-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(hub-discussions): user can read channel if group is non-discussable #1201
fix(hub-discussions): user can read channel if group is non-discussable #1201
Conversation
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## master #1201 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 737 737
Lines 13162 13177 +15
Branches 2245 2252 +7
=========================================
+ Hits 13162 13177 +15
☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I pulled this branch down, yalc'd it into my local API env & verified users that can access posts from GET /v1/posts
(search) can now also access the posts from GET /v1/posts/:postId
(get-by-id), and similarly, users that can access channels from GET /v1/channels
(search) can now also access channels from GET /v1/channels/:channelId
(get-by-id) when one, or more, of the channel groups contains the cannotDiscuss
typekeyword. I also verified that users that cannot access the same channels/posts in the search endpoints also cannot do a get-by-id for those channels/posts. Nice work!
@@ -132,8 +132,14 @@ export class ChannelPermission { | |||
return groupAccessControls.some((permission) => { | |||
const group = userGroupsById[permission.key]; | |||
|
|||
if (!group || !isGroupDiscussable(group)) { | |||
return false; | |||
if (action === ChannelAction.READ_POSTS) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Super minor, but the nested if on line 140 doesn't add a lot of value. I believe this could be simplified to just:
if (action === ChannelAction.READ_POSTS) {
if (!group) {
return false;
}
} else if (!group || !isGroupDiscussable(group)) {
return false;
}
## @esri/hub-discussions [26.0.1](https://github.com/Esri/hub.js/compare/@esri/hub-discussions@26.0.0...@esri/hub-discussions@26.0.1) (2023-09-07) ### Bug Fixes * **hub-discussions:** user can read channel if group is non-discussable ([#1201](#1201)) ([28d61f3](28d61f3))
# [14.1.0](https://github.com/Esri/hub.js/compare/@esri/hub-search@14.0.0...@esri/hub-search@14.1.0) (2023-10-08) ### Bug Fixes * update groups link from teams to groups ([#1262](#1262)) ([26dd47a](26dd47a)) * **hub-discussions:** add author and editor to isearchchannels ([#1257](#1257)) ([5d22e8b](5d22e8b)) * account for index values that are 0 in card view models ([#1196](#1196)) ([bbc1928](bbc1928)) * add featured content to initiatives edit ([#1208](#1208)) ([a3f0361](a3f0361)) * add Project to wellKnownColletions ([#1254](#1254)) ([82eb6a1](82eb6a1)) * add shareContent group permission and minor hub group clean up ([#1194](#1194)) ([9a90b6d](9a90b6d)) * added default empty quotes for computeProps ([#1204](#1204)) ([3c83e4a](3c83e4a)) * auto-populating groups in project creation ([#1225](#1225)) ([0b9465f](0b9465f)) * checkPermission and checkPrivileges first check isAuthenticated ([#1227](#1227)) ([b292131](b292131)) * ensure featured content catalogs are returned as an array ([#1207](#1207)) ([d28b56f](d28b56f)) * properly deserialize trustedOrgs from context ([#1256](#1256)) ([760b4ff](760b4ff)) * **hub-common:** content location should be of type extent, not polygon ([#1228](#1228)) ([c5539f4](c5539f4)) * **hub-common:** fix fetchHubContent does not support slugs ([#1216](#1216)) ([d3a4eba](d3a4eba)) * **hub-common:** re-adds the discussion permissions to validPermissions array ([#1223](#1223)) ([9db7245](9db7245)) * **hub-common:** workspace route for content is /workspace/content/:id not /workspace/contents/:id ([#1250](#1250)) ([f2c6679](f2c6679)) * rollback stat migration ([#1193](#1193)) ([8465e15](8465e15)) * shouldClearEmptyFields now accounts for licenseInfo ([#1198](#1198)) ([3f4eb47](3f4eb47)) * uiSchema translation keys ([#1224](#1224)) ([a55292f](a55292f)) * **hub-discussions:** user can read channel if group is non-discussable ([#1201](#1201)) ([28d61f3](28d61f3)) ### Features * **hub-common:** adds followers group discussion settings on site wo… ([#1251](#1251)) ([e0beb59](e0beb59)) * add feature and entity flagging into checkPermission ([#1187](#1187)) ([b040283](b040283)) * Add Initiative and Project Associations ([#1213](#1213)) ([7cb0298](7cb0298)) * add invite users to hub group ([#1197](#1197)) ([014b2bd](014b2bd)) * add links hash for project, initiative, and group entities ([#1226](#1226)) ([aba8f7b](aba8f7b)) * add member role badges to user card model ([#1195](#1195)) ([e09608d](e09608d)) * add new polling util ([#1265](#1265)) ([e36c142](e36c142)) * add option to enrich an entity ([#1220](#1220)) ([0b57ff5](0b57ff5)) * add supporting groups to sites property map ([#1205](#1205)) ([2d473d6](2d473d6)) * add workspaceRelative to enrichGroupSearchResult ([#1206](#1206)) ([f6d2016](f6d2016)) * addGroupMembers ([#1230](#1230)) ([3a7c900](3a7c900)) * adding license picker to content workspace ([#1192](#1192)) ([312b333](312b333)) * adds entity discussion settings ([#1221](#1221)) ([5e25a43](5e25a43)) * adds getChannelUsersQuery method, bumps to @esri/arcgis-rest-port… ([#1210](#1210)) ([320d6d8](320d6d8)) * collaborator pane for content workspace ([#1259](#1259)) ([e00e624](e00e624)) * initiative template entity ([#1229](#1229)) ([f5a995a](f5a995a)) * initiative template workspace ([#1246](#1246)) ([cb385e5](cb385e5)) * scaffold solution template entity ([#1253](#1253)) ([54d1fe6](54d1fe6)) * **hub-common:** add application type content edit link ([#1217](#1217)) ([82ceec4](82ceec4)) * **hub-common:** add blocked as a possible PostStatus ([#1222](#1222)) ([11c8a58](11c8a58)) * **hub-common:** add content settings schemas and derive props from server definitions ([#1209](#1209)) ([1721285](1721285)) * **hub-common:** add getResultSiteRelativeLink so Hub Page results can have slugs in siteRelative l ([#1200](#1200)) ([27e0740](27e0740)) * **hub-common:** add hub:[entity]:manage permission for all entities ([#1202](#1202)) ([71191b7](71191b7)) * **hub-common:** add icon for Discussion content type ([#1185](#1185)) ([7ae927a](7ae927a)) * **hub-discussions:** adding ability to update the groups of a channel ([#1218](#1218)) ([7bc2117](7bc2117)) * followers settings schema and behavior ([#1211](#1211)) ([a8be73b](a8be73b)) * item extent now selectable, savable, and reflects in old and new view ([#1212](#1212)) ([5dbe3bb](5dbe3bb)) * partnered orgs added to context ([#1214](#1214)) ([7979571](7979571)) * refactor entity schema implementation ([#1203](#1203)) ([88cdd2b](88cdd2b)) * **hub-common:** add unified "links" hash as an optional property for all entities ([#1199](#1199)) ([ba14502](ba14502)) * site's followers pane permissions ([#1186](#1186)) ([90feec7](90feec7)) * ungate dashboard from projects ([#1188](#1188)) ([658b936](658b936))
# [14.1.0](https://github.com/Esri/hub.js/compare/@esri/hub-sites@14.0.1...@esri/hub-sites@14.1.0) (2023-10-08) ### Bug Fixes * update groups link from teams to groups ([#1262](#1262)) ([26dd47a](26dd47a)) * **hub-discussions:** add author and editor to isearchchannels ([#1257](#1257)) ([5d22e8b](5d22e8b)) * account for index values that are 0 in card view models ([#1196](#1196)) ([bbc1928](bbc1928)) * add featured content to initiatives edit ([#1208](#1208)) ([a3f0361](a3f0361)) * add Project to wellKnownColletions ([#1254](#1254)) ([82eb6a1](82eb6a1)) * add shareContent group permission and minor hub group clean up ([#1194](#1194)) ([9a90b6d](9a90b6d)) * added default empty quotes for computeProps ([#1204](#1204)) ([3c83e4a](3c83e4a)) * auto-populating groups in project creation ([#1225](#1225)) ([0b9465f](0b9465f)) * checkPermission and checkPrivileges first check isAuthenticated ([#1227](#1227)) ([b292131](b292131)) * ensure featured content catalogs are returned as an array ([#1207](#1207)) ([d28b56f](d28b56f)) * properly deserialize trustedOrgs from context ([#1256](#1256)) ([760b4ff](760b4ff)) * **hub-common:** content location should be of type extent, not polygon ([#1228](#1228)) ([c5539f4](c5539f4)) * **hub-common:** fix fetchHubContent does not support slugs ([#1216](#1216)) ([d3a4eba](d3a4eba)) * **hub-common:** re-adds the discussion permissions to validPermissions array ([#1223](#1223)) ([9db7245](9db7245)) * **hub-common:** workspace route for content is /workspace/content/:id not /workspace/contents/:id ([#1250](#1250)) ([f2c6679](f2c6679)) * shouldClearEmptyFields now accounts for licenseInfo ([#1198](#1198)) ([3f4eb47](3f4eb47)) * uiSchema translation keys ([#1224](#1224)) ([a55292f](a55292f)) * **hub-discussions:** user can read channel if group is non-discussable ([#1201](#1201)) ([28d61f3](28d61f3)) ### Features * **hub-common:** adds followers group discussion settings on site wo… ([#1251](#1251)) ([e0beb59](e0beb59)) * Add Initiative and Project Associations ([#1213](#1213)) ([7cb0298](7cb0298)) * add invite users to hub group ([#1197](#1197)) ([014b2bd](014b2bd)) * add links hash for project, initiative, and group entities ([#1226](#1226)) ([aba8f7b](aba8f7b)) * add member role badges to user card model ([#1195](#1195)) ([e09608d](e09608d)) * add new polling util ([#1265](#1265)) ([e36c142](e36c142)) * add option to enrich an entity ([#1220](#1220)) ([0b57ff5](0b57ff5)) * add supporting groups to sites property map ([#1205](#1205)) ([2d473d6](2d473d6)) * add workspaceRelative to enrichGroupSearchResult ([#1206](#1206)) ([f6d2016](f6d2016)) * addGroupMembers ([#1230](#1230)) ([3a7c900](3a7c900)) * adding license picker to content workspace ([#1192](#1192)) ([312b333](312b333)) * adds entity discussion settings ([#1221](#1221)) ([5e25a43](5e25a43)) * adds getChannelUsersQuery method, bumps to @esri/arcgis-rest-port… ([#1210](#1210)) ([320d6d8](320d6d8)) * collaborator pane for content workspace ([#1259](#1259)) ([e00e624](e00e624)) * initiative template entity ([#1229](#1229)) ([f5a995a](f5a995a)) * initiative template workspace ([#1246](#1246)) ([cb385e5](cb385e5)) * scaffold solution template entity ([#1253](#1253)) ([54d1fe6](54d1fe6)) * **hub-common:** add application type content edit link ([#1217](#1217)) ([82ceec4](82ceec4)) * **hub-common:** add blocked as a possible PostStatus ([#1222](#1222)) ([11c8a58](11c8a58)) * **hub-common:** add content settings schemas and derive props from server definitions ([#1209](#1209)) ([1721285](1721285)) * **hub-common:** add getResultSiteRelativeLink so Hub Page results can have slugs in siteRelative l ([#1200](#1200)) ([27e0740](27e0740)) * **hub-common:** add hub:[entity]:manage permission for all entities ([#1202](#1202)) ([71191b7](71191b7)) * **hub-discussions:** adding ability to update the groups of a channel ([#1218](#1218)) ([7bc2117](7bc2117)) * followers settings schema and behavior ([#1211](#1211)) ([a8be73b](a8be73b)) * item extent now selectable, savable, and reflects in old and new view ([#1212](#1212)) ([5dbe3bb](5dbe3bb)) * partnered orgs added to context ([#1214](#1214)) ([7979571](7979571)) * refactor entity schema implementation ([#1203](#1203)) ([88cdd2b](88cdd2b)) * **hub-common:** add unified "links" hash as an optional property for all entities ([#1199](#1199)) ([ba14502](ba14502))
# [14.1.0](https://github.com/Esri/hub.js/compare/@esri/hub-teams@14.0.0...@esri/hub-teams@14.1.0) (2023-10-08) ### Bug Fixes * update groups link from teams to groups ([#1262](#1262)) ([26dd47a](26dd47a)) * **hub-discussions:** add author and editor to isearchchannels ([#1257](#1257)) ([5d22e8b](5d22e8b)) * account for index values that are 0 in card view models ([#1196](#1196)) ([bbc1928](bbc1928)) * add featured content to initiatives edit ([#1208](#1208)) ([a3f0361](a3f0361)) * add Project to wellKnownColletions ([#1254](#1254)) ([82eb6a1](82eb6a1)) * add shareContent group permission and minor hub group clean up ([#1194](#1194)) ([9a90b6d](9a90b6d)) * added default empty quotes for computeProps ([#1204](#1204)) ([3c83e4a](3c83e4a)) * auto-populating groups in project creation ([#1225](#1225)) ([0b9465f](0b9465f)) * checkPermission and checkPrivileges first check isAuthenticated ([#1227](#1227)) ([b292131](b292131)) * ensure featured content catalogs are returned as an array ([#1207](#1207)) ([d28b56f](d28b56f)) * properly deserialize trustedOrgs from context ([#1256](#1256)) ([760b4ff](760b4ff)) * **hub-common:** content location should be of type extent, not polygon ([#1228](#1228)) ([c5539f4](c5539f4)) * **hub-common:** fix fetchHubContent does not support slugs ([#1216](#1216)) ([d3a4eba](d3a4eba)) * **hub-common:** re-adds the discussion permissions to validPermissions array ([#1223](#1223)) ([9db7245](9db7245)) * **hub-common:** workspace route for content is /workspace/content/:id not /workspace/contents/:id ([#1250](#1250)) ([f2c6679](f2c6679)) * rollback stat migration ([#1193](#1193)) ([8465e15](8465e15)) * shouldClearEmptyFields now accounts for licenseInfo ([#1198](#1198)) ([3f4eb47](3f4eb47)) * uiSchema translation keys ([#1224](#1224)) ([a55292f](a55292f)) * **hub-discussions:** user can read channel if group is non-discussable ([#1201](#1201)) ([28d61f3](28d61f3)) ### Features * **hub-common:** adds followers group discussion settings on site wo… ([#1251](#1251)) ([e0beb59](e0beb59)) * add feature and entity flagging into checkPermission ([#1187](#1187)) ([b040283](b040283)) * Add Initiative and Project Associations ([#1213](#1213)) ([7cb0298](7cb0298)) * add invite users to hub group ([#1197](#1197)) ([014b2bd](014b2bd)) * add links hash for project, initiative, and group entities ([#1226](#1226)) ([aba8f7b](aba8f7b)) * add member role badges to user card model ([#1195](#1195)) ([e09608d](e09608d)) * add new polling util ([#1265](#1265)) ([e36c142](e36c142)) * add option to enrich an entity ([#1220](#1220)) ([0b57ff5](0b57ff5)) * add supporting groups to sites property map ([#1205](#1205)) ([2d473d6](2d473d6)) * add workspaceRelative to enrichGroupSearchResult ([#1206](#1206)) ([f6d2016](f6d2016)) * addGroupMembers ([#1230](#1230)) ([3a7c900](3a7c900)) * adding license picker to content workspace ([#1192](#1192)) ([312b333](312b333)) * adds entity discussion settings ([#1221](#1221)) ([5e25a43](5e25a43)) * adds getChannelUsersQuery method, bumps to @esri/arcgis-rest-port… ([#1210](#1210)) ([320d6d8](320d6d8)) * collaborator pane for content workspace ([#1259](#1259)) ([e00e624](e00e624)) * initiative template entity ([#1229](#1229)) ([f5a995a](f5a995a)) * initiative template workspace ([#1246](#1246)) ([cb385e5](cb385e5)) * scaffold solution template entity ([#1253](#1253)) ([54d1fe6](54d1fe6)) * **hub-common:** add application type content edit link ([#1217](#1217)) ([82ceec4](82ceec4)) * **hub-common:** add blocked as a possible PostStatus ([#1222](#1222)) ([11c8a58](11c8a58)) * **hub-common:** add content settings schemas and derive props from server definitions ([#1209](#1209)) ([1721285](1721285)) * **hub-common:** add getResultSiteRelativeLink so Hub Page results can have slugs in siteRelative l ([#1200](#1200)) ([27e0740](27e0740)) * **hub-common:** add hub:[entity]:manage permission for all entities ([#1202](#1202)) ([71191b7](71191b7)) * **hub-common:** add icon for Discussion content type ([#1185](#1185)) ([7ae927a](7ae927a)) * **hub-discussions:** adding ability to update the groups of a channel ([#1218](#1218)) ([7bc2117](7bc2117)) * followers settings schema and behavior ([#1211](#1211)) ([a8be73b](a8be73b)) * item extent now selectable, savable, and reflects in old and new view ([#1212](#1212)) ([5dbe3bb](5dbe3bb)) * partnered orgs added to context ([#1214](#1214)) ([7979571](7979571)) * refactor entity schema implementation ([#1203](#1203)) ([88cdd2b](88cdd2b)) * **hub-common:** add unified "links" hash as an optional property for all entities ([#1199](#1199)) ([ba14502](ba14502)) * site's followers pane permissions ([#1186](#1186)) ([90feec7](90feec7)) * ungate dashboard from projects ([#1188](#1188)) ([658b936](658b936))
Description: Updated
canSomeUserGroup
to allow a user in a non-discussable group to read a channel with thecanReadChannel
function.Instructions for testing: run
npm run test
to run unit updated unit testsCloses Issues: #7454
Updated meaningful TSDoc to methods including Parameters and Returns, see Documentation Guide
used semantic commit messages
PR title follows semantic commit format (CRITICAL if the title is not in a semantic format, the release automation will not run!)
updated
peerDependencies
as needed. CRITICAL our automated release system can not be counted on to updatepeerDependencies
so we must do it manually in our PRs when needed. See the updating peerDependencies section of the release instructions for more details.