Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add tests and handling for deleted users #953

Open
wants to merge 3 commits into
base: 12-20-soft_delete_for_user_and_perms
Choose a base branch
from
Open

add tests and handling for deleted users #953

wants to merge 3 commits into from
+122 −3

Conversation

harishv7
Copy link
Contributor

@harishv7 harishv7 commented Dec 20, 2024
edited
Loading

Problem

Deleted users were still able to access the system and view sites they previously had access to.

Closes ISOM-1701

Solution

Added checks to prevent deleted users from logging in and viewing sites they previously had access to.

Breaking Changes:

  • No - this PR is backwards compatible

Features:

  • Added user deletion status check during login
  • Filtered out sites where user permissions have been deleted

Improvements:

  • Removed debug console log from user deletion check

Tests

  • Added test for login attempt with deleted user
  • Added test for site listing with deleted permissions
  • Added user service tests for checking deletion status
  • Added helper function for setting up test users with deletion status

New scripts:
None

New dependencies:
None

New dev dependencies:
None

@harishv7 harishv7 changed the title add tests for soft delete add tests and handling for deleted users Dec 20, 2024
@harishv7 Graphite App
Copy link
Contributor Author

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@harishv7 harishv7 mentioned this pull request Dec 20, 2024
Open
1 task
@harishv7 harishv7 marked this pull request as ready for review December 20, 2024 15:44
@harishv7 harishv7 requested a review from a team as a code owner December 20, 2024 15:44
@datadog-opengovsg
Copy link

datadog-opengovsg bot commented Dec 20, 2024
edited
Loading

Datadog Report

Branch report: 12-20-add_tests_for_soft_delete
Commit report: 4a21463
Test service: isomer-studio

✅ 0 Failed, 249 Passed, 36 Skipped, 48.4s Total Time
➡️ Test Sessions change in coverage: 1 no change

@harishv7 harishv7 force-pushed the 12-20-add_tests_for_soft_delete branch from 23cf858 to e611093 Compare December 20, 2024 15:51
@linear Linear
Copy link

linear bot commented Dec 20, 2024

ISOM-1701 Enable soft deletes for user management

adriangohjw
adriangohjw reviewed Jan 13, 2025
View reviewed changes
apps/studio/src/server/modules/user/__tests__/user.service.test.ts
describe("user.service", () => {
beforeAll(async () => {
await resetTables("User")
await setUpWhitelist({ email: "@example.com" })
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need this? don't see any logic within isUserDeleted that's using the whitelisting table + believe this is handled by isEmailWhitelisted?

apps/studio/src/server/modules/user/__tests__/user.service.test.ts
Comment on lines +11 to +27
// Setup active user
await setupUser({
name: "Active User",
userId: "active123",
email: "active@example.com",
phone: "12345678",
isDeleted: false,
})

// Setup deleted user
await setupUser({
name: "Deleted User",
userId: "deleted123",
email: "deleted@example.com",
phone: "12345678",
isDeleted: true,
})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit - might be better to move each of this into the respective test case in the "arrange" stage?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit - do we want to make the non-essential fields (name, userId, phone) to fallback to a default value in setupUser instead of having to specify them? doing so will make this setup cleaner and more readable since the "attention" will be on the isDeleted arg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adriangohjw adriangohjw adriangohjw left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@harishv7 @adriangohjw