Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restrict partner-user-management to bank org admins #4458

Closed
1 task
awwaiid opened this issue Jun 19, 2024 · 2 comments · Fixed by #4468
Closed
1 task

Restrict partner-user-management to bank org admins #4458

awwaiid opened this issue Jun 19, 2024 · 2 comments · Fixed by #4468
Assignees
@coalest

Comments

@awwaiid
Copy link
Collaborator

awwaiid commented Jun 19, 2024

Summary

We only link to the PartnerUser management page for bank admins, but in app/controllers/partner_users_controller.rb we don't re-assert that restriction. Add a bank-org admin check to this controller.

Things to consider

No response

Criteria for Completion

  • When logged in as a bank non-admin user, you should get a permission denied error when navigating to /partners/ID/users
@awwaiid awwaiid mentioned this issue Jun 19, 2024
Merged
@napster235 napster235 mentioned this issue Jun 21, 2024
Merged
@cielf
Copy link
Collaborator

cielf commented Aug 25, 2024

Status: There is an open PR that needs some work on fixing tests to push it over the line.

@coalest coalest self-assigned this Jan 8, 2025
@coalest
Copy link
Collaborator

coalest commented Jan 8, 2025

I'll try to wrap this up.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@coalest coalest

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[4458] - Restrict non admins to partner users napster235/human-essentials
3 participants
@awwaiid @cielf @coalest