Deleting project does not delete entry group_role table (#1896)

* Add constraint for project * Add constraint for project * Add constraint for project * Add constraint for project * Add constraint for project * Revert eslint * Fix eslint * Fix tests
2025-04-06 01:15:28 +02:00 · 2022-08-10 10:45:59 +03:00 · 2022-08-10 10:45:59 +03:00 · 59b8a06968
commit 59b8a06968
parent 84a932043e
3 changed files with 74 additions and 24 deletions
--- a/src/migrations/20220808110415-add-projects-foreign-key.js
+++ b/src/migrations/20220808110415-add-projects-foreign-key.js
@ -0,0 +1,20 @@
 exports.up = function (db, cb) {
    db.runSql(
        `
            delete from group_role where project not in (select id from projects);
            ALTER TABLE group_role
            ADD CONSTRAINT fk_group_role_project
                FOREIGN KEY(project)
                    REFERENCES projects(id) ON DELETE CASCADE; `,
        cb,
    );
 };
 exports.down = function (db, cb) {
    db.runSql(
        `
            ALTER TABLE group_role DROP CONSTRAINT fk_group_role_project;
 `,
        cb,
    );
 };
--- a/src/test/e2e/services/access-service.e2e.test.ts
+++ b/src/test/e2e/services/access-service.e2e.test.ts
@ -170,7 +170,7 @@ const hasCommonProjectAccess = async (user, projectName, condition) => {
    ).toBe(condition);
 };
-const hasFullProjectAccess = async (user, projectName, condition) => {
+const hasFullProjectAccess = async (user, projectName: string, condition) => {
    const { DELETE_PROJECT, UPDATE_PROJECT, MOVE_FEATURE_TOGGLE } = permissions;
    expect(
@ -862,13 +862,19 @@ test('Should not be allowed to delete a project role', async () => {
 });
 test('Should be allowed move feature toggle to project when given access through group', async () => {
-    const project = 'yet-another-project';
+    const project = {
        id: 'yet-another-project1',
        name: 'yet-another-project1',
    };
    const groupStore = stores.groupStore;
    const viewerUser = await createUserViewerAccess(
        'Victoria Viewer',
        'vickyv@getunleash.io',
    );
    await projectService.createProject(project, editorUser);
    const groupWithProjectAccess = await groupStore.create({
        name: 'Project Editors',
        description: '',
@ -882,24 +888,29 @@ test('Should be allowed move feature toggle to project when given access through
    const projectRole = await accessService.getRoleByName(RoleName.MEMBER);
-    await hasCommonProjectAccess(viewerUser, project, false);
+    await hasCommonProjectAccess(viewerUser, project.id, false);
    await accessService.addGroupToRole(
        groupWithProjectAccess.id,
        projectRole.id,
        'SomeAdminUser',
-        project,
+        project.id,
    );
-    await hasCommonProjectAccess(viewerUser, project, true);
+    await hasCommonProjectAccess(viewerUser, project.id, true);
 });
 test('Should not lose user role access when given permissions from a group', async () => {
-    const project = 'yet-another-project';
+    const project = {
        id: 'yet-another-project-lose',
        name: 'yet-another-project-lose',
    };
    const user = editorUser;
    const groupStore = stores.groupStore;
-    await accessService.createDefaultProjectRoles(user, project);
+    await projectService.createProject(project, user);
    // await accessService.createDefaultProjectRoles(user, project.id);
    const groupWithNoAccess = await groupStore.create({
        name: 'ViewersOnly',
@ -908,7 +919,7 @@ test('Should not lose user role access when given permissions from a group', asy
    await groupStore.addNewUsersToGroup(
        groupWithNoAccess.id,
-        [{ user: editorUser, role: 'Owner' }],
+        [{ user: user, role: 'Owner' }],
        'Admin',
    );
@ -918,23 +929,33 @@ test('Should not lose user role access when given permissions from a group', asy
        groupWithNoAccess.id,
        viewerRole.id,
        'SomeAdminUser',
-        project,
+        project.id,
    );
-    await hasFullProjectAccess(editorUser, project, true);
+    await hasFullProjectAccess(user, project.id, true);
 });
 test('Should allow user to take multiple group roles and have expected permissions on each project', async () => {
-    const projectForCreate =
+    const projectForCreate = {
-        'project-that-should-have-create-toggle-permission';
+        id: 'project-that-should-have-create-toggle-permission',
-    const projectForDelete =
+        name: 'project-that-should-have-create-toggle-permission',
-        'project-that-should-have-delete-toggle-permission';
+        description: 'Blah',
    };
    const projectForDelete = {
        id: 'project-that-should-have-delete-toggle-permission',
        name: 'project-that-should-have-delete-toggle-permission',
        description: 'Blah',
    };
    const groupStore = stores.groupStore;
    const viewerUser = await createUserViewerAccess(
        'Victor Viewer',
        'victore@getunleash.io',
    );
    await projectService.createProject(projectForCreate, editorUser);
    await projectService.createProject(projectForDelete, editorUser);
    const groupWithCreateAccess = await groupStore.create({
        name: 'ViewersOnly',
        description: '',
@ -989,28 +1010,28 @@ test('Should allow user to take multiple group roles and have expected permissio
        groupWithCreateAccess.id,
        deleteFeatureRole.id,
        'SomeAdminUser',
-        projectForDelete,
+        projectForDelete.id,
    );
    await accessService.addGroupToRole(
        groupWithDeleteAccess.id,
        createFeatureRole.id,
        'SomeAdminUser',
-        projectForCreate,
+        projectForCreate.id,
    );
    expect(
        await accessService.hasPermission(
            viewerUser,
            permissions.CREATE_FEATURE,
-            projectForCreate,
+            projectForCreate.id,
        ),
    ).toBe(true);
    expect(
        await accessService.hasPermission(
            viewerUser,
            permissions.DELETE_FEATURE,
-            projectForCreate,
+            projectForCreate.id,
        ),
    ).toBe(false);
@ -1018,14 +1039,14 @@ test('Should allow user to take multiple group roles and have expected permissio
        await accessService.hasPermission(
            viewerUser,
            permissions.CREATE_FEATURE,
-            projectForDelete,
+            projectForDelete.id,
        ),
    ).toBe(false);
    expect(
        await accessService.hasPermission(
            viewerUser,
            permissions.DELETE_FEATURE,
-            projectForDelete,
+            projectForDelete.id,
        ),
    ).toBe(true);
 });
--- a/src/test/e2e/services/project-service.e2e.test.ts
+++ b/src/test/e2e/services/project-service.e2e.test.ts
@ -834,7 +834,11 @@ test('should not update role for user on project when she is the owner', async (
 });
 test('Should allow bulk update of group permissions', async () => {
-    const project = 'bulk-update-project';
+    const project = {
        id: 'bulk-update-project',
        name: 'bulk-update-project',
    };
    await projectService.createProject(project, user.id);
    const groupStore = stores.groupStore;
    const user1 = await stores.userStore.insert({
@ -862,7 +866,7 @@ test('Should allow bulk update of group permissions', async () => {
    });
    await projectService.addAccess(
-        project,
+        project.id,
        createFeatureRole.id,
        {
            users: [{ id: user1.id }],
@ -906,9 +910,14 @@ test('Should bulk update of only users', async () => {
 });
 test('Should allow bulk update of only groups', async () => {
-    const project = 'bulk-update-project';
+    const project = {
        id: 'bulk-update-project-only',
        name: 'bulk-update-project-only',
    };
    const groupStore = stores.groupStore;
    await projectService.createProject(project, user.id);
    const group1 = await groupStore.create({
        name: 'ViewersOnly',
        description: '',
@ -929,7 +938,7 @@ test('Should allow bulk update of only groups', async () => {
    });
    await projectService.addAccess(
-        project,
+        project.id,
        createFeatureRole.id,
        {
            users: [],