huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Merge commit '49f05eac5f6a8af2ae71d9ef650bab2e5c995b9d' into matteo/gql

Browse Source 
# Conflicts:
#	readme.md
This commit is contained in:
Matteo Cominetti
2020-07-27 23:14:51 +01:00
parent c6e08b2c5d 49f05eac5f
commit 304397e1ee
7 changed files with 106 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/core/graph/resolvers/streams.js
+86 -86
View File
@@ -1,92 +1,92 @@
'use strict'
const { AuthorizationError, ApolloError } = require('apollo-server-express')
const appRoot = require('app-root-path')
const { AuthorizationError, ApolloError } = require( 'apollo-server-express' )
const appRoot = require( 'app-root-path' )
const {
createStream,
getStream,
updateStream,
deleteStream,
getUserStreams,
getUserStreamsCount,
getStreamUsers,
grantPermissionsStream,
revokePermissionsStream
} = require('../../services/streams')
const { validateServerRole, validateScopes, authorizeResolver } = require(`${appRoot}/modules/shared`)
createStream,
getStream,
updateStream,
deleteStream,
getUserStreams,
getUserStreamsCount,
getStreamUsers,
grantPermissionsStream,
revokePermissionsStream
} = require( '../../services/streams' )
const { validateServerRole, validateScopes, authorizeResolver } = require( `${appRoot}/modules/shared` )
module.exports = {
Query: {
async stream(parent, args, context, info) {
await validateScopes(context.scopes, 'streams:read')
await authorizeResolver(context.userId, args.id, 'stream:reviewer')
Query: {
async stream( parent, args, context, info ) {
await validateScopes( context.scopes, 'streams:read' )
await authorizeResolver( context.userId, args.id, 'stream:reviewer' )
let stream = await getStream({ streamId: args.id })
return stream
}
},
Stream: {
async collaborators(parent, args, context, info) {
let users = await getStreamUsers({ streamId: parent.id })
return users
}
},
User: {
async streams(parent, args, context, info) {
// Return only the user's public streams if parent.id !== context.userId
let publicOnly = parent.id !== context.userId
let totalCount = await getUserStreamsCount({ userId: parent.id, publicOnly })
let { cursor, streams } = await getUserStreams({ userId: parent.id, limit: args.limit, cursor: args.cursor, publicOnly: publicOnly })
return { totalCount, cursor: cursor, items: streams }
}
},
Mutation: {
async streamCreate(parent, args, context, info) {
await validateServerRole(context, 'server:user')
await validateScopes(context.scopes, 'streams:write')
let id = await createStream({...args.stream, ownerId: context.userId })
return id
},
async streamUpdate(parent, args, context, info) {
await validateServerRole(context, 'server:user')
await validateScopes(context.scopes, 'streams:write')
await authorizeResolver(context.userId, args.stream.id, 'stream:owner')
await updateStream({ streamId: args.stream.id, name: args.stream.name, description: args.stream.description })
return true
},
async streamDelete(parent, args, context, info) {
await validateServerRole(context, 'server:user')
await validateScopes(context.scopes, 'streams:write')
await authorizeResolver(context.userId, args.id, 'stream:owner')
await deleteStream({ streamId: args.id })
return true
},
async streamGrantPermission(parent, args, context, info) {
await validateServerRole(context, 'server:user')
await validateScopes(context.scopes, 'streams:write')
await authorizeResolver(context.userId, args.streamId, 'stream:owner')
if (context.userId === args.userId) throw new Error('You cannot set roles for yourself.')
return await grantPermissionsStream({ streamId: args.streamId, userId: args.userId, role: args.role.toLowerCase() || 'read' })
},
async streamRevokePermission(parent, args, context, info) {
await validateServerRole(context, 'server:user')
await validateScopes(context.scopes, 'streams:write')
await authorizeResolver(context.userId, args.streamId, 'stream:owner')
return await revokePermissionsStream({...args })
}
let stream = await getStream( { streamId: args.id } )
return stream
}
}
},
Stream: {
async collaborators( parent, args, context, info ) {
let users = await getStreamUsers( { streamId: parent.id } )
return users
}
},
User: {
async streams( parent, args, context, info ) {
// Return only the user's public streams if parent.id !== context.userId
let publicOnly = parent.id !== context.userId
let totalCount = await getUserStreamsCount( { userId: parent.id, publicOnly } )
let { cursor, streams } = await getUserStreams( { userId: parent.id, limit: args.limit, cursor: args.cursor, publicOnly: publicOnly } )
return { totalCount, cursor: cursor, items: streams }
}
},
Mutation: {
async streamCreate( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await validateScopes( context.scopes, 'streams:write' )
let id = await createStream( { ...args.stream, ownerId: context.userId } )
return id
},
async streamUpdate( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await validateScopes( context.scopes, 'streams:write' )
await authorizeResolver( context.userId, args.stream.id, 'stream:owner' )
await updateStream( { streamId: args.stream.id, name: args.stream.name, description: args.stream.description } )
return true
},
async streamDelete( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await validateScopes( context.scopes, 'streams:write' )
await authorizeResolver( context.userId, args.id, 'stream:owner' )
await deleteStream( { streamId: args.id } )
return true
},
async streamGrantPermission( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await validateScopes( context.scopes, 'streams:write' )
await authorizeResolver( context.userId, args.streamId, 'stream:owner' )
if ( context.userId === args.userId ) throw new Error( 'You cannot set roles for yourself.' )
return await grantPermissionsStream( { streamId: args.streamId, userId: args.userId, role: args.role.toLowerCase( ) || 'read' } )
},
async streamRevokePermission( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await validateScopes( context.scopes, 'streams:write' )
await authorizeResolver( context.userId, args.streamId, 'stream:owner' )
return await revokePermissionsStream( { ...args } )
}
}
}