client-web icon indicating copy to clipboard operation
client-web copied to clipboard

Published 20 hours ago verified publisher icon alkem-io

BUG: Conditional queries for unathenticated / private spaces

Open valentinyanakiev opened this issue 9 months ago • 1 comments

Describe the bug The client loads unnecessary data / queries information about spaces the user is not a member of (their community)

To Reproduce

  1. Create a public / private space
  2. Create a private subspace
  3. Add a user as a member of the parent (root) space
  4. Do NOT add the user as a member of the community of the subspace.
  5. Go to the ABOUT page of the subspace
  6. Exceptions are thrown.

Expected behavior About page should be accessible for unautenticated / not member users. E.g. open this in a private window https://alkem.io/building-alkemio/dashboard

Additional information On Prod, spacePage query takes into account whether the user is authenticated or not:

query spacePage($spaceId: UUID_NAMEID!, $authorizedReadAccess: Boolean = false, $authorizedReadAccessCommunity: Boolean = false) {
  space(ID: $spaceId) {
    ...SpacePage
    __typename
  }
}

fragment SpacePage on Space {
  id
  nameID
  account {
    id
    license {
      id
      visibility
      __typename
    }
    __typename
  }
  metrics {
    id
    name
    value
    __typename
  }
  authorization {
    id
    anonymousReadAccess
    myPrivileges
    __typename
  }
  host {
    ...AssociatedOrganizationDetails
    profile {
      ...SpaceWelcomeBlockContributorProfile
      __typename
    }
    __typename
  }
  profile {
    id
    url
    displayName
    description
    tagline
    visuals {
      ...VisualUri
      __typename
    }
    tagset {
      ...TagsetDetails
      __typename
    }
    __typename
  }
  context {
    id
    vision
    who
    impact
    authorization {
      id
      anonymousReadAccess
      myPrivileges
      __typename
    }
    __typename
  }
  collaboration @include(if: $authorizedReadAccess) {
    id
    ...DashboardTopCallouts
    ...DashboardTimelineAuthorization
    __typename
  }
  community @include(if: $authorizedReadAccessCommunity) {
    id
    myMembershipStatus
    ...EntityDashboardCommunity
    leadUsers: usersInRole(role: LEAD) {
      profile {
        ...SpaceWelcomeBlockContributorProfile
        __typename
      }
      __typename
    }
    __typename
  }
  __typename
}

fragment AssociatedOrganizationDetails on Organization {
  id
  nameID
  profile {
    id
    tagline
    displayName
    description
    location {
      id
      city
      country
      __typename
    }
    avatar: visual(type: AVATAR) {
      ...VisualUri
      __typename
    }
    tagsets {
      id
      tags
      __typename
    }
    __typename
  }
  verification {
    id
    status
    __typename
  }
  metrics {
    id
    name
    value
    __typename
  }
  __typename
}

fragment VisualUri on Visual {
  id
  uri
  name
  __typename
}

fragment SpaceWelcomeBlockContributorProfile on Profile {
  id
  displayName
  location {
    id
    city
    country
    __typename
  }
  tagsets {
    id
    tags
    __typename
  }
  __typename
}

fragment TagsetDetails on Tagset {
  id
  name
  tags
  allowedValues
  type
  __typename
}

fragment DashboardTopCallouts on Collaboration {
  callouts(sortByActivity: true) {
    ...DashboardTopCallout
    __typename
  }
  __typename
}

fragment DashboardTopCallout on Callout {
  id
  framing {
    id
    profile {
      id
      url
      displayName
      description
      __typename
    }
    __typename
  }
  type
  visibility
  activity
  __typename
}

fragment DashboardTimelineAuthorization on Collaboration {
  timeline {
    id
    authorization {
      id
      myPrivileges
      __typename
    }
    __typename
  }
  __typename
}

fragment EntityDashboardCommunity on Community {
  id
  leadUsers: usersInRole(role: LEAD) {
    ...DashboardLeadUser
    __typename
  }
  memberUsers(limit: 8) {
    ...DashboardContributingUser
    __typename
  }
  leadOrganizations: organizationsInRole(role: LEAD) {
    ...AssociatedOrganizationDetails
    __typename
  }
  memberOrganizations: organizationsInRole(role: MEMBER) {
    ...DashboardContributingOrganization
    __typename
  }
  authorization {
    id
    myPrivileges
    __typename
  }
  __typename
}

fragment DashboardLeadUser on User {
  id
  nameID
  profile {
    id
    displayName
    avatar: visual(type: AVATAR) {
      ...VisualUri
      __typename
    }
    location {
      id
      country
      city
      __typename
    }
    tagsets {
      ...TagsetDetails
      __typename
    }
    __typename
  }
  __typename
}

fragment DashboardContributingUser on User {
  id
  isContactable
  nameID
  profile {
    id
    displayName
    location {
      id
      city
      country
      __typename
    }
    visual(type: AVATAR) {
      id
      uri
      __typename
    }
    tagsets {
      ...TagsetDetails
      __typename
    }
    __typename
  }
  __typename
}

fragment DashboardContributingOrganization on Organization {
  id
  nameID
  profile {
    id
    displayName
    visual(type: AVATAR) {
      id
      uri
      name
      __typename
    }
    tagsets {
      ...TagsetDetails
      __typename
    }
    __typename
  }
  __typename
}

valentinyanakiev avatar Apr 30 '24 06:04 valentinyanakiev

This one should be fixed with: https://github.com/alkem-io/client-web/pull/6088

bobbykolev avatar May 02 '24 15:05 bobbykolev