huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(subs): auth within subscripition resolvers

Browse Source
This commit is contained in:
izzy lyseggen
2020-08-21 14:11:10 +01:00
parent 397fb04689
commit be8e8be854
3 changed files with 33 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/core/graph/resolvers/branches.js
+9 -3
View File
@@ -99,13 +99,17 @@ module.exports = {
Subscription: {
branchCreated: {
subscribe: withFilter( () => pubsub.asyncIterator( [ BRANCH_CREATED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.streamId === variables.streamId
} )
},
branchUpdated: {
subscribe: withFilter( () => pubsub.asyncIterator( [ BRANCH_UPDATED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
let streamMatch = payload.streamId === variables.streamId
if ( streamMatch && variables.branchId ) {
return payload.branchId === variables.branchId
@@ -116,7 +120,9 @@ module.exports = {
},
branchDeleted: {
subscribe: withFilter( () => pubsub.asyncIterator( [ BRANCH_DELETED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.streamId === variables.streamId
} )
}
modules/core/graph/resolvers/commits.js
+9 -3
View File
@@ -133,13 +133,17 @@ module.exports = {
Subscription: {
commitCreated: {
subscribe: withFilter( () => pubsub.asyncIterator( [ COMMIT_CREATED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.streamId === variables.streamId
} )
},
commitUpdated: {
subscribe: withFilter( () => pubsub.asyncIterator( [ COMMIT_UPDATED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
let streamMatch = payload.streamId === variables.streamId
if ( streamMatch && variables.commitId ) {
return payload.commitId === variables.commitId
@@ -150,7 +154,9 @@ module.exports = {
},
commitDeleted: {
subscribe: withFilter( () => pubsub.asyncIterator( [ COMMIT_DELETED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.streamId === variables.streamId
} )
}
modules/core/graph/resolvers/streams.js
+15 -5
View File
@@ -122,7 +122,9 @@ module.exports = {
let granted = await grantPermissionsStream( permissionParams )
if ( granted ) {
await pubsub.publish( STREAM_PERMISSION_GRANTED, { streamPermissionGranted: permissionParams, userId: args.userId } )
await pubsub.publish( STREAM_PERMISSION_GRANTED, {
streamPermissionGranted: permissionParams, userId: args.userId, streamId: args.streamId
} )
}
return granted
@@ -135,7 +137,9 @@ module.exports = {
let revoked = await revokePermissionsStream( { ...args } )
if ( revoked ) {
await pubsub.publish( STREAM_PERMISSION_REVOKED, { streamPermissionRevoked: { ...args }, userId: args.userId } )
await pubsub.publish( STREAM_PERMISSION_REVOKED, {
streamPermissionRevoked: { ...args }, userId: args.userId, streamId: args.streamId
} )
}
return revoked
@@ -151,7 +155,9 @@ module.exports = {
streamUpdated: {
subscribe: withFilter(
( ) => pubsub.asyncIterator( [ STREAM_UPDATED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.streamId === variables.streamId
} )
},
@@ -163,13 +169,17 @@ module.exports = {
},
streamPermissionGranted: {
subscribe: withFilter( () => pubsub.asyncIterator( [ STREAM_PERMISSION_GRANTED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.userId === variables.userId
} )
},
streamPermissionRevoked: {
subscribe: withFilter( () => pubsub.asyncIterator( [ STREAM_PERMISSION_REVOKED ] ),
( payload, variables ) => {
async ( payload, variables, context ) => {
await authorizeResolver( context.userId, payload.streamId, 'stream:reviewer' )
return payload.userId === variables.userId
} )
}