Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-08-18 13:48:58 +02:00
Code Issues Projects Releases Wiki Activity

feat: new permission for moving project

Browse Source
This commit is contained in:
Fredrik Oseberg 2022-01-11 13:39:15 +01:00
parent 64f9d512e9
commit e8db1da60a
4 changed files with 47 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/lib/services/project-service.ts
View File

@ -28,7 +28,11 @@ import { IProjectQuery, IProjectStore } from '../types/stores/project-store';
import { IRoleDescriptor } from '../types/stores/access-store'; import { IRoleDescriptor } from '../types/stores/access-store';
import { IEventStore } from '../types/stores/event-store'; import { IEventStore } from '../types/stores/event-store';
import FeatureToggleService from './feature-toggle-service'; import FeatureToggleService from './feature-toggle-service';
import { CREATE_FEATURE, UPDATE_FEATURE } from '../types/permissions'; import {
CREATE_FEATURE,
MOVE_FEATURE_TOGGLE,
UPDATE_FEATURE,
} from '../types/permissions';
import NoAccessError from '../error/no-access-error'; import NoAccessError from '../error/no-access-error';
import IncompatibleProjectError from '../error/incompatible-project-error'; import IncompatibleProjectError from '../error/incompatible-project-error';
import { DEFAULT_PROJECT } from '../types/project'; import { DEFAULT_PROJECT } from '../types/project';
@ -187,7 +191,7 @@ export default class ProjectService {
const feature = await this.featureToggleStore.get(featureName); const feature = await this.featureToggleStore.get(featureName);
if (feature.project !== currentProjectId) { if (feature.project !== currentProjectId) {
throw new NoAccessError(UPDATE_FEATURE); throw new NoAccessError(MOVE_FEATURE_TOGGLE);
} }
const project = await this.getProject(newProjectId); const project = await this.getProject(newProjectId);
@ -197,12 +201,12 @@ export default class ProjectService {
const authorized = await this.accessService.hasPermission( const authorized = await this.accessService.hasPermission(
user, user,
CREATE_FEATURE, MOVE_FEATURE_TOGGLE,
newProjectId, newProjectId,
); );
if (!authorized) { if (!authorized) {
throw new NoAccessError(CREATE_FEATURE); throw new NoAccessError(MOVE_FEATURE_TOGGLE);
} }
const isCompatibleWithTargetProject = const isCompatibleWithTargetProject =

1
src/lib/types/permissions.ts
View File

@ -31,3 +31,4 @@ export const DELETE_API_TOKEN = 'DELETE_API_TOKEN';
export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE'; export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE';
export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE'; export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';
export const UPDATE_FEATURE_VARIANTS = 'UPDATE_FEATURE_VARIANTS'; export const UPDATE_FEATURE_VARIANTS = 'UPDATE_FEATURE_VARIANTS';
export const MOVE_FEATURE_TOGGLE = 'MOVE_FEATURE_TOGGLE';

35
src/migrations/20220111115613-move-feature-toggle-permission.js Normal file
View File

@ -0,0 +1,35 @@
exports.up = function (db, cb) {
db.runSql(
`
INSERT INTO permissions (permission, display_name, type) VALUES ('MOVE_FEATURE_TOGGLE', 'Change feature toggle project', 'project');
INSERT INTO role_permission (role_id, permission_id, environment)
SELECT
(SELECT id as role_id from roles WHERE name = 'Editor' LIMIT 1),
p.id as permission_id,
'*' as environment
FROM permissions p
WHERE p.permission IN
('MOVE_FEATURE_TOGGLE');
INSERT INTO role_permission (role_id, permission_id, environment)
SELECT
(SELECT id as role_id from roles WHERE name = 'Owner' LIMIT 1),
p.id as permission_id,
'*' as environment
FROM permissions p
WHERE p.permission IN
('MOVE_FEATURE_TOGGLE');
`,
cb,
);
};
exports.down = function (db, cb) {
db.runSql(
`
DELETE FROM permissions WHERE permission = 'MOVE_FEATURE_TOGGLE';
`,
cb,
);
};

6
src/test/e2e/services/project-service.e2e.test.ts
View File

@ -3,7 +3,7 @@ import getLogger from '../../fixtures/no-logger';
import FeatureToggleService from '../../../lib/services/feature-toggle-service'; import FeatureToggleService from '../../../lib/services/feature-toggle-service';
import ProjectService from '../../../lib/services/project-service'; import ProjectService from '../../../lib/services/project-service';
import { AccessService } from '../../../lib/services/access-service'; import { AccessService } from '../../../lib/services/access-service';
import { CREATE_FEATURE, UPDATE_FEATURE } from '../../../lib/types/permissions'; import { MOVE_FEATURE_TOGGLE } from '../../../lib/types/permissions';
import { createTestConfig } from '../../config/test-config'; import { createTestConfig } from '../../config/test-config';
import { RoleName } from '../../../lib/types/model'; import { RoleName } from '../../../lib/types/model';
@ -377,7 +377,7 @@ test('should not change project if feature toggle project does not match current
); );
} catch (err) { } catch (err) {
expect(err.message).toBe( expect(err.message).toBe(
`You need permission=${UPDATE_FEATURE} to perform this action`, `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
); );
} }
}); });
@ -438,7 +438,7 @@ test('should fail if user is not authorized', async () => {
); );
} catch (err) { } catch (err) {
expect(err.message).toBe( expect(err.message).toBe(
`You need permission=${CREATE_FEATURE} to perform this action`, `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
); );
} }
}); });