App icon indicating copy to clipboard operation
App copied to clipboard
verified publisher icon Expensify

53504-Expensify Card-The "Issue card" flow can be completed by entering any random magic code

Open mitarachim opened this issue 1 year ago • 6 comments

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

Version Number: 9.0.71-1 Reproducible in staging?: Yes Reproducible in production?: Yes If this was caught on HybridApp, is this reproducible on New Expensify Standalone?: N/A If this was caught during regression testing, add the test name, ID and link from TestRail: https://expensify.testrail.io/index.php?/tests/view/5297062 Email or phone of affected tester (no customers): N/A Issue reported by: Applause Internal Team

Action Performed:

Setup: User is an admin of a workspace and has enabled Expensify Cards in more features. User has set a fully verified VBA before. Any Gmail or expensifail account can be used.

Steps:

  1. Navigate to the "Expensify Card" page in WS settings
  2. Click on "Issue new card"
  3. Select the user you are using
  4. Select Virtual Card
  5. Select Fixed amount and Next
  6. Enter $2, select Next
  7. Enter a card name and continue
  8. Click on the issue card button
  9. Enter a random magic code (different from the one received in the email)

Expected Result:

An error message should appear if the user enters a different magic code than the one received in the email.

Actual Result:

The "Issue card" flow can be completed by entering any random magic code.

Workaround:

Unknown

Platforms:

  • [ ] Android: Standalone
  • [x] Android: HybridApp
  • [ ] Android: mWeb Chrome
  • [ ] iOS: Standalone
  • [ ] iOS: HybridApp
  • [ ] iOS: mWeb Safari
  • [x] MacOS: Chrome / Safari
  • [ ] MacOS: Desktop

Screenshots/Videos

https://github.com/user-attachments/assets/835a8ffb-b2ff-4e50-9784-e9f5496e872b

View all open jobs on GitHub

mitarachim avatar Dec 05 '24 08:12 mitarachim

📣 @mitarachim! 📣 Please report bugs or suggest features in the #expensify-open-source Slack channel, don't directly open issues in this repo! Instructions here to join the channel 📖

melvin-bot[bot] avatar Dec 05 '24 08:12 melvin-bot[bot]

Triggered auto assignment to @mallenexpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details. Please add this bug to a GH project, as outlined in the SO.

melvin-bot[bot] avatar Dec 05 '24 08:12 melvin-bot[bot]

Closed by mistake. Reopening as this was created by one of Applause team leads.

izarutskaya avatar Dec 05 '24 08:12 izarutskaya

Can't reproduce

Screenshot 2024-12-07 at 00 26 24

cc @mountiny

DylanDylann avatar Dec 06 '24 17:12 DylanDylann

This has been labelled "Needs Reproduction". Follow the steps here: https://stackoverflowteams.com/c/expensify/questions/16989

MelvinBot avatar Dec 07 '24 00:12 MelvinBot

Unable to reproduce, held up when tried to issue cards image

Gonna see if a C+ can reproduce, thanks for trying @DylanDylann https://expensify.slack.com/archives/C02NK2DQWUX/p1733531171682909?thread_ts=1733530957.217909&cid=C02NK2DQWUX

mallenexpensify avatar Dec 07 '24 00:12 mallenexpensify

Looking

mountiny avatar Dec 08 '24 23:12 mountiny

Ok this is because this PR was just deployed to production 4 days ago that started to enforce it so nothing really to do here

mountiny avatar Dec 08 '24 23:12 mountiny