Better handling of access to profile pages of reps without completed profiles

VERIFIED FIXED

Status

Mozilla Reps
reps.mozilla.org
VERIFIED FIXED
6 years ago
5 years ago

People

(Reporter: giorgos, Assigned: giorgos)

Tracking

Details

(Assignee)

Description

6 years ago
For reps that have not completed their profiles (i.e. invited but never logged in) and their profile page is requested:

 - Return 404 when request comes from an anonymous user
 - Return 404 when request comes from a logged in user without 'can_edit_profile' permission
 - Return to edit profile when request comes from a logged in user with 'can_edit_profile' permission

Comment 1

6 years ago
Commits pushed to master at https://github.com/mozilla/remo

https://github.com/mozilla/remo/commit/87fd9eaaa953b60b0194c411e96d51f1babb89c2
[fix bug 762439] Allow only users with permission to view incomplete profile pages.

https://github.com/mozilla/remo/commit/39c8ddee205f98d17c1722162fc4ed7e2df1c6c2
Merge pull request #190 from glogiotatidis/762439-better-handling-of

[fix bug 762439] Allow only users with permission to view incomplete profile pages.

Updated

6 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED

Comment 2

5 years ago
Steps to reproduce or q-?
Steps for QA:
1. Being logged in (as mentor, council or admin), invite a new email to the portal
2. Being logged in as rep, try to access the non-completed profile (/u/first_part_of_email) you should get 404
3. Being logged in as admin, try to access the non-completed profile (/u/first_part_of_email) you should get the profile and edit option
4. Being non-logged in, try to access the non-completed profile (/u/first_part_of_email) you should get 404
Verified fixed in stage reps.allizom.org
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.