Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(users): restrict user sign-in for no user role in current tenancy #7027

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(users): restrict user sign-in for no user role in current tenancy #7027

wants to merge 1 commit into from

Conversation

apoorvdixit88
Copy link
Contributor

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

  • Currently user can enter the id password in the given tenancy and can reach to intermediate state even if it has no user role in the current tenancy. Though he won't be able to signin, still its better to have a check when entering credentials only.
  • Also when deleting user after user role deletion, we need to search for its user role across tenancies.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #7026

How did you test it?

Tried with signin where user exists but doesn't have any role in the given tenancy
Screenshot 2025-01-12 at 6 50 21 PM

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@apoorvdixit88 apoorvdixit88 added C-bug Category: Bug A-users Area: Users labels Jan 12, 2025
@apoorvdixit88 apoorvdixit88 self-assigned this Jan 12, 2025
@apoorvdixit88 apoorvdixit88 requested a review from a team as a code owner January 12, 2025 17:58
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Jan 12, 2025
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/core/user_role.rs  21% smaller
  crates/router/src/core/errors/user.rs  0% smaller
  crates/router/src/core/user.rs  0% smaller

@apoorvdixit88 apoorvdixit88 changed the title fix(users): restrict user sign-in for no user role in given tenancy fix(users): restrict user sign-in for no user role in current tenancy Jan 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@apoorvdixit88 apoorvdixit88

Labels
A-users Area: Users C-bug Category: Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(users): prohibit signin to different tenancies
1 participant
@apoorvdixit88