feat: Vendor verification #1208
Conversation
There was a problem hiding this comment.
Looks good! A lot of involved changes here but from my checks, seems very well handled. As you mention as well, this should certainly open a lot of intentional vendor related functionlity. Happy to see this get in!
I left only a minor comment inline but nothing blocking here, good stuff!
| if (vendorEntry) { | ||
| const [, companyName] = vendorEntry.split('|'); | ||
| const vendor = await findVendorByName({ | ||
| name: companyName, |
There was a problem hiding this comment.
May want to trim this just in case?
There was a problem hiding this comment.
Good idea. I added a trim()
| * @param {*} options.transaction - Sequelize transaction | ||
| * @returns {Promise<*>} | ||
| */ | ||
| const addUserVendor = async (userId, vendorId, { transaction }) => { |
There was a problem hiding this comment.
Good handling of this (although the name puzzled me for a second, ha)! I immediately thought of the case where a vendor's company was incorrectly assigned and how it may be to have to resolve that. With this change, just updating the .txt and having them sign in again easily handles that!
There was a problem hiding this comment.
Yeah I am not in love with the name but wasn't sure where best to move the term from "vendor" to "company" since a "vendor" attached to a person is their "company".
| // Check if the user's company is the vendor for the associated At | ||
| if (requireVendorForAt && !isAdmin) { | ||
| const isVendorForAt = company && company.ats.some(at => at.id === atId); | ||
| if (!isVendorForAt) { | ||
| return <Navigate to="/404" replace />; | ||
| } | ||
| } | ||
|
|
| company: { | ||
| id: '1', | ||
| name: 'Company', | ||
| ats: [] | ||
| } |
There was a problem hiding this comment.
in the mock, would these need a company since the roles assigned here doesn't include 'VENDOR'?
There was a problem hiding this comment.
Great point! Addressed.
see #1201
This PR adds the Vendor table to the DB in order to store information about User -> Vendor and Vendor -> AT associations. With this PR, the User table has a "company" column that holds Vendors. For now, this is only used to prevent review of Candidate Test Plans unless the reviewer is either an admin or a representative of the vendor of the specified AT.
These changes could potentially enable other vendor-specific features in the future.