Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Refreshing another user's workflows as an admin refreshes the admin's workflows
See original GitHub issueBug Report
The endpoints to refresh a user’s workflows, /users/{userId}/workflows/refresh and /users/{userId}/workflows/{organization}/refresh allow an admin to call the endpoint on the user’s behalf. But they then update the admin’s workflows, not {userId}'s workflows.
The call to checkUser here allows the method to proceed if the auth user is an admin, or if the auth user matches the userId.
However the code to refresh the workflows always uses the auth user, which means if userId is not authUser, authUser’s workflows will be refreshed instead of userId’s.
Note: Did not actually test this, noticed only from reading the code, which means I could be wrong.
┆Issue is synchronized with this Jira Bug ┆Fix Versions: Dockstore 1.11 ┆Issue Number: DOCK-843 ┆Sprint: Sprint 59- Hammerhead shark ┆Issue Type: Bug
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@denis-yuen , no, this has not been done. Looks like I referenced the wrong GitHub issue in my commit message.
Confirmed on dev that admins can’t refresh another user’s workflow.
Webservice - 055b7d4
UI - 2.7.3-75-g0e19bb8d
Compose Setup - 36c8ddc
Deploy - 1.10-60-g4659624