Automatically grant COMS permissions for new users #130
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kyle1morel
requested review from
wilwong89,
sanjaytkbabu and
qhanson55
as code owners
Coverage Report (Frontend)
|
Coverage Report (Application)
|
jujaga
reviewed
Aug 19, 2024
app/src/services/coms.ts
Outdated
Comment on lines
56
to
62
| async getObject(bearerToken: string | null | undefined, objectId: string) { | ||
| const { status, headers, data } = await comsAxios({ | ||
| responseType: 'arraybuffer', | ||
| headers: { Authorization: incomingHeaders.authorization } | ||
| headers: { Authorization: `Bearer ${bearerToken}` } | ||
| }).get(`/object/${objectId}`); | ||
| return { status, headers, data }; | ||
| }, |
There was a problem hiding this comment.
Safety: There should be a conditional if here to drop the Authorization header completely if bearerToken is either null or undefined.
| async getObjects(incomingHeaders: IncomingHttpHeaders, objectIds: Array<string>) { | ||
| const { data } = await comsAxios({ headers: { Authorization: incomingHeaders.authorization } }).get('/object', { | ||
| async getObjects(bearerToken: string | null | undefined, objectIds: Array<string>) { | ||
| const { data } = await comsAxios({ headers: { Authorization: `Bearer ${bearerToken}` } }).get('/object', { |
There was a problem hiding this comment.
Safety: There should be a conditional if here to drop the Authorization header completely if bearerToken is either null or undefined.
| @@ -22,7 +22,7 @@ afterEach(() => { | |||
| jest.resetAllMocks(); | |||
| }); | |||
|
|
|||
| const CURRENT_CONTEXT = { authType: 'BEARER', tokenPayload: null, userId: 'abc-123' }; | |||
| const CURRENT_CONTEXT = { authType: 'BEARER', bearerToken: 'sometoken', tokenPayload: null, userId: 'abc-123' }; | |||
There was a problem hiding this comment.
Test coverage: Consider testing scenarios where the bearerToken has a falsy value (null and/or undefined) and making sure that your code is still behaving as anticipated.
wilwong89
approved these changes
Aug 26, 2024
kyle1morel
force-pushed
the
feature/coms-perms
branch
from
7ad5bbd to
5bc339e
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Using the updated COMS API, this implementation allows the system to impersonate the current user and grant themselves access to the PCNS bucket based on their given group in the RBAC.
https://apps.nrs.gov.bc.ca/int/jira/browse/PADS-239
Types of changes
New feature (non-breaking change which adds functionality)
Checklist
Further comments