You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Created a condition for authorityCheck over environment when projects accesslevel is global. Previously the permittedAuthorites and authorites were compared, but a non member would not have those roles.
Add environmentCount, variableCount, secretCount properties in a test.
My changes are breaking another fix/feature of the project
I have added test cases to show that my feature works
I have added relevant screenshots in my PR
There are no UI/UX issues
Documentation Update
This PR requires an update to the documentation at docs.keyshade.xyz
I have made the necessary updates to the documentation, or no documentation changes are required.
PR Type
Bug fix, Tests
Description
Enabled and enhanced a test to verify that any user can access a global project, including checks for environmentCount, secretCount, and variableCount.
Modified the authority check logic in the ProjectService to allow access to global projects without requiring specific authorities.
Changes walkthrough 📝
Relevant files
Tests
project.e2e.spec.ts
Enable and enhance test for global project access
apps/api/src/project/project.e2e.spec.ts
Uncommented and enabled a test for global project access.
Added checks for environmentCount, secretCount, and variableCount in the test.
Made GLOBAL projects accessible by anyone by removing authority requirements
Uncommented and fixed test in project.e2e.spec.ts
⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 PR contains tests
🔒 No security concerns identified
⚡ Recommended focus areas for review
Code Smell The comment states this code block will become invalid after RBAC implementation. Consider if this is the right time to refactor this code instead of adding more complexity to it.
Test Coverage The test only verifies read access. Consider adding tests for other operations (create, update, delete) with global projects to ensure complete access level validation.
Why: Adding null safety check with the optional chaining operator is a good defensive programming practice that prevents runtime errors if project is undefined, which could happen in real scenarios.
7
General
Use strict equality comparison to ensure type-safe comparisons
Use strict equality operator (===) instead of loose equality (==) for type-safe comparisons in TypeScript.
Why: Using === instead of == is a TypeScript best practice that prevents unexpected type coercion, though in this case the risk is low since we're comparing against an enum.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User description
Description
Fixes #575
Screenshots of relevant screens
Previously:
Developer's checklist
If changes are made in the code:
Documentation Update
PR Type
Bug fix, Tests
Description
environmentCount,secretCount, andvariableCount.ProjectServiceto allow access to global projects without requiring specific authorities.Changes walkthrough 📝
project.e2e.spec.ts
Enable and enhance test for global project accessapps/api/src/project/project.e2e.spec.ts
environmentCount,secretCount, andvariableCountinthe test.
project.service.ts
Adjust authority checks for global project accessapps/api/src/project/service/project.service.ts