Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FIX] Omnichannel Take Inquiry endpoint checking wrong permission #18446

Merged

Conversation

renatobecker
Copy link
Contributor

Proposed changes

The livechat/inquiries.take was checking a permission design to be assigned to admins and managers only, so agents weren't able to take inquiries from other clients other than the web client, which is still using the livechat:takeInquiry meteor method.
Since the endpoint calls the same livechat:takeInquiry meteor method, there is no reason to check additional permission.

Issue(s)

CLOSES #18440

How to test or reproduce

  • As a user who have the livechat-agent role, try to take an omnichannel Inquiry through the livechat/inquiries.take REST endpoint;
  • The request won't be accepted due to the wrong/unecessary permission checked

Screenshots

Types of changes

  • Bugfix (non-breaking change which fixes an issue)
  • Improvement (non-breaking change which improves a current function)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Hotfix (a major bugfix that has to be merged asap)
  • Documentation Update (if none of the other choices apply)

Checklist

  • I have read the CONTRIBUTING doc
  • I have signed the CLA
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works (if applicable)
  • I have added necessary documentation (if applicable)
  • Any dependent changes have been merged and published in downstream modules

Changelog

Further comments

@renatobecker renatobecker added this to the 3.6.0 milestone Jul 31, 2020
@renatobecker renatobecker requested a review from a team July 31, 2020 14:06
@renatobecker renatobecker modified the milestones: 3.6.0, 3.5.1 Jul 31, 2020
@sampaiodiego sampaiodiego merged commit 7d2262b into develop Jul 31, 2020
@sampaiodiego sampaiodiego deleted the omnichannel/fix-wrong-permission-take-inquiry-endpoint branch July 31, 2020 21:55
@sampaiodiego sampaiodiego mentioned this pull request Jul 31, 2020
gabriellsh added a commit that referenced this pull request Aug 10, 2020
…omni

* 'develop' of github.com:RocketChat/Rocket.Chat:
  [NEW] Add REST API endpoint to search Livechat visitors (#18514)
  LingoHub based on develop (#18516)
  Update README.md (#18503)
  [NEW] Channel avatar (#18443)
  [FIX] Sending notifications from senders without a name (#18479)
  [FIX] UserCard avatar cache (avatarETag) (#18466)
  [IMPROVE] Admin Info page requires permission (#18408)
  [FIX] Marking room as read with unread threads still (#18410)
  [FIX] Random generated password not matching the Password Policy (#18475)
  Typo in privacy agreement message (#18476)
  bugfix for uploading files from livechat (#18474)
  LingoHub based on develop (#18465)
  [NEW] Add the ability to set the character message limit on Livechat widget (#18261)
  [FIX] Migration 194 (#18457)
  [FIX] Omnichannel session monitor is not starting (#18412)
  [FIX] Invalid MIME type when uploading audio files (#18426)
  [FIX] Error when updating omnichannel department without agents parameter (#18428)
  [FIX] Omnichannel Take Inquiry endpoint checking wrong permission (#18446)
  [FIX] Multiple push notifications sent via native drivers (#18442)
  [FIX] Appending 'false' to Jitsi URL (#18430)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[BUG][OMNICHANNEL] Inconsistent behavior on takeInquiry
2 participants