Fix/restrict privatisation to email login #840
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -129,10 +130,12 @@ class SettingsRouter { | |||
| router.post("/", attachRollbackRouteHandlerWrapper(this.updateSettingsPage)) | |||
| router.get( | |||
| "/repo-password", | |||
There was a problem hiding this comment.
Extremely basic qn: where exactly in the FE are we calling this ah? I couldnt find any corresponding one, the only enpoint that the corresponding FE pr seems to call is /sites/<siteName>/settings, is this intended?
There was a problem hiding this comment.
The corresponding FE PR is only to restrict the privatisation route on the FE to email login as well! the call site is located in the base PR, isomerpages/isomercms-frontend#1316
kishore03109
approved these changes
Jul 19, 2023
alexanderleegs
added a commit
that referenced
this pull request
Jul 19, 2023
* chore: add new env var for netlify access token * feat: add netlify privatisation * chore: update .env.test * chore: add return type * chore: updates stop_builds type * chore: cast error * chore: move netlify conditional out separately * fix: check for error type * chore: shift and rename file * Fix: refactor axios-utils and add isAxiosError * refactor: pass only password to updateNetlifySite * fix: use isAxiosError * fix: revert to require * chore: swap to @utils * chore: modify method name * chore: rename netlifyService to netlifyApi * Fix/restrict privatisation to email login (#840) * fix: add verifyIsEmailUser wrapper to password endpoints * chore: update tests
alexanderleegs
added a commit
that referenced
this pull request
Jul 19, 2023
* chore: add env var and reformat env-example * feat: modify db and add migrations * feat: add util methods for password decryption * feat: add changeRepoPrivacy * feat: add deploymentClient updateBranch methods * feat: add deploymentService methods * feat: add methods to get and retrieve password * feat: add get and update password endpoints * chore: add schema * chore: update initialisation * chore: update db schema to include date of password * feat: add functionality to remove password * fix: change api to send/receive password directly * chore: swap to kebab-case * chore: underscore unused vars * chore: fix name * chore: update comment * chore: update wrap * chore: separate update and delete password * chore: split delete path into separate method * fix: set secret key to required * chore: rename arg * Fix: handle case where no password change necessary * chore: enforce that decrypted password is not modified * chore: update error type * fix: revert casting of amplify methods * chore: pass key as argument * chore: update DTO for netlify sites * Test/repo privatisation (#807) * chore: update site fixtures * test: add githubService tests * test: add settings router test * Fix: settings tests * chore: update env vars for tests * chore: update fixtures * fix: requestSchema * fix: use writehandler instead of rollback handler * chore: update tests to use new dto * feat: add crypto-utils test * feat: add integration test * fix: update updatePassword schema * fix: update crypto-utils tests * chore: remove unused imports * chore: update names of imported fixtures * feat: add new test case for invalid req * chore: update const name * fix: test input for new dto * chore: add validator * chore: update tests * nit: update test names * nit: rename repository to deploymentsRepository * fix: var name * Feat/privatise netlify sites (#828) * chore: add new env var for netlify access token * feat: add netlify privatisation * chore: update .env.test * chore: add return type * chore: updates stop_builds type * chore: cast error * chore: move netlify conditional out separately * fix: check for error type * chore: shift and rename file * Fix: refactor axios-utils and add isAxiosError * refactor: pass only password to updateNetlifySite * fix: use isAxiosError * fix: revert to require * chore: swap to @utils * chore: modify method name * chore: rename netlifyService to netlifyApi * Fix/restrict privatisation to email login (#840) * fix: add verifyIsEmailUser wrapper to password endpoints * chore: update tests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds an additional restriction to the repo privatisation feature such that only email login users can see the feature - this is due to the prerequisite of restricting github access before being able to convert repos to private, as private repos are unable to set additional branch protection rules, meaning the PR approval requirement can be bypassed. To be reviewed in conjunction with PR #1344 on the isomercms-frontend repo.