removefromadminclaims()

removeFromAdminClaims

Function Name

removefromadminclaims

Trigger

This Cloud Function is triggered by an onCall event, meaning it is directly invoked by client-side applications. The function is designed to be accessed through a secure, authenticated API call.

Inputs

The function expects a JSON payload containing several parameters:

  • requesterUid (string): The UID of the user who is making the request. This UID is extracted from the authenticated session (request.auth.uid).
  • targetUid (string): The UID of the user whose administrative claims are being updated.
  • districtId (string): The identifier for the district from which the user's claims are to be removed.
  • schoolId (string): The identifier for the school from which the user's claims are to be removed.
  • classId (string): The identifier for the class from which the user's claims are to be removed.
  • familyId (string): The identifier for the family from which the user's claims are to be removed.
  • groupId (string): The identifier for the group from which the user's claims are to be removed.
  • action (string): A constant value set to "remove", indicating the nature of the operation.

Example JSON input:

{
  "requesterUid": "admin123",
  "targetUid": "user456",
  "districtId": "dist001",
  "schoolId": "sch002",
  "classId": "class003",
  "familyId": "fam004",
  "groupId": "grp005",
  "action": "remove"
}

Outputs

The function returns the result of the appendOrRemoveAdminOrgs function, which handles the actual update to the database. This result could be:

  • A success message indicating that the claims have been successfully removed.
  • An error message or object if the operation fails, which may include details such as invalid UIDs, permission issues, or database errors.

Description

The removefromadminclaims function is responsible for removing specific administrative claims associated with organizational affiliations (e.g., districts, schools, classes) from a specified user's profile. This is part of managing user access within the system, ensuring that users have appropriate rights that reflect their current roles or affiliations.

Error Handling

Effective error handling should be implemented to manage and log various failure scenarios, such as:

  • Non-existent UIDs for the requester or target.
  • Database operations failures, such as connection issues or transaction failures.
  • Permission errors if the requester does not have the right to modify administrative claims.
  • Handling unexpected input or incorrect data formats.

Errors should be logged and, where appropriate, detailed error information should be returned to the caller to facilitate troubleshooting while ensuring security best practices.

Security Considerations

  • Authentication: The function verifies that the request is made by an authenticated user.
  • Authorization: It should be verified that the requester has the appropriate rights to modify administrative claims, particularly if they are removing claims for another user.
  • Data Validation: The function should validate the input data to ensure all IDs are valid and properly formatted before attempting operations on the database.

Deployment

This function is deployed automatically using GitHub actions, whenever changes are merged into the main branch.

Edit this page
Last Updated:
Contributors: Kyle Montville, Adam Richie-Halford, Kyle, Elijah Kelly