Fix/allow users to view their own application status #2080
Conversation
Achintya-Chatterjee
changed the title
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -33,7 +33,7 @@ router.patch( | |||
| users.updateDiscordUserNickname | |||
| ); | |||
| router.get("/:username", users.getUser); | |||
| router.get("/:userId/intro", authenticate, authorizeRoles([SUPERUSER]), users.getUserIntro); | |||
There was a problem hiding this comment.
Why this?
As we already have application route why you can't fetch with it
There was a problem hiding this comment.
Have to change many code in website-www, to use this application route. Also new user's could only see their application status in the /intro route only.
There was a problem hiding this comment.
But this is not the good solution
And ask with Ankush or Tejas is your PR is going to merge or my
There was a problem hiding this comment.
Only superusers would be able to accept new user request, no one else, also if you're not the applicants you will always get you are not authorised to view this. Also for your information this a temporary fix, will reverse this after all the new applicants get's onboarded into RDS discord server
How are you telling that it's not a good solution
There was a problem hiding this comment.
But there is already route present for view the application then what is the need of this new route?
There was a problem hiding this comment.
I don't build this from the ground up, it was there, just did some modifications, also previously told you that if I wanted to use the application route , will have to change many code.
Date:
19th August, 2024Developer Name: @Achintya-Chatterjee
Issue Ticket Number
Description
This PR updates the backend authorization logic for accessing user intro data
Documentation Updated?
Under Feature Flag
Database Changes
Breaking Changes
Development Tested?
Screenshots
Screenshot 1
Test Coverage
Screenshot 1
Additional Notes