-
Notifications
You must be signed in to change notification settings - Fork 12k
Closed
Labels
apiarea: API, enterprise API, access token, OAutharea: API, enterprise API, access token, OAuthevent-typesarea: event types, event-typesarea: event types, event-typesplatformAnything related to our platform planAnything related to our platform plan✨ featureNew feature or requestNew feature or request
Description
Problem
Platform customer has requested a setting on event type that if set to true will require admin auth when booking that event type.
Solution
Add a new property on the EventType model that can be updated via api and then during booking check if credentials of a user with sufficient permissions are provided.
Implementation
- Add a new property
bookingRequiresAuthenticationfor theEventTypein schema.prisma . - Allow toggling this property via create-event-type.input.ts and update-event-type.input.ts inputs and then the output is event-type.output.ts.
- Add optional auth to bookings.controller.ts and pass optional auth user to bookings.service.ts that calls newly added function
checkBookingRequiresAuthenticationSetting. IfbookingRequiresAuthenticationis true then booking will be only allowed if auth is passed and the auth credential belongs to either:- owner of the event type
- system admin
- host of the event type
- admin or owner of team to which event type belongs
- organization admin or owner of an organization to which event type owner belongs to
- Add tests in managed-user-bookings.e2e-spec.ts testing that if
bookingRequiresAuthenticationis true that it can be booked using owner of event type, org admin but not using credential of other managed user that is a simple org member and has no connection to the event type.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
apiarea: API, enterprise API, access token, OAutharea: API, enterprise API, access token, OAuthevent-typesarea: event types, event-typesarea: event types, event-typesplatformAnything related to our platform planAnything related to our platform plan✨ featureNew feature or requestNew feature or request