Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deleteAdmin Api fix issue #952 #969

Merged
merged 2 commits into from
May 26, 2024
Merged

deleteAdmin Api fix issue #952 #969

merged 2 commits into from
May 26, 2024

Conversation

SwayamRana808
Copy link
Contributor

Issue that this pull request solves

Closes: #952

Proposed changes

deleteFaq api expecting adminId fix

Brief description of what is fixed or changed

deleteFaq api expecting adminId fix

Types of changes

Put an x in the boxes that apply

  • Bugfix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update (Documentation content changed)
  • Other (please describe):

Checklist

Put an x in the boxes that apply

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • My changes does not break the current system and it passes all the current test cases.

Screenshots

Please attach the screenshots of the changes made in case of change in user interface

Other information

Any other information that is important to this pull request

@auto-assign auto-assign bot requested a review from Kajol-Kumari May 26, 2024 06:40
github-advanced-security[bot]
github-advanced-security bot found potential problems May 26, 2024
View reviewed changes
backend/app/routes/faq/index.js
router.post('/faq', validation(FAQValidationSchema), faq);
router.get('/getFaq', getfaq);
router.put('/deleteFaq', deleteFaq);
router.put('/deleteFaq',authMiddleware, deleteFaq);

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
backend/app/routes/faq/deleteFaq.js
const error = new ErrorHandler(constants.ERRORS.DATABASE, {
statusCode: 500,
message: `You don't have the required permissions`,
errStack: '',
});
return next(error);
}
const [err] = await to(Admin.findById(userId));
const [err] = await to(faq.findByIdAndDelete(faqId));

Check failure

Code scanning / CodeQL

Database query built from user-controlled sources High

This query object depends on a
user-provided value
Loading
.
Kajol-Kumari
Kajol-Kumari reviewed May 26, 2024
View reviewed changes
Copy link
Member

@Kajol-Kumari Kajol-Kumari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you please add screenshot/video testing the functionality?

frontend/src/pages/Admin/Components/Faq/AddFaq/AddFaq.jsx Outdated Show resolved Hide resolved
@Kajol-Kumari Kajol-Kumari added level3 New features, major bug fixing. gssoc GSSoC'24 Label labels May 26, 2024
@SwayamRana808
Copy link
Contributor Author

SwayamRana808 commented May 26, 2024
edited
Loading

1.Initially two faqs cards ---getFaq call
Screenshot 2024-05-26 130015
2.calling deleteFaq without auth--
Screenshot 2024-05-26 130044
3.calling deleteFaq with auth and superAdmin true
Screenshot 2024-05-26 130112
4.Calling again getFaq now there are 1 faq card--
Screenshot 2024-05-26 130139

@Kajol-Kumari Kajol-Kumari merged commit 0072b98 into HITK-TECH-Community:main May 26, 2024
6 of 7 checks passed
@SwayamRana808 SwayamRana808 deleted the deleteAdminfix branch May 31, 2024 07:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kajol-Kumari Kajol-Kumari Kajol-Kumari approved these changes

Assignees

@SwayamRana808 SwayamRana808

Labels
gssoc GSSoC'24 Label level3 New features, major bug fixing.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

deleteFaq api expecting adminId fix
2 participants
@SwayamRana808 @Kajol-Kumari