Recently at work I was tasked to fix a bug that was occuring when a user would get assigned new roles. In our product we use roles to dictate what actions a user can do within the app. A user obtains a role either via an administrator assigning them a role or they can request a role and that request can later be approved by an administrator. Whenever a role gets assigned, the user's role requests for that role should also be approved. We have 2 main workflows where a user may be assigned a role:
- An administrator edits the user and assigns the role to a user via the user interface.
- An administrator can import a csv file with the user's email and their roles to be assigned.
The bug we were encountering was that in the bulk import workflow the user's requests were not getting auto approved. The product would then say the user had the role but was also requesting it. I discovered that both of the workflows were implemented individually and were both directly modifying the backing entity records. The