team not found" }); | ||
| const teamUpdateInput = { | ||
| smsLockState: lock ? SMSLockState.LOCKED : SMSLockState.UNLOCKED, | ||
| ...(teamToUpdate.smsLockState === SMSLockState.REVIEW_NEEDED && !lock | ||
| ? { smsLockReviewedByAdmin: true } | ||
| : {}), | ||
| }; | ||
| const updatedTeam = await prisma.team.update({ | ||
| where: { | ||
| id: teamId, | ||
| }, | ||
| data: teamUpdateInput, | ||
| }); |
| if (!teamToUpdate) throw new TRPCError({ code: "BAD_REQUEST", message: "Team not found" }); | ||
| const teamUpdateInput = { | ||
| smsLockState: lock ? SMSLockState.LOCKED : SMSLockState.UNLOCKED, | ||
| ...(teamToUpdate.smsLockState === SMSLockState.REVIEW_NEEDED && !lock | ||
| ? { smsLockReviewedByAdmin: true } | ||
| : {}), | ||
| }; | ||
| const updatedTeam = await prisma.team.update({ | ||
| where: { | ||
| id: teamToUpdate.id, | ||
| }, | ||
| data: teamUpdateInput, | ||
| }); | ||
| return { name: updatedTeam.slug, locked: lock }; |
|
My pleasure @Amit91848. |
4 participants
What does this PR do?
Mandatory Tasks (DO NOT REMOVE)
How should this be tested?
Checklist