fix(projectTransfer)!: fix asset visibility issue when user joins another organization #5551
Conversation
rajpatel24
changed the title
kpi/tests/test_assets.py
Outdated
| def _add_user_to_organization(self, user, organization): | ||
| org_user = OrganizationUser.objects.get(user=user) | ||
| Organization.objects.filter(organization_users=org_user).delete() | ||
| org_user.organization = self.organization | ||
| org_user.organization = organization | ||
| org_user.save() |
There was a problem hiding this comment.
Could these lines not be replaced by organization.add_user(user)?
Moreover it would ensure that the org is really a MMO before adding the user to it.
kpi/tests/test_assets.py
Outdated
| """ | ||
| # Step 1: Create an asset owned by an external user | ||
| self._create_asset_by_bob() | ||
| asset = Asset.objects.get(owner=self.external_user) |
There was a problem hiding this comment.
I think it would be better to use the uid of the response to ensure we retrieve the correct asset.
response = self._create_asset_by_bob()
asset = Asset.objects.get(uid=response.data['uid'])
kpi/tests/test_assets.py
Outdated
| ) | ||
| another_org.add_user(self.thirduser) | ||
|
|
||
| self.client.force_login(self.org_owner) |
There was a problem hiding this comment.
Why do we force_login again? Isn't self.org_owner already logged in (line 1021)?
There was a problem hiding this comment.
Yes, self.org_owner is already logged in, so we don't need to force login again. Updated this as well.
kpi/tests/test_assets.py
Outdated
| another_org = Organization.objects.create( | ||
| id='org1234', name='Another Organization', mmo_override=True | ||
| ) | ||
| another_org.add_user(self.thirduser) |
There was a problem hiding this comment.
I guess, self.thirduser is the owner of another_org, right?
Would you mind to change the name of the another_org and use a more obvious variable name to represent that thirduser is the owner. Like thiruser_org ;-)
kpi/tests/test_assets.py
Outdated
| self.client.force_login(self.org_owner) | ||
| self._add_user_to_organization(self.external_user, another_org) | ||
|
|
||
| # Step 5: Verify that the asset is still visible in OrgA and OrgB |
There was a problem hiding this comment.
I suppose that, here, we want to test (only) that OrgB owner can see the asset. We already test the visibility for OrgA previously? Please update your comment. Otherwise, something is missing here.
We are still logged as OrgA owner and we only test the response of the "MyProjects" list.
OrgA owner should see the project in their "MyProjects" list, but OrgB owner should see the project in their "My Org Projects" list.
rajpatel24
force-pushed
the
fix-transferred-owner-shared-with-another-owner
branch
3 times, most recently
from
850f7b8 to
32a13c0
Compare
rajpatel24
force-pushed
the
fix-transferred-owner-shared-with-another-owner
branch
from
32a13c0 to
0069202
Compare
rajpatel24
deleted the
fix-transferred-owner-shared-with-another-owner
branch
ποΈ Checklist
<type>(<scope>)<!>: <title> TASK-1234frontendorbackendunless it's globalπ£ Summary
Ensures that assets shared with an organization owner remain visible even after the asset owner joins a different organization.
π Description
Previously, when an external user shared an asset with an organization owner and later joined a different organization, the asset became invisible to the original organization. This fix ensures that the asset remains visible in both organizations, maintaining expected access permissions. A test case has been added to verify this behavior.