feat: new permission for moving project

2025-08-13 13:48:59 +02:00 · 2022-01-11 13:39:15 +01:00 · 2022-01-11 13:39:15 +01:00 · e8db1da60a
commit e8db1da60a
parent 64f9d512e9
4 changed files with 47 additions and 7 deletions
--- a/src/lib/services/project-service.ts
+++ b/src/lib/services/project-service.ts
@ -28,7 +28,11 @@ import { IProjectQuery, IProjectStore } from '../types/stores/project-store';
 import { IRoleDescriptor } from '../types/stores/access-store';
 import { IEventStore } from '../types/stores/event-store';
 import FeatureToggleService from './feature-toggle-service';
-import { CREATE_FEATURE, UPDATE_FEATURE } from '../types/permissions';
+import {
+    CREATE_FEATURE,
+    MOVE_FEATURE_TOGGLE,
+    UPDATE_FEATURE,
+} from '../types/permissions';
 import NoAccessError from '../error/no-access-error';
 import IncompatibleProjectError from '../error/incompatible-project-error';
 import { DEFAULT_PROJECT } from '../types/project';
@ -187,7 +191,7 @@ export default class ProjectService {
        const feature = await this.featureToggleStore.get(featureName);

        if (feature.project !== currentProjectId) {
-            throw new NoAccessError(UPDATE_FEATURE);
+            throw new NoAccessError(MOVE_FEATURE_TOGGLE);
        }
        const project = await this.getProject(newProjectId);

@ -197,12 +201,12 @@ export default class ProjectService {

        const authorized = await this.accessService.hasPermission(
            user,
-            CREATE_FEATURE,
+            MOVE_FEATURE_TOGGLE,
            newProjectId,
        );

        if (!authorized) {
-            throw new NoAccessError(CREATE_FEATURE);
+            throw new NoAccessError(MOVE_FEATURE_TOGGLE);
        }

        const isCompatibleWithTargetProject =
--- a/src/lib/types/permissions.ts
+++ b/src/lib/types/permissions.ts
@ -31,3 +31,4 @@ export const DELETE_API_TOKEN = 'DELETE_API_TOKEN';
 export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE';
 export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';
 export const UPDATE_FEATURE_VARIANTS = 'UPDATE_FEATURE_VARIANTS';
+export const MOVE_FEATURE_TOGGLE = 'MOVE_FEATURE_TOGGLE';
--- a/src/migrations/20220111115613-move-feature-toggle-permission.js
+++ b/src/migrations/20220111115613-move-feature-toggle-permission.js
@ -0,0 +1,35 @@
+exports.up = function (db, cb) {
+    db.runSql(
+        `
+        INSERT INTO permissions (permission, display_name, type) VALUES ('MOVE_FEATURE_TOGGLE', 'Change feature toggle project', 'project');
+        INSERT INTO role_permission (role_id, permission_id, environment)
+        SELECT
+            (SELECT id as role_id from roles WHERE name = 'Editor' LIMIT 1),
+            p.id as permission_id,
+            '*' as environment
+        FROM permissions p
+        WHERE p.permission IN
+            ('MOVE_FEATURE_TOGGLE');
+
+
+        INSERT INTO role_permission (role_id, permission_id, environment)
+        SELECT
+            (SELECT id as role_id from roles WHERE name = 'Owner' LIMIT 1),
+            p.id as permission_id,
+            '*' as environment
+        FROM permissions p
+        WHERE p.permission IN
+            ('MOVE_FEATURE_TOGGLE');
+        `,
+        cb,
+    );
+};
+
+exports.down = function (db, cb) {
+    db.runSql(
+        `
+        DELETE FROM permissions WHERE permission = 'MOVE_FEATURE_TOGGLE';
+  `,
+        cb,
+    );
+};
--- a/src/test/e2e/services/project-service.e2e.test.ts
+++ b/src/test/e2e/services/project-service.e2e.test.ts
@ -3,7 +3,7 @@ import getLogger from '../../fixtures/no-logger';
 import FeatureToggleService from '../../../lib/services/feature-toggle-service';
 import ProjectService from '../../../lib/services/project-service';
 import { AccessService } from '../../../lib/services/access-service';
-import { CREATE_FEATURE, UPDATE_FEATURE } from '../../../lib/types/permissions';
+import { MOVE_FEATURE_TOGGLE } from '../../../lib/types/permissions';
 import { createTestConfig } from '../../config/test-config';
 import { RoleName } from '../../../lib/types/model';

@ -377,7 +377,7 @@ test('should not change project if feature toggle project does not match current
        );
    } catch (err) {
        expect(err.message).toBe(
-            `You need permission=${UPDATE_FEATURE} to perform this action`,
+            `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
        );
    }
 });
@ -438,7 +438,7 @@ test('should fail if user is not authorized', async () => {
        );
    } catch (err) {
        expect(err.message).toBe(
-            `You need permission=${CREATE_FEATURE} to perform this action`,
+            `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
        );
    }
 });