Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Week 3 & 4: Feature for Users to Request Changes and Improve Permission Handling & Security #34

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Week 3 & 4: Feature for Users to Request Changes and Improve Permission Handling & Security #34

wants to merge 4 commits into from

Conversation

Snehil-Shah
Copy link
Contributor

@Snehil-Shah Snehil-Shah commented Feb 11, 2024
edited
Loading

  • Sanitize API requests
  • Add Error handling middleware
  • Client Side Form Validations
  • Manage Access based on User Permission Level

@Snehil-Shah
Improve Server-Side Security
0dd592f 
- Sanitize API requests
- Add Error handling middleware

Signed-off-by: Snehil Shah <[email protected]>
@Snehil-Shah
Client Side Validations & Alert box upon incorrect Login
ef58a2b 
Signed-off-by: Snehil Shah <[email protected]>
@Snehil-Shah
Copy link
Contributor Author

Alert upon incorrect login:

alert

@Snehil-Shah
Copy link
Contributor Author

@Shashankpantiitbhilai @DevilsAutumn @krishnan05 Kindly review the PR..

The User cannot add or edit students only admins and presidents can!

Testing:
Instead of hardcoding emails of admins and presidents, we rely on mongodb to assign admins and presidents.
first make an account as you normally would, then go to mongoDB UI and edit the user document inside the users collection in the database. change "role": "president" or "admin" from "user" in the mongoDB document, and log in again, you are now logged in as a president, you can now edit and add users.
How to manage admins can also be decided later on, but for testing this is the way

@Snehil-Shah Snehil-Shah marked this pull request as ready for review February 13, 2024 21:39
@Snehil-Shah Snehil-Shah changed the title Improve Permission Handling and Security Week 3 & 4: Feature for Users to Request Changes and Improve Permission Handling & Security Feb 14, 2024
@Snehil-Shah
Copy link
Contributor Author

Snehil-Shah commented Feb 14, 2024
edited
Loading

@DevilsAutumn @krishnan05 I have added week 4's work too in the same PR, This will be the final PR. It's ready for review.

Added Feature where users can request updates to their profile and admins can review them. Admins have a new Issues Panel where all the Issues are listed and they can accept the change.

User's View: Suggesting change

user

Admin's View: Review Change

admin

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Snehil-Shah