feat: Add an api to edit onboarding extension request details before approval or rejection #2334
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
pankajjs
force-pushed
the
feat/add-api-to-edit-request
branch
from
acb162a to
82d007e
Compare
pankajjs
force-pushed
the
feat/add-api-to-edit-request
branch
4 times, most recently
from
05611b1 to
eb86437
Compare
pankajjs
force-pushed
the
feat/add-api-to-edit-request
branch
from
eb86437 to
31c470b
Compare
| * @returns {Promise<OnboardingExtensionResponse>} - Returns a promise that resolves to a response indicating success or failure. | ||
| */ | ||
| export const updateOnboardingExtensionRequestController = async ( |
There was a problem hiding this comment.
I couldn't find a validation check to ensure that this update request is being made either by the request owner or a superuser? Can you please tell me the line number?
There was a problem hiding this comment.
Anyone who is authenticated can update the request same as our Task ER. We are storing logs to check who is updating the request. In some cases, we need that the request is updated by an authenticated user. If we constraint this feature to request owner, we can not deal with uncertain cases.
What do you think on this?
There was a problem hiding this comment.
I don't know about the backend implementation of the task ER but the frontend logic is such that only owner of that requests or superuser can update ERs. This is a product question , I think we should ask @ankushdharkar about this.
There was a problem hiding this comment.
I think you are right. We should only allow the request owner or super user to edit the details.
Thanks for pointing it out.
- Add common validator to redirect request based on type of extension - Add type field in onboarding extension validator - Import addLog from services to make it available for stubbing while testing - Moved response messages to constants file - Reuse single instance of current date in request and log model for consistent data
pankajjs
force-pushed
the
feat/add-api-to-edit-request
branch
from
31c470b to
70e79fb
Compare
Date: 3 Dec, 2025
Developer Name: @pankajjs
Issue Ticket Number
Description
Documentation Updated?
Under Feature Flag
Database Changes
Breaking Changes
Development Tested?
Screenshots
Screenshots
Test Coverage
Test coverage has been added in test PR #2335
Additional Notes