feat(authz): [FC-0099] create LibrariesUserManager view to manage roles for a specific user #6
Conversation
openedx-webhooks
added
open-source-contribution
|
Thanks for the pull request, @dcoa! This repository is currently maintained by Once you've gone through the following steps feel free to tag them in a comment and let them know that your changes are ready for engineering review. 🔘 Get product approvalIf you haven't already, check this list to see if your contribution needs to go through the product review process.
🔘 Provide contextTo help your reviewers and other members of the community understand the purpose and larger context of your changes, feel free to add as much of the following information to the PR description as you can:
🔘 Get a green buildIf one or more checks are failing, continue working on your changes until this is no longer the case and your build turns green. Where can I find more information?If you'd like to get more details on all aspects of the review process for open source pull requests (OSPRs), check out the following resources: When can I expect my changes to be merged?Our goal is to get community contributions seen and reviewed as efficiently as possible. However, the amount of time that it takes to review and merge a PR can vary significantly based on factors such as:
💡 As a result it may take up to several weeks or months to complete a review and merge your PR. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #6 +/- ##
==========================================
- Coverage 90.71% 89.96% -0.75%
==========================================
Files 19 25 +6
Lines 183 269 +86
Branches 23 41 +18
==========================================
+ Hits 166 242 +76
- Misses 17 27 +10 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
dcoa
force-pushed
the
dcoa/user-details-view
branch
from
4e15265 to
e9a86ff
Compare
dcoa
changed the title
dcoa
force-pushed
the
dcoa/user-details-view
branch
from
e9a86ff to
03e57cf
Compare
dcoa
changed the title
This is a reusable component, that display a card for each role with a collapsible showing the associated permissions. The permissions, are organized by resource and enable/disable.
dcoa
force-pushed
the
dcoa/user-details-view
branch
from
03e57cf to
591f12b
Compare
|
@arbrandes @jacobo-dominguez-wgu I rebased this PR, it is ready for review!! |
|
Trying to test this. As per the instructions on #3, I pip installed After creating a library - it's supposed to be a "new" library, right? - and going to the proper URL on port 2025, though, I'm getting a Alternatively, if |
|
Sorry @arbrandes, the backend is not fully with libraries API yet so it is not granted permissions at the time a library is created, we need to assign the those manually. I will explain how:
{
"role": "library_admin",
"scope": "<libraryId>",
"users": [
"<username>"
]
}
I will left the mocking data as well just in case, please replace library_id with the proper value Endpoint: http://local.openedx.io:8000/api/authz/v1/permissions/validate/me [
{
"action": "view_library_team",
"scope": "<library_id>",
"allowed": true
},
{
"action": "manage_library_team",
"scope": "<library_id>",
"allowed": true
}
]Endpoint: http://local.openedx.io:8000/api/authz/v1/roles/?scope=library_id Endpoint http://local.openedx.io:8000/api/authz/v1/roles/users/?scope=library_id {
"count": 7,
"next": null,
"previous": null,
"results": [
{
"username": "admin",
"full_name": "",
"email": "admin@edunext.co",
"roles": [
"library_admin"
]
},
{
"username": "test4",
"full_name": "",
"email": "test4@example.com",
"roles": [
"library_admin"
]
},
{
"username": "test5",
"full_name": "",
"email": "test5@example.com",
"roles": [
"library_author"
]
},
{
"username": "test6",
"full_name": "",
"email": "test6@example.com",
"roles": [
"library_author"
]
},
{
"username": "test7",
"full_name": "",
"email": "test7@example.com",
"roles": [
"library_collaborator"
]
},
{
"username": "test8",
"full_name": "",
"email": "test8@example.com",
"roles": [
"library_author"
]
},
{
"username": "test9",
"full_name": "",
"email": "test9@example.com",
"roles": [
"library_author"
]
}
]
} |
arbrandes
left a comment
arbrandes
left a comment
There was a problem hiding this comment.
This looks fine in general. I had a question and a nit: see below.
More importantly, though, I'm seeing a mismatch between the backend roles/permissions and what the frontend seems to expect. Notably, the openedx_authz backend reports that the library author can edit_library (see first screenshot), but the frontend seems to expect edit_library_content. What gives?
vs
| title: string; | ||
| userCounter?: number | null; | ||
| } | ||
| interface RoleCardProps extends CardTitleProps { |
There was a problem hiding this comment.
Nit: missing empty line
| interface RoleCardProps extends CardTitleProps { | |
| interface RoleCardProps extends CardTitleProps { |
|
|
||
| interface CardTitleProps { | ||
| title: string; | ||
| userCounter?: number | null; |
There was a problem hiding this comment.
I don't see this property being actually passed down, anywhere. The only instance of RoleCard is in LibrariesUserManager, and it doesn't seem to need userCounter. Will a use for it be added later?
There was a problem hiding this comment.
Yes, this is a reusable component that displays actions when is in the LibrariesUserManagement view, and information when is in the LibrariesTeamManager view.
The use of the prop is relevant for a different PR #7
@arbrandes, the expected map of roles and permissions are described here https://openedx-authz.readthedocs.io/en/latest/concepts/core_roles_and_permissions/content_library_roles.html#roles-and-permissions-summary-table The PR that integrates the final policy openedx/openedx-authz#92 is not merged, creating the described discrepancy. |
| @@ -0,0 +1,87 @@ | |||
| import { fireEvent, screen } from '@testing-library/react'; | |||
There was a problem hiding this comment.
We are promoting the use userEvent instead of fireEvent to handle user interactions since it simulates a full user interaction, rather than just a single event, leading to more realistic and robust tests https://testing-library.com/docs/user-event/intro/
| const CardTitle = ({ title, userCounter }: CardTitleProps) => ( | ||
| <div className="d-flex align-items-center"> | ||
| <span className="mr-4 text-primary">{title}</span> | ||
| {userCounter !== null && userCounter !== undefined && ( |
There was a problem hiding this comment.
If you just do userCounter !== null handles both null and undefined cases due to JavaScripts loose equality comparison, so it makes the code a bit easier to read.
| iconBefore={Edit} | ||
| variant="link" | ||
| size="sm" | ||
| // TODO: update the view with the team member view |
There was a problem hiding this comment.
Is this TODO still valid?
|
You need to fix a lint error before we merge. |
dcoa
force-pushed
the
dcoa/user-details-view
branch
from
be0ccae to
bcdb656
Compare
github-project-automation
bot
moved this from Ready for Review
to Done
in Contributions
6 participants
Create
LibrariesUserManagerview to manage roles for a specific userDescription
This PR introduces a second view for managing user roles and permissions. When a team member is selected via the edit button in the table, the user is redirected to this new view to configure their roles and permissions.
Warning
This PR depends on #5 for getting the roles and permissions metadata.
Changes overview
Linkcomponent in the Layout to manage theBreadcrumbsredirections.RoleCardcomponent that displays individual roles in a card layout. Each card includes a collapsible section listing the associated permissions, organized by resource.LibrariesUserManagerview to manage a specific user role assignment and integrate it in the module router.Out of scope
Evidence
2025-10-02.19-39-35.mov
Testing instructions
npm run devCORS_WHITELISTin both LMS/CMS settings.pyhttp://apps.local.openedx.io:2025/admin-console/authz/libraries/:libraryId/authz/*queries, you can use 2 optionsbaseUrlwith your service and, changegetAuthenticatedHttpClienttogetHttpClientto avoid user checks from the backend.Additional information