-
Notifications
You must be signed in to change notification settings - Fork 678
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added mandatory checks for default password reset #4720
Conversation
Signed-off-by: Saranya-jena <saranya.jena@harness.io>
@@ -271,6 +271,15 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc { | |||
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], presenter.CreateErrorResponse(utils.ErrInvalidRequest)) | |||
return | |||
} | |||
|
|||
// admin/user shouldn't be able to perform any task if it's default pwd is not changes(initial login is true) | |||
initialLogin, err := CheckInitialLogin(service, userRequest.UserID) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about adding these checks in the middleware. We anyways need to restrict all the operations till the password is updated. We also have to restrict access to GQL APIs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update: No need to add the check in the middleware, instead checks can be added in operations like create project, create user etc which will also block other subsequent operations.
Adding checks in these functions will also not require the checks to be added in gql APIs since gql APIs need a project and create project requires password updation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Proposed changes
Added checks in the APIs to ensure default password is updated before performing the operations: admin/user shouldn't be able to perform any task if it's default pwd is not changed(initial login is true)
Summarize your changes here to communicate with the maintainers and make sure to put the link of that issue
Types of changes
What types of changes does your code introduce to Litmus? Put an
x
in the boxes that applyChecklist
Put an
x
in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.Dependency
Special notes for your reviewer: