fix: Remove user.permissions, resolve it from accounts (#9990)

Remove the `user.permissions` field and resolve the permissions directly from the accounts array in the user. This change ensures that the cache or previous values from the last active account don't affect the permissions. In this PR: - Remove user.permissions usage, replace it with getUserPermissions method. - Remove json.permissions from user.json.jbuilder
2025-11-01 11:37:58 +00:00 · 2024-08-21 11:36:26 +05:30
parent 04b67eb431
commit 77b718c22c
10 changed files with 87 additions and 30 deletions
--- a/app/javascript/dashboard/helper/specs/permissionsHelper.spec.js
+++ b/app/javascript/dashboard/helper/specs/permissionsHelper.spec.js
@@ -1,8 +1,31 @@
 import {
  buildPermissionsFromRouter,
+  getCurrentAccount,
+  getUserPermissions,
  hasPermissions,
 } from '../permissionsHelper';

+describe('#getCurrentAccount', () => {
+  it('should return the current account', () => {
+    expect(getCurrentAccount({ accounts: [{ id: 1 }] }, 1)).toEqual({ id: 1 });
+    expect(getCurrentAccount({ accounts: [] }, 1)).toEqual(undefined);
+  });
+});
+
+describe('#getUserPermissions', () => {
+  it('should return the correct permissions', () => {
+    const user = {
+      accounts: [
+        { id: 1, permissions: ['conversations_manage'] },
+        { id: 3, permissions: ['contacts_manage'] },
+      ],
+    };
+    expect(getUserPermissions(user, 1)).toEqual(['conversations_manage']);
+    expect(getUserPermissions(user, '3')).toEqual(['contacts_manage']);
+    expect(getUserPermissions(user, 2)).toEqual([]);
+  });
+});
+
 describe('hasPermissions', () => {
  it('returns true if permission is present', () => {
    expect(
--- a/app/javascript/dashboard/helper/specs/routeHelpers.spec.js
+++ b/app/javascript/dashboard/helper/specs/routeHelpers.spec.js
@@ -1,19 +1,11 @@
 import {
  getConversationDashboardRoute,
-  getCurrentAccount,
  isAConversationRoute,
  routeIsAccessibleFor,
  validateLoggedInRoutes,
  isAInboxViewRoute,
 } from '../routeHelpers';

-describe('#getCurrentAccount', () => {
-  it('should return the current account', () => {
-    expect(getCurrentAccount({ accounts: [{ id: 1 }] }, 1)).toEqual({ id: 1 });
-    expect(getCurrentAccount({ accounts: [] }, 1)).toEqual(undefined);
-  });
-});
-
 describe('#routeIsAccessibleFor', () => {
  it('should return the correct access', () => {
    let route = { meta: { permissions: ['administrator'] } };