3372: Allow users to be added to multiple roles #3386
Conversation
|
I don't normally ask for a history squash/rewrite .... but in this case ....... :) |
dorner
force-pushed
the
3372-multi-partner
branch
from
6321116
to
ceeb9d3
Compare
|
Most of those commits were unrelated to the actual ticket. I've deleted them outright and they should no longer be necessary now that importmaps have been merged. |
|
@dorner IIRTC, at least some of the tests that are failing are related to this subject matter... |
| @@ -160,22 +160,6 @@ | |||
| expect(subject).to redirect_to(dashboard_path) | |||
| end | |||
| end | |||
|
|
|||
There was a problem hiding this comment.
I'm not sure why you are removing these tests. On the surface it seems like we would still want to make sure that you can't access donations for a different org, and that you have to be signed in to access the donations
There was a problem hiding this comment.
True - let me rejig these instead. The issue is that it was depending on the organization_id in the parameter, which is no longer the real indication of which organization you're looking at. In fact, we could remove that organization_id which we add to every URL - it makes it a bit confusing.
There was a problem hiding this comment.
Ah I know why I removed them - because I added application-level tests instead. So rather than testing a single controller we're now testing every controller in the app 😄
|
@dorner. I've skimmed the changes, and IIRTC, if someone gets invited to a second role, they are not getting invited. Which, on the one hand, means they don't have to accept the second invite, and have the whole annoying "you can't sign in, you have a pending invitation" thing. Yay! But there would be value in them getting notified that they have been invited to the second role, which, IIRTC, they won't be? We've already seen a couple of cases where someone has signed up as a bank (when they probably shouldn't have), and then years later, is being brought on as a partner. Although we don't want that tail wagging our dog, it will be a support ticket every time a bank expects an invitation to be sent, but the user doesn't get any notification. |
|
|
||
| return current_role.resource if current_role.resource.is_a?(Organization) | ||
|
|
||
| Organization.find_by(short_name: params[:organization_id]) |
There was a problem hiding this comment.
I'm not sure why you aren't setting @current_organization if it isn't already set, in the new version. That feels like it could have some side effects.
There was a problem hiding this comment.
Nope. Did a search and nothing else reads this instance variable (as it should be).
There was a problem hiding this comment.
I don't see anything that ever sets the instance variable?
|
Hopefully this is nearly the final nail in the grand edifice you've been building over these last few months! |
| @@ -9,7 +9,6 @@ def self.invite(email:, resource:, name: nil, roles: []) | |||
|
|
|||
| user = User.find_by(email: email) | |||
| if user | |||
| user.invite! | |||
There was a problem hiding this comment.
How does this interact with the ability of the banks to resend the invitations to the partner? Maybe invite! if the user has not yet accepted their invitation/set a password?
There was a problem hiding this comment.
There should be a way to force this behavior. Let me take a look.
The partner switching thing seems to work now on local, anyway. Hooray! |
|
@cielf made some changes and fixes addressing the comments! Need to wait for tests to run but please take another look. |
|
@dorner Well, it looks like there are tests failing in the general area of the change -- I can take a look (probably tomorrow), but might I just as well wait until those are resolved? |
|
@cielf in this PR I added another e-mail to be sent out whenever a role is added to an existing user. Not sure when I'll have time to look at the failing tests. 😦 |
|
'Salright -- I expect to not see much of you for the next week. We're purposely not doing a release next weekend, also. |
|
Tests should all pass now! 🤞 |
|
Hey @dorner... There's a specific situation that this is not covering. And it's not far-fetched, I'm afraid -- we have essentially that situation at the moment (see support starting at 3:38 on Monday April 24) |
|
Yeah that does sound like a separate issue. |
|
Have added the additional proto-issue to the backlog |
|
Putting a reminder for @awwaiid here too! |
|
|
||
| return current_role.resource if current_role.resource.is_a?(Organization) | ||
|
|
||
| Organization.find_by(short_name: params[:organization_id]) |
There was a problem hiding this comment.
I don't see anything that ever sets the instance variable?
|
(I walked through all the code changes and did local manual testing) |
Resolves #3372
Description
With the new role capability, there should be nothing stopping a user from belonging to multiple organizations or partners if necessary. This change ensures that the current role (organization or partner) is reflected in whatever the user sees, which allows for the role switcher to work in all cases.
Type of change
How Has This Been Tested?
Local and unit tests.