correcting password of super-admin

[prayanshchh]

What kind of change does this PR introduce?

Issue Number:

Fixes #
#2824

Did you add tests for your changes?

Snapshots/Videos:

If relevant, did you update the documentation?

Summary

Does this PR introduce a breaking change?

Other information

Have you read the contributing guide?

Summary by CodeRabbit

• Security
  • Updated password hashes for specific user accounts to enhance security measures.

[coderabbitai]

Walkthrough

The pull request involves modifications to the sample_data/users.json file, specifically updating password hashes for two specific user entries. The changes appear to be targeted password updates for users with specific IDs, potentially related to a password reset or security mechanism update. The modifications are limited to password hash values and do not alter any other user data or system configurations.

Changes

File	Change Summary
sample_data/users.json	Updated password hashes for two specific users: - User ID "64378abd85008f171cf2990d": Password hash changed - User ID "65378abd85008f171cf2990d": Password hash updated

Possibly related issues

• PalisadoesFoundation/talawa-api#2824: The changes might be related to the reported incorrect super-admin password issue, potentially addressing the authentication problem by updating specific user credentials.

Poem

🐰 Passwords dancing, bits in flight,
Hashes shifting, cryptic and bright
Two users marked for a secret reset
Security's whisper, a digital quest
Rabbit's code weaves its magic tight! 🔐

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Our Pull Request Approval Process

Thanks for contributing!

Testing Your Code

Remember, your PRs won't be reviewed until these criteria are met:

1. We don't merge PRs with poor code quality.
   1. Follow coding best practices such that CodeRabbit.ai approves your PR.
2. We don't merge PRs with failed tests.
   1. When tests fail, click on the Details link to learn more.
   2. Write sufficient tests for your changes (CodeCov Patch Test). Your testing level must be better than the target threshold of the repository
   3. Tests may fail if you edit sensitive files. Ask to add the ignore-sensitive-files-pr label if the edits are necessary.
3. We cannot merge PRs with conflicting files. These must be fixed.

Our policies make our code better.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

1. comments in this PR or
2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

1. arbitrators of future discussions with other contributors about the validity of your changes
2. point of contact for evaluating the validity of your work
3. person who verifies matching issues by others that should be closed.
4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

1. PRs with issues not assigned to you will be closed by the reviewer
2. Fix the first comment in the PR so that each issue listed automatically closes

Other

1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
2. Read the CONTRIBUTING.md file make

[prayanshchh]

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

sample_data/users.json (1)

Line range hint 1-650: Best Practice: Improve sample data structure

The sample data could be improved to better reflect real-world scenarios and make testing more robust:

1. Users have identical passwords
2. All users have the same creation timestamp
3. Some users have null values (e.g., appUserProfileId for the last user)

Consider:

1. Using different timestamps for user creation
2. Ensuring no null values in required fields
3. Adding comments to explain the purpose of each user type
4. Including more varied test scenarios (e.g., users with different statuses, different organization memberships)

Would you like me to help create a more diverse and realistic sample dataset?

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b64f105 and 15c068e.

📒 Files selected for processing (1)

• sample_data/users.json (1 hunks)

🔇 Additional comments (1)

sample_data/users.json (1)

Line range hint 1-650: Verify the impact of password changes

The changes modify the password hash for the super-admin account. Let's verify:

1. If this is the only instance of the super-admin credentials
2. If there are any tests that might be affected by this change

✅ Verification successful

Let me generate additional scripts to search for test files and verify the password hash usage.

---

Let me check the content of the test file to understand how the super-admin credentials are used.

---

Based on the gathered information, I can now provide the final response:

✓ Password change in sample data is safe to proceed

The password hash modification in sample_data/users.json appears to be safe as:

1. The file is only used as sample/test data
2. The super-admin email is only referenced in:
   • INSTALLATION.md as documentation
   • tests/resolvers/Query/helperFunctions/getWhere.spec.ts for testing query filters
   • sample_data/users.json as sample data
3. No actual authentication tests depend on the specific password hash
4. The password hash is not referenced anywhere else in the codebase

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for other instances of super-admin credentials or password hashes
echo "Searching for other instances of super-admin email..."
rg "[email protected]" --type-not json

echo "Searching for other instances of the password hash..."
rg "\$2a\$12\$bSYpay6TRMpTOaAmYPFXku4avwmqfFBtmgg39TabxmtFEiz4plFtW" --type-not json

echo "Searching for test files that might be affected..."
rg -l "testsuperadmin" --type test

Length of output: 1601

---

Script:

#!/bin/bash
# Search for test files with different extensions
echo "Searching for test files containing 'testsuperadmin'..."
fd -e test.js -e spec.js -e test.ts -e spec.ts -e test.jsx -e spec.jsx -e test.tsx -e spec.tsx -x rg -l "testsuperadmin" {}

echo "Searching for any hardcoded passwords in test files..."
fd -e test.js -e spec.js -e test.ts -e spec.ts -e test.jsx -e spec.jsx -e test.tsx -e spec.tsx -x rg -l "Pass@123" {}

echo "Checking for any other sample data files..."
fd -g "*.json" -x rg -l "[email protected]" {}

Length of output: 728

---

Script:

#!/bin/bash
# Check the content of the test file
echo "Checking test file content..."
cat tests/resolvers/Query/helperFunctions/getWhere.spec.ts

echo "Checking for any environment files that might contain credentials..."
fd -g "*.env*" -x rg -l "testsuperadmin" {}

echo "Checking for any configuration files..."
fd -g "*config*.{js,ts,json}" -x rg -l "testsuperadmin" {}

Length of output: 10872

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.72%. Comparing base (b64f105) to head (15c068e).
Report is 1 commits behind head on develop.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #2825   +/-   ##
========================================
  Coverage    97.72%   97.72%           
========================================
  Files          364      364           
  Lines        18569    18569           
  Branches      2682     2682           
========================================
  Hits         18147    18147           
  Misses         417      417           
  Partials         5        5           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.