Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(node): add sdk methods for organization apis #4826

Merged
merged 10 commits into from
Dec 19, 2023
Merged

feat(node): add sdk methods for organization apis #4826

merged 10 commits into from
Dec 19, 2023

Conversation

michaldziuba03
Copy link
Contributor

@michaldziuba03 michaldziuba03 commented Nov 11, 2023
edited
Loading

What change does this PR introduce?

This PR introduces new SDK methods for organization API.

Why was this change needed?

Closes #4775

Other information (Screenshots)

michaldziuba03
michaldziuba03 commented Nov 11, 2023
View reviewed changes
packages/node/src/lib/organizations/organizations.interface.ts
Comment on lines +2 to +3
list();
create(payload: IOrganizationCreatePayload);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why these two methods are public? For me it doesn't make sense - API KEY is attached to single organization, so why we want to allow to cross that boundary?

Whose organizations will be returned? Organizations of the owner?

I'm just wondering - but I implemented that anyway.

michaldziuba03
michaldziuba03 commented Nov 11, 2023
View reviewed changes
packages/node/src/lib/organizations/organizations.interface.ts
Comment on lines +6 to +10
removeMember(memberId: string);
updateMemberRole(
memberId: string,
payload: IOrganizationUpdateMemberRolePayload
);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These two methods also may cause problems when full Role-based access control will be implemented?

I can imagine member that may bypass role-based access control by using API KEY to remove other members or update their role - they will do it as "organization owner" (assuming that member would be able to see api key).

@michaldziuba03 michaldziuba03 marked this pull request as ready for review November 11, 2023 22:05
@michaldziuba03
Copy link
Contributor Author

@jainpawan21 @scopsy

@michaldziuba03 michaldziuba03 changed the title feat(node): add methods for organization apis feat(node): add sdk methods for organization apis Nov 11, 2023
@github-actions github-actions bot added the stale Pull Request that needs to be reviewed label Dec 16, 2023
@michaldziuba03
Copy link
Contributor Author

@jainpawan21 @scopsy

@github-actions github-actions bot removed the stale Pull Request that needs to be reviewed label Dec 18, 2023
@jainpawan21
Copy link
Member

Thanks for your contribution @michaldziuba03
Your concern is valid with create organization and update member role apis.
We can revisit them with RBAC feature

@jainpawan21 jainpawan21 merged commit 34dad81 into novuhq:next Dec 19, 2023
2 checks passed
@michaldziuba03 michaldziuba03 deleted the add-organizations-methods branch December 19, 2023 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jainpawan21 jainpawan21 jainpawan21 approved these changes

Assignees
No one assigned
Labels
community
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

🚀 Feature: add nodejs sdk methods for organization apis
2 participants
@michaldziuba03 @jainpawan21