Skip to content

feat(admin): decrypt user email and phone before user event #860

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nevil-mathew merged 2 commits into from
Oct 28, 2025
Merged

feat(admin): decrypt user email and phone before user event #860

nevil-mathew merged 2 commits into from
Oct 28, 2025

Conversation

@nevil-mathew
Copy link
Collaborator

@nevil-mathew nevil-mathew commented Oct 28, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Bug Fixes
    • Resolved an issue where user email and phone values were appearing in encrypted form within admin role assignment events. These sensitive user contact fields are now properly decrypted before being included in event payloads, ensuring that backend systems and processes receive accurate, decrypted information for proper administrative operations.

@coderabbitai
Copy link

coderabbitai bot commented Oct 28, 2025
edited
Loading

Walkthrough

Modified AdminHelper.assignRole to decrypt user.email and user.phone before constructing the eventBody, ensuring the event payload uses decrypted values instead of encrypted ones.

Changes

Cohort / File(s) Change Summary
Email/Phone Decryption in AdminHelper
src/services/admin.js		 Adds decryption of user.email and user.phone (if present) in assignRole method after newValues computation, before eventBody construction

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Verify the decryption logic correctly handles optional fields (phone may not be present)
  • Confirm eventBody payload uses decrypted values and doesn't inadvertently expose encrypted data elsewhere
  • Ensure decryption timing doesn't introduce side effects on the user object

Possibly related PRs

Poem

🐰 Secrets whispered, now revealed—
When roles assigned, truth's unsealed!
Decrypt the mail, the phone set free,
Event payloads plainly see. ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The PR title "feat(admin): decrypt user email and phone before user event" directly aligns with the main change described in the raw summary. The change involves decrypting user email and phone fields in AdminHelper.assignRole before constructing the event payload, and the title accurately captures this core functionality. The title is concise, specific (mentions email and phone), uses conventional commit format, and avoids vague terminology. A teammate reviewing the commit history would clearly understand that this PR adds decryption of user credentials in the admin service's event handling logic.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch org-list-fix

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Oct 28, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 662bf35 and 8a93e2d.

📒 Files selected for processing (1)
  • src/services/admin.js (1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
src/services/**

⚙️ CodeRabbit configuration file

This is core business logic. Please check for correctness, efficiency, and potential edge cases.

Files:

  • src/services/admin.js
🧬 Code graph analysis (1)
src/services/admin.js (7)
src/services/org-admin.js (2)
  • user (371-374)
  • emailEncryption (27-27)
src/services/account.js (11)
  • user (136-145)
  • user (703-703)
  • user (848-848)
  • user (898-898)
  • user (1051-1051)
  • user (1204-1213)
  • user (1385-1393)
  • user (1733-1733)
  • user (1956-1959)
  • user (2067-2067)
  • emailEncryption (29-29)
src/services/user.js (4)
  • user (48-51)
  • user (319-319)
  • user (440-440)
  • emailEncryption (21-21)
src/database/queries/users.js (1)
  • emailEncryption (6-6)
src/helpers/userInvite.js (1)
  • emailEncryption (24-24)
src/services/organization.js (1)
  • emailEncryption (17-17)
src/services/userInvite.js (1)
  • emailEncryption (31-31)

@nevil-mathew nevil-mathew merged commit 5f6c521 into develop Oct 28, 2025
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nevil-mathew