Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-07-21 13:47:39 +02:00
Code Issues Projects Releases Wiki Activity

fix: setup permission for variant

Browse Source
This commit is contained in:
Fredrik Oseberg 2022-01-07 10:56:46 +01:00 committed by Ivar Conradi Østhus
parent 95b50acdd8
commit ef8041d315
No known key found for this signature in database
GPG Key ID: 31AC596886B0BD09
4 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/lib/routes/admin-api/project/variants.ts
View File

@ -5,7 +5,10 @@ import { IUnleashConfig } from '../../../types/option';
import { IUnleashServices } from '../../../types';
import { Request, Response } from 'express';
import { Operation } from 'fast-json-patch';
import { UPDATE_FEATURE } from '../../../types/permissions';
import {
UPDATE_FEATURE,
UPDATE_FEATURE_VARIANTS,
} from '../../../types/permissions';
import { IVariant } from '../../../types/model';
import { extractUsername } from '../../../util/extract-user';
import { IAuthRequest } from '../../unleash-types';
@ -35,8 +38,8 @@ export default class VariantsController extends Controller {
this.logger = config.getLogger('admin-api/project/variants.ts');
this.featureService = featureToggleService;
this.get(PREFIX, this.getVariants);
this.patch(PREFIX, this.patchVariants, UPDATE_FEATURE);
this.put(PREFIX, this.overwriteVariants, UPDATE_FEATURE);
this.patch(PREFIX, this.patchVariants, UPDATE_FEATURE_VARIANTS);
this.put(PREFIX, this.overwriteVariants, UPDATE_FEATURE_VARIANTS);
}
async getVariants(

1
src/lib/types/permissions.ts
View File

@ -30,3 +30,4 @@ export const CREATE_API_TOKEN = 'CREATE_API_TOKEN';
export const DELETE_API_TOKEN = 'DELETE_API_TOKEN';
export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE';
export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';
export const UPDATE_FEATURE_VARIANTS = 'UPDATE_FEATURE_VARIANTS';

10
src/migrations/20211202120808-add-custom-roles.js
View File

@ -38,6 +38,7 @@ exports.up = function (db, cb) {
INSERT INTO permissions (permission, display_name, type) VALUES ('UPDATE_FEATURE_STRATEGY', 'Update Feature Strategies', 'environment');
INSERT INTO permissions (permission, display_name, type) VALUES ('DELETE_FEATURE_STRATEGY', 'Delete Feature Strategies', 'environment');
INSERT INTO permissions (permission, display_name, type) VALUES ('UPDATE_FEATURE_ENVIRONMENT', 'Enable/disable Toggles in Environment', 'environment');
INSERT INTO permissions (permission, display_name, type) VALUES ('UPDATE_FEATURE_VARIANTS', 'Create/Edit variants', 'project');
ALTER TABLE role_user ADD COLUMN
project VARCHAR(255);
@ -135,7 +136,8 @@ exports.up = function (db, cb) {
'UPDATE_FEATURE',
'DELETE_FEATURE',
'UPDATE_TAG_TYPE',
'DELETE_TAG_TYPE');
'DELETE_TAG_TYPE',
'UPDATE_FEATURE_VARIANTS');
INSERT INTO role_permission (role_id, permission_id, environment)
SELECT
@ -148,7 +150,8 @@ exports.up = function (db, cb) {
'DELETE_PROJECT',
'CREATE_FEATURE',
'UPDATE_FEATURE',
'DELETE_FEATURE');
'DELETE_FEATURE',
'UPDATE_FEATURE_VARIANTS');
INSERT INTO role_permission (role_id, permission_id, environment)
SELECT
@ -159,7 +162,8 @@ exports.up = function (db, cb) {
WHERE p.permission IN
('CREATE_FEATURE',
'UPDATE_FEATURE',
'DELETE_FEATURE');
'DELETE_FEATURE',
'UPDATE_FEATURE_VARIANTS');
INSERT INTO role_permission (role_id, permission_id, environment)
SELECT

8
src/test/e2e/services/access-service.e2e.test.ts
View File

@ -52,6 +52,7 @@ const hasCommonProjectAccess = async (user, projectName, condition) => {
UPDATE_FEATURE_STRATEGY,
DELETE_FEATURE_STRATEGY,
UPDATE_FEATURE_ENVIRONMENT,
UPDATE_FEATURE_VARIANTS,
} = permissions;
expect(
await accessService.hasPermission(user, CREATE_FEATURE, projectName),
@ -62,6 +63,13 @@ const hasCommonProjectAccess = async (user, projectName, condition) => {
expect(
await accessService.hasPermission(user, DELETE_FEATURE, projectName),
).toBe(condition);
expect(
await accessService.hasPermission(
user,
UPDATE_FEATURE_VARIANTS,
projectName,
),
).toBe(condition);
expect(
await accessService.hasPermission(
user,