Add organization switching for administrators managing multiple organizations
Allow administrators to switch between organizations in the dashboard
Test Fix - Regular User Access
Fixed: Test test_regular_user_cannot_access_dashboard now properly tests a user with no organizations
Problem: The test setup was creating org3 with regular_user as admin, giving them access to an organization. This caused the test to fail because the view returned 200 (showing the organization) instead of 302 (redirecting away).
Solution: Changed org3 to not have an admin user initially. The organization is only managed by manager_user, ensuring regular_user truly has no organizations to access.
Changes in website/tests/test_organization.py:
- Removed
admin=self.regular_userfrom org3 creation - Added comment clarifying that org3 has no admin initially
- Now
regular_userhas no organizations and the test correctly expects a redirect
This fix ensures:
- ✅
regular_userhas no organizations (as intended by the test) - ✅
manager_usercan still manage org3 via managers relationship - ✅
admin_usercannot access org3 (for other tests) - ✅ All test scenarios work as expected
Previous Updates
JavaScript Block Fix:
- Moved JavaScript from non-existent
extra_jsblock tocontentblock - Organization switcher now works correctly
Performance Optimization:
- Fixed N+1 query problem (reduced from 6+ queries to 1)
- Credit to @sidd190 for identifying this issue
Security Fix:
- Fixed CodeQL "DOM text reinterpreted as HTML" alert
- Added protocol validation, URL encoding, and safer navigation
All PR Review Comments Addressed:
- Performance optimization (organizations_count in context)
- Input validation (integer validation for switch_to)
- Accessibility (aria-hidden on SVG icons)
- Code quality (GitHub spelling, removed unused variable)
- Comprehensive edge case tests (17 total test cases)
Test Coverage
- Original tests: 13
- New edge case tests: 4
- Total: 17 comprehensive test cases
Original prompt
This section details on the original issue you should resolve
<issue_title>allow for administrators to switch to different organizations if they manage more than one in the dashboard</issue_title> <issue_description></issue_description>
Comments on the Issue (you are @copilot in this section)
- Fixes OWASP-BLT/BLT#5256
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.