Page MenuHomePhabricator

[lib] Add identityInvalidSessionDowngrade
ClosedPublic

Authored by inka on Feb 6 2024, 2:41 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Oct 25 2024, 6:01 PM
Unknown Object (File)
Oct 22 2024, 5:14 PM
Unknown Object (File)
Oct 5 2024, 3:29 PM
Unknown Object (File)
Oct 5 2024, 12:34 PM
Subscribers

Details

Summary

Adding a function that checkes if session downgrade is valid or not. Similarily to invalidSessionDowngrade, we check if

  1. Some user is currently logged in
  2. The action is trying to downgrade the session (currentUserInfo is being set to null or {anonymous: true})
  3. The user is the same user the action was dispatched for
  4. The session is the same session the action was dispatched for (checking if CSAT changed)

See this discussion for examples of scenarios in which a session downgrade is invalid

Test Plan

Tested that if different user infos are provided in actionCurrentUserInfo and preRequestUserState.currentUserInfo then the function returns true.
Tested that if a different CSAT is present in currentReduxState and preRequestUserState, the function returns true.

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage