fix: move is owned by check to load factor #1703

J0 · 2024-08-02T18:28:16Z

What kind of change does this PR introduce?

In loadFactor ensure that all factors which are loaded are owned by the user

internal/api/mfa.go

coveralls · 2024-08-02T18:40:50Z

Pull Request Test Coverage Report for Build 10227146037

Details

11 of 12 (91.67%) changed or added relevant lines in 2 files are covered.
3 unchanged lines in 1 file lost coverage.
Overall coverage increased (+0.06%) to 58.316%

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
internal/models/user.go	8	9	88.89%

Files with Coverage Reduction	New Missed Lines	%
internal/models/factor.go	3	78.26%

Totals
Change from base Build 10220299034:	0.06%
Covered Lines:	9193
Relevant Lines:	15764

💛 - Coveralls

internal/api/mfa.go

internal/api/admin.go

internal/api/mfa.go

🤖 I have created a release *beep* *boop* --- ## [2.158.1](v2.158.0...v2.158.1) (2024-08-05) ### Bug Fixes * add last_challenged_at field to mfa factors ([#1705](#1705)) ([29cbeb7](29cbeb7)) * allow enabling sms hook without setting up sms provider ([#1704](#1704)) ([575e88a](575e88a)) * drop the MFA_ENABLED config ([#1701](#1701)) ([078c3a8](078c3a8)) * enforce uniqueness on verified phone numbers ([#1693](#1693)) ([70446cc](70446cc)) * expose `X-Supabase-Api-Version` header in CORS ([#1612](#1612)) ([6ccd814](6ccd814)) * include factor_id in query ([#1702](#1702)) ([ac14e82](ac14e82)) * move is owned by check to load factor ([#1703](#1703)) ([701a779](701a779)) * refactor TOTP MFA into separate methods ([#1698](#1698)) ([250d92f](250d92f)) * remove check for content-length ([#1700](#1700)) ([81b332d](81b332d)) * remove FindFactorsByUser ([#1707](#1707)) ([af8e2dd](af8e2dd)) * update openapi spec for MFA (Phone) ([#1689](#1689)) ([a3da4b8](a3da4b8)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

## What kind of change does this PR introduce? In `loadFactor` ensure that all factors which are loaded are owned by the user

🤖 I have created a release *beep* *boop* --- ## [2.158.1](supabase/auth@v2.158.0...v2.158.1) (2024-08-05) ### Bug Fixes * add last_challenged_at field to mfa factors ([supabase#1705](supabase#1705)) ([29cbeb7](supabase@29cbeb7)) * allow enabling sms hook without setting up sms provider ([supabase#1704](supabase#1704)) ([575e88a](supabase@575e88a)) * drop the MFA_ENABLED config ([supabase#1701](supabase#1701)) ([078c3a8](supabase@078c3a8)) * enforce uniqueness on verified phone numbers ([supabase#1693](supabase#1693)) ([70446cc](supabase@70446cc)) * expose `X-Supabase-Api-Version` header in CORS ([supabase#1612](supabase#1612)) ([6ccd814](supabase@6ccd814)) * include factor_id in query ([supabase#1702](supabase#1702)) ([ac14e82](supabase@ac14e82)) * move is owned by check to load factor ([supabase#1703](supabase#1703)) ([701a779](supabase@701a779)) * refactor TOTP MFA into separate methods ([supabase#1698](supabase#1698)) ([250d92f](supabase@250d92f)) * remove check for content-length ([supabase#1700](supabase#1700)) ([81b332d](supabase@81b332d)) * remove FindFactorsByUser ([supabase#1707](supabase#1707)) ([af8e2dd](supabase@af8e2dd)) * update openapi spec for MFA (Phone) ([supabase#1689](supabase#1689)) ([a3da4b8](supabase@a3da4b8)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

## What kind of change does this PR introduce? In `loadFactor` ensure that all factors which are loaded are owned by the user

🤖 I have created a release *beep* *boop* --- ## [2.158.1](supabase/auth@v2.158.0...v2.158.1) (2024-08-05) ### Bug Fixes * add last_challenged_at field to mfa factors ([supabase#1705](supabase#1705)) ([29cbeb7](supabase@29cbeb7)) * allow enabling sms hook without setting up sms provider ([supabase#1704](supabase#1704)) ([575e88a](supabase@575e88a)) * drop the MFA_ENABLED config ([supabase#1701](supabase#1701)) ([078c3a8](supabase@078c3a8)) * enforce uniqueness on verified phone numbers ([supabase#1693](supabase#1693)) ([70446cc](supabase@70446cc)) * expose `X-Supabase-Api-Version` header in CORS ([supabase#1612](supabase#1612)) ([6ccd814](supabase@6ccd814)) * include factor_id in query ([supabase#1702](supabase#1702)) ([ac14e82](supabase@ac14e82)) * move is owned by check to load factor ([supabase#1703](supabase#1703)) ([701a779](supabase@701a779)) * refactor TOTP MFA into separate methods ([supabase#1698](supabase#1698)) ([250d92f](supabase@250d92f)) * remove check for content-length ([supabase#1700](supabase#1700)) ([81b332d](supabase@81b332d)) * remove FindFactorsByUser ([supabase#1707](supabase#1707)) ([af8e2dd](supabase@af8e2dd)) * update openapi spec for MFA (Phone) ([supabase#1689](supabase#1689)) ([a3da4b8](supabase@a3da4b8)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

fix: move is owned by check to loda factor

54404e0

J0 commented Aug 2, 2024

View reviewed changes

internal/api/mfa.go Outdated Show resolved Hide resolved

fix: remove unused reference to user

4e5dd3f

J0 added 3 commits August 2, 2024 20:43

fix: condense checks around validation

0901164

fix: additional test

500cd9f

fix: correct condition

37959f4

J0 commented Aug 2, 2024

View reviewed changes

internal/api/mfa.go Outdated Show resolved Hide resolved

fix: update status code

0bd4921

J0 commented Aug 2, 2024

View reviewed changes

internal/api/admin.go Outdated Show resolved Hide resolved

J0 marked this pull request as ready for review August 2, 2024 19:36

J0 requested a review from a team as a code owner August 2, 2024 19:36

kangmingtay approved these changes Aug 3, 2024

View reviewed changes

internal/api/admin.go Outdated Show resolved Hide resolved

internal/api/mfa.go Outdated Show resolved Hide resolved

J0 added 2 commits August 3, 2024 11:49

fix: update challenge check

46b6804

fix: update c -> challenge

2aa0751

J0 commented Aug 3, 2024

View reviewed changes

internal/api/mfa.go Outdated Show resolved Hide resolved

J0 commented Aug 3, 2024

View reviewed changes

internal/api/mfa.go Outdated Show resolved Hide resolved

fix: correct check to original check

f8f9cf1

J0 merged commit 701a779 into master Aug 3, 2024
2 checks passed

J0 deleted the j0/mfa_refactor_load_factor branch August 3, 2024 10:13

github-actions bot mentioned this pull request Aug 3, 2024

chore(master): release 2.158.1 #1699

Merged

uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024

fix: move is owned by check to load factor (supabase#1703)

4e6a82e

## What kind of change does this PR introduce? In `loadFactor` ensure that all factors which are loaded are owned by the user

LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024

fix: move is owned by check to load factor (supabase#1703)

bffdd23

## What kind of change does this PR introduce? In `loadFactor` ensure that all factors which are loaded are owned by the user

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: move is owned by check to load factor #1703

fix: move is owned by check to load factor #1703

J0 commented Aug 2, 2024

coveralls commented Aug 2, 2024 •

edited

Loading

fix: move is owned by check to load factor #1703

fix: move is owned by check to load factor #1703

Conversation

J0 commented Aug 2, 2024

What kind of change does this PR introduce?

coveralls commented Aug 2, 2024 • edited Loading

Pull Request Test Coverage Report for Build 10227146037

Details

💛 - Coveralls

coveralls commented Aug 2, 2024 •

edited

Loading