152 create a permission group for users #154
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Azure Static Web Apps: Your stage site is ready! Visit it here: https://icy-flower-095494b10-154.centralus.azurestaticapps.net |
nhaydel
reviewed
Feb 9, 2023
| @@ -76,10 +76,9 @@ const AppContextProvider: React.FC = ({ | |||
|
|
|||
| const isRuleModifiable = useCallback( | |||
| () => | |||
| !isRuleSelected() || | |||
| (user && creator && user.id === creator.id) || | |||
| (user && user.permissions) || | |||
There was a problem hiding this comment.
Is it possible that a user is not in the group? And if so can they still edit rules?
There was a problem hiding this comment.
If a user is not in the group, user.write_allowed is false.
Users with a cdiscid who are not in the group will be able to view but not edit rules, unless:
- they are in CDISC company,
- CORE_AUTHOR_GROUP is not specified for the env (for training env)
nhaydel
reviewed
Feb 9, 2023
src/types/IUser.ts
Outdated
| @@ -2,4 +2,5 @@ export interface IUser { | |||
| id: string; | |||
| name?: string; | |||
| company?: string; | |||
| permissions?: boolean; | |||
There was a problem hiding this comment.
since this is a boolean, should this name be more descriptive like "write_allowed"?
|
Azure Static Web Apps: Your stage site is ready! Visit it here: https://icy-flower-095494b10-154.centralus.azurestaticapps.net |
nhaydel
approved these changes
Feb 9, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See the connected Issue for details and acceptance criteria.
To test, you will need to run the static webapp locally.
To simulate the prod env (restricted write access), you will need to add this env var to local.setting.json:
To simulate the training env (all users have write access), do not add the env var.
When you login to the local SWA, it will request User ID and User's claims.
For write permissions, one of the two will need to be true:
[ { "typ": "name", "val": "Gerry Campion" }, { "typ": "extension_CompanyName", "val": "CDISC" } ]If a user does not have write permissions, they should only be able to view/test rules. If they have write permissions, they should be able to do everything else, like modify, save, publish.
I've created a new related issue for securing the API: #153
Note that this issue has always existed and is not newly introduced by this update.