Feature: Add Auto-Approve Env Vars for Group and Event Creation #38
Conversation
This adds two new feature flags to auto-approve groups and events. We already had an auto-approve flag for events, but it was tied to the Networks table. Instead of adding a new column to the Networks table for groups, we will extracct both as env variables.
… events This adds some security to the auto-approve feature. Only Restarter users and higher will be auto-approved for creating groups. I should note a Restarter user will automatically be elevated to a Host user once they create a group; however, their Host role is only tied to the group they created. Therefore, they will still not be able to create or auto-approve events for other groups.
|
|
||
| return $autoapprove; | ||
| // Events are auto-approved based on environment configuration | ||
| return env('FEATURE__AUTO_APPROVE_EVENTS', false); |
There was a problem hiding this comment.
If FEATURE__AUTO_APPROVE_EVENTS is false, do we want to keep the previous behavior?
There was a problem hiding this comment.
The whole network feature is similar to multiple instances of Restarters.
We don't really use the Network feature so having to check the group on all networks would not apply for us.
| if ($autoapprove) { | ||
| Log::info("Auto-approve event $idParty"); | ||
| // Only auto-approve if the feature is enabled AND the user has privileged role (Root, Admin, Host) | ||
| if ($autoapprove && $user->role <= ROLE::HOST) { |
There was a problem hiding this comment.
This is probably right, but funky lol. I would have assumed ROOT was a higher level than HOST. But I'm assuming they are just numbers starting with 1 for highest permission.
There was a problem hiding this comment.
But I'm assuming they are just numbers starting with 1 for highest permission.
Correct
restarters/app/Models/Role.php
Lines 11 to 16 in 1092162
Description
This adds two new feature flags to auto-approve groups and events. We already had an auto-approve flag for events, but it was tied to the Networks table. Instead of adding a new column to the Networks table for groups, we will extract both as env variables.
CR Notes
I added some additional security around the auto-approval features by tying it with the user roles. Only Host roles and above will be auto-approved for group and event creation.
I should note that new users start of with the
RESTARTERrole then are elevated to theHOSTrole once they create a group. However, there is already checks in place to prevent these users from creating events for other groups. Therefore, this will not cause issues with current perm functionality.qa_req 0