search

githubbob42 / mingle2github2

0 stars 1 forks source link

Ticket Log does not honor delete permission in mobile #5352

Closed githubbob42 closed 6 years ago

githubbob42 commented 6 years ago

Mingle Card: 5712 Steps to Reproduce

| | |
|-|-|
|**Version #**|4.0.1.4033|
|**Hardware**|Laptop|
|**OS**|Windows 7|
|**Browser**|Chrome 66.0.3359.139|
|**Username**|mmullins@fieldfxtest.keane2.com (mobile test user ‘Mike Mullins Test’)|
|**Password**|Use LastPass|
|ORG ID|00Do0000000JQSE|
|User ID| |
|RayGun Error ID| |
  1. Log into mobile and navigate to the OTS and eForms ticket T-662
  2. Then navigate to the logs and create a new log
  3. Delete the log after it is created and sync

Expected Result

The Keane mobile users do not have Delete permission to Ticket Logs, so mobile should not provide them with the button to delete logs.

Actual Result

The user can select a log or logs and the delete button is available to the user.  If they delete logs and then sync, we get sync errors since they don’t have that permission.  I have confirmed via tools.fieldfx.com that mobile users do not have this permission.

!clip-aff8-189c.png!

!clip-81d5-1ea3.png!

Analysis

When reviewing the problem, I will have to rework the code to allow for the delete button to show only if you have authorization to delete a ticket. 

After further review, I will have to do the same for the edit and create functionality as well to work with permissions.

To fix this, I need to wrap the buttons with ko auth bindings to fix the issue. 

Related Cards

Steps for Creating a Defect Card

| | |
|-|-|

1

   |

Ensure the defect title and description is clear and understandable.

   |

   |

2.

   |

Ensure the following are listed on the card:

    *   Mobile or back office version.
    *   Operating system
    *   Devices
    *   Browsers
    *   Username/Password.

   |

   |

3. 

   |

Ensure there are steps to reproduce and are easy to follow.

Add screenshots as necessary for clarity

   |

   |

4. 

   |

Ensure the Expected and Actual results are listed.

   |

   |

5.

   |

Check whether the bug exists in production (Sync V4) and/or Sync V4 Beta

    *   If the bug exists in current production then select the “**Sync V4 Channel”**
    *   If the bug exists in the Beta Channel but is not in production yet, then select “**Beta Channel”**
    *   If the bug was created during current iteration then select "**Regression**”

   |

   |

QA Test Report

Test Plan

selenium > permissions/noObjEdit.js > Test 4. Verfiy that user w/o delete permission to ticket logs cannot delete logs (5712)

  1. Remove delete permissions in back-office for ticket logs
  2. Sync mobile
  3. Then navigate to the logs and create a new log
  4. Delete the log after it is created and sync
  5. In back-office
  6. Remove create permissions in back-office for ticket logs
  7. Sync mobile
  8. Then navigate to the logs and ensure the create button is not there
| | |
|-|-|

1.

   |

Ensure the card has enough information from the programmer before you start the verification

If not request more information

   |

   |

2.

   |

Ensure you’re able to reproduce the defect prior to verifying it

   |

   |

3.

   |

Ensure to verify if the PR is still valid by going to Github.

   |

   |

3.

   |

Create a test plan and write/update test case for the card is there is no test case in Tarantula.

   |

   |

4

   |

Test the card on all required devices and versions. If it’s a mobile card, always test the offline functionality around that defect. Attach screenshots to the card as necessary displaying the fix

   |

   |

5.

   |

Add the following test result documentations:

    *   Test Status:
    *   PR Build:
    *   Username/Password
    *   Test case name:
    *   Environment and devices tested on:
    *   Test Note.

   |

   |

6.

   |

Push the card to “Testing Complete”

   |

   |
githubbob42 commented 6 years ago

Patty : 10/29/2018 15:01 CDT Documented as bug fix in 6/7/2018 Mobile release notes.

githubbob42 commented 6 years ago

Pull Request #2772