Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Edits to contact email address do not update permissions #363

Open
blakenan-bellese opened this issue Feb 26, 2021 · 0 comments
Open

Edits to contact email address do not update permissions #363

blakenan-bellese opened this issue Feb 26, 2021 · 0 comments
Labels
bug Something isn't working tech debt Remediation work implied by intentional partial or sub-optimal implmentation

Comments

@blakenan-bellese
Copy link
Contributor

Describe the bug
When a contact is associated with facility created we create a Casbin policy to allow that contact to view that the associated facility. This, coupled with short lived tokens, enable the self check-in functionality. Currently, any edits to an email address do not result in updates to the policy.

To Reproduce
Steps to reproduce the behavior:

  1. Perform self check in with an existing contact that has an email address
  2. Update the email address of that contact
  3. Attempt another self check in

Expected behavior
The self checkin after email update should succeed.

Environment
n/a

Additional context
The fix should also include removal of the policy associated with the old email address.

Here's the code that was used to create the policy when linking the entity and contact:

   if (typeof contact.email !== 'undefined' && contact.email.length > 0) {
      for (const email of contact.email) {
        const p = [email.address, `/entity/${ec.entityId}`, '(GET)|(POST)']
        await e.addPolicy(...p)
      }
@blakenan-bellese blakenan-bellese added bug Something isn't working tech debt Remediation work implied by intentional partial or sub-optimal implmentation labels Feb 26, 2021
stoopidJSON added a commit that referenced this issue Mar 25, 2021
@stoopidJSON
fix(entity-contact): Allowing contacts w/out emails
ac1b9dc 
If the contact has no email it can still be associated to the entity.
Resolves #363
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working tech debt Remediation work implied by intentional partial or sub-optimal implmentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@blakenan-bellese