Add archived: false to queries for users and orgs (#790)

* Add archived: false to queries for users and orgs * Add archived: false to queries for users and orgs * Update roar-admin firestore indexes * Add indexes for groups and families * WIP: query users by archived status * Use assignment doc for administration info rather than seperate administration call * Add archived: false to queries for users and orgs * Update roar-admin firestore indexes * Add indexes for groups and families * WIP: query users by archived status * Change Clever signin back to redirect * Use assignment doc for administration info rather than seperate administration call * Remove data-cy from speed dial and use name in admin greeting * Use firekit method to get administrations * Remove unused computed properties * Update firekit * npm run lint * Refactor administrations fetcher to use cloud function that grabs only IDs * Remove console warning * Update firekit * Remove console.log statements * UpdateUserData should not use logged in user's ID * Update firestore rules * Use roarUid instead of uid for fetchDocById with collection = users * Add archived: false to queries for users and orgs * Update roar-admin firestore indexes * Add indexes for groups and families * WIP: query users by archived status * Change Clever signin back to redirect * Use assignment doc for administration info rather than seperate administration call * Remove data-cy from speed dial and use name in admin greeting * Use firekit method to get administrations * Update firekit * npm run lint * Refactor administrations fetcher to use cloud function that grabs only IDs * Remove console warning * Update firekit * Remove console.log statements * Update firestore rules * WIP: query users by archived status * UpdateUserData should not use logged in user's ID * Use roarUid instead of uid for fetchDocById with collection = users * Ensure fresh copy of assignment info * Update firestore indexes for admin project * Update firestore indexes * Fix administration query and ordering/filtering * Fix TOS race condition for administrators * Fix participant assent/consent * Remove default sort for score report * Add secondary sort for score report table * adding some minor error handling * fixing localeCompare on ScoreReport * Remove space between user display name and exclamation point * solving cypress test * making signInWIthcleverRedirect default * Add 'direct report' classes under districts in tree table orgs * Resolve legalDocs.some error * Add direct report classes to a special 'direct report' school * Add TODO comment --------- Co-authored-by: Elijah Kelly <kellyel@stanford.edu> Co-authored-by: emily-ejag <emily.artegar@gmail.com>
yeatmanlab · Oct 3, 2024 · 56db418 · 56db418
1 parent 0619297
commit 56db418
Show file tree

Hide file tree

Showing 21 changed files with 1,179 additions and 703 deletions.
diff --git a/firebase/LEVANTE/admin/firestore.rules b/firebase/LEVANTE/admin/firestore.rules
@@ -67,12 +67,13 @@ service cloud.firestore {
         allow read, write: if request.auth.uid == uid;
       }
 
-      function isUserAdmin() {
-        let districts = resource.data.get(['districts', 'current'], []);
-        let schools = resource.data.get(['schools', 'current'], []);
-        let classes = resource.data.get(['classes', 'current'], []);
-        let groups = resource.data.get(['groups', 'current'], []);
-        let families = resource.data.get(['families', 'current'], []);
+      function isUserAdmin(requireCurrent) {
+        let orgStatus = requireCurrent ? 'current' : 'all';
+        let districts = resource.data.get(['districts', orgStatus], []);
+        let schools = resource.data.get(['schools', orgStatus], []);
+        let classes = resource.data.get(['classes', orgStatus], []);
+        let groups = resource.data.get(['groups', orgStatus], []);
+        let families = resource.data.get(['families', orgStatus], []);
         let adminOrgs = get(/databases/$(database)/documents/userClaims/$(request.auth.uid)).data.get('claims', {}).get('adminOrgs', {});
         return districts.hasAny(adminOrgs.get('districts', ['..']))
         || schools.hasAny(adminOrgs.get('schools', ['..']))
@@ -82,7 +83,7 @@ service cloud.firestore {
       }
 
       function canReadExistingUser() {
-        return myData() || isUserAdmin();
+        return myData() || isUserAdmin(false) || isUserAdmin(true);
       }
 
       allow read: if canReadExistingUser();

diff --git a/firebase/LEVANTE/assessment/firestore.rules b/firebase/LEVANTE/assessment/firestore.rules
@@ -55,12 +55,13 @@ service cloud.firestore {
         return uid == roarUid();
       }
 
-      function isUserAdmin() {
-        let districts = resource.data.get(['districts', 'current'], []);
-        let schools = resource.data.get(['schools', 'current'], []);
-        let classes = resource.data.get(['classes', 'current'], []);
-        let groups = resource.data.get(['groups', 'current'], []);
-        let families = resource.data.get(['families', 'current'], []);
+      function isUserAdmin(requireCurrent) {
+        let orgStatus = requireCurrent ? 'current' : 'all';
+        let districts = resource.data.get(['districts', orgStatus], []);
+        let schools = resource.data.get(['schools', orgStatus], []);
+        let classes = resource.data.get(['classes', orgStatus], []);
+        let groups = resource.data.get(['groups', orgStatus], []);
+        let families = resource.data.get(['families', orgStatus], []);
         let adminOrgs = get(/databases/$(database)/documents/userClaims/$(request.auth.uid)).data.get('claims', {}).get('adminOrgs', {});
         return districts.hasAny(adminOrgs.get('districts', ['..']))
         || schools.hasAny(adminOrgs.get('schools', ['..']))
@@ -70,7 +71,7 @@ service cloud.firestore {
       }
 
       function canReadExistingUser() {
-        return myData() || isUserAdmin();
+        return myData() || isUserAdmin(false) || isUserAdmin(true);
       }
 
       allow read: if canReadExistingUser();