sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-11 19:44:35 +00:00
Code Issues Projects Releases Wiki Activity

fix: remove clientId from principal types

Browse Source
This commit is contained in:
Sabir Hassan
2022-05-16 19:56:56 +05:00
parent 7be77cc38a
commit 0781ddd64e
4 changed files with 5 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/public/swagger.yaml
View File

@@ -465,8 +465,6 @@ components:
$ref: '#/components/schemas/UserResponse' $ref: '#/components/schemas/UserResponse'
group: group:
$ref: '#/components/schemas/GroupResponse' $ref: '#/components/schemas/GroupResponse'
clientId:
type: string
required: required:
- permissionId - permissionId
- uri - uri
@@ -1402,7 +1400,7 @@ paths:
type: array type: array
examples: examples:
'Example 1': 'Example 1':
value: [{permissionId: 123, uri: /SASjsApi/code/execute, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow'}}, {permissionId: 124, uri: /SASjsApi/code/execute, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users'}}, {permissionId: 125, uri: /SASjsApi/code/execute, setting: Deny, clientId: clientId1}] value: [{permissionId: 123, uri: /SASjsApi/code/execute, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow'}}, {permissionId: 124, uri: /SASjsApi/code/execute, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users'}}]
summary: 'Get list of all permissions (uri, setting and userDetail).' summary: 'Get list of all permissions (uri, setting and userDetail).'
tags: tags:
- Permission - Permission

32
api/src/controllers/permission.ts
View File

@@ -14,7 +14,6 @@ import {
import Permission from '../model/Permission' import Permission from '../model/Permission'
import User from '../model/User' import User from '../model/User'
import Group from '../model/Group' import Group from '../model/Group'
import Client from '../model/Client'
import { UserResponse } from './user' import { UserResponse } from './user'
import { GroupResponse } from './group' import { GroupResponse } from './group'
@@ -55,7 +54,6 @@ export interface PermissionDetailsResponse {
setting: string setting: string
user?: UserResponse user?: UserResponse
group?: GroupResponse group?: GroupResponse
clientId?: string
} }
@Security('bearerAuth') @Security('bearerAuth')
@@ -82,12 +80,6 @@ export class PermissionController {
name: 'DCGroup', name: 'DCGroup',
description: 'This group represents Data Controller Users' description: 'This group represents Data Controller Users'
} }
},
{
permissionId: 125,
uri: '/SASjsApi/code/execute',
setting: 'Deny',
clientId: 'clientId1'
} }
]) ])
@Get('/') @Get('/')
@@ -154,10 +146,6 @@ const getAllPermissions = async (): Promise<PermissionDetailsResponse[]> =>
.populate({ .populate({
path: 'group', path: 'group',
select: 'groupId name description -_id' select: 'groupId name description -_id'
})
.populate({
path: 'client',
select: 'clientId -_id'
})) as unknown as PermissionDetailsResponse[] })) as unknown as PermissionDetailsResponse[]
const createPermission = async ({ const createPermission = async ({
@@ -173,7 +161,6 @@ const createPermission = async ({
let user: UserResponse | undefined let user: UserResponse | undefined
let group: GroupResponse | undefined let group: GroupResponse | undefined
let clientId: string | undefined
switch (principalType) { switch (principalType) {
case 'user': case 'user':
@@ -200,18 +187,8 @@ const createPermission = async ({
description: groupInDB.description description: groupInDB.description
} }
break break
case 'client':
const clientInDB = await Client.findOne({ clientId: principalId })
if (!clientInDB) throw new Error('Client not found.')
permission.client = clientInDB._id
clientId = clientInDB.clientId
break
default: default:
throw new Error( throw new Error('Invalid principal type. Valid types are user or group.')
'Invalid principal type. Valid types are user, group and client.'
)
} }
const savedPermission = await permission.save() const savedPermission = await permission.save()
@@ -221,8 +198,7 @@ const createPermission = async ({
uri: savedPermission.uri, uri: savedPermission.uri,
setting: savedPermission.setting, setting: savedPermission.setting,
user, user,
group, group
clientId
} }
} }
@@ -247,10 +223,6 @@ const updatePermission = async (
.populate({ .populate({
path: 'group', path: 'group',
select: 'groupId name description -_id' select: 'groupId name description -_id'
})
.populate({
path: 'client',
select: 'clientId -_id'
})) as unknown as PermissionDetailsResponse })) as unknown as PermissionDetailsResponse
if (!updatedPermission) throw new Error('Unable to update permission') if (!updatedPermission) throw new Error('Unable to update permission')

4
api/src/model/Permission.ts
View File

@@ -7,7 +7,6 @@ interface IPermissionDocument extends Document {
permissionId: number permissionId: number
user: Schema.Types.ObjectId user: Schema.Types.ObjectId
group: Schema.Types.ObjectId group: Schema.Types.ObjectId
client: Schema.Types.ObjectId
} }
interface IPermission extends IPermissionDocument {} interface IPermission extends IPermissionDocument {}
@@ -24,8 +23,7 @@ const permissionSchema = new Schema<IPermissionDocument>({
required: true required: true
}, },
user: { type: Schema.Types.ObjectId, ref: 'User' }, user: { type: Schema.Types.ObjectId, ref: 'User' },
group: { type: Schema.Types.ObjectId, ref: 'Group' }, group: { type: Schema.Types.ObjectId, ref: 'Group' }
client: { type: Schema.Types.ObjectId, ref: 'Client' }
}) })
permissionSchema.plugin(AutoIncrement, { inc_field: 'permissionId' }) permissionSchema.plugin(AutoIncrement, { inc_field: 'permissionId' })

38
api/src/routes/api/spec/permission.spec.ts
View File

@@ -108,28 +108,6 @@ describe('permission', () => {
expect(res.body.group).toBeTruthy() expect(res.body.group).toBeTruthy()
}) })
it('should respond with new permission when principalType is client', async () => {
const dbclient = await clientController.createClient({
clientId: '123456789',
clientSecret: '123456789'
})
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalType: 'client',
principalId: dbclient.clientId
})
.expect(200)
expect(res.body.permissionId).toBeTruthy()
expect(res.body.uri).toEqual(permission.uri)
expect(res.body.setting).toEqual(permission.setting)
expect(res.body.clientId).toEqual(dbclient.clientId)
})
it('should respond with Unauthorized if access token is not present', async () => { it('should respond with Unauthorized if access token is not present', async () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/permission') .post('/SASjsApi/permission')
@@ -240,20 +218,6 @@ describe('permission', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
it('should respond with forbidden Request (403) if client is not found', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalType: 'client'
})
.expect(403)
expect(res.text).toEqual('Error: Client not found.')
expect(res.body).toEqual({})
})
it('should respond with forbidden Request (403) if principal type is not valid', async () => { it('should respond with forbidden Request (403) if principal type is not valid', async () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/permission') .post('/SASjsApi/permission')
@@ -265,7 +229,7 @@ describe('permission', () => {
.expect(403) .expect(403)
expect(res.text).toEqual( expect(res.text).toEqual(
'Error: Invalid principal type. Valid types are user, group and client.' 'Error: Invalid principal type. Valid types are user or group.'
) )
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })