1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-22 19:07:54 +01:00

Add UPDATE and DELETE TAG_TYPE permissions (#951)

This commit is contained in:
Christopher Kolstad 2021-09-24 09:01:15 +02:00 committed by GitHub
parent e42e0f620a
commit 132e801836
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 78 additions and 4 deletions

View File

@ -309,3 +309,49 @@ test('Does not double check permission if not changing project when updating tog
oldProjectId,
);
});
test('UPDATE_TAG_TYPE does not need projectId', async () => {
const accessService = {
hasPermission: jest.fn().mockReturnValue(true),
};
const func = rbacMiddleware(config, { featureToggleStore }, accessService);
const cb = jest.fn();
const req: any = {
user: new User({ username: 'user', id: 1 }),
params: {},
body: { name: 'new-tag-type', description: 'New tag type for testing' },
};
func(req, undefined, cb);
await req.checkRbac(perms.UPDATE_TAG_TYPE);
expect(accessService.hasPermission).toHaveBeenCalledTimes(1);
expect(accessService.hasPermission).toHaveBeenCalledWith(
req.user,
perms.UPDATE_TAG_TYPE,
undefined,
);
});
test('DELETE_TAG_TYPE does not need projectId', async () => {
const accessService = {
hasPermission: jest.fn().mockReturnValue(true),
};
const func = rbacMiddleware(config, { featureToggleStore }, accessService);
const cb = jest.fn();
const req: any = {
user: new User({ username: 'user', id: 1 }),
params: {},
body: { name: 'new-tag-type', description: 'New tag type for testing' },
};
func(req, undefined, cb);
await req.checkRbac(perms.DELETE_TAG_TYPE);
expect(accessService.hasPermission).toHaveBeenCalledTimes(1);
expect(accessService.hasPermission).toHaveBeenCalledWith(
req.user,
perms.DELETE_TAG_TYPE,
undefined,
);
});

View File

@ -1,7 +1,7 @@
import { Request, Response } from 'express';
import Controller from '../controller';
import { UPDATE_FEATURE } from '../../types/permissions';
import { DELETE_TAG_TYPE, UPDATE_TAG_TYPE } from '../../types/permissions';
import { extractUsername } from '../../util/extract-user';
import { IUnleashConfig } from '../../types/option';
import { IUnleashServices } from '../../types/services';
@ -24,11 +24,11 @@ class TagTypeController extends Controller {
this.logger = config.getLogger('/admin-api/tag-type.js');
this.tagTypeService = tagTypeService;
this.get('/', this.getTagTypes);
this.post('/', this.createTagType, UPDATE_FEATURE);
this.post('/', this.createTagType, UPDATE_TAG_TYPE);
this.post('/validate', this.validate);
this.get('/:name', this.getTagType);
this.put('/:name', this.updateTagType, UPDATE_FEATURE);
this.delete('/:name', this.deleteTagType, UPDATE_FEATURE);
this.put('/:name', this.updateTagType, UPDATE_TAG_TYPE);
this.delete('/:name', this.deleteTagType, DELETE_TAG_TYPE);
}
async getTagTypes(req: Request, res: Response): Promise<void> {

View File

@ -21,3 +21,5 @@ export const UPDATE_ROLE = 'UPDATE_ROLE';
export const UPDATE_API_TOKEN = 'UPDATE_API_TOKEN';
export const CREATE_API_TOKEN = 'CREATE_API_TOKEN';
export const DELETE_API_TOKEN = 'DELETE_API_TOKEN';
export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE';
export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';

View File

@ -0,0 +1,26 @@
'use strict';
exports.up = function (db, cb) {
db.runSql(
`
INSERT INTO role_permission(role_id, permission)
VALUES (2, 'UPDATE_TAG_TYPE'),
(2, 'DELETE_TAG_TYPE');
INSERT INTO role_permission(role_id, permission, project)
VALUES (2, 'UPDATE_TAG_TYPE', 'default'),
(2, 'DELETE_TAG_TYPE', 'default');
`,
cb,
);
};
exports.down = function (db, cb) {
db.runSql(
`
DELETE
FROM role_permission
WHERE permission IN ('UPDATE_TAG_TYPE', 'DELETE_TAG_TYPE');
`,
cb,
);
};