[PROD RELEASE] - WM related updates #740
Conversation
kkartunov
commented
Apr 30, 2025
kkartunov
commented
- Work Manager: Challenge List: PM user is not able to see all work under a project https://topcoder.atlassian.net/browse/PM-1139
fix(PM-1139): challenge task access issue for project manager
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| uses: actions/checkout@v3 | ||
|
|
||
| - name: TC AI PR Reviewer | ||
| uses: topcoder-platform/tc-ai-pr-reviewer@master |
There was a problem hiding this comment.
Consider specifying a version tag instead of using @master for the topcoder-platform/tc-ai-pr-reviewer action to ensure stability and avoid unexpected changes.
| with: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # The GITHUB_TOKEN is there by default so you just need to keep it like it is and not necessarily need to add it as secret as it will throw an error. [More Details](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret) | ||
| LAB45_API_KEY: ${{ secrets.LAB45_API_KEY }} | ||
| exclude: "**/*.json, **/*.md, **/*.jpg, **/*.png, **/*.jpeg, **/*.bmp, **/*.webp" # Optional: exclude patterns separated by commas |
There was a problem hiding this comment.
Ensure that the exclude patterns are correctly formatted and cover all necessary file types that should be excluded from the review process. Double-check if any additional file types need to be added to the exclusion list.
| @@ -960,7 +960,7 @@ async function _ensureAccessibleForTaskChallenge(currentUser, challenge) { | |||
| } | |||
| const canAccesChallenge = _.isUndefined(currentUser) | |||
| ? false | |||
| : currentUser.isMachine || hasAdminRole(currentUser) || !_.isEmpty(memberResources); | |||
| : currentUser.isMachine || hasAdminRole(currentUser) || hasProjectManagerRole(currentUser) || !_.isEmpty(memberResources); | |||
There was a problem hiding this comment.
There is a typo in the variable name canAccesChallenge. It should be canAccessChallenge to maintain consistency and readability.
| function hasProjectManagerRole(authUser) { | ||
| if (authUser && authUser.roles) { | ||
| for (const role of authUser.roles) { | ||
| if (role.toLowerCase() === constants.UserRoles.ProjectManager.toLowerCase()) { |
There was a problem hiding this comment.
Consider using localeCompare for case-insensitive comparison instead of toLowerCase() to handle edge cases with locale-specific characters.
| @@ -152,6 +152,7 @@ async function searchChallenges(currentUser, criteria) { | |||
| ]; | |||
|
|
|||
| const _hasAdminRole = hasAdminRole(currentUser); | |||
| const _hasProjectManagerRole = hasProjectManagerRole(currentUser); | |||
There was a problem hiding this comment.
Consider checking if hasProjectManagerRole function is defined and imported correctly to ensure it works as expected.
| @@ -588,7 +589,7 @@ async function searchChallenges(currentUser, criteria) { | |||
| // FIXME: Tech Debt | |||
| let excludeTasks = true; | |||
| // if you're an admin or m2m, security rules wont be applied | |||
| if (currentUser && (_hasAdminRole || _.get(currentUser, "isMachine", false))) { | |||
| if (currentUser && (_hasAdminRole || _hasProjectManagerRole || _.get(currentUser, "isMachine", false))) { | |||
There was a problem hiding this comment.
The variable _hasProjectManagerRole is used here, but it's not clear from the diff if it is defined or initialized anywhere in the code. Ensure that _hasProjectManagerRole is properly defined and initialized before this line to avoid potential runtime errors.
