Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only allow >=DistrictAdmin to clear home facility #1198

Merged
merged 2 commits into from
Feb 21, 2023
Merged

Only allow >=DistrictAdmin to clear home facility #1198

merged 2 commits into from
Feb 21, 2023

Conversation

Ashesh3
Copy link
Member

@Ashesh3 Ashesh3 commented Feb 21, 2023

According to issue coronasafe/care_fe#4820 , only user with district admin or above access (not read-only users) should be able to clear the home facility from a user. They are the same set of users who can link facilities and set home facilities.

This PR changes the permissions required to clear the home facility to allow only >=DistrictAdmin excluding the read only user types.

@coronasafe/code-reviewers

@Ashesh3 Ashesh3 requested a review from a team as a code owner February 21, 2023 04:49
@gigincg
Copy link
Member

gigincg commented Feb 21, 2023

@Ashesh3 But a District Admin should not be able to clear access for a State Admin. Is that edge handled here?

@Ashesh3
Copy link
Member Author

Ashesh3 commented Feb 21, 2023

@Ashesh3 But a District Admin should not be able to clear access for a State Admin. Is that edge handled here?

Should be fixed. I didn't infer the edge case from the linked issue which stated that any user >= District admin should be able to clear home facility of any other user.

@sonarcloud
Copy link

sonarcloud bot commented Feb 21, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@codecov-commenter
Copy link

Codecov Report

Base: 56.05% // Head: 56.04% // Decreases project coverage by -0.01% ⚠️

Coverage data is based on head (71bdab6) compared to base (a55502e).
Patch coverage: 33.33% of modified lines in pull request are covered.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1198      +/-   ##
==========================================
- Coverage   56.05%   56.04%   -0.01%     
==========================================
  Files         174      174              
  Lines        8788     8791       +3     
  Branches     1515     1516       +1     
==========================================
+ Hits         4926     4927       +1     
- Misses       3808     3810       +2     
  Partials       54       54
Impacted Files Coverage Δ
care/users/api/viewsets/users.py 51.68% <33.33%> (-0.32%) ⬇️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@vigneshhari vigneshhari merged commit 3650cc9 into coronasafe:master Feb 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vigneshhari vigneshhari vigneshhari approved these changes

Assignees
No one assigned
Labels
waiting-for-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Ashesh3 @gigincg @codecov-commenter @vigneshhari