Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-06-04 01:18:20 +02:00
Code Issues Projects Releases Wiki Activity

feat: patch user access query to return projects provided by groups (#4750)

Browse Source
This commit is contained in:
Simon Hornby 2023-09-15 12:10:16 +02:00 committed by GitHub
parent 76a834ca91
commit aa5afad502
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 35 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/lib/db/access-store.ts
View File

@ -761,7 +761,7 @@ export class AccessStore implements IAccessStore {
async getUserAccessOverview(): Promise<IUserAccessOverview[]> { async getUserAccessOverview(): Promise<IUserAccessOverview[]> {
const result = await this.db const result = await this.db
.raw(`SELECT u.id, u.created_at, u.name, u.email, u.seen_at, up.p_array as projects, gr.p_array as groups, r.name as root_role .raw(`SELECT u.id, u.created_at, u.name, u.email, u.seen_at, up.p_array as projects, gr.p_array as groups, gp.p_array as group_projects, r.name as root_role
FROM users u, LATERAL ( FROM users u, LATERAL (
SELECT ARRAY ( SELECT ARRAY (
SELECT ru.project SELECT ru.project
@ -771,15 +771,24 @@ export class AccessStore implements IAccessStore {
) up, LATERAL ( ) up, LATERAL (
SELECT r.name SELECT r.name
FROM role_user ru FROM role_user ru
inner join roles r on ru.role_id = r.id INNER JOIN roles r on ru.role_id = r.id
where ru.user_id = u.id and r.type='root' WHERE ru.user_id = u.id and r.type='root'
) r, LATERAL ( ) r, LATERAL (
SELECT ARRAY ( SELECT ARRAY (
select g.name from group_user gu SELECT g.name FROM group_user gu
left join groups g on g.id = gu.group_id JOIN groups g on g.id = gu.group_id
WHERE gu.user_id = u.id WHERE gu.user_id = u.id
) AS p_array ) AS p_array
) gr ) gr, LATERAL (
SELECT ARRAY (
SELECT gr.project
FROM group_user gu
JOIN group_role gr ON gu.group_id = gr.group_id
WHERE gu.user_id = u.id
)
AS p_array
) gp
order by u.id;`); order by u.id;`);
return result.rows.map((row) => { return result.rows.map((row) => {
return { return {
@ -791,6 +800,7 @@ export class AccessStore implements IAccessStore {
accessibleProjects: row.projects, accessibleProjects: row.projects,
groups: row.groups, groups: row.groups,
rootRole: row.root_role, rootRole: row.root_role,
groupProjects: row.group_projects,
}; };
}); });
} }

1
src/lib/types/model.ts
View File

@ -469,4 +469,5 @@ export interface IUserAccessOverview {
accessibleProjects: string[]; accessibleProjects: string[];
groups: string[]; groups: string[];
rootRole: string; rootRole: string;
groupProjects: string[];
} }

18
src/test/e2e/services/access-service.e2e.test.ts
View File

@ -1903,6 +1903,22 @@ test('access overview should have group access for groups that they are in', asy
'Admin', 'Admin',
); );
const someGroupRole = await createRole([
{
id: 13,
name: 'UPDATE_PROJECT',
displayName: 'Can update projects',
type: 'project',
},
]);
await accessService.addGroupToRole(
group.id,
someGroupRole.id,
'creator',
'default',
);
const accessOverView: IUserAccessOverview[] = const accessOverView: IUserAccessOverview[] =
await accessService.getUserAccessOverview(); await accessService.getUserAccessOverview();
const userAccess = accessOverView.find( const userAccess = accessOverView.find(
@ -1913,4 +1929,6 @@ test('access overview should have group access for groups that they are in', asy
expect(userAccess.rootRole).toBe('Admin'); expect(userAccess.rootRole).toBe('Admin');
expect(userAccess.groups).toStrictEqual(['Test Group']); expect(userAccess.groups).toStrictEqual(['Test Group']);
expect(userAccess.groupProjects).toStrictEqual(['default']);
}); });