Skip to content

feat/AB#106951_EIS-user-activity-permissions #1169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 13 commits into
base: alpha
Choose a base branch
from
Draft

feat/AB#106951_EIS-user-activity-permissions #1169

wants to merge 13 commits into from

Conversation

unai-reliefapp
Copy link
Contributor

@unai-reliefapp unai-reliefapp commented Dec 4, 2024
edited
Loading

Description

feat: add user read permission check for activity download and activity logs fetch

Useful links

Type of change

Please delete options that are not relevant.

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.

  • Test A
  • Test B

Screenshots

Please include screenshots of this change. If this issue is only back-end related, and does not involve any visual change of the platform, you can skip this part.

Checklist:

( * == Mandatory )

  • * I have set myself as assignee of the pull request
  • * My code follows the style guidelines of this project
  • * Linting does not generate new warnings
  • * I have performed a self-review of my own code
  • * I have put the ticket for review, adding the oort-backend team to the list of reviewers
  • * I have commented my code, particularly in hard-to-understand areas
  • * I have put JSDoc comment in all required places
  • * My changes generate no new warnings
  • * I have included screenshots describing my changes if relevant
  • * I have selected labels in the Pull Request, according to the changes with code brings
  • I have made corresponding changes to the documentation ( if required )
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

More explanation

https://www.loom.com/share/05a716d61b9744faaf51fb304c21d1e5?sid=f87cf896-582a-4f76-93ae-8ceed801b145

AntoineRelief and others added 12 commits November 6, 2024 15:56
@AntoineRelief
first commit
14c37ea
@TaiKamilla
to be optimize
4253124
@TaiKamilla
Rename activity model to activity log
6c7963d 
- Renamed the `Activity` model to `ActivityLog`.
- Updated all references in routes and queries.
- Added new GraphQL queries for fetching activity logs.
- Adjusted metadata handling in the GraphQL type definition.
@TaiKamilla
Lin
94dcf6d
@TaiKamilla
Update userId type to ObjectId
c6d091f 
Changed userId from string to mongoose ObjectId in the activity log model. Updated related route to use _id instead of id for consistency.
@TaiKamilla
Update XLSX export for activity logs
f4891d2 
- Changed column definitions to include titles and fields.
- Added data formatting for userId, eventType, and metadata.
- Updated XLSX generation to use formatted data instead of raw activities.
@AntoineRelief
merge beta
07aeb90
@AntoineRelief
fix: incorrect export download
31d9b76
@unai-reliefapp @AntoineRelief
Add more columns to display and export (#1163)
7d35b0b 
AB#106578

---------

Co-authored-by: Antoine Hurard <antoine@reliefapplications.org>
@unai-reliefapp @AntoineRelief
Improve filtering & pagination (#1166)
ba43cef 
AB#106561

---------

Co-authored-by: Antoine Hurard <antoine@reliefapplications.org>
@AntoineRelief
Merge branch 'alpha' into AB#105244_activity_logs
e20d27d
@unai-reliefapp
feat/AB#106951_EIS-user-activity-permissions
2caacce 
feat: add user read permission check for activity download and activity logs fetch
@unai-reliefapp
Copy link
Contributor Author

unai-reliefapp commented Dec 4, 2024
edited
Loading

@AntoineRelief Just to check with you that im on the right path with what I currently did, as I think I never worked on the permission side of the application yet.
Is there or do you have in mind any example about how to handle specific permissions for a single application? The idea I assume is to create a filter from the Application like

Application.find(accessibleBy(ability, 'read').Application).getFilter();

And use the found ids as a match for filtering the related activityLogs(if use has not global permissions of course)

If possible let me know, thanks
KR, Unai

@AntoineRelief
Copy link
Collaborator

@unai-reliefapp

I don't think we should do it this way

You can check the: extendAbilityForApplications method in the back, that check permission for a single app

if you find an application id in the query, you can use it
else, you check global permissions, to know if user can or not see the logs

@unai-reliefapp
feat/AB#106951_EIS-user-activity-permissions
2452afe 
feat: check if current user has permission for given application or global permissions to be able to fetch and download the specific activities
@unai-reliefapp
Copy link
Contributor Author

@AntoineRelief I changed the logic based on the extendAbilityForApplications. What i dont have clear is how or where the error should be raised if no permission is suitable.
With this logic if no permission is allowed the user will always receive an empty array.

Keeping this in draft until #1164 is merged and contains the applicationId in the metadata property

KR, Unai

@unai-reliefapp unai-reliefapp added the enhancement Existing feature label Dec 4, 2024
@unai-reliefapp unai-reliefapp self-assigned this Dec 4, 2024
@unai-reliefapp unai-reliefapp mentioned this pull request Dec 4, 2024
Closed
17 tasks
Base automatically changed from AB#105244_activity_logs to alpha December 13, 2024 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@unai-reliefapp unai-reliefapp

Labels
enhancement Existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@unai-reliefapp @AntoineRelief @TaiKamilla