Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WP-853: Adjust apcd backend to handle permissions error and general errors properly #420

Merged
merged 4 commits into from
Feb 10, 2025
Merged

WP-853: Adjust apcd backend to handle permissions error and general errors properly #420

merged 4 commits into from
Feb 10, 2025

Conversation

chandra-tacc
Copy link
Contributor

Overview

Issues before this PR:

  • Template is viewable even without permissions, and api fails with 302.
  • User does not have a clear message.
  • If api requests fail, then sometimes the response is not json.

Related

WP-853

Changes

  1. Separate template and api views in backend.
  2. For template view do a redirect to '/'
  3. For api view use Json Response with 403.
  4. To allow api clean code, add a mixin for common auth conditions and add baseview to allow error handling

Testing

Follow are the page permissions:
APCD_ADMIN: all pages
SUBMITTER ADMIN: Register menu and Submissions Menu
SUBMITTER USER: Submissions menu

go admin pages, do the following

  1. remove staff, super user, and any apcd groups.
  2. save

to restore:

Use this code to enable superuser after removing access

python manage.py shell

and then

from django.contrib.auth import get_user_model
my_user = get_user_model().objects.get(username="<username>")
my_user.is_staff = True
my_user.is_superuser = True
my_user.save()

Test cases:

  1. As admin all pages work
  2. As submitter_user:
    Only submissions menu items work.
    Manually try to go to 
    http://localhost:8000/administration/list-registration-requests/
http://localhost:8000/administration/list-exceptions
http://localhost:8000/administration/list-extensions
http://localhost:8000/administration/list-submissions
http://localhost:8000/register/list-registration-requests/
http://localhost:8000/register/list-registration-requests/api

and see that you are redirected to home

  1. As submitter_admin:
    See that both submissions menu and registrations work
    Manually try to go to 
    http://localhost:8000/administration/list-registration-requests/
http://localhost:8000/administration/list-exceptions
http://localhost:8000/administration/list-extensions
 http://localhost:8000/administration/list-submissions

and see that you are redirected to home

sophia-massie
sophia-massie approved these changes Feb 10, 2025
View reviewed changes
Copy link
Contributor

@sophia-massie sophia-massie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and LGTM! Thanks for the work on this. We may want to remove the List Registrations from the CMS Register navigation for submitter user role if they will just be redirected, but this PR is reflecting prod so not a blocker.

@chandra-tacc
Copy link
Contributor Author

Tested and LGTM! Thanks for the work on this. We may want to remove the List Registrations from the CMS Register navigation for submitter user role if they will just be redirected, but this PR is reflecting prod so not a blocker.

Yes, that is a good idea. That would be a CMS side change and not in this code base, can be addressed separately.

@chandra-tacc chandra-tacc merged commit 67629ac into main Feb 10, 2025
@chandra-tacc chandra-tacc deleted the bugs/WP-853 branch February 10, 2025 18:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sophia-massie sophia-massie sophia-massie approved these changes

@edmondsgarrett edmondsgarrett Awaiting requested review from edmondsgarrett

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chandra-tacc @sophia-massie