huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(apps): resolver for secret field & author return on app

Browse Source
This commit is contained in:
Dimitrie Stefanescu
2020-09-18 23:46:23 +01:00
parent 6cdeccb74b
commit e0b60d5b99
2 changed files with 32 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/auth/graph/resolvers/apps.js
+26 -5
View File
@@ -3,26 +3,41 @@ const appRoot = require( 'app-root-path' )
const { getApp } = require( '../../services/apps' )
const { createAppToken } = require( `${appRoot}/modules/core/services/tokens` )
const { createAuthorizationCode, exchangeAuthorizationCodeForToken } = require( `../../services/apps` )
const { createApp, updateApp, deleteApp, createAuthorizationCode, exchangeAuthorizationCodeForToken } = require( `../../services/apps` )
const { validateServerRole, validateScopes, authorizeResolver } = require( `${appRoot}/modules/shared` )
const { authStrategies } = require( '../../index' )
module.exports = {
Query: {
async app( parent, args, context, info ) {
// TODO: check authorization
// If user === owner, return full app, otherwise delete the secret!
let app = await getApp( { id: args.id } )
return app
},
async apps( parent, args, context, info ) {
// TODO: Get all public server apps
}
},
ServerApp: {
secret( parent, args, context, info ) {
if ( parent.author.id === context.user.id )
if ( context.auth && parent.author && parent.author.id && parent.author.id === context.userId )
return parent.secret
return 'App secrets are only revealed to their author.'
return 'App secrets are only revealed to their author 😉'
}
},
User: {
async authorizedApps( parent, args, context, info ) {
// TODO
@@ -32,12 +47,18 @@ module.exports = {
}
},
Mutation: {
async appCreate( parent, args, context, info ) {
let { id } = await createApp( { ...args.app, authorId: context.userId } )
return id
},
async appUpdate( parent, args, context, info ) {
// restrict to owner
},
async appDelete( parent, args, context, info ) {
// TODO
// restrict to owner
modules/auth/services/apps.js
+6 -2
View File
@@ -18,18 +18,21 @@ const RefreshTokens = ( ) => knex( 'refresh_tokens' )
let allScopes = null
module.exports = {
async getApp( { id } ) {
if ( allScopes === null ) allScopes = await Scopes( ).select( '*' )
let app = await ServerApps( ).select( '*' ).where( { id: id } ).first( )
let appScopeNames = ( await ServerAppsScopes( ).select( 'scopeName' ).where( { appId: id } ) ).map( s => s.scopeName )
app.scopes = allScopes.filter( scope => appScopeNames.indexOf( scope.name ) !== -1 )
app.author = await Users( ).select( 'id', 'name' ).where( { id: app.authorId } )
app.author = await Users( ).select( 'id', 'name' ).where( { id: app.authorId } ).first( )
return app
},
async createApp( app ) {
app.id = crs( { length: 10 } )
app.secret = crs( { length: 10 } )
@@ -45,6 +48,7 @@ module.exports = {
await ServerApps( ).insert( app )
await ServerAppsScopes( ).insert( scopes.map( s => ( { appId: app.id, scopeName: s } ) ) )
return { id: app.id, secret: app.secret }
},
async updateApp( { app } ) {