-
Notifications
You must be signed in to change notification settings - Fork 929
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Authorization for Profile Actions & Limit Data exposure #908
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Ignored Deployment
|
Thank you for following the naming conventions for pull request titles! 🙏 |
@@ -52,7 +50,7 @@ function DeleteAccountModal({ setOpen, open, session, profile }: DeleteAccountMo | |||
const deleteAccount = async () => { | |||
try { | |||
setDeleting(true); | |||
await profileDeleteAction(profile.id); | |||
await profileDeleteAction(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please rename to deleteProfileAction
@@ -19,7 +19,7 @@ export function EditName({ profile }: { profile: TProfile }) { | |||
className="w-full max-w-sm items-center" | |||
onSubmit={handleSubmit(async (data) => { | |||
try { | |||
await profileEditAction(profile.id, data); | |||
await profileEditAction(data); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please rename to updateProfileAction
737576a
to
9d0ad38
Compare
9d0ad38
to
636731d
Compare
* feat: authzn and limit sensitive info from profile actions * fix: work on suggested changes
* feat: authzn and limit sensitive info from profile actions * fix: work on suggested changes
* feat: authzn and limit sensitive info from profile actions * fix: work on suggested changes
What does this PR do?
Edit and Delete is now done for the user by fetching from the server session rather than a client side passed parameter.
Also a couple of services did not have the response selection hence were returning passwords/other non reqd user fields. That has also been tackled in this.
Type of change
Checklist
pnpm build
console.logs
git pull origin main