mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-05-30 02:50:03 -04:00
a65ada0d7e
When the admin app gets user objects from the API, these include a dict of permissions by service for what the user can do to that services. Permissions for inactive services are not included in the response as per:87cb6f2597/app/dao/permissions_dao.py (L66)However, this causes a bug where a service is archived but cached user data still tells us that the user has permissions to view the service. This should not be the case and causes errors where users can still see the archived service page, it's settings, and even request to go live for it, because they are using old cached data for the user. We solve this by deleting the users who are part of the service from the cache. We also delete the templates for this service from the cache as the templates are also archived when we ask the API to archive the service as per:d95c0131e0/app/service/rest.py (L597)Note, one decision I had to make was whether to delete the user cache for just active team members or also invited users. Assuming an invited user can't see the service until they've accepted their invite anyway, it shouldn't make any difference whether we delete their cache or not.