VRMS icon indicating copy to clipboard operation
VRMS copied to clipboard
verified publisher icon hackforla

Added an API that fetches all the admins

Open ntrehan opened this issue 1 year ago • 3 comments

Fixes #1770

What changes did you make and why did you make them ?

  • Added a API that fetches all the users that are Admins

ntrehan avatar Oct 08 '24 04:10 ntrehan

@ntrehan, if possible can you provide some info on how to test this in the backend? Thanks!

vorleakyek avatar Oct 28 '24 19:10 vorleakyek

@ntrehan, if possible can you provide some info on how to test this in the backend? Thanks!

Hey @vorleakyek Thanks for your comment and testing out the PR! Sure Let me guide you through the whole process

Step 1. Building the API address The new api has been added in users.router.js, and if you look at the comment at the top It says that the base url is /api/users

That means that to hit our specific api we will have to call "server-url"/api/users/admins here "server-url" is the name of our node server which when building locally is usually http://localhost:3000

So the end point for the API would become http://localhost:3000/api/users/admins

Step 2: Getting authenticated Now that our API endpoint is ready Please make sure you have the ''x-customrequired-header" set in your request It is a security header generated on signin to authenticate the admin for every request

To get the value of this header

  1. login to your admin account in VRMS
  2. Open the network tab in chrome/other browser of your choice
  3. Click on any tab - users/projects etc.
  4. when clicking on those tabs you will see that there is a corresponding request in the network tab image
  5. On this request, get the "x-customrequired-header" value in the headers image

Copy this value and add to the headers in the request

Your Request would become curl --location 'http://localhost:3000/api/users/admins'
--header 'x-customrequired-header: custom-header-here'

Please not that you would need to replace custom-header-here with your own header you find from the other request Please feel free to reach out if you have any more questions

ntrehan avatar Oct 28 '24 20:10 ntrehan

@ntrehan, thanks for the details testing information. It's very helpful! The code looks good, and it seems like the return data have one "superadmin" and the rest are "admin" for the accessLevel.
Thanks for working on it.

vorleakyek avatar Oct 29 '24 05:10 vorleakyek

PR has been added to user_permissions_search feature branch!

trillium avatar Jan 21 '25 19:01 trillium