Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-07-26 13:48:33 +02:00
Code Issues Projects Releases Wiki Activity

feat: Add in validation for roles

Browse Source
This commit is contained in:
sighphyre 2021-12-21 14:41:00 +02:00 committed by Ivar Conradi Østhus
parent 30de5f4b39
commit 42a5105736
No known key found for this signature in database
GPG Key ID: 31AC596886B0BD09
6 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/lib/db/role-store.ts
View File

@ -88,6 +88,15 @@ export default class RoleStore {
return present;
}
async roleExists(name: string): Promise<boolean> {
const result = await this.db.raw(
`SELECT EXISTS (SELECT 1 FROM ${T.ROLES} WHERE name = ?) AS present`,
[name],
);
const { present } = result.rows[0];
return present;
}
async deleteAll(): Promise<void> {
return this.db(T.ROLES).del();
}

19
src/lib/services/access-service.ts
View File

@ -20,6 +20,7 @@ import {
RoleType,
} from '../types/model';
import { IRoleStore } from 'lib/types/stores/role-store';
import NameExistsError from '../error/name-exists-error';
export const ALL_PROJECTS = '*';
export const ALL_ENVS = '*';
@ -97,6 +98,7 @@ export class AccessService {
try {
const userP = await this.getPermissionsForUser(user);
console.log('My user permissions are', userP);
return userP
.filter(
(p) =>
@ -389,6 +391,7 @@ export class AccessService {
}
async createRole(role: IRoleCreation): Promise<ICustomRole> {
await this.validateRole(role);
const baseRole = {
name: role.name,
description: role.description,
@ -406,6 +409,7 @@ export class AccessService {
}
async updateRole(role: IRoleUpdate): Promise<ICustomRole> {
await this.validateRole(role);
const baseRole = {
id: role.id,
name: role.name,
@ -427,4 +431,19 @@ export class AccessService {
async deleteRole(id: number): Promise<void> {
return this.roleStore.delete(id);
}
async validateRoleIsUnique(roleName: string): Promise<void> {
const exists = await this.roleStore.roleExists(roleName);
if (exists) {
throw new NameExistsError(
`There already exists a role with the name ${roleName}`,
);
}
return Promise.resolve();
}
async validateRole(role: IRoleCreation): Promise<void> {
await this.validateRoleIsUnique(role.name);
//Handle schema validation here...
}
}

1
src/lib/types/stores/role-store.ts
View File

@ -27,4 +27,5 @@ export interface IRoleStore extends Store<ICustomRole, number> {
getProjectRoles(): Promise<IRole[]>;
getRootRoles(): Promise<IRole[]>;
getRootRoleForAllUsers(): Promise<IUserRole[]>;
roleExists(name: string): Promise<boolean>;
}

1
src/migrations/20211202120808-add-custom-roles.js
View File

@ -25,6 +25,7 @@ exports.up = function (db, cb) {
WHERE role_user.role_id = roles.id;
ALTER TABLE role_user DROP CONSTRAINT role_user_pkey;
UPDATE role_user SET project = '*' WHERE project IS NULL;
ALTER TABLE role_user ADD PRIMARY KEY (role_id, user_id, project);
ALTER TABLE roles DROP COLUMN project;

2
src/test/e2e/services/access-service.e2e.test.ts
View File

@ -347,7 +347,7 @@ test('should return role with users', async () => {
await accessService.addUserToRole(user.id, editorRole.id, 'default');
const roleWithUsers = await accessService.getRole(editorRole.id);
const roleWithUsers = await accessService.getRoleData(editorRole.id);
expect(roleWithUsers.role.name).toBe(RoleName.EDITOR);
expect(roleWithUsers.users.length > 2).toBe(true);

4
src/test/fixtures/fake-role-store.ts vendored
View File

@ -8,6 +8,10 @@ import {
} from 'lib/types/stores/role-store';
export default class FakeRoleStore implements IRoleStore {
roleExists(name: string): Promise<boolean> {
throw new Error('Method not implemented.');
}
getAll(): Promise<ICustomRole[]> {
throw new Error('Method not implemented.');
}