Add admins to cohort member list on access (ARB-510)#389
Merged
Conversation
When an admin connects to a cohort via WebSocket, they should be automatically added to the global cohort_member table if they're not already a member. This ensures the admin cohort member list accurately reflects who has accessed the cohort. Previously, admins were allowed to access any cohort due to the is_admin authorization check, but they were never added to the cohort member list. Now, after authentication, we ensure admins are added as members of the cohort they're accessing.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
briansmiley
added a commit
that referenced
this pull request
Apr 14, 2026
Reverts commits 7cd390c..c5f4008 (15 commits) to restore the pre-multi-cohort state. Critical event tomorrow — rolling back to last known stable state. Reverted commits: - 7cd390c Multi-cohort support with per-member initial balance (#358) - 1a9259e Allow sudoed admins higher decimal precision (#370) - 612f7e7 Add select all / clear buttons to transfer recipient multiselect (#350) - ec96705 Link cohort members to existing users when added by email (#378) - eed7a73 Consolidate admin page data loading into single /api/admin/overview (#381) - eac92d0 Populate global user display name from id_token on login (ARB-515) (#380) - c5461ee Remove redundant Refresh button from /admin page (#382) - 77168e3 Sync Kinde admin role into global_user.is_admin (ARB-512) (#379) - 685ee0c Remove dead get_market_positions and fix 0.5.0 ImportError (#385) - e9d49f7 Constrain initial balance inputs to numeric values (#383) - 95ff300 Stop overwriting global_user display_name on admin REST calls (#386) - 0163100 Show user email on admin page while editing display name (#387) - 85f2c5f Fix user selection dropdown hover when multiple users have same name (#388) - 3fedb38 Add admins to cohort member list on access (ARB-510) (#389) - c5f4008 Fan out display-name rename to every cohort (ARB-513) (#390) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
briansmiley
added a commit
that referenced
this pull request
Apr 14, 2026
Reverts commits 7cd390c..c5f4008 (15 commits) to restore the pre-multi-cohort state. Critical event tomorrow — rolling back to last known stable state. Reverted commits: - 7cd390c Multi-cohort support with per-member initial balance (#358) - 1a9259e Allow sudoed admins higher decimal precision (#370) - 612f7e7 Add select all / clear buttons to transfer recipient multiselect (#350) - ec96705 Link cohort members to existing users when added by email (#378) - eed7a73 Consolidate admin page data loading into single /api/admin/overview (#381) - eac92d0 Populate global user display name from id_token on login (ARB-515) (#380) - c5461ee Remove redundant Refresh button from /admin page (#382) - 77168e3 Sync Kinde admin role into global_user.is_admin (ARB-512) (#379) - 685ee0c Remove dead get_market_positions and fix 0.5.0 ImportError (#385) - e9d49f7 Constrain initial balance inputs to numeric values (#383) - 95ff300 Stop overwriting global_user display_name on admin REST calls (#386) - 0163100 Show user email on admin page while editing display name (#387) - 85f2c5f Fix user selection dropdown hover when multiple users have same name (#388) - 3fedb38 Add admins to cohort member list on access (ARB-510) (#389) - c5f4008 Fan out display-name rename to every cohort (ARB-513) (#390) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When an admin accesses a cohort via WebSocket, they are now automatically added to the global cohort member list. Previously, admins could access any cohort due to authorization bypass, but they weren't recorded as members of the cohort.
Changes
authenticatefunction inbackend/src/handle_socket.rsto add admins to the cohort_member table on first accessadd_member_by_user_idto insert the admin into the cohort_member table with no initial balance setTesting