Skip to content

fix: role hierarchy security when listing users#14

Merged
devcavin merged 1 commit into
mainfrom
server
Jul 1, 2026
Merged

fix: role hierarchy security when listing users#14
devcavin merged 1 commit into
mainfrom
server

Conversation

@devcavin

@devcavin devcavin commented Jul 1, 2026

Copy link
Copy Markdown
Owner

This pull request introduces several important changes to user authorization logic, exception handling, and data seeding, as well as minor dependency and configuration updates. The most significant updates include refactoring user visibility and access control, improving exception handling for security-related errors, and updating the initial database seed data for the super admin account.

Authorization and Access Control:

  • Refactored user access control in UserService: Replaced the enforceSiteBoundary function with a new enforceVisibilityRules function to provide more granular authorization checks, especially for managers and site boundaries. Managers can now only view staff accounts, and users are restricted to their own site unless they are super admins. All relevant service methods now use this new enforcement. [1] [2] [3]
  • Updated user retrieval logic: The findByIdWithRole repository method now returns an Optional<User> instead of a nullable User, improving safety and consistency in handling missing users.

Exception Handling Improvements:

  • Changed InvalidCredentialsException and InvalidRefreshTokenException to extend Spring Security’s BadCredentialsException for better integration with Spring Security’s authentication error handling.
  • Added a custom AccessDeniedException for authorization errors and updated the global exception handler to return HTTP 403 Forbidden for access denials, including handling of Spring Security’s AuthorizationDeniedException. [1] [2] [3]

Database and Data Seeding:

  • Updated the super admin seed data: Changed the default site and super admin user IDs, name, email, and password hash in the database migration script to reflect new onboarding and security requirements.

Repository and Query Updates:

  • Ensured uniqueness in queries: Added DISTINCT to the findByIdWithRoleAndSite query to prevent duplicate results.

Configuration and Dependency Updates:

  • Upgraded the Postgres Docker image from version 15 to 16 for the development environment.
  • Enabled health endpoint exposure in the Spring Boot actuator configuration.

These changes collectively improve the security, maintainability, and clarity of user authorization, error handling, and initial setup.

Closes #13

@devcavin devcavin merged commit d9ee5bb into main Jul 1, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security: Enforce role hierarchy when listing users(managers can view privileged users through user listing endpoint)

1 participant