-
Notifications
You must be signed in to change notification settings - Fork 993
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes #38108 - As a user I want to invalidate tokens for self(UI) #10405
base: develop
Are you sure you want to change the base?
Conversation
f3234ce
to
95f093f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Microcopy review
<h1>{__('JWT Tokens')}</h1> | ||
<p> | ||
{__( | ||
'By invalidating tokens,you will no longer be able to register hosts by using their JWTs.' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'By invalidating tokens,you will no longer be able to register hosts by using their JWTs.' | |
'By invalidating your JSON Web Tokens (JWTs), you will no longer be able to register hosts by using your existing JWTs.' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
process_success( | ||
:success_msg => _('Successfully invalidated JWTs for %s.') % @user.login | ||
) | ||
unless editing_self? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why this change? Why not to have same response as before?
webpack/assets/javascripts/react_app/components/users/JwtTokens/JwtTokens.js
Show resolved
Hide resolved
APIActions.patch({ | ||
url: `/users/${userId}/invalidate_jwt`, | ||
key: `INVALIDATE-JWT`, | ||
successToast: () => |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the call is not successful?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That will not happen, Like we discussed in the first story PR, there will be no case when invalidation won't work. I can add a safety failed toast, what do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if user was logged out meanwhile? The Rails will respond with 501
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we are sending :ok
status at all times, ref
I think I can add a safety error toast too, what do u think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we are sending :ok status at all time
That's not true. You do in>your< controller, but what if there is a problem on the network, DNS, or somewhere else? How do you handle that error?
import { APIActions } from '../../../redux/API'; | ||
import { translate as __ } from '../../../common/I18n'; | ||
|
||
const JwtTokens = ({ userId }) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the userID
is not set?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
test "User should be able to invalidate jwt for self" do | ||
User.current = users(:one) | ||
user = User.current | ||
FactoryBot.build(:jwt_secret, token: 'test_jwt_secret', user: user) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FactoryBot.build(:jwt_secret, token: 'test_jwt_secret', user: user) | |
FactoryBot.create(:jwt_secret, token: 'test_jwt_secret', user: user) |
With build
the object is not saved in the database, making the assertion pass even if the action was not performing correctly
e2e14dc
to
d19a69c
Compare
No description provided.