4703: Update @meedan people involvement in item history (#1972)

**Context** To provide a better “single voice” CS experience we need to limit the visibility of specific Meedan teammates in Item histories for workspaces. As teammates come and go, and different people need to step in and provide support the individual who performed an action in a workspace from the Meedan side is irrelevant to the partner. **What** - If a user is a super admin and not a member of the workspace - show their name and profile_picture as Meedan - If a user is a ssuper admin and a member of the workspace - show their name and profile_picture as their own **How** In the graphql layer, in the user_type, I added methods name and profile_picture that check whether a user is super_admin and a member of the workspace and send both accordingly. For the profile_picture I also had to update source_type. **On why we also had to update source_type** For the user avatar we depend on source to display it and user.profile_image is an alias for source.image and there is some cases on UI depend on user.profile_image like member page and other pages depend on source.image like user page. To set a default image for super admin user in graphql layer we should do the change in user_type.rb and source_type.rb files. While Sawy was debugging this one he found that member page does not display updated user avatar so he changed user.profile_image to fallback to source.image not source.avatar References: 4703 PR: 1972
meedan · Jul 31, 2024 · e955652 · e955652
1 parent 7d16469
commit e955652
Show file tree

Hide file tree

Showing 5 changed files with 115 additions and 1 deletion.
diff --git a/app/graph/types/source_type.rb b/app/graph/types/source_type.rb
@@ -34,4 +34,14 @@ def medias
 
   field :medias_count, GraphQL::Types::Int, null: true
   field :collaborators, UserType.connection_type, null: true
+
+  def image
+    super_admin? ? "#{CheckConfig.get('checkdesk_base_url')}/images/user.png" : object.image
+  end
+
+  private
+
+  def super_admin?
+    object.user&.is_admin && !object.user&.is_member_of?(Team.current)
+  end
 end
diff --git a/app/graph/types/user_type.rb b/app/graph/types/user_type.rb
@@ -18,8 +18,22 @@ def source
     Source.find(object.source_id)
   end
 
+  def name
+    super_admin? ? CheckConfig.get('super_admin_name') : object.name
+  end
+
+  def profile_image
+    super_admin? ? "#{CheckConfig.get('checkdesk_base_url')}/images/user.png" : object.profile_image
+  end
+
   field :accessible_teams, PublicTeamType.connection_type, null: true
   def accessible_teams
     User.current.is_admin? ? Team.all : User.current.teams
   end
+
+  private
+
+  def super_admin?
+    object&.is_admin && !object&.is_member_of?(Team.current)
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -245,7 +245,7 @@ def send_failed_login_notifications=(enabled)
   end
 
   def profile_image
-    self.source.nil? ? nil : self.source.avatar
+    self.source.nil? ? nil : self.source.image
   end
 
   def bot_events

diff --git a/config/config.yml.example b/config/config.yml.example
@@ -11,6 +11,8 @@ development: &default
   elasticsearch_index:
   elasticsearch_log: true
   elasticsearch_sync: false
+  super_admin_name: 'Meedan'
+
   # WARNING For production, don't use a wildcard: set the allowed domains explicitly as a regular expression, e.g.
   # '(https?://.*\.?(meedan.com|meedan.org))'
   allowed_origins: '.*'

diff --git a/test/controllers/graphql_controller_12_test.rb b/test/controllers/graphql_controller_12_test.rb
@@ -521,4 +521,92 @@ def teardown
     assert_equal 'false', pm1.reload.last_status
     assert_equal 'false', pm2.reload.last_status
   end
+
+  test "should return super-admin user as 'meedan' if user IS NOT a part of the team" do
+    u1 = create_user name: 'Mei'
+    u2 = create_user name: 'Satsuki', is_admin: true
+
+    t1 = create_team
+    t2 = create_team
+
+    create_team_user user: u1, team: t1
+    create_team_user user: u2, team: t2
+
+    authenticate_with_user(u1)
+
+    query1 = "query { user (id: #{ u1.id }) { name } }"
+    post :create, params: { query: query1 }
+    assert_response :success
+    assert_equal false, u1.is_admin?
+    assert_equal 'Mei', JSON.parse(@response.body)['data']['user']['name']
+
+    query2 = "query { user (id: #{ u2.id }) { name } }"
+    post :create, params: { query: query2 }
+    assert_response :success
+    assert_equal true, u2.is_admin?
+    assert_equal CheckConfig.get('super_admin_name'), JSON.parse(@response.body)['data']['user']['name']
+  end
+
+  test "should return super-admin user themself if user IS a part of the team" do
+    u1 = create_user name: 'Mei'
+    u2 = create_user name: 'Satsuki', is_admin: true
+
+    t = create_team
+
+    create_team_user user: u1, team: t
+    create_team_user user: u2, team: t
+
+    authenticate_with_user(u1)
+
+    query1 = "query { user (id: #{ u1.id }) { name } }"
+    post :create, params: { query: query1 }
+    assert_response :success
+    assert_equal false, u1.is_admin?
+    assert_equal 'Mei', JSON.parse(@response.body)['data']['user']['name']
+
+    query2 = "query { user (id: #{ u2.id }) { name } }"
+    post :create, params: { query: query2 }
+    assert_response :success
+    assert_equal true, u2.is_admin?
+    assert_equal 'Satsuki', JSON.parse(@response.body)['data']['user']['name']
+  end
+
+  test "should return default profile image if super-admin user IS NOT a part of the team" do
+    u1 = create_user
+    u2 = create_user is_admin: true, profile_image: "#{CheckConfig.get('checkdesk_base_url')}/images/checklogo.png"
+
+    t1 = create_team
+    t2 = create_team
+
+    create_team_user user: u1, team: t1
+    create_team_user user: u2, team: t2
+
+    authenticate_with_user(u1)
+
+    query = "query { user (id: #{ u2.id }) { profile_image, source { image } } }"
+    post :create, params: { query: query }
+    assert_response :success
+    assert_equal true, u2.is_admin?
+    assert_equal "#{CheckConfig.get('checkdesk_base_url')}/images/user.png", JSON.parse(@response.body)['data']['user']['profile_image']
+    assert_equal "#{CheckConfig.get('checkdesk_base_url')}/images/user.png", JSON.parse(@response.body)['data']['user']['source']['image']
+  end
+
+  test "should return custom profile image if super-admin user IS a part of the team" do
+    u1 = create_user
+    u2 = create_user is_admin: true, profile_image: "#{CheckConfig.get('checkdesk_base_url')}/images/checklogo.png"
+
+    t = create_team
+
+    create_team_user user: u1, team: t
+    create_team_user user: u2, team: t
+
+    authenticate_with_user(u1)
+
+    query = "query { user (id: #{ u2.id }) { profile_image, source { image } } }"
+    post :create, params: { query: query }
+    assert_response :success
+    assert_equal true, u2.is_admin?
+    assert_equal "#{CheckConfig.get('checkdesk_base_url')}/images/checklogo.png", JSON.parse(@response.body)['data']['user']['profile_image']
+    assert_equal "#{CheckConfig.get('checkdesk_base_url')}/images/checklogo.png", JSON.parse(@response.body)['data']['user']['source']['image']
+  end
 end