Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-10-27 11:02:16 +01:00
Code Issues Projects Releases Wiki Activity

fix: hasPermission should not throw

Browse Source
This commit is contained in:
Ivar Conradi Østhus 2021-04-23 12:52:29 +02:00
parent 8845c90f57
commit 709d12a1dc
No known key found for this signature in database
GPG Key ID: 31AC596886B0BD09
3 changed files with 61 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/lib/services/access-service.ts
View File

@ -1,3 +1,4 @@
import { catch } from 'fetch-mock';
import {
AccessStore,
IRole,
@ -125,6 +126,7 @@ export class AccessService {
`Checking permission=${permission}, userId=${user.id} projectId=${projectId}`,
);
try {
const userP = await this.store.getPermissionsForUser(user.id);
return userP
@ -135,6 +137,11 @@ export class AccessService {
p.project === ALL_PROJECTS,
)
.some(p => p.permission === permission || p.permission === ADMIN);
} catch(e) {
this.logger.error(`Error checking permission=${permission}, userId=${user.id} projectId=${projectId}`, e);
return Promise.resolve(false);
}
}
async getPermissionsForUser(user: User): Promise<IUserPermission[]> {

19
src/test/e2e/services/access-service.e2e.test.js
View File

@ -399,3 +399,22 @@ test.serial('should switch root role for user', async t => {
t.is(roles.length, 1);
t.is(roles[0].name, RoleName.VIEWER);
});
test.serial('should not crash if user does not have permission', async t => {
const { userStore } = stores;
const user = await userStore.insert({
name: 'Some User',
email: 'random55Read@getunleash.io',
});
await accessService.setUserRootRole(user.id, readRole.id);
const { UPDATE_CONTEXT_FIELD } = permissions;
const hasAccess = await accessService.hasPermission(
user,
UPDATE_CONTEXT_FIELD,
);
t.false(hasAccess);
});

26
src/test/e2e/stores/feature-toggle-store.e2e.test.js Normal file
View File

@ -0,0 +1,26 @@
'use strict';
const test = require('ava');
const dbInit = require('../helpers/database-init');
const getLogger = require('../../fixtures/no-logger');
let stores;
let db;
let featureToggleStore;
test.before(async () => {
db = await dbInit('feature_toggle_store_serial', getLogger);
stores = db.stores;
featureToggleStore = stores.featureToggleStore;
});
test.after(async () => {
await db.destroy();
});
test.serial('should not crash for unknown toggle', async t => {
const project = await featureToggleStore.getProjectId(
'missing-toggle-name',
);
t.is(project, undefined);
});