Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Zhifan Created Pause User Permission #1196

Open
wants to merge 4 commits into
base: development
Choose a base branch
from
Open

Zhifan Created Pause User Permission #1196

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
50851b6
Zhifan Created Pause User Permission
mashpotato9 Jan 8, 2025
0ae4ca9
Ioslated pause feature from changeUserStatus function
mashpotato9 Jan 14, 2025
79e338c
Added new pause function to route
mashpotato9 Jan 14, 2025
52779c0
added new function to router
mashpotato9 Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 79 additions & 4 deletions src/controllers/userProfileController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,8 @@ const userProfileController = function (UserProfile, Project) {
};

const getUserProfiles = async function (req, res) {
if (!(await checkPermission(req, 'getUserProfiles'))) {
if (!(await checkPermission(req, 'getUserProfiles') ||
await checkPermission(req, 'pauseResumeUser'))) {
Comment on lines +172 to +173
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if (!(await checkPermission(req, 'getUserProfiles') ||
await checkPermission(req, 'pauseResumeUser'))) {
if (!(await checkPermission(req, 'getUserProfiles'))) {

You could have someone without 'getUserProfiles' where you only want them to be able to pause people on their team or people otherwise accessible without needing access to everyone.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Team leaders should not be able to pause people on their team. Confirmed with Jae that people with permission to pause anyone should have access to the user management page, which fetches all users.

forbidden(res, 'You are not authorized to view all users');
return;
}
Expand Down Expand Up @@ -1201,7 +1202,7 @@ const userProfileController = function (UserProfile, Project) {
const changeUserStatus = async function (req, res) {
const { userId } = req.params;
const status = req.body.status === 'Active';
const activationDate = req.body.reactivationDate;
// const activationDate = req.body.reactivationDate;
const { endDate } = req.body;
const isSet = req.body.isSet === 'FinalDay';
let activeStatus = status;
Expand Down Expand Up @@ -1265,7 +1266,7 @@ const userProfileController = function (UserProfile, Project) {
.then((user) => {
user.set({
isActive: activeStatus,
reactivationDate: activationDate,
// reactivationDate: activationDate,
endDate,
isSet,
finalEmailThreeWeeksSent: emailThreeWeeksSent,
Expand All @@ -1292,7 +1293,8 @@ const userProfileController = function (UserProfile, Project) {
user.email,
recipients,
isSet,
activationDate,
// activationDate,
null,
emailThreeWeeksSent,
);
auditIfProtectedAccountUpdated(
Expand All @@ -1315,6 +1317,78 @@ const userProfileController = function (UserProfile, Project) {
});
};

const pauseResumeUser = async function (req, res) {
const { userId } = req.params;
const activationDate = req.body.reactivationDate;
const status = req.body.status === 'Active';

if (!mongoose.Types.ObjectId.isValid(userId)) {
res.status(400).send({
error: 'Bad Request',
});
return;
}

const canEditProtectedAccount = await canRequestorUpdateUser(
req.body.requestor.requestorId,
userId,
);

if (
!((await hasPermission(req.body.requestor, 'pauseResumeUser')) && canEditProtectedAccount)
) {
if (PROTECTED_EMAIL_ACCOUNT.includes(req.body.requestor.email)) {
logger.logInfo(
`Unauthorized attempt to change protected user status. Requestor: ${req.body.requestor.requestorId} Target: ${userId}`,
);
}
res.status(403).send('You are not authorized to change user status');
return;
}

cache.removeCache(`user-${userId}`);

UserProfile.findById(userId, 'isActive email firstName lastName')
.then((user) => {
user.set({
isActive: status,
reactivationDate: activationDate,
});

user
.save()
.then(() => {
const isUserInCache = cache.hasCache('allusers');
if (isUserInCache) {
const allUserData = JSON.parse(cache.getCache('allusers'));
const userIdx = allUserData.findIndex((users) => users._id === userId);
const userData = allUserData[userIdx];
userData.isActive = user.isActive;
allUserData.splice(userIdx, 1, userData);
cache.setCache('allusers', JSON.stringify(allUserData));
}

auditIfProtectedAccountUpdated(
req.body.requestor.requestorId,
user.email,
null,
null,
'UserStatusUpdate',
);

res.status(200).send({
message: 'status updated',
});
})
.catch((error) => {
res.status(500).send(error);
});
})
.catch((error) => {
res.status(500).send(error);
});
};

const changeUserRehireableStatus = async function (req, res) {
const { userId } = req.params;
const { isRehireable } = req.body;
Expand Down Expand Up @@ -1904,6 +1978,7 @@ const userProfileController = function (UserProfile, Project) {
getTeamMembersofUser,
getProjectMembers,
changeUserStatus,
pauseResumeUser,
resetPassword,
getUserByName,
getAllUsersWithFacebookLink,
Expand Down
2 changes: 2 additions & 0 deletions src/routes/userProfileRouter.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,8 @@ const routes = function (userProfile, project) {
.delete(controller.deleteUserProfile)
.patch(controller.changeUserStatus);

userProfileRouter.route('/userProfile/:userId/pause').patch(controller.pauseResumeUser);

userProfileRouter.route('/userProfile/name/:name').get(controller.getUserByName);

userProfileRouter
Expand Down
2 changes: 2 additions & 0 deletions src/utilities/createInitialPermissions.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ const permissionsRoles = [
'putUserProfileImportantInfo',
'changeUserStatus',
'changeUserRehireableStatus',
'pauseResumeUser',
'updatePassword',
'deleteUserProfile',
'toggleInvisibility',
Expand Down Expand Up @@ -184,6 +185,7 @@ const permissionsRoles = [
'manageTimeOffRequests',
'changeUserRehireableStatus',
'changeUserStatus',
'pauseResumeUser',
'seeBadges',
'assignBadges',
'createBadges',
Expand Down
Loading