Skip to content

Organizations Access #3373

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 16, 2025
Merged

Organizations Access #3373

merged 4 commits into from
Mar 16, 2025

Conversation

JXP25
Copy link

@JXP25 JXP25 commented Mar 16, 2025
edited
Loading

Overview

This PR ensures only details about all available organizations are available without authentication.

Closes Issue: #3370

Working Query

query AllOrganizations($filter: String) {
    organizations(filter: $filter) {
      id
      name
      addressLine1
      description
      avatarURL
    }
}

Note: The above query is already available in admin at
image

Solution implemented

  • Removed check for unauthorized ctx to query organizations.
  • Modified linked test cases

Summary by CodeRabbit

  • New Features
    • Organizations query now returns a list of organizations even without client authentication.
  • Tests
    • Updated tests to verify that unauthenticated requests now receive the organizations list instead of triggering an error.

@JXP25 JXP25 marked this pull request as ready for review March 16, 2025 10:42
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Mar 16, 2025
edited
Loading

Walkthrough

The pull request removes the authentication check from the resolveOrganizations function within the GraphQL organizations query. As a result, unauthenticated clients are now allowed to retrieve organizations. Correspondingly, the associated test has been updated to expect an array of organizations rather than an error when the client is not authenticated.

Changes

File Path Change Summary
src/graphql/types/Query/organizations.ts Removed the authentication check and the corresponding error handling in the resolveOrganizations function.
test/graphql/types/Query/organizations.test.ts Updated test cases: modified expected behavior to return an array of organizations for unauthenticated users and added assertions for query parameters.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant GraphQLServer
    participant Database

    Client->>GraphQLServer: Request organizations query
    GraphQLServer->>Database: Query organizations (with limit & offset)
    Database-->>GraphQLServer: Return organizations array
    GraphQLServer-->>Client: Return organizations array
Loading

Possibly related PRs

Suggested labels

ignore-sensitive-files-pr

Suggested reviewers

  • GlenDsza
  • palisadoes
📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5674b92 and f3605e4.

📒 Files selected for processing (2)
  • src/graphql/types/Query/organizations.ts (1 hunks)
  • test/graphql/types/Query/organizations.test.ts (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: Run tests for talawa api
  • GitHub Check: Analyse Code With CodeQL (typescript)
🔇 Additional comments (3)
src/graphql/types/Query/organizations.ts (1)

25-44: Authentication check removed as intended

The key change in this file is the removal of the authentication check that previously restricted organization data to authenticated users only. This successfully implements the PR objective of allowing access to organization details without requiring user authentication.

The implementation maintains proper error handling for database query failures, ensuring robustness while opening up access to the data.

test/graphql/types/Query/organizations.test.ts (2)

33-60: Test updated to reflect new unauthenticated access

The test has been appropriately modified to verify that organizations are now returned to unauthenticated users instead of throwing an error. The test setup creates a mock unauthenticated context, provides test organization data, and verifies both the returned data and that the database query was called with the correct parameters.

This test change properly validates the implementation change and ensures the new behavior works as expected.

62-84: Existing authenticated test case maintained

Good practice to keep the existing test case for authenticated users, as it verifies that the functionality continues to work for both authenticated and unauthenticated users. This ensures backward compatibility while adding the new feature.

✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@github-actions GitHub Actions
Copy link

Our Pull Request Approval Process

Thanks for contributing!

Testing Your Code

Remember, your PRs won't be reviewed until these criteria are met:

  1. We don't merge PRs with poor code quality.
    1. Follow coding best practices such that CodeRabbit.ai approves your PR.
  2. We don't merge PRs with failed tests.
    1. When tests fail, click on the Details link to learn more.
    2. Write sufficient tests for your changes (CodeCov Patch Test). Your testing level must be better than the target threshold of the repository
    3. Tests may fail if you edit sensitive files. Ask to add the ignore-sensitive-files-pr label if the edits are necessary.
  3. We cannot merge PRs with conflicting files. These must be fixed.

Our policies make our code better.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

  1. comments in this PR or
  2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

  1. arbitrators of future discussions with other contributors about the validity of your changes
  2. point of contact for evaluating the validity of your work
  3. person who verifies matching issues by others that should be closed.
  4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

  1. PRs with issues not assigned to you will be closed by the reviewer
  2. Fix the first comment in the PR so that each issue listed automatically closes

Other

  1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
  2. Read the CONTRIBUTING.md file make

@codecov Codecov
Copy link

codecov bot commented Mar 16, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 53.54%. Comparing base (5674b92) to head (f3605e4).
Report is 1 commits behind head on develop-postgres.

Additional details and impacted files 
@@                 Coverage Diff                  @@
##           develop-postgres    #3373      +/-   ##
====================================================
- Coverage             53.55%   53.54%   -0.02%     
====================================================
  Files                   472      472              
  Lines                 35923    35915       -8     
  Branches               1311     1308       -3     
====================================================
- Hits                  19238    19230       -8     
  Misses                16680    16680              
  Partials                  5        5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@JXP25
Copy link
Author

JXP25 commented Mar 16, 2025

@palisadoes PR is ready for review

@Cioppolo14 Cioppolo14 added the ignore-sensitive-files-pr The contributor has a legitimate reason for editiing protected files label Mar 16, 2025
@Cioppolo14 Cioppolo14 requested review from meetulr and disha1202 March 16, 2025 12:00
@Cioppolo14
Copy link
Contributor

@meetulr @disha1202 Can you review this PR?

meetulr
meetulr approved these changes Mar 16, 2025
View reviewed changes
Copy link
Contributor

@meetulr meetulr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@meetulr meetulr merged commit f1b6ec0 into PalisadoesFoundation:develop-postgres Mar 16, 2025
16 of 17 checks passed
This was referenced Mar 24, 2025
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meetulr meetulr meetulr approved these changes

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

@disha1202 disha1202 Awaiting requested review from disha1202

Assignees
No one assigned
Labels
ignore-sensitive-files-pr The contributor has a legitimate reason for editiing protected files
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JXP25 @Cioppolo14 @meetulr