-
Notifications
You must be signed in to change notification settings - Fork 347
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hide the Delete User button for users who don't have access to do it #6660
Comments
This is the function that controls the visibility of the delete button const showDelete = (user: any) => {
const STATE_ADMIN_LEVEL = USER_TYPES.indexOf("StateAdmin");
const STATE_READ_ONLY_ADMIN_LEVEL =
USER_TYPES.indexOf("StateReadOnlyAdmin");
const DISTRICT_ADMIN_LEVEL = USER_TYPES.indexOf("DistrictAdmin");
const level = USER_TYPES.indexOf(user.user_type);
const currentUserLevel = USER_TYPES.indexOf(authUser.user_type);
if (user.is_superuser) return true;
if (currentUserLevel >= STATE_ADMIN_LEVEL)
return user.state_object?.id === authUser.state;
if (
currentUserLevel < STATE_READ_ONLY_ADMIN_LEVEL &&
currentUserLevel >= DISTRICT_ADMIN_LEVEL &&
currentUserLevel > level
)
return facilityData?.district_object_id === authUser.district;
return false;
}; Reproducing the issue, I can see that the delete button is visible because the 3rd |
@ayush-seth coronasafe/care@0cbff7c has changed the restriction to much simpler, only "StateAdmin" user can delete other users. |
This change was not reflected in front-end. Hence the issue. |
cool, I can take this up. Can you assign it to me? @rithviknishad |
Describe the bug
Currently district admin and above have a delete user button shown in the view users in facilities, even though they don't have permission to delete it
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Hide the delete user button for users, who don't have permission to do it
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: