Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added permissions required to upload images #3988

Merged
merged 1 commit into from
Jun 4, 2024
Merged

Added permissions required to upload images #3988

merged 1 commit into from
Jun 4, 2024

Conversation

litvinovg
Copy link
Collaborator

@litvinovg litvinovg commented May 29, 2024
edited
Loading

VIVO GitHub issue

Vitro PR

What does this pull request do?

Added permissions required to upload main images.

How should this be tested?

  • Reproduce the issue
  • Test that users with following roles able to upload/remove images: Admin, Curator, Editor, Self editor

Interested parties

@VIVO-project/vivo-committers

Reviewers' expertise

Candidates for reviewing this PR should have some of the following expertises:

  1. Access control

Reviewers' report template

General comment

A reviewer should provide here comments and suggestions for requested changes if any.

Testing

A reviewer should briefly describe here how it was tested

Code reviewing

A reviewer should briefly describe here which part was code reviewed

@litvinovg litvinovg requested a review from chenejac May 29, 2024 06:57
@litvinovg litvinovg mentioned this pull request May 29, 2024
Merged
@litvinovg litvinovg linked an issue May 29, 2024 that may be closed by this pull request
Image uploads #3987
Closed
@chenejac chenejac requested review from gneissone and balmas May 29, 2024 07:01
balmas
balmas approved these changes May 29, 2024
View reviewed changes
Copy link

@balmas balmas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can verify that this works. I tested for all role types (admin, curator, editor, self-editor) and confirm that before loading the new property files only the root user was able to add/edit/delete the profile image and after loading the new property files each role type had the ability to add/edit/delete the profileImage (where appropriate for that role/profile combination). Tested mainly in wilma theme but did a quick test with the self-editor role type in the other themes as well).

It would be ideal if there were an integration test to validate that all of the properties needed to support the default functionality of the webapp are there. It looks like the Selenium tests haven't been updated/used in years. Not sure if there is another approach that would be easy to implement.

@gneissone
Copy link
Member

I built with the changes to VIVO and Vitro but still cannot see the image when logged out. @balmas were you also able to view the images when completely logged out and after doing a hard refresh on the page? Or in incognito/private mode?

@balmas
Copy link

balmas commented May 29, 2024

Oh, that's a good catch. I didn't try to do a hard refresh after logout. You are correct, they are not visible in that case.

balmas
balmas suggested changes May 29, 2024
View reviewed changes
Copy link

@balmas balmas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Changing Review status to Request changes, as noted by @gneissone the uploaded images aren't visible to public users

@litvinovg litvinovg requested a review from balmas May 30, 2024 06:38
@litvinovg
Copy link
Collaborator Author

Thanks for catching that! I updated permission sets. Please test one more time.

balmas
balmas approved these changes May 31, 2024
View reviewed changes
Copy link

@balmas balmas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Retested and confirm that can now view the profile images as a public (non-logged in user), and image editing capabilities remain correct for all other user role types.

gneissone
gneissone approved these changes Jun 3, 2024
View reviewed changes
Copy link
Member

@gneissone gneissone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and appears to work as expected now, thanks!

@chenejac chenejac merged commit 0226925 into vivo-project:main Jun 4, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@balmas balmas balmas approved these changes

@gneissone gneissone gneissone approved these changes

@chenejac chenejac Awaiting requested review from chenejac

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Image uploads
4 participants
@litvinovg @gneissone @balmas @chenejac