Hide PII from admins who lack that permission #70
Conversation
|
I forgot about the ban creation page, but I'm not sure how I could take care of that without also breaking the grab info from latest connection function |
|
Dont make a constant use the identity system to just check if they are in the role PII, it creates roles based on the flag enum |
I'm not sure I understand what you mean, is it just bad to do this or is it not supposed to work? |
|
PJB requested I make this a constant, thats why I did. Unless I completely misunderstood what she meant |
|
I have no idea, ima jsut let pjb reveiw |
|
I have no idea how I could keep the ban autofill stuff working without leaking PII to the client, or making spaghetti by turning the button into a checkbox I just opted to disable it for now, hoping someone else might have a better idea |
|
|
Closes #66.
I hope I got all instances, this makes it so you're unable to see PII of any user, or search for it if you don't have the permission.
In the cases where I could remove it without affecting the layout of the page, I did. Where I couldn't, I replaced the text with "Hidden". I'm ready for this to be torn to shreds in a review, as I wouldn't be surprised if I made a silly mistake.
The ban creation page was also updated to remove the buttons, and replace them with checkboxes instead