aaronskiba
commented
2 months ago It appears that some Users within the db have deprecated permissions:
# app/helpers/perms_helper.rb
# frozen_string_literal: true
# Helper methods for User permissions
module PermsHelper
# Returns a hash whose keys are the names associated to Perms and values are
# the text to be displayed to the end user
def name_and_text
{
add_organisations: _('Add organisations'),
change_org_affiliation: _('Change affiliation'),
grant_permissions: _('Manage user privileges'),
modify_templates: _('Manage templates'),
modify_guidance: _('Manage guidance'),
use_api: _('API rights'),
change_org_details: _('Manage organisation details'),
grant_api_to_orgs: _('Grant API to organisations'),
review_org_plans: _('Review organisational plans')
}
end
endSELECT *
FROM perms;| id | name | created_at | updated_at |
|---|---|---|---|
| 1 | admin | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
| 2 | user | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
| 3 | org_admin | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
| 4 | add_organisations | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 5 | change_org_affiliation | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 6 | grant_permissions | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 7 | modify_templates | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 8 | modify_guidance | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 9 | use_api | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 10 | change_org_details | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 11 | grant_api_to_orgs | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
| 12 | review_org_plans | 2021-02-22 22:23:06 | 2021-02-22 22:23:06 |
aaron@ubuntu:~/Documents/GitHub/roadmap
$ rails c
Running via Spring preloader in process 3767053
Loading development environment (Rails 6.1.7.8)
irb: warn: can't alias context from irb_context.
3.1.4 :001 > perm_ids = Perm.pluck(:id)
(1.2ms) SELECT "perms"."id" FROM "perms"
3.1.4 :002 > old_perm_ids = [1, 2, 3]
3.1.4 :003 > new_perm_ids = perm_ids - old_perm_ids
3.1.4 :004 > users_with_old_perms = User.joins(:perms).where(perms: {id: old_perm_ids})
User Load (4.3ms) SELECT "users".* FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3) [["id", 1], ["id", 2], ["id", 3]]
=> [#<User id: 159, firstname: "Alex", surname: "Guindon", email: "alex.guindon@concordia.ca",...
3.1.4 :005 > > users_with_old_perms.distinct.count
(4.2ms) SELECT COUNT(DISTINCT "users"."id") FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3) [["id", 1], ["id", 2], ["id", 3]]
=> 4
3.1.4 :006 > users_with_only_old_perms = users_with_old_perms - User.joins(:perms).where(perms: {id:
new_perm_ids})
User Load (12.7ms) SELECT "users".* FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9) [["id", 4], ["id", 5], ["id", 6], ["id", 7], ["id", 8], ["id", 9], ["id", 10], ["id", 11], ["id", 12]]
=> [#<User id: 159, firstname: "Alex", surname: "Guindon", email: "alex.guindon@concordia.ca",...
3.1.4 :007 > users_with_only_old_perms.count
=> 3 # I checked and they are distinctIn total, there are only 4 users that possess these deprecated Perms. One of them is "dittest@ualberta.ca", who possesses all of the possible permissions. The remaining 3 only possess the user permission.
Please complete the following fields as applicable:
What version of the DMPRoadmap code are you running? (e.g. v2.2.0)
4.1.1+portage-4.1.14.1.1+portage-4.1.0Expected behaviour:
Only Show Adminschecked, should not return any non-admin users.Actual behaviour/Steps to reproduce: