Kristaps Fabians Geikins
37d51072fb
* WIP new mutation arg * limited resource token creation done * token resource rule creation validation * updated authorizeResolver implementation * introduced resource access rule checks in authorizeResolver everywhere * more checks added * updated projects resolvers * updated stream resolvers * more checks added * error page theme resolution fix * WIP testss * more tests * implemented checks in REST auth pipeline * REST API coverage & tests * some tests fixed * test fixess * added tests * feat(server): new automation result reporting scope (#1976) * feat(server): new automation result reporting scope * tests fix
121 lines
3.1 KiB
JavaScript
121 lines
3.1 KiB
JavaScript
const { ForbiddenError } = require('apollo-server-express')
|
|
|
|
const { authorizeResolver } = require('@/modules/shared')
|
|
const {
|
|
createWebhook,
|
|
getWebhook,
|
|
updateWebhook,
|
|
deleteWebhook,
|
|
getStreamWebhooks,
|
|
getLastWebhookEvents,
|
|
getWebhookEventsCount
|
|
} = require('../../services/webhooks')
|
|
const { Roles } = require('@speckle/shared')
|
|
|
|
const streamWebhooksResolver = async (parent, args, context) => {
|
|
await authorizeResolver(
|
|
context.userId,
|
|
parent.id,
|
|
Roles.Stream.Owner,
|
|
context.resourceAccessRules
|
|
)
|
|
|
|
if (args.id) {
|
|
const wh = await getWebhook({ id: args.id })
|
|
const items = wh ? [wh] : []
|
|
return { items, totalCount: items.length }
|
|
}
|
|
|
|
const items = await getStreamWebhooks({ streamId: parent.id })
|
|
return { items, totalCount: items.length }
|
|
}
|
|
|
|
module.exports = {
|
|
Stream: {
|
|
webhooks: streamWebhooksResolver
|
|
},
|
|
|
|
Project: {
|
|
webhooks: streamWebhooksResolver
|
|
},
|
|
|
|
Webhook: {
|
|
projectId: (parent) => parent.streamId,
|
|
hasSecret: (parent) => !!parent.secret?.length,
|
|
async history(parent, args) {
|
|
const items = await getLastWebhookEvents({
|
|
webhookId: parent.id,
|
|
limit: args.limit
|
|
})
|
|
const totalCount = await getWebhookEventsCount({ webhookId: parent.id })
|
|
|
|
return { items, totalCount }
|
|
}
|
|
},
|
|
|
|
Mutation: {
|
|
async webhookCreate(parent, args, context) {
|
|
await authorizeResolver(
|
|
context.userId,
|
|
args.webhook.streamId,
|
|
Roles.Stream.Owner,
|
|
context.resourceAccessRules
|
|
)
|
|
|
|
const id = await createWebhook({
|
|
streamId: args.webhook.streamId,
|
|
url: args.webhook.url,
|
|
description: args.webhook.description,
|
|
secret: args.webhook.secret,
|
|
enabled: args.webhook.enabled !== false,
|
|
triggers: args.webhook.triggers
|
|
})
|
|
|
|
return id
|
|
},
|
|
async webhookUpdate(parent, args, context) {
|
|
await authorizeResolver(
|
|
context.userId,
|
|
args.webhook.streamId,
|
|
Roles.Stream.Owner,
|
|
context.resourceAccessRules
|
|
)
|
|
|
|
const wh = await getWebhook({ id: args.webhook.id })
|
|
if (args.webhook.streamId !== wh.streamId)
|
|
throw new ForbiddenError(
|
|
'The webhook id and stream id do not match. Please check your inputs.'
|
|
)
|
|
|
|
const updated = await updateWebhook({
|
|
id: args.webhook.id,
|
|
url: args.webhook.url,
|
|
description: args.webhook.description,
|
|
secret: args.webhook.secret,
|
|
enabled: args.webhook.enabled !== false,
|
|
triggers: args.webhook.triggers
|
|
})
|
|
|
|
return !!updated
|
|
},
|
|
async webhookDelete(parent, args, context) {
|
|
await authorizeResolver(
|
|
context.userId,
|
|
args.webhook.streamId,
|
|
Roles.Stream.Owner,
|
|
context.resourceAccessRules
|
|
)
|
|
|
|
const wh = await getWebhook({ id: args.webhook.id })
|
|
if (args.webhook.streamId !== wh.streamId)
|
|
throw new ForbiddenError(
|
|
'The webhook id and stream id do not match. Please check your inputs.'
|
|
)
|
|
|
|
const deleted = await deleteWebhook({ id: args.webhook.id })
|
|
|
|
return !!deleted
|
|
}
|
|
}
|
|
}
|