From 0781ddd64e3b5e5ca39647bb4e4e1a9332a0f4f8 Mon Sep 17 00:00:00 2001
From: Sabir Hassan <sabirbk06@gmail.com>
Date: Mon, 16 May 2022 19:56:56 +0500
Subject: [PATCH] fix: remove clientId from principal types

---
 api/public/swagger.yaml                    |  4 +--
 api/src/controllers/permission.ts          | 32 ++----------------
 api/src/model/Permission.ts                |  4 +--
 api/src/routes/api/spec/permission.spec.ts | 38 +---------------------
 4 files changed, 5 insertions(+), 73 deletions(-)

diff --git a/api/public/swagger.yaml b/api/public/swagger.yaml
index 0ba5e59..8449e3d 100644
--- a/api/public/swagger.yaml
+++ b/api/public/swagger.yaml
@@ -465,8 +465,6 @@ components:
                     $ref: '#/components/schemas/UserResponse'
                 group:
                     $ref: '#/components/schemas/GroupResponse'
-                clientId:
-                    type: string
             required:
                 - permissionId
                 - uri
@@ -1402,7 +1400,7 @@ paths:
                                 type: array
                             examples:
                                 'Example 1':
-                                    value: [{permissionId: 123, uri: /SASjsApi/code/execute, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow'}}, {permissionId: 124, uri: /SASjsApi/code/execute, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users'}}, {permissionId: 125, uri: /SASjsApi/code/execute, setting: Deny, clientId: clientId1}]
+                                    value: [{permissionId: 123, uri: /SASjsApi/code/execute, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow'}}, {permissionId: 124, uri: /SASjsApi/code/execute, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users'}}]
             summary: 'Get list of all permissions (uri, setting and userDetail).'
             tags:
                 - Permission
diff --git a/api/src/controllers/permission.ts b/api/src/controllers/permission.ts
index ce04f52..d968692 100644
--- a/api/src/controllers/permission.ts
+++ b/api/src/controllers/permission.ts
@@ -14,7 +14,6 @@ import {
 import Permission from '../model/Permission'
 import User from '../model/User'
 import Group from '../model/Group'
-import Client from '../model/Client'
 import { UserResponse } from './user'
 import { GroupResponse } from './group'
 
@@ -55,7 +54,6 @@ export interface PermissionDetailsResponse {
   setting: string
   user?: UserResponse
   group?: GroupResponse
-  clientId?: string
 }
 
 @Security('bearerAuth')
@@ -82,12 +80,6 @@ export class PermissionController {
         name: 'DCGroup',
         description: 'This group represents Data Controller Users'
       }
-    },
-    {
-      permissionId: 125,
-      uri: '/SASjsApi/code/execute',
-      setting: 'Deny',
-      clientId: 'clientId1'
     }
   ])
   @Get('/')
@@ -154,10 +146,6 @@ const getAllPermissions = async (): Promise<PermissionDetailsResponse[]> =>
     .populate({
       path: 'group',
       select: 'groupId name description -_id'
-    })
-    .populate({
-      path: 'client',
-      select: 'clientId -_id'
     })) as unknown as PermissionDetailsResponse[]
 
 const createPermission = async ({
@@ -173,7 +161,6 @@ const createPermission = async ({
 
   let user: UserResponse | undefined
   let group: GroupResponse | undefined
-  let clientId: string | undefined
 
   switch (principalType) {
     case 'user':
@@ -200,18 +187,8 @@ const createPermission = async ({
         description: groupInDB.description
       }
       break
-    case 'client':
-      const clientInDB = await Client.findOne({ clientId: principalId })
-      if (!clientInDB) throw new Error('Client not found.')
-
-      permission.client = clientInDB._id
-
-      clientId = clientInDB.clientId
-      break
     default:
-      throw new Error(
-        'Invalid principal type. Valid types are user, group and client.'
-      )
+      throw new Error('Invalid principal type. Valid types are user or group.')
   }
 
   const savedPermission = await permission.save()
@@ -221,8 +198,7 @@ const createPermission = async ({
     uri: savedPermission.uri,
     setting: savedPermission.setting,
     user,
-    group,
-    clientId
+    group
   }
 }
 
@@ -247,10 +223,6 @@ const updatePermission = async (
     .populate({
       path: 'group',
       select: 'groupId name description -_id'
-    })
-    .populate({
-      path: 'client',
-      select: 'clientId -_id'
     })) as unknown as PermissionDetailsResponse
   if (!updatedPermission) throw new Error('Unable to update permission')
 
diff --git a/api/src/model/Permission.ts b/api/src/model/Permission.ts
index 6343e4f..8d9454e 100644
--- a/api/src/model/Permission.ts
+++ b/api/src/model/Permission.ts
@@ -7,7 +7,6 @@ interface IPermissionDocument extends Document {
   permissionId: number
   user: Schema.Types.ObjectId
   group: Schema.Types.ObjectId
-  client: Schema.Types.ObjectId
 }
 
 interface IPermission extends IPermissionDocument {}
@@ -24,8 +23,7 @@ const permissionSchema = new Schema<IPermissionDocument>({
     required: true
   },
   user: { type: Schema.Types.ObjectId, ref: 'User' },
-  group: { type: Schema.Types.ObjectId, ref: 'Group' },
-  client: { type: Schema.Types.ObjectId, ref: 'Client' }
+  group: { type: Schema.Types.ObjectId, ref: 'Group' }
 })
 
 permissionSchema.plugin(AutoIncrement, { inc_field: 'permissionId' })
diff --git a/api/src/routes/api/spec/permission.spec.ts b/api/src/routes/api/spec/permission.spec.ts
index df2c662..7255a4b 100644
--- a/api/src/routes/api/spec/permission.spec.ts
+++ b/api/src/routes/api/spec/permission.spec.ts
@@ -108,28 +108,6 @@ describe('permission', () => {
       expect(res.body.group).toBeTruthy()
     })
 
-    it('should respond with new permission when principalType is client', async () => {
-      const dbclient = await clientController.createClient({
-        clientId: '123456789',
-        clientSecret: '123456789'
-      })
-
-      const res = await request(app)
-        .post('/SASjsApi/permission')
-        .auth(adminAccessToken, { type: 'bearer' })
-        .send({
-          ...permission,
-          principalType: 'client',
-          principalId: dbclient.clientId
-        })
-        .expect(200)
-
-      expect(res.body.permissionId).toBeTruthy()
-      expect(res.body.uri).toEqual(permission.uri)
-      expect(res.body.setting).toEqual(permission.setting)
-      expect(res.body.clientId).toEqual(dbclient.clientId)
-    })
-
     it('should respond with Unauthorized if access token is not present', async () => {
       const res = await request(app)
         .post('/SASjsApi/permission')
@@ -240,20 +218,6 @@ describe('permission', () => {
       expect(res.body).toEqual({})
     })
 
-    it('should respond with forbidden Request (403) if client is not found', async () => {
-      const res = await request(app)
-        .post('/SASjsApi/permission')
-        .auth(adminAccessToken, { type: 'bearer' })
-        .send({
-          ...permission,
-          principalType: 'client'
-        })
-        .expect(403)
-
-      expect(res.text).toEqual('Error: Client not found.')
-      expect(res.body).toEqual({})
-    })
-
     it('should respond with forbidden Request (403) if principal type is not valid', async () => {
       const res = await request(app)
         .post('/SASjsApi/permission')
@@ -265,7 +229,7 @@ describe('permission', () => {
         .expect(403)
 
       expect(res.text).toEqual(
-        'Error: Invalid principal type. Valid types are user, group and client.'
+        'Error: Invalid principal type. Valid types are user or group.'
       )
       expect(res.body).toEqual({})
     })