From 01ab4e16043595d3fa746a5dd0f0f5ae1f2aedbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= <ivarconr@gmail.com>
Date: Tue, 4 May 2021 22:11:30 +0200
Subject: [PATCH] feat: global events requires admin role

---
 src/lib/routes/admin-api/event.ts                      | 3 ++-
 src/test/e2e/api/admin/feature.auth.e2e.test.js        | 2 +-
 src/test/e2e/api/admin/feature.custom-auth.e2e.test.js | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/lib/routes/admin-api/event.ts b/src/lib/routes/admin-api/event.ts
index d481513994..32d79cd8f0 100644
--- a/src/lib/routes/admin-api/event.ts
+++ b/src/lib/routes/admin-api/event.ts
@@ -4,6 +4,7 @@ import { handleErrors } from './util';
 import { IUnleashConfig } from '../../types/option';
 import { IUnleashServices } from '../../types/services';
 import EventService from '../../services/event-service';
+import { ADMIN } from '../../types/permissions';
 
 const Controller = require('../controller');
 
@@ -20,7 +21,7 @@ export default class EventController extends Controller {
     ) {
         super(config);
         this.eventService = eventService;
-        this.get('/', this.getEvents);
+        this.get('/', this.getEvents, ADMIN);
         this.get('/:name', this.getEventsForToggle);
     }
 
diff --git a/src/test/e2e/api/admin/feature.auth.e2e.test.js b/src/test/e2e/api/admin/feature.auth.e2e.test.js
index 98bde882a1..233ed26ca8 100644
--- a/src/test/e2e/api/admin/feature.auth.e2e.test.js
+++ b/src/test/e2e/api/admin/feature.auth.e2e.test.js
@@ -35,7 +35,7 @@ test.serial('creates new feature toggle with createdBy', async t => {
         })
         .expect(201);
 
-    await request.get('/api/admin/events').expect(res => {
+    await request.get('/api/admin/events/com.test.Username').expect(res => {
         t.is(res.body.events[0].createdBy, 'user@mail.com');
     });
 });
diff --git a/src/test/e2e/api/admin/feature.custom-auth.e2e.test.js b/src/test/e2e/api/admin/feature.custom-auth.e2e.test.js
index f47781c2c3..df0029c27c 100644
--- a/src/test/e2e/api/admin/feature.custom-auth.e2e.test.js
+++ b/src/test/e2e/api/admin/feature.custom-auth.e2e.test.js
@@ -61,7 +61,7 @@ test.serial('creates new feature toggle with createdBy', async t => {
         })
         .expect(201);
 
-    await request.get('/api/admin/events').expect(res => {
+    await request.get('/api/admin/events/com.test.Username').expect(res => {
         t.is(res.body.events[0].createdBy, email);
     });
 });