Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating a role field for Users #236 #441

Merged
merged 2 commits into from
Jan 6, 2023
Merged

Creating a role field for Users #236 #441

merged 2 commits into from
Jan 6, 2023

Conversation

fozziethebeat
Copy link
Collaborator

This creates a new field in the User table for the user role and sets it to general by default.

Then, when users sign in, it checks against a shortlist of user IDs for each provider type, if the user id matches the shortlist, they're updated to be an admin. That role is further forwarded to the user's token and session objects so it can be verified in the client side and at the API routes.

Closes #236

@fozziethebeat fozziethebeat marked this pull request as draft January 6, 2023 11:12
@fozziethebeat fozziethebeat marked this pull request as ready for review January 6, 2023 11:21
AbdBarho
AbdBarho approved these changes Jan 6, 2023
View reviewed changes
Copy link
Collaborator

@AbdBarho AbdBarho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This perhaps not necessary for the MVP, but does it make sense to use an array of roles?
In this case, a standard user would have an empty roles array.

what do you think?

@fozziethebeat
Copy link
Collaborator Author

This perhaps not necessary for the MVP, but does it make sense to use an array of roles? In this case, a standard user would have an empty roles array.

what do you think?

I've tried that before in other projects and I think it was just kind of confusing. Also most frameworks recommend a single role value per user. Right now I think we have a strict hierarchy of abilities associated with roles so a single value is simpler and works well enough. When we find out there's roles that don't fully subsume each other then we should investigate how to make an array of roles work well.

@fozziethebeat fozziethebeat merged commit d182f6f into main Jan 6, 2023
@fozziethebeat fozziethebeat deleted the 236-admin-role branch January 6, 2023 12:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AbdBarho AbdBarho AbdBarho approved these changes

@k-nearest-neighbor k-nearest-neighbor Awaiting requested review from k-nearest-neighbor

Assignees
No one assigned
Labels
website
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create role field in website User table and be able to seed it
2 participants
@fozziethebeat @AbdBarho