Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix UI allowing edits by submitters to paid reports in Control #47398

Merged
merged 1 commit into from
Aug 15, 2024
Merged

Fix UI allowing edits by submitters to paid reports in Control #47398

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions src/libs/ReportUtils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2889,8 +2889,9 @@ function canEditMoneyRequest(reportAction: OnyxInputOrEntry<ReportAction<typeof
const moneyRequestReport = getReportOrDraftReport(String(moneyRequestReportID));
const isRequestor = currentUserAccountID === reportAction?.actorAccountID;

const isSubmitted = isProcessingReport(moneyRequestReport);
if (isIOUReport(moneyRequestReport)) {
return isProcessingReport(moneyRequestReport) && isRequestor;
return isSubmitted && isRequestor;
}

const policy = getPolicy(moneyRequestReport?.policyID ?? '-1');
Expand All @@ -2906,7 +2907,7 @@ function canEditMoneyRequest(reportAction: OnyxInputOrEntry<ReportAction<typeof
return true;
}

if (policy?.type === CONST.POLICY.TYPE.CORPORATE && moneyRequestReport && isCurrentUserSubmitter(moneyRequestReport.reportID)) {
if (policy?.type === CONST.POLICY.TYPE.CORPORATE && moneyRequestReport && isSubmitted && isCurrentUserSubmitter(moneyRequestReport.reportID)) {
const isForwarded = PolicyUtils.getSubmitToAccountID(policy, moneyRequestReport.ownerAccountID ?? 0) !== moneyRequestReport.managerID;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NAB since it's an edge case, but to match the updated backend, we should return a value which is !PolicyUtils.hasStrictAdvancedApproval || !isForwarded.

Otherwise there could be a problem on a corporate policy, delayed submission, if the submitter breaks the workflow and submits to someone else.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, but looks like we'll need a backend PR to include strictWorkflow here. How about we merge this and I follow up with a 2nd PR as well as a the Web-E PR?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#47517

return !isForwarded;
}
Expand Down
Loading