[Organizations]: UI for creating migration request #5241
Conversation
chenriksson
requested review from
joelverhagen,
agr,
loic-sharma,
xavierdecoster,
shishirx34,
ryuyu,
cristinamanum,
skofman1 and
scottbommarito
chenriksson
force-pushed
the
chenriks-org-transform-ui
branch
from
fe400b7
to
0e0ad2d
Compare
|
Was using the word "Transform" discussed? I have a feeling "Convert" would be more appropriate here. As in "Convert to organization account". |
| [Authorize] | ||
| public virtual ActionResult Transform() | ||
| { | ||
| var accountToTransform = GetCurrentUser(); |
There was a problem hiding this comment.
null check for accountToTransform?
There was a problem hiding this comment.
The Authorize attribute should ensure that there is an authenticated user.
|
|
||
| public async Task RequestTransformToOrganizationAccount(User accountToTransform, User adminUser) | ||
| { | ||
| accountToTransform = accountToTransform ?? throw new ArgumentNullException(nameof(accountToTransform)); |
There was a problem hiding this comment.
Will the proposed admin requested to accept the request of becoming an admin?
There was a problem hiding this comment.
see PR #5228 for the confirmation
The proposed/pending organization admin must log in and confirm using the generated confirmationToken.
|
|
||
| public async Task RequestTransformToOrganizationAccount(User accountToTransform, User adminUser) | ||
| { | ||
| accountToTransform = accountToTransform ?? throw new ArgumentNullException(nameof(accountToTransform)); |
There was a problem hiding this comment.
Do we handle the cases when the accountToTransform is already an organization ?
There was a problem hiding this comment.
Yes, it's handled in UserService.CanTransformToOrganization
| accountToTransform.OrganizationMigrationRequest.ConfirmationToken = Crypto.GenerateToken(); | ||
| accountToTransform.OrganizationMigrationRequest.RequestDate = DateTime.UtcNow; | ||
|
|
||
| await UserRepository.CommitChangesAsync(); |
There was a problem hiding this comment.
Does it make sense as the requests to have a Status? Will they be ever completed?
There was a problem hiding this comment.
No, the confirmation logic is very similar to email confirmation. The user must be authenticated and verify against the token we generate. Nothing fancy is needed for status.
We considered whether to expire the confirmation after 24hr, but chose to do the same as email confirmation which doesn't expire. We do store RequestDate in case we want to change this.
| accountToTransform.OrganizationMigrationRequest.ConfirmationToken = Crypto.GenerateToken(); | ||
| accountToTransform.OrganizationMigrationRequest.RequestDate = DateTime.UtcNow; | ||
|
|
||
| await UserRepository.CommitChangesAsync(); |
There was a problem hiding this comment.
Do we want to add auditing for this scenario?
There was a problem hiding this comment.
Yes, there's a separate work item to track auditing which will be done at lower priority.
chenriksson
changed the title
src/NuGetGallery/Strings.resx
Outdated
| <value>Administrator account '{0}' does not exist.</value> | ||
| </data> | ||
| <data name="TransformAccount_AdminAccountNotConfirmed" xml:space="preserve"> | ||
| <value>Administrator account '{0}' has not validated their email address.</value> |
There was a problem hiding this comment.
we should use "confirmed" instead of "validated" for this message because that's how it appears elsewhere on the site
There was a problem hiding this comment.
For some reason I chose 'validated' instead of 'confirmed' because I thought it was consistent with other strings. Will try to be consistent and run any messages by @anangaur.
| <div> | ||
| <aside class="col-md-3 col-md-push-9"> | ||
| @Html.Label("Logo") | ||
| @ViewHelpers.GravatarImage(CurrentUser.EmailAddress, CurrentUser.Username, 332, responsive: true) |
There was a problem hiding this comment.
A couple thoughts--
1 - I noticed 332 was what we also used on the profile page. Can we put this in a constant of some sort?
2 - Make sure you check how this looks on smaller screens.
|
|
||
| <div class="row form-group col-md-9 col-md-pull-3"> | ||
| @Html.Label("Organization") | ||
| @Html.ShowTextBoxFor(m => CurrentUser.Username, enabled: false) |
There was a problem hiding this comment.
These look odd as disabled textboxes, especially given that it makes the text harder to see. Can we do what we have in the verify form for these uneditable fields?
E.g.
| } | ||
|
|
||
| [Fact] | ||
| public async Task Post_CanTransformReturnsFalse_ShowsError() |
There was a problem hiding this comment.
i recommend splitting the Get and Post into separate classes and creating a base for the shared logic.
E.g.
public class TheTransformActions : TestContainer
{
protected UsersController CreateController(string accountToTransform, string canTransformErrorReason = "")
{
...
}
}
public class TheGetTransformAction : TheTransformActions
{
...
}
public class ThePostTransformAction : TheTransformActions
{
...
}
| for (int i = 0; i < (testOverwrite ? 2 : 1); i++) | ||
| { | ||
| // Act | ||
| await service.RequestTransformToOrganizationAccount(account, admin); |
There was a problem hiding this comment.
it may make this test stronger if, for the rewrite test, a different admin user was used
for example, if there was a bug that didn't set the admin of the request to the new admin but still succeeded the request, this test would return a false negative
|
|
||
| [HttpGet] | ||
| [Authorize] | ||
| public virtual ActionResult Transform() |
There was a problem hiding this comment.
One additional thing I noticed--I think something like TransformAccountToOrganization would be more descriptive and potentially a better name for this action.
|
@scottbommarito new screenshot below -
|
|
@chenriksson Looks much better! Great work! |
Screenshot, when request already created (will overwrite):
Screenshot, when admin is not found:
