huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

refactor(server scopes): use constants for streams owner role

Browse Source
This commit is contained in:
Gergő Jedlicska
2023-07-26 14:08:47 +02:00
parent bd98b56e02
commit a2bb36e43e
8 changed files with 18 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/modules/comments/services/index.js
+2 -1
View File
@@ -13,6 +13,7 @@ const {
markCommentViewed
} = require('@/modules/comments/repositories/comments')
const { clamp } = require('lodash')
const { Roles } = require('@speckle/shared')
const Comments = () => knex('comments')
const CommentLinks = () => knex('comment_links')
@@ -221,7 +222,7 @@ module.exports = {
.first()
if (comment.authorId !== userId) {
if (!aclEntry || aclEntry.role !== 'stream:owner')
if (!aclEntry || aclEntry.role !== Roles.Stream.Owner)
throw new ForbiddenError("You don't have permission to archive the comment")
}
packages/server/modules/core/graph/resolvers/streams.js
+4 -4
View File
@@ -221,13 +221,13 @@ module.exports = {
},
async streamUpdate(parent, args, context) {
await authorizeResolver(context.userId, args.stream.id, 'stream:owner')
await authorizeResolver(context.userId, args.stream.id, Roles.Stream.Owner)
await updateStreamAndNotify(args.stream, context.userId)
return true
},
async streamDelete(parent, args, context, info) {
await authorizeResolver(context.userId, args.id, 'stream:owner')
await authorizeResolver(context.userId, args.id, Roles.Stream.Owner)
return await _deleteStream(parent, args, context, info)
},
@@ -246,7 +246,7 @@ module.exports = {
await authorizeResolver(
context.userId,
args.permissionParams.streamId,
'stream:owner'
Roles.Stream.Owner
)
const result = await updateStreamRoleAndNotify(
@@ -260,7 +260,7 @@ module.exports = {
await authorizeResolver(
context.userId,
args.permissionParams.streamId,
'stream:owner'
Roles.Stream.Owner
)
const result = await updateStreamRoleAndNotify(
packages/server/modules/core/repositories/streams.ts
+1 -1
View File
@@ -930,7 +930,7 @@ export async function revokeStreamPermissions(params: {
.select<StreamAclRecord[]>('*')
.first()
if (aclEntry?.role === 'stream:owner') {
if (aclEntry?.role === Roles.Stream.Owner) {
const [countObj] = await StreamAcl.knex()
.where({
resourceId: streamId,
packages/server/modules/core/services/users.js
+2 -2
View File
@@ -227,9 +227,9 @@ module.exports = {
(
-- Get streams ids on which the user is owner
SELECT "resourceId" FROM stream_acl
WHERE role = 'stream:owner' AND "userId" = ?
WHERE role = ${Roles.Stream.Owner} AND "userId" = ?
) AS us ON acl."resourceId" = us."resourceId"
WHERE acl.role = 'stream:owner'
WHERE acl.role = ${Roles.Stream.Owner}
GROUP BY (acl."resourceId")
) AS soc
WHERE cnt = 1
packages/server/modules/core/tests/generic.spec.js
+1 -1
View File
@@ -154,7 +154,7 @@ describe('Generic AuthN & AuthZ controller tests', () => {
myStream.id,
'stream:contributor'
)
expect(role).to.equal('stream:owner')
expect(role).to.equal(Roles.Stream.Owner)
})
it('should get the passed in role for server:admins if override enabled', async () => {
packages/server/modules/core/tests/graph.spec.js
+1 -1
View File
@@ -1277,7 +1277,7 @@ describe('GraphQL API Core @core-api', () => {
expect(stream.name).to.equal('TS1 (u A) Private UPDATED')
expect(stream.collaborators).to.have.lengthOf(2)
expect(stream.collaborators[0].role).to.equal('stream:contributor')
expect(stream.collaborators[1].role).to.equal('stream:owner')
expect(stream.collaborators[1].role).to.equal(Roles.Stream.Owner)
})
it('Should retrieve a public stream even if not authenticated', async () => {
packages/server/modules/core/tests/users.spec.js
+2 -2
View File
@@ -41,7 +41,7 @@ const {
const { createObject } = require('../services/objects')
const { beforeEachContext } = require('@/test/hooks')
const { Scopes } = require('@speckle/shared')
const { Scopes, Roles } = require('@speckle/shared')
describe('Actors & Tokens @user-services', () => {
const myTestActor = {
@@ -194,7 +194,7 @@ describe('Actors & Tokens @user-services', () => {
await grantPermissionsStream({
streamId: multiOwnerStream.id,
userId: myTestActor.id,
role: 'stream:owner'
role: Roles.Stream.Owner
})
// create a branch for ballmer on the multiowner stream
packages/server/modules/webhooks/graph/resolvers/webhooks.js
+5 -4
View File
@@ -10,11 +10,12 @@ const {
getLastWebhookEvents,
getWebhookEventsCount
} = require('../../services/webhooks')
const { Roles } = require('@speckle/shared')
module.exports = {
Stream: {
async webhooks(parent, args, context) {
await authorizeResolver(context.userId, parent.id, 'stream:owner')
await authorizeResolver(context.userId, parent.id, Roles.Stream.Owner)
if (args.id) {
const wh = await getWebhook({ id: args.id })
@@ -41,7 +42,7 @@ module.exports = {
Mutation: {
async webhookCreate(parent, args, context) {
await authorizeResolver(context.userId, args.webhook.streamId, 'stream:owner')
await authorizeResolver(context.userId, args.webhook.streamId, Roles.Stream.Owner)
const id = await createWebhook({
streamId: args.webhook.streamId,
@@ -55,7 +56,7 @@ module.exports = {
return id
},
async webhookUpdate(parent, args, context) {
await authorizeResolver(context.userId, args.webhook.streamId, 'stream:owner')
await authorizeResolver(context.userId, args.webhook.streamId, Roles.Stream.Owner)
const wh = await getWebhook({ id: args.webhook.id })
if (args.webhook.streamId !== wh.streamId)
@@ -75,7 +76,7 @@ module.exports = {
return !!updated
},
async webhookDelete(parent, args, context) {
await authorizeResolver(context.userId, args.webhook.streamId, 'stream:owner')
await authorizeResolver(context.userId, args.webhook.streamId, Roles.Stream.Owner)
const wh = await getWebhook({ id: args.webhook.id })
if (args.webhook.streamId !== wh.streamId)