Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-03-23 00:16:25 +01:00
Code Issues Projects Releases Wiki Activity

fix: Allow project roles to be changed when the relevant user has a root role (#1632)

Browse Source
This commit is contained in:
sighphyre 2022-05-26 16:20:36 +02:00 committed by GitHub
parent b3161bc2e8
commit 6273d0d924
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/lib/db/access-store.ts
View File

@ -257,6 +257,10 @@ export class AccessStore implements IAccessStore {
user_id: userId, user_id: userId,
project: projectId, project: projectId,
}) })
.whereNotIn(
'role_id',
this.db(T.ROLES).select('id as role_id').where('type', 'root'),
)
.update('role_id', roleId); .update('role_id', roleId);
} }

31
src/test/e2e/services/access-service.e2e.test.ts
View File

@ -13,6 +13,7 @@ import { IUnleashStores } from '../../../lib/types';
import FeatureToggleService from '../../../lib/services/feature-toggle-service'; import FeatureToggleService from '../../../lib/services/feature-toggle-service';
import ProjectService from '../../../lib/services/project-service'; import ProjectService from '../../../lib/services/project-service';
import { createTestConfig } from '../../config/test-config'; import { createTestConfig } from '../../config/test-config';
import { DEFAULT_PROJECT } from '../../../lib/types/project';
let db: ITestDb; let db: ITestDb;
let stores: IUnleashStores; let stores: IUnleashStores;
@ -510,6 +511,36 @@ test('should switch root role for user', async () => {
expect(roles[0].name).toBe(RoleName.VIEWER); expect(roles[0].name).toBe(RoleName.VIEWER);
}); });
test('should switch project roles on when multiple roles are present for same user', async () => {
const { userStore, roleStore, accessStore } = stores;
const userOne = await userStore.insert({
name: 'Some User With Expected Roles',
email: 'random42Read@getunleash.io',
});
const customRole = await roleStore.create({
name: 'Some Arbitrary Role',
roleType: 'custom',
description: 'This does nothing',
});
const targetRole = await roleStore.create({
name: 'Another Arbitrary Role',
roleType: 'custom',
description: 'This does nothing',
});
await accessService.setUserRootRole(userOne.id, editorRole.id);
await accessStore.addUserToRole(userOne.id, customRole.id, DEFAULT_PROJECT);
await accessService.updateUserProjectRole(
userOne.id,
targetRole.id,
DEFAULT_PROJECT,
);
});
test('should not crash if user does not have permission', async () => { test('should not crash if user does not have permission', async () => {
const { userStore } = stores; const { userStore } = stores;