Skip to content

ERA-10960: Profiles - Non-admin users can't switch to their own profiles if they lack proper permissions #1303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 17, 2025
Merged

ERA-10960: Profiles - Non-admin users can't switch to their own profiles if they lack proper permissions #1303

merged 1 commit into from
Jun 17, 2025

Conversation

luixlive
Copy link
Contributor

@luixlive luixlive commented Jun 17, 2025
edited
Loading

What does this PR do?

Fixes issue when switching to a user profile when the master user isn't an admin. We were getting a 404 when requesting the user profile through /user/{profile_id} because we weren't setting the User-Profile header. Why the issue doesn't happen with admins is beyond my knowledge, maybe related to their permissions.

Relevant link(s)

Any background context you want to provide(if applicable)

When the user switches to a profile, we store the profile data in our Redux store. Then, we read that data and add an Axios interceptor that injects the User-Profile header on every request that is not /user/me. However, probably due to a race condition or simply because of the order in which things happen, we are not setting that header to the /user/{profile_id} call we do on fetchCurrentUser, which results in the backend returning a 404.

The solution in this PR simply consists in injecting the header during the request of the profile, instead of depending on the Axios interceptor.

@luixlive
ERA-10960: Inject User-Profile header to /user/{profile} request dire…
33d219b 
…ctly instead of depending on Axios interceptor
gaboDev
gaboDev approved these changes Jun 17, 2025
View reviewed changes
Copy link
Contributor

@gaboDev gaboDev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🫡

@chrisj-er chrisj-er merged commit 46257b1 into develop Jun 17, 2025
3 checks passed
@chrisj-er chrisj-er deleted the ERA-10960 branch June 17, 2025 18:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gaboDev gaboDev gaboDev approved these changes

@chrisj-er chrisj-er chrisj-er approved these changes

@AlanCalvillo AlanCalvillo Awaiting requested review from AlanCalvillo

Assignees
No one assigned
Labels
deploy
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@luixlive @gaboDev @chrisj-er