Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(users): Allow accepting invites for org_admins #6253

Merged
merged 4 commits into from
Oct 8, 2024
Merged

fix(users): Allow accepting invites for org_admins #6253

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
48c624a
fix: allow accepting invite for org admins
ThisIsMani Oct 7, 2024
e0b7c5c
fix: exiting user invitations
ThisIsMani Oct 7, 2024
a33dbec
refactor: throw error if multiple invites found in a single entity
ThisIsMani Oct 8, 2024
14070fa
revert: throw error if multiple invites found in a single entity
ThisIsMani Oct 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion crates/diesel_models/src/query/user_role.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ impl UserRole {
conn: &PgPooledConn,
user_id: String,
org_id: id_type::OrganizationId,
merchant_id: id_type::MerchantId,
merchant_id: Option<id_type::MerchantId>,
profile_id: Option<id_type::ProfileId>,
update: UserRoleUpdate,
version: UserRoleVersion,
Expand Down
21 changes: 17 additions & 4 deletions crates/router/src/core/user.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -647,7 +647,14 @@ async fn handle_existing_user_invitation(
};

let _user_role = match role_info.get_entity_type() {
EntityType::Organization => return Err(UserErrors::InvalidRoleId.into()),
EntityType::Organization => {
user_role
.add_entity(domain::OrganizationLevel {
org_id: user_from_token.org_id.clone(),
})
.insert_in_v2(state)
.await?
}
EntityType::Merchant => {
user_role
.add_entity(domain::MerchantLevel {
Expand Down Expand Up @@ -678,7 +685,10 @@ async fn handle_existing_user_invitation(
{
let invitee_email = domain::UserEmail::from_pii_email(request.email.clone())?;
let entity = match role_info.get_entity_type() {
EntityType::Organization => return Err(UserErrors::InvalidRoleId.into()),
EntityType::Organization => email_types::Entity {
entity_id: user_from_token.org_id.get_string_repr().to_owned(),
entity_type: EntityType::Organization,
},
EntityType::Merchant => email_types::Entity {
entity_id: user_from_token.merchant_id.get_string_repr().to_owned(),
entity_type: EntityType::Merchant,
Expand Down Expand Up @@ -806,7 +816,10 @@ async fn handle_new_user_invitation(
let _ = req_state.clone();
let invitee_email = domain::UserEmail::from_pii_email(request.email.clone())?;
let entity = match role_info.get_entity_type() {
EntityType::Organization => return Err(UserErrors::InvalidRoleId.into()),
EntityType::Organization => email_types::Entity {
entity_id: user_from_token.org_id.get_string_repr().to_owned(),
entity_type: EntityType::Organization,
},
EntityType::Merchant => email_types::Entity {
entity_id: user_from_token.merchant_id.get_string_repr().to_owned(),
entity_type: EntityType::Merchant,
Expand Down Expand Up @@ -1012,7 +1025,7 @@ pub async fn accept_invite_from_email_token_only_flow(
&state,
user_from_db.get_user_id(),
&org_id,
&merchant_id,
merchant_id.as_ref(),
profile_id.as_ref(),
UserRoleUpdate::UpdateStatus {
status: UserStatus::Active,
Expand Down
8 changes: 4 additions & 4 deletions crates/router/src/core/user_role.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ pub async fn update_user_role(
.update_user_role_by_user_id_and_lineage(
user_to_be_updated.get_user_id(),
&user_from_token.org_id,
&user_from_token.merchant_id,
Some(&user_from_token.merchant_id),
user_from_token.profile_id.as_ref(),
UserRoleUpdate::UpdateRole {
role_id: req.role_id.clone(),
Expand Down Expand Up @@ -231,7 +231,7 @@ pub async fn update_user_role(
.update_user_role_by_user_id_and_lineage(
user_to_be_updated.get_user_id(),
&user_from_token.org_id,
&user_from_token.merchant_id,
Some(&user_from_token.merchant_id),
user_from_token.profile_id.as_ref(),
UserRoleUpdate::UpdateRole {
role_id: req.role_id.clone(),
Expand Down Expand Up @@ -280,7 +280,7 @@ pub async fn accept_invitations_v2(
&state,
user_from_token.user_id.as_str(),
org_id,
merchant_id,
merchant_id.as_ref(),
profile_id.as_ref(),
UserRoleUpdate::UpdateStatus {
status: UserStatus::Active,
Expand Down Expand Up @@ -332,7 +332,7 @@ pub async fn accept_invitations_pre_auth(
&state,
user_token.user_id.as_str(),
org_id,
merchant_id,
merchant_id.as_ref(),
profile_id.as_ref(),
UserRoleUpdate::UpdateStatus {
status: UserStatus::Active,
Expand Down
2 changes: 1 addition & 1 deletion crates/router/src/db/kafka_store.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3043,7 +3043,7 @@ impl UserRoleInterface for KafkaStore {
&self,
user_id: &str,
org_id: &id_type::OrganizationId,
merchant_id: &id_type::MerchantId,
merchant_id: Option<&id_type::MerchantId>,
profile_id: Option<&id_type::ProfileId>,
update: user_storage::UserRoleUpdate,
version: enums::UserRoleVersion,
Expand Down
12 changes: 6 additions & 6 deletions crates/router/src/db/user_role.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ pub trait UserRoleInterface {
&self,
user_id: &str,
org_id: &id_type::OrganizationId,
merchant_id: &id_type::MerchantId,
merchant_id: Option<&id_type::MerchantId>,
profile_id: Option<&id_type::ProfileId>,
update: storage::UserRoleUpdate,
version: enums::UserRoleVersion,
Expand Down Expand Up @@ -120,7 +120,7 @@ impl UserRoleInterface for Store {
&self,
user_id: &str,
org_id: &id_type::OrganizationId,
merchant_id: &id_type::MerchantId,
merchant_id: Option<&id_type::MerchantId>,
profile_id: Option<&id_type::ProfileId>,
update: storage::UserRoleUpdate,
version: enums::UserRoleVersion,
Expand All @@ -130,7 +130,7 @@ impl UserRoleInterface for Store {
&conn,
user_id.to_owned(),
org_id.to_owned(),
merchant_id.to_owned(),
merchant_id.cloned(),
profile_id.cloned(),
update,
version,
Expand Down Expand Up @@ -280,7 +280,7 @@ impl UserRoleInterface for MockDb {
&self,
user_id: &str,
org_id: &id_type::OrganizationId,
merchant_id: &id_type::MerchantId,
merchant_id: Option<&id_type::MerchantId>,
profile_id: Option<&id_type::ProfileId>,
update: storage::UserRoleUpdate,
version: enums::UserRoleVersion,
Expand All @@ -293,11 +293,11 @@ impl UserRoleInterface for MockDb {
&& user_role.profile_id.is_none();

let merchant_level_check = user_role.org_id.as_ref() == Some(org_id)
&& user_role.merchant_id.as_ref() == Some(merchant_id)
&& user_role.merchant_id.as_ref() == merchant_id
&& user_role.profile_id.is_none();

let profile_level_check = user_role.org_id.as_ref() == Some(org_id)
&& user_role.merchant_id.as_ref() == Some(merchant_id)
&& user_role.merchant_id.as_ref() == merchant_id
&& user_role.profile_id.as_ref() == profile_id;

// Check if the user role matches the conditions and the version matches
Expand Down
61 changes: 54 additions & 7 deletions crates/router/src/utils/user_role.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ pub async fn update_v1_and_v2_user_roles_in_db(
state: &SessionState,
user_id: &str,
org_id: &id_type::OrganizationId,
merchant_id: &id_type::MerchantId,
merchant_id: Option<&id_type::MerchantId>,
profile_id: Option<&id_type::ProfileId>,
update: UserRoleUpdate,
) -> (
Expand Down Expand Up @@ -255,12 +255,57 @@ pub async fn get_lineage_for_user_id_and_entity_for_accepting_invite(
) -> UserResult<
Option<(
id_type::OrganizationId,
id_type::MerchantId,
Option<id_type::MerchantId>,
Option<id_type::ProfileId>,
)>,
> {
match entity_type {
EntityType::Organization => Err(UserErrors::InvalidRoleOperation.into()),
EntityType::Organization => {
let Ok(org_id) =
id_type::OrganizationId::try_from(std::borrow::Cow::from(entity_id.clone()))
else {
return Ok(None);
};

let user_roles = state
.store
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
user_id,
org_id: Some(&org_id),
merchant_id: None,
profile_id: None,
entity_id: None,
version: None,
status: Some(UserStatus::InvitationSent),
limit: None,
})
.await
.change_context(UserErrors::InternalServerError)?
.into_iter()
.collect::<HashSet<_>>();

if user_roles.len() > 1 {
ThisIsMani marked this conversation as resolved.
Show resolved Hide resolved
return Ok(None);
}

if let Some(user_role) = user_roles.into_iter().next() {
let (_entity_id, entity_type) = user_role
.get_entity_id_and_type()
.ok_or(UserErrors::InternalServerError)?;

if entity_type != EntityType::Organization {
return Ok(None);
}

return Ok(Some((
user_role.org_id.ok_or(UserErrors::InternalServerError)?,
None,
None,
)));
}

Ok(None)
}
EntityType::Merchant => {
let Ok(merchant_id) = id_type::MerchantId::wrap(entity_id) else {
return Ok(None);
Expand Down Expand Up @@ -298,7 +343,7 @@ pub async fn get_lineage_for_user_id_and_entity_for_accepting_invite(

return Ok(Some((
user_role.org_id.ok_or(UserErrors::InternalServerError)?,
merchant_id,
Some(merchant_id),
None,
)));
}
Expand Down Expand Up @@ -343,9 +388,11 @@ pub async fn get_lineage_for_user_id_and_entity_for_accepting_invite(

return Ok(Some((
user_role.org_id.ok_or(UserErrors::InternalServerError)?,
user_role
.merchant_id
.ok_or(UserErrors::InternalServerError)?,
Some(
user_role
.merchant_id
.ok_or(UserErrors::InternalServerError)?,
),
Some(profile_id),
)));
}
Expand Down
Loading