Skip to content

[PROD RELEASE] - Restrict Engagements Tab only to Admin Role #1731

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kkartunov merged 2 commits into from
Feb 17, 2026
Merged

[PROD RELEASE] - Restrict Engagements Tab only to Admin Role #1731

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e5b7ce3
PM-3904 Restrict engagements tab to only admins
himaniraghav3 Feb 17, 2026
1d687ff
Merge pull request #1730 from topcoder-platform/PM-3904
kkartunov Feb 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions src/components/Tab/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ const Tab = ({
selectTab,
projectId,
canViewAssets,
canViewEngagements,
canViewEngagements, // Admin or TM
isAdmin, // Only admin
onBack
}) => {
const projectTabs = [
Expand All @@ -21,7 +22,7 @@ const Tab = ({
: [
{ id: 1, label: 'All Work' },
{ id: 2, label: 'Projects' },
...(canViewEngagements ? [{ id: 3, label: 'Engagements' }] : []),
...(isAdmin ? [{ id: 3, label: 'Engagements' }] : []),
Copy link

@github-actions github-actions bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[❗❗ correctness]
The change from canViewEngagements to isAdmin restricts the visibility of the 'Engagements' tab to only admin users. Ensure that this change aligns with the intended business logic, as it removes access for any other roles that might have previously been able to view this tab.

{ id: 4, label: 'Users' },
{ id: 5, label: 'Self-Service' },
{ id: 6, label: 'TaaS' },
Expand Down Expand Up @@ -88,6 +89,7 @@ Tab.defaultProps = {
projectId: null,
canViewAssets: true,
canViewEngagements: false,
isAdmin: false,
onBack: () => {}
}

Expand All @@ -97,6 +99,7 @@ Tab.propTypes = {
projectId: PT.oneOfType([PT.string, PT.number]),
canViewAssets: PT.bool,
canViewEngagements: PT.bool,
isAdmin: PT.bool,
onBack: PT.func
}

Expand Down
24 changes: 18 additions & 6 deletions src/containers/Tab/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,13 @@ class TabContainer extends Component {
return !!resolvedToken && checkAdminOrTalentManager(resolvedToken)
}

getIsAdmin (props = this.props) {
const { token: currentToken } = this.props
const { token } = props
const resolvedToken = token || currentToken
return !!resolvedToken && checkAdmin(resolvedToken)
}

componentDidMount () {
const {
projectId,
Expand All @@ -63,8 +70,9 @@ class TabContainer extends Component {

const canViewAssets = this.getCanViewAssets()
const canViewEngagements = this.getCanViewEngagements()
const isAdmin = this.getIsAdmin()
this.setState({
currentTab: this.getTabFromPath(history.location.pathname, projectId, canViewAssets, canViewEngagements)
currentTab: this.getTabFromPath(history.location.pathname, projectId, canViewAssets, canViewEngagements, isAdmin)
})
}

Expand All @@ -77,8 +85,9 @@ class TabContainer extends Component {

const canViewAssets = this.getCanViewAssets(nextProps)
const canViewEngagements = this.getCanViewEngagements(nextProps)
const isAdmin = this.getIsAdmin(nextProps)
this.setState({
currentTab: this.getTabFromPath(nextProps.history.location.pathname, projectId, canViewAssets, canViewEngagements)
currentTab: this.getTabFromPath(nextProps.history.location.pathname, projectId, canViewAssets, canViewEngagements, isAdmin)
})
if (
isLoading ||
Expand Down Expand Up @@ -130,7 +139,7 @@ class TabContainer extends Component {
return 0
}

getTabFromPath (pathname, projectId, canViewAssets = true, canViewEngagements = false) {
getTabFromPath (pathname, projectId, canViewAssets = true, canViewEngagements = false, isAdmin = false) {
if (projectId) {
return this.getProjectTabFromPath(pathname, projectId, canViewAssets, canViewEngagements)
}
Expand All @@ -141,7 +150,7 @@ class TabContainer extends Component {
return 2
}
if (pathname === '/engagements') {
return canViewEngagements ? 3 : 0
return isAdmin ? 3 : 0
Copy link

@github-actions github-actions bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[❗❗ correctness]
The change from canViewEngagements to isAdmin in the getTabFromPath method alters the logic for determining access to the '/engagements' path. Ensure that this change aligns with the intended access control requirements, as it now restricts access solely to admin users.

}
if (pathname === '/users') {
return 4
Expand Down Expand Up @@ -178,7 +187,8 @@ class TabContainer extends Component {
onTabChange (tab) {
const { history, resetSidebarActiveParams, projectId } = this.props
const canViewAssets = this.getCanViewAssets()
const canViewEngagements = this.getCanViewEngagements()
const canViewEngagements = this.getCanViewEngagements() // admin OR TM
const isAdmin = this.getIsAdmin() // admin
if (projectId) {
if ((tab === 2 && !canViewEngagements) || (tab === 3 && !canViewAssets)) {
return
Expand All @@ -200,7 +210,7 @@ class TabContainer extends Component {
history.push('/projects')
this.props.unloadProjects()
this.setState({ currentTab: 2 })
} else if (tab === 3 && canViewEngagements) {
} else if (tab === 3 && isAdmin) {
Copy link

@github-actions github-actions bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[❗❗ correctness]
The condition for navigating to the '/engagements' path has been changed to check isAdmin instead of canViewEngagements. This could potentially restrict access for users who are not admins but should have access based on previous logic. Verify that this change is intentional and aligns with the new requirements.

history.push('/engagements')
this.setState({ currentTab: 3 })
} else if (tab === 4) {
Expand All @@ -225,6 +235,7 @@ class TabContainer extends Component {
const { currentTab } = this.state
const canViewAssets = this.getCanViewAssets()
const canViewEngagements = this.getCanViewEngagements()
const isAdmin = this.getIsAdmin()

return (
<Tab
Expand All @@ -233,6 +244,7 @@ class TabContainer extends Component {
projectId={this.props.projectId}
canViewAssets={canViewAssets}
canViewEngagements={canViewEngagements}
isAdmin={isAdmin}
onBack={this.onBackToHome}
/>
)
Expand Down
6 changes: 3 additions & 3 deletions src/routes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ class Routes extends React.Component {
<FooterContainer />
)()}
/>
{canAccessEngagements && (
{isAdmin && (
Copy link

@github-actions github-actions bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[❗❗ correctness]
The change from canAccessEngagements to isAdmin may impact users who previously had access under the Talent Manager role. Ensure that this change aligns with the intended access control policy.

<Route exact path='/engagements'
render={() => renderApp(
<EngagementsList allEngagements />,
Expand All @@ -166,12 +166,12 @@ class Routes extends React.Component {
)()}
/>
)}
{!canAccessEngagements && (
{!isAdmin && (
Copy link

@github-actions github-actions bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[❗❗ correctness]
Similarly, the change from !canAccessEngagements to !isAdmin restricts the warning message to only non-admin users. Verify that this behavior is consistent with the new role-based access requirements.

<Route exact path='/engagements'
render={() => renderApp(
<Challenges
menu='NULL'
warnMessage={'You need Admin or Talent Manager role to view all engagements'}
warnMessage={'You need Admin role to view all engagements'}
/>,
<TopBarContainer />,
<Tab />,
Expand Down
Loading