Conversation
Current Code Coverage Percent of this PR:87.78 %Files having coverage below 100%
|
03fdcea to
e483ff3
Compare
akhilgkrishnan
left a comment
There was a problem hiding this comment.
@harshaanNihal Added some comments
| class InternalApi::V1::TeamController < InternalApi::V1::ApplicationController | ||
| def destroy | ||
| authorize current_user, policy_class: TeamPolicy | ||
| user.discard! |
There was a problem hiding this comment.
what is the response when a team member does not discard?
There was a problem hiding this comment.
in case user.discard! is not successful it will raise an Exception, which will get rescued here
| @@ -0,0 +1,18 @@ | |||
| # frozen_string_literal: true | |||
|
|
|||
| class InternalApi::V1::TeamController < InternalApi::V1::ApplicationController | |||
There was a problem hiding this comment.
| class InternalApi::V1::TeamController < InternalApi::V1::ApplicationController | |
| class InternalApi::V1::TeamsController < InternalApi::V1::ApplicationController |
Can we use a plural name
| @@ -0,0 +1,80 @@ | |||
| # frozen_string_literal: true | |||
There was a problem hiding this comment.
Add a test for negative condition, when user is not discarded properly
There was a problem hiding this comment.
Added a Model spec for negative condition and mocking the failure negative condition in controller specs
rohitjoshixyz
left a comment
There was a problem hiding this comment.
I have a few concerns with this PR and hence stopped reviewing further. We are not checking if the user being deleted is part of other companies or not.
Discarding the user directly would discard the company_users associated with other companies making the user unable to login into other workspaces
This scenario is not tested in the specs as well.
What is the exact requirement of this API? We can probably split this API into two.
- User destroy API which will completely remove the access to Miru (For all the workspaces)
- Company User destroy API which will destroy one particular
company_user(For a particular workspace)
Also when we say team member it is not immediately clear if we are talking about the company_user or the larger user record cc @supriya3105 @harshaanNihal @akhilgkrishnan
| @@ -0,0 +1,18 @@ | |||
| # frozen_string_literal: true | |||
|
|
|||
| class InternalApi::V1::TeamController < InternalApi::V1::ApplicationController | |||
There was a problem hiding this comment.
NIt: TeamController -> TeamsController
|
|
||
| RSpec.describe "InternalApi::V1::Team#destroy", type: :request do | ||
| let(:company) { create(:company) } | ||
| let(:user) { create(:user, current_workspace_id: company.id) } |
There was a problem hiding this comment.
You can rename this user as admin or admin_user and in the "when user is unauthorised" call it employee or employee_user to be more specific
Yes I agree with you. |
Agree we should discard the Moving the PR to Draft for now |
1990aaa to
4749cce
Compare
|
I have kept the controller name singular Since each company will technically have only one team (company_users belong to that company). As Team controller is not associated with any particular model / resource, but rather handle a set of functionality. In this case, the pluralization doesn't make any sense to me. Please let me know if you think otherwise and I will update the controller name to a plural form. |
That makes sense, considering this and our previous discussion since this controller is only going to handle the |
|
There is already a company_users_controller present. [for now it is been used for project Page ] beside destroy method controller will have index update and probably edit. Maybe once after the Team page is ported we can merge both |
rohitjoshixyz
left a comment
There was a problem hiding this comment.
@harshaanNihal
Summarizing our discussion here.
The original rails controller's (app/controllers/team_controller) implementation itself is wrong.
Instead of discarding the User it should ideally discard only the current_workspace's CompanyUser record.
According to the latest changes I asked you to make here, this PR will do that correctly.
But as you said the intent of this PR is to port the functionality of the rails controller into an internal API to be used for React we are in a fix. 😓
I won't block this PR since this is an internal API but we need to address and add API for both:
- Discarding the User record
- Discarding the Company User record
And name the controllers accordingly on priority as a follow-up
Please check and update the language and grammar used in the spec description. It should be consistent.
Overall nice work with the specs. LGTM 👍
| expect(json_response["errors"]).to eq(I18n.t("pundit.team_policy.destroy?")) | ||
| end | ||
|
|
||
| it "does not Discard the team member" do |
There was a problem hiding this comment.
Nit: Capitalizing "discard" is unnecessary
| end | ||
| end | ||
|
|
||
| context "when user is not signed In" do |
There was a problem hiding this comment.
Captailizing "In" is unnecessary
| context "when user is not signed In" do | ||
| let(:team_user) { create(:user, current_workspace_id: company.id) } | ||
|
|
||
| it "return unauthorized response with error" do |
There was a problem hiding this comment.
Nit return => returns
| send_request :delete, internal_api_v1_team_path(team_user) | ||
| end | ||
|
|
||
| it "return forbidden response with error" do |
| end | ||
| end | ||
|
|
||
| context "when current user is employee" do |
There was a problem hiding this comment.
| context "when current user is employee" do | |
| context "when current user is an employee" do |
- Add destroy method - add internal_api routes - add translations
- Update user with company_user in team_controller - use shordhand for team policy - add spec for multiple company condition - add descard specs.
- review changes
9e4dfb9 to
2fb92d1
Compare
* Add team controller - Add destroy method - add internal_api routes - add translations * add specs for API team_controller#destroy method * code refactor * Add Discard to company_user - Update user with company_user in team_controller - use shordhand for team policy - add spec for multiple company condition - add descard specs. * fix specs language/grammer - review changes
Notion card
https://www.notion.so/saeloun/API-development-for-delete-team-member-ba3b8f43bff5483a8c3bb456bc28a4cc
Summary
Preview
Type of change
Please delete options that are not relevant.
How Has This Been Tested?
Checklist: