Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
Code Issues Projects Releases Wiki Activity

feat: expose user permissions (#791)

Browse Source
This commit is contained in:
Ivar Conradi Østhus 2021-04-20 09:58:23 +02:00 committed by GitHub
parent b55c85783b
commit 332f1c4544
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 74 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/lib/routes/admin-api/user.js
View File

@ -1,37 +0,0 @@
'use strict';
const Controller = require('../controller');
class UserController extends Controller {
constructor(config) {
super(config);
this.logger = config.getLogger('admin-api/user.js');
this.get('/', this.getUser);
this.get('/logout', this.logout);
}
getUser(req, res) {
if (req.user) {
const user = { ...req.user };
delete user.permissions; // TODO: remove
return res
.status(200)
.json(user)
.end();
}
return res.status(404).end();
}
// Deprecated, use "/logout" instead. Will be removed in v4.
logout(req, res) {
if (req.session) {
req.session = null;
}
if (req.logout) {
req.logout();
}
res.redirect(`${this.config.baseUriPath}/`);
}
}
module.exports = UserController;

31
src/lib/routes/admin-api/user.test.js
View File

@ -12,21 +12,28 @@ const eventBus = new EventEmitter();
const currentUser = new User({ email: 'test@mail.com' });
const fakeAccessService = {
getPermissionsForUser: () => [],
};
function getSetup() {
const base = `/random${Math.round(Math.random() * 1000)}`;
const stores = store.createStores();
const app = getApp({
baseUriPath: base,
stores,
eventBus,
getLogger,
preHook: a => {
a.use((req, res, next) => {
req.user = currentUser;
next();
});
const app = getApp(
{
baseUriPath: base,
stores,
eventBus,
getLogger,
preHook: a => {
a.use((req, res, next) => {
req.user = currentUser;
next();
});
},
},
});
{ accessService: fakeAccessService },
);
return {
base,
@ -44,7 +51,7 @@ test('should return current user', t => {
.expect(200)
.expect('Content-Type', /json/)
.expect(res => {
t.true(res.body.email === currentUser.email);
t.true(res.body.user.email === currentUser.email);
});
});

52
src/lib/routes/admin-api/user.ts Normal file
View File

@ -0,0 +1,52 @@
'use strict';
import { Response } from 'express';
import { IUnleashConfig } from '../../types/core';
import { IAuthRequest } from '../unleash-types';
import Controller from '../controller';
import { AccessService } from '../../services/access-service';
interface IService {
accessService: AccessService;
}
class UserController extends Controller {
private accessService: AccessService;
constructor(config: IUnleashConfig, { accessService }: IService) {
super(config);
this.accessService = accessService;
this.get('/', this.getUser);
this.get('/logout', this.logout);
}
async getUser(req: IAuthRequest, res: Response): Promise<void> {
const { user } = req;
if (user) {
const permissions = await this.accessService.getPermissionsForUser(
user,
);
delete user.permissions; // TODO: remove
return res
.status(200)
.json({ user, permissions })
.end();
}
return res.status(404).end();
}
// Deprecated, use "/logout" instead. Will be removed in v4.
logout(req: IAuthRequest, res: Response): void {
if (req.session) {
req.session = null;
}
if (req.logout) {
req.logout();
}
res.redirect(`${this.config.baseUriPath}/`);
}
}
module.exports = UserController;
export default UserController;

2
src/lib/routes/unleash-types.ts
View File

@ -3,4 +3,6 @@ import User from '../user';
export interface IAuthRequest extends Request {
user: User;
logout: () => void;
session: any;
}

2
src/test/fixtures/fake-access-store.ts vendored
View File

@ -13,7 +13,7 @@ class AccessStoreMock extends AccessStore {
}
getPermissionsForUser(userId: Number): Promise<IUserPermission[]> {
throw new Error('Method not implemented.');
return Promise.resolve([]);
}
getPermissionsForRole(roleId: number): Promise<IUserPermission[]> {