mirror of
https://github.com/Unleash/unleash.git
synced 2025-08-13 13:48:59 +02:00
Rollback to Nuno's changes
This commit is contained in:
parent
d211ea40e8
commit
2631df4ad9
@ -765,42 +765,6 @@ describe('Managing Project access', () => {
|
||||
),
|
||||
);
|
||||
});
|
||||
test('Users can not assign roles they do not have to a group through explicit roles endpoint', async () => {
|
||||
const project = {
|
||||
id: 'user_fail_assign_to_group',
|
||||
name: 'user_fail_assign_to_group',
|
||||
description: '',
|
||||
mode: 'open' as const,
|
||||
defaultStickiness: 'clientId',
|
||||
};
|
||||
await projectService.createProject(project, user, auditUser);
|
||||
const projectUser = await stores.userStore.insert({
|
||||
name: 'Some project user',
|
||||
email: 'fail_assign_role_to_group@example.com',
|
||||
});
|
||||
const projectAuditUser = extractAuditInfoFromUser(projectUser);
|
||||
const group = await stores.groupStore.create({
|
||||
name: 'Some group_awaiting_role',
|
||||
});
|
||||
const customRole = await stores.roleStore.create({
|
||||
name: 'role_that_noone_has_fail_assign_group',
|
||||
roleType: 'custom',
|
||||
description:
|
||||
'Used to prove that you can not assign a role you do not have via setRolesForGroup',
|
||||
});
|
||||
return expect(
|
||||
projectService.setRolesForGroup(
|
||||
project.id,
|
||||
group.id,
|
||||
[customRole.id],
|
||||
projectAuditUser,
|
||||
),
|
||||
).rejects.toThrow(
|
||||
new InvalidOperationError(
|
||||
'User tried to assign a role they did not have access to',
|
||||
),
|
||||
);
|
||||
});
|
||||
});
|
||||
|
||||
test('should add admin users to the project', async () => {
|
||||
|
@ -907,19 +907,10 @@ export default class ProjectService {
|
||||
newRoles: number[],
|
||||
auditUser: IAuditUser,
|
||||
): Promise<void> {
|
||||
let currentRoles = await this.accessService.getProjectRolesForUser(
|
||||
const currentRoles = await this.accessService.getProjectRolesForUser(
|
||||
projectId,
|
||||
userId,
|
||||
);
|
||||
const groups = await this.groupService.getGroupsForUser(userId);
|
||||
for (const group of groups) {
|
||||
currentRoles = currentRoles.concat(
|
||||
await this.accessService.getProjectRolesForGroup(
|
||||
projectId,
|
||||
group.id,
|
||||
),
|
||||
);
|
||||
}
|
||||
const ownerRole = await this.accessService.getRoleByName(
|
||||
RoleName.OWNER,
|
||||
);
|
||||
|
Loading…
Reference in New Issue
Block a user