Skip to content

Add back token logic to invite users endpoints #1643

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Aug 20, 2024
Merged

Add back token logic to invite users endpoints #1643

merged 5 commits into from
Aug 20, 2024

Conversation

florkbr
Copy link
Contributor

@florkbr florkbr commented Aug 8, 2024
edited
Loading

Description

We recently migrated the changes from RHEcosystem rbac-ui into this repo. With those changes I made some tweaks per code review comments. One of those tweaks was to remove the token logic (as we suspected chrome would auto apply the header for us): d354f56#diff-195bc33b49d5867b3f0b7e71303727bad811474107d1ec281a1d14f8d855465dL36

However, as the target endpoints are on a different domain and not in our whitelist here: https://github.com/RedHatInsights/insights-chrome/blob/master/src/utils/iqeEnablement.ts#L17 - the auth header is not correctly applied.

For now I've added the logic we had back (although we should not be pulling the token from the global). I will open a tech debt issue to track improving this impl. Because these URLs are sensitive I have opted not to update our whitelist.

Screenshots

NA

Checklist ☑️

  • PR only fixes one issue or story
  • Change reviewed for extraneous code
  • UI best practices adhered to
  • Commits squashed and meaningfully named
  • All PR checks pass locally (build, lint, test, E2E)

  • (Optional) QE: Needs QE attention (OUIA changed, perceived impact to tests, no test coverage)
  • (Optional) QE: Has been mentioned
  • (Optional) UX: Needs UX attention (end user UX modified, missing designs)
  • (Optional) UX: Has been mentioned

florkbr
florkbr commented Aug 8, 2024
View reviewed changes
src/helpers/user/user-helper.js
@@ -55,9 +56,10 @@ function handleError(error, reject) {
}

export async function addUsers(usersData = { emails: [], isAdmin: undefined }) {
const token = await insights.chrome.auth.getToken();
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW we should not be using the insights global. This was originally how the logic was migrated over from RHEcosystem in #1635. We can update the reducers/actions to accept a token from the useAuth hook in the future.

@florkbr florkbr force-pushed the fix-invite-users-no-auth-error branch from ccc4a2c to d086e1a Compare August 19, 2024 20:20
@florkbr
Copy link
Contributor Author

florkbr commented Aug 20, 2024

Pipeline passing now due to #1652. Tested locally and everything is working as expected. I'm going to merge this to unblock inboundary and will keep an eye out for any issues.

@florkbr florkbr merged commit fb67480 into RedHatInsights:master Aug 20, 2024
5 checks passed
@florkbr florkbr mentioned this pull request Aug 20, 2024
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@InsaneZein InsaneZein InsaneZein approved these changes

@catastrophe-brandon catastrophe-brandon catastrophe-brandon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@florkbr @InsaneZein @catastrophe-brandon @Hyperkid123