Open aaronskiba opened 2 months ago
It appears that some Users within the db have deprecated permissions:
# app/helpers/perms_helper.rb
# frozen_string_literal: true
# Helper methods for User permissions
module PermsHelper
# Returns a hash whose keys are the names associated to Perms and values are
# the text to be displayed to the end user
def name_and_text
{
add_organisations: _('Add organisations'),
change_org_affiliation: _('Change affiliation'),
grant_permissions: _('Manage user privileges'),
modify_templates: _('Manage templates'),
modify_guidance: _('Manage guidance'),
use_api: _('API rights'),
change_org_details: _('Manage organisation details'),
grant_api_to_orgs: _('Grant API to organisations'),
review_org_plans: _('Review organisational plans')
}
end
end
SELECT *
FROM perms;
id | name | created_at | updated_at |
---|---|---|---|
1 | admin | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
2 | user | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
3 | org_admin | 2014-06-25 19:11:42 | 2014-06-25 19:11:42 |
4 | add_organisations | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
5 | change_org_affiliation | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
6 | grant_permissions | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
7 | modify_templates | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
8 | modify_guidance | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
9 | use_api | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
10 | change_org_details | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
11 | grant_api_to_orgs | 2021-02-22 18:27:32 | 2021-02-22 18:27:32 |
12 | review_org_plans | 2021-02-22 22:23:06 | 2021-02-22 22:23:06 |
aaron@ubuntu:~/Documents/GitHub/roadmap
$ rails c
Running via Spring preloader in process 3767053
Loading development environment (Rails 6.1.7.8)
irb: warn: can't alias context from irb_context.
3.1.4 :001 > perm_ids = Perm.pluck(:id)
(1.2ms) SELECT "perms"."id" FROM "perms"
3.1.4 :002 > old_perm_ids = [1, 2, 3]
3.1.4 :003 > new_perm_ids = perm_ids - old_perm_ids
3.1.4 :004 > users_with_old_perms = User.joins(:perms).where(perms: {id: old_perm_ids})
User Load (4.3ms) SELECT "users".* FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3) [["id", 1], ["id", 2], ["id", 3]]
=> [#<User id: 159, firstname: "Alex", surname: "Guindon", email: "alex.guindon@concordia.ca",...
3.1.4 :005 > > users_with_old_perms.distinct.count
(4.2ms) SELECT COUNT(DISTINCT "users"."id") FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3) [["id", 1], ["id", 2], ["id", 3]]
=> 4
3.1.4 :006 > users_with_only_old_perms = users_with_old_perms - User.joins(:perms).where(perms: {id:
new_perm_ids})
User Load (12.7ms) SELECT "users".* FROM "users" INNER JOIN "users_perms" ON "users_perms"."user_id" = "users"."id" INNER JOIN "perms" ON "perms"."id" = "users_perms"."perm_id" WHERE "perms"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9) [["id", 4], ["id", 5], ["id", 6], ["id", 7], ["id", 8], ["id", 9], ["id", 10], ["id", 11], ["id", 12]]
=> [#<User id: 159, firstname: "Alex", surname: "Guindon", email: "alex.guindon@concordia.ca",...
3.1.4 :007 > users_with_only_old_perms.count
=> 3 # I checked and they are distinct
In total, there are only 4 users that possess these deprecated Perms. One of them is "dittest@ualberta.ca"
, who possesses all of the possible permissions. The remaining 3 only possess the user
permission.
Here's a potential script for removing the old permissions from existing users:
old_perm_ids = [1,2,3]
users = User.joins(:perms).where(perms: {id: old_perm_ids})
users.each do |user|
user.perms.delete(Perm.where(id: old_perm_ids))
end
Please complete the following fields as applicable:
What version of the DMPRoadmap code are you running? (e.g. v2.2.0)
4.1.1+portage-4.1.1
4.1.1+portage-4.1.0
Expected behaviour:
Only Show Admins
checked, should not return any non-admin users.Actual behaviour/Steps to reproduce: