chore: add principal type and permission setting enums

2025-12-10 11:24:35 +00:00 · 2022-06-28 00:00:04 +05:00
parent 0a73a35547
commit ca64c13909
3 changed files with 28 additions and 13 deletions
--- a/api/src/controllers/permission.ts
+++ b/api/src/controllers/permission.ts
@@ -17,6 +17,16 @@ import Group from '../model/Group'
 import { UserResponse } from './user'
 import { GroupResponse } from './group'

+export enum PrincipalType {
+  user = 'user',
+  group = 'group'
+}
+
+export enum PermissionSetting {
+  grant = 'Grant',
+  deny = 'Deny'
+}
+
 interface RegisterPermissionPayload {
  /**
   * Name of affected resource
@@ -27,12 +37,12 @@ interface RegisterPermissionPayload {
   * The indication of whether (and to what extent) access is provided
   * @example "Grant"
   */
-  setting: string
+  setting: PermissionSetting
  /**
   * Indicates the type of principal
   * @example "user"
   */
-  principalType: string
+  principalType: PrincipalType
  /**
   * The id of user or group to which a rule is assigned.
   * @example 123
@@ -45,7 +55,7 @@ interface UpdatePermissionPayload {
   * The indication of whether (and to what extent) access is provided
   * @example "Grant"
   */
-  setting: string
+  setting: PermissionSetting
 }

 export interface PermissionDetailsResponse {
@@ -178,7 +188,7 @@ const createPermission = async ({
  let group: GroupResponse | undefined

  switch (principalType) {
-    case 'user': {
+    case PrincipalType.user: {
      const userInDB = await User.findOne({ id: principalId })
      if (!userInDB)
        throw {
@@ -216,7 +226,7 @@ const createPermission = async ({
      }
      break
    }
-    case 'group': {
+    case PrincipalType.group: {
      const groupInDB = await Group.findOne({ groupId: principalId })
      if (!groupInDB)
        throw {
--- a/api/src/routes/api/spec/permission.spec.ts
+++ b/api/src/routes/api/spec/permission.spec.ts
@@ -7,7 +7,9 @@ import {
  UserController,
  GroupController,
  ClientController,
-  PermissionController
+  PermissionController,
+  PrincipalType,
+  PermissionSetting
 } from '../../../controllers/'
 import {
  UserDetailsResponse,
@@ -33,8 +35,8 @@ const user = {

 const permission = {
  uri: '/SASjsApi/code/execute',
-  setting: 'Grant',
-  principalType: 'user',
+  setting: PermissionSetting.grant,
+  principalType: PrincipalType.user,
  principalId: 123
 }

@@ -228,9 +230,7 @@ describe('permission', () => {
        })
        .expect(400)

-      expect(res.text).toEqual(
-        'Invalid principal type. Valid types are user or group.'
-      )
+      expect(res.text).toEqual('"principalType" must be one of [user, group]')
      expect(res.body).toEqual({})
    })
  })
--- a/api/src/utils/validation.ts
+++ b/api/src/utils/validation.ts
@@ -1,5 +1,6 @@
 import Joi from 'joi'
 import { RunTimeType } from '.'
+import { PermissionSetting, PrincipalType } from '../controllers'

 const usernameSchema = Joi.string().lowercase().alphanum().min(3).max(16)
 const passwordSchema = Joi.string().min(6).max(1024)
@@ -89,8 +90,12 @@ export const registerClientValidation = (data: any): Joi.ValidationResult =>
 export const registerPermissionValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    uri: Joi.string().required(),
-    setting: Joi.string().required(),
-    principalType: Joi.string().required(),
+    setting: Joi.string()
+      .required()
+      .valid(...Object.values(PermissionSetting)),
+    principalType: Joi.string()
+      .required()
+      .valid(...Object.values(PrincipalType)),
    principalId: Joi.number().required()
  }).validate(data)