Skip to content

Comments

fix: Hosts not able to cancel/reschedule the event when Disable Rescheduling/Cancelling is enabled#22281

Closed
asadath1395 wants to merge 39 commits intocalcom:mainfrom
asadath1395:fix/disable-rescheduling-cancelling
Closed

fix: Hosts not able to cancel/reschedule the event when Disable Rescheduling/Cancelling is enabled#22281
asadath1395 wants to merge 39 commits intocalcom:mainfrom
asadath1395:fix/disable-rescheduling-cancelling

Conversation

@asadath1395
Copy link
Contributor

@asadath1395 asadath1395 commented Jul 7, 2025
edited
Loading

What does this PR do?

Hosts not able to cancel/reschedule the event when Disable Rescheduling/Cancelling is enabled

Visual Demo (For contributors especially)

Before

https://www.loom.com/share/bf768bc270e04c48b37ec8d9379a8a0a?sid=c4fa7153-8794-47ef-8320-f42252c880b3

After

https://www.loom.com/share/5b130406f3364ec591764672e8a9660a?sid=6c02726f-84c4-4862-b08b-aed83d956c4f

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. If N/A, write N/A here and check the checkbox.
  • I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

Check the videos above

@asadath1395 asadath1395 requested a review from a team as a code owner July 7, 2025 06:03
@vercel
Copy link

vercel bot commented Jul 7, 2025

@asadath1395 is attempting to deploy a commit to the cal Team on Vercel.

A member of the Team first needs to authorize it.

@graphite-app graphite-app bot added the community Created by Linear-GitHub Sync label Jul 7, 2025
@graphite-app graphite-app bot requested a review from a team July 7, 2025 06:03
@github-actions github-actions bot added Public 🐛 bug Something isn't working 🧹 Improvements Improvements to existing features. Mostly UX/UI labels Jul 7, 2025
@dosubot dosubot bot added the bookings area: bookings, availability, timezones, double booking label Jul 7, 2025
@graphite-app
Copy link

graphite-app bot commented Jul 7, 2025

Graphite Automations

"Add consumer team as reviewer" took an action on this PR • (07/07/25)

1 reviewer was added to this PR based on Keith Williams's automation.

"Add community label" took an action on this PR • (07/07/25)

1 label was added to this PR based on Keith Williams's automation.

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jul 7, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cubic found 2 issues across 6 files. Review them in cubic.dev

React with 👍 or 👎 to teach cubic. Tag @cubic-dev-ai to give specific feedback.

apps/web/playwright/booking-pages.e2e.ts Outdated
const [user] = users.get();
await user.apiLogin();

await page.goto(`/booking/${bookingId}`);
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jul 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rule violated: E2E Tests Best Practices

  Missing expect(page).toHaveURL() after navigation. According to the E2E Best Practices guideline, tests must assert the final URL immediately after page.goto to fail fast on unexpected redirects.

Copy link
Contributor Author

@asadath1395 asadath1395 Aug 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!

asadath1395 and others added 2 commits July 7, 2025 11:42
@asadath1395 @cubic-dev-ai
Fix logic bypass
fe5cc0b 
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
@asadath1395
Fix cubic comment
cb4fb4c
kart1ka
kart1ka suggested changes Jul 7, 2025
View reviewed changes
Copy link
Contributor

@kart1ka kart1ka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Along with the host, Team/Org Admin and Owner should also be able to reschedule or cancel the booking.

@kart1ka
Copy link
Contributor

kart1ka commented Jul 7, 2025

Hi @asadath1395, Left a comment. There is a type check failing, pls address that as well.

@kart1ka kart1ka marked this pull request as draft July 7, 2025 17:38
@anikdhabal anikdhabal mentioned this pull request Jul 8, 2025
Closed
@asadath1395 asadath1395 marked this pull request as ready for review July 9, 2025 02:50
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jul 9, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cubic found 2 issues across 9 files. Review them in cubic.dev

React with 👍 or 👎 to teach cubic. Tag @cubic-dev-ai to give specific feedback.

apps/web/lib/reschedule/[uid]/getServerSideProps.ts Outdated
}
}

const isHostOrOwner = !!userIsHost || !!userIsOwnerOfEventType || !!hasTeamOrOrgPermissions;
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The permission-calculation logic (userIsHost / userIsOwnerOfEventType / hasTeamOrOrgPermissions) is duplicated later in the same function, causing two additional database calls (isTeamAdmin, isOrganisationAdmin) per request. This hurts performance and maintainability; consider extracting a helper or computing once and re-using the result.

Copy link
Contributor Author

@asadath1395 asadath1395 Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed

apps/web/lib/team/[slug]/[type]/getServerSideProps.tsx Outdated
}
}
}
const isHostOrOwner =
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Authorization relies on eventData.hosts which is limited to the first 3 hosts (because of take: 3 in the Prisma query). If an event has more than three hosts, legitimate hosts outside this slice will fail the check and be redirected, effectively blocking them from rescheduling/cancelling their own event.

Copy link
Contributor Author

@asadath1395 asadath1395 Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch, fixed it by querying it separately

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jul 9, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cubic found 2 issues across 9 files. Review them in cubic.dev

React with 👍 or 👎 to teach cubic. Tag @cubic-dev-ai to give specific feedback.

@asadath1395
Copy link
Contributor Author

asadath1395 commented Jul 9, 2025

Along with the host, Team/Org Admin and Owner should also be able to reschedule or cancel the booking.

@kart1ka Thanks for flagging this. I have fixed it and added tests too. Please test this again and let me know if you find anything

@github-actions github-actions bot removed the Stale label Sep 4, 2025
@anikdhabal anikdhabal mentioned this pull request Sep 4, 2025
Closed
3 tasks
@kart1ka
Copy link
Contributor

kart1ka commented Sep 4, 2025
edited
Loading

I have a few comments:

  • We should disable "Request for Reschedule" option when disable reschedule is toggled on otherwise it defeats the purpose of disabling reschedule.
  • It still does not work properly for org/team admin or owner. cancel and reschedule option is still not shown on booking detail page.
  • cancel and reschedule does not work for team/org admin and owner at all even when triggered from booking list item.

Please see the attached video: cap.link/ctb7sb9011xwj15
This would also require tests to make sure everything works fine.

@kart1ka Your video shows a strange shift from acme to app subdomain, i think it means different orgs. Could you try it consistently with the same subdomain/org?

@asadath1395 Using different subdomains makes no difference here.

@github-actions github-actions bot added Low priority Created by Linear-GitHub Sync Stale labels Sep 15, 2025
@asadath1395 asadath1395 marked this pull request as ready for review September 15, 2025 11:48
@asadath1395 asadath1395 requested a review from kart1ka September 15, 2025 13:58
@asadath1395
Copy link
Contributor Author

asadath1395 commented Sep 15, 2025

I have a few comments:

  • We should disable "Request for Reschedule" option when disable reschedule is toggled on otherwise it defeats the purpose of disabling reschedule.

Can you create a new issue for this? Let's not increase the scope of this PR

  • It still does not work properly for org/team admin or owner. cancel and reschedule option is still not shown on booking detail page.
  • cancel and reschedule does not work for team/org admin and owner at all even when triggered from booking list item.

Please see the attached video: https://cap.link/ctb7sb9011xwj15

This would also require tests to make sure everything works fine.

@kart1ka Mind testing this again. I have added tests too.

@github-actions github-actions bot removed the Stale label Sep 16, 2025
@github-actions github-actions bot added the Stale label Sep 17, 2025
dhairyashiil
dhairyashiil reviewed Nov 9, 2025
View reviewed changes
Copy link
Member

@dhairyashiil dhairyashiil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you resolve the merge conflicts? making it a draft until then

@dhairyashiil dhairyashiil removed the request for review from kart1ka November 9, 2025 21:28
@dhairyashiil dhairyashiil marked this pull request as draft November 9, 2025 21:28
@dhairyashiil dhairyashiil removed the Medium priority Created by Linear-GitHub Sync label Nov 21, 2025
@dhairyashiil
Copy link
Member

dhairyashiil commented Nov 21, 2025

Closing the PR due to staleness.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dhairyashiil dhairyashiil dhairyashiil left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

+1 more reviewer

@kart1ka kart1ka kart1ka requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bookings area: bookings, availability, timezones, double booking 🐛 bug Something isn't working community Created by Linear-GitHub Sync 🧹 Improvements Improvements to existing features. Mostly UX/UI Low priority Created by Linear-GitHub Sync Public size/XL Stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Disable cancellation feature disables the option for the host as well

4 participants

@asadath1395 @kart1ka @dhairyashiil @anikdhabal