fix: hasPermission should not throw

2025-02-09 00:18:00 +01:00 · 2021-04-23 12:52:29 +02:00 · 2021-04-23 12:52:29 +02:00 · 709d12a1dc
commit 709d12a1dc
parent 8845c90f57
3 changed files with 61 additions and 9 deletions
--- a/src/lib/services/access-service.ts
+++ b/src/lib/services/access-service.ts
@ -1,3 +1,4 @@
 import { catch } from 'fetch-mock';
 import {
    AccessStore,
    IRole,
@ -125,16 +126,22 @@ export class AccessService {
            `Checking permission=${permission}, userId=${user.id} projectId=${projectId}`,
        );
-        const userP = await this.store.getPermissionsForUser(user.id);
+        try {
            const userP = await this.store.getPermissionsForUser(user.id);
-        return userP
+            return userP
-            .filter(
+                .filter(
-                p =>
+                    p =>
-                    !p.project ||
+                        !p.project ||
-                    p.project === projectId ||
+                        p.project === projectId ||
-                    p.project === ALL_PROJECTS,
+                        p.project === ALL_PROJECTS,
-            )
+                )
-            .some(p => p.permission === permission || p.permission === ADMIN);
+                .some(p => p.permission === permission || p.permission === ADMIN);
        } catch(e) {
            this.logger.error(`Error checking permission=${permission}, userId=${user.id} projectId=${projectId}`, e);
            return Promise.resolve(false);
        }
    }
    async getPermissionsForUser(user: User): Promise<IUserPermission[]> {
--- a/src/test/e2e/services/access-service.e2e.test.js
+++ b/src/test/e2e/services/access-service.e2e.test.js
@ -399,3 +399,22 @@ test.serial('should switch root role for user', async t => {
    t.is(roles.length, 1);
    t.is(roles[0].name, RoleName.VIEWER);
 });
 test.serial('should not crash if user does not have permission', async t => {
    const { userStore } = stores;
    const user = await userStore.insert({
        name: 'Some User',
        email: 'random55Read@getunleash.io',
    });
    await accessService.setUserRootRole(user.id, readRole.id);
    const { UPDATE_CONTEXT_FIELD } = permissions;
    const hasAccess = await accessService.hasPermission(
        user,
        UPDATE_CONTEXT_FIELD,
    );
    t.false(hasAccess);
 });
--- a/src/test/e2e/stores/feature-toggle-store.e2e.test.js
+++ b/src/test/e2e/stores/feature-toggle-store.e2e.test.js
@ -0,0 +1,26 @@
 'use strict';
 const test = require('ava');
 const dbInit = require('../helpers/database-init');
 const getLogger = require('../../fixtures/no-logger');
 let stores;
 let db;
 let featureToggleStore;
 test.before(async () => {
    db = await dbInit('feature_toggle_store_serial', getLogger);
    stores = db.stores;
    featureToggleStore = stores.featureToggleStore;
 });
 test.after(async () => {
    await db.destroy();
 });
 test.serial('should not crash for unknown toggle', async t => {
    const project = await featureToggleStore.getProjectId(
        'missing-toggle-name',
    );
    t.is(project, undefined);
 });