Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(user_role): Restrict updating user role to the same EntityType #6224

Merged
merged 1 commit into from
Oct 7, 2024
Merged

fix(user_role): Restrict updating user role to the same EntityType #6224

merged 1 commit into from
Oct 7, 2024

Conversation

ThisIsMani
Copy link
Contributor

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

  • Currently update user role API allows updating a merchant level user role to profile level, which should not be possible.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #6222.

How did you test it?

curl --location 'http://localhost:8080/user/user/update_role' \
--header 'Authorization: JWT' \
--data-raw '{
    "email": "merchant level user email",
    "role_id": "profile_admin"
}'

This call should throw the following error.

{
    "error": {
        "type": "invalid_request",
        "message": "User Role Operation Not Supported",
        "code": "UR_23"
    }
}

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@ThisIsMani ThisIsMani added C-bug Category: Bug S-waiting-on-review Status: This PR has been implemented and needs to be reviewed A-users Area: Users labels Oct 4, 2024
@ThisIsMani ThisIsMani self-assigned this Oct 4, 2024
@ThisIsMani ThisIsMani requested a review from a team as a code owner October 4, 2024 08:16
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Oct 4, 2024
edited
Loading

Review changes with SemanticDiff.

Analyzed 1 of 1 files.

Filename Status
✔️ crates/router/src/core/user_role.rs Analyzed

@likhinbopanna likhinbopanna added this pull request to the merge queue Oct 7, 2024
@likhinbopanna likhinbopanna removed the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Oct 7, 2024
Merged via the queue into main with commit b499287 Oct 7, 2024
17 checks passed
@likhinbopanna likhinbopanna deleted the update-user-role-fix branch October 7, 2024 14:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@racnan racnan racnan approved these changes

@Riddhiagrawal001 Riddhiagrawal001 Riddhiagrawal001 approved these changes

Assignees

@ThisIsMani ThisIsMani

Labels
A-users Area: Users C-bug Category: Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug(user_roles): Restrict updating user_roles to the same entity level
4 participants
@ThisIsMani @Riddhiagrawal001 @racnan @likhinbopanna