Skip to content

Commit

Permalink
Add permissions to the invite link
Browse files Browse the repository at this point in the history
  • Loading branch information
@jatindersingh93
jatindersingh93 committed Apr 18, 2024
1 parent d782b2e commit 03e5b48
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 73 deletions.
74 changes: 31 additions & 43 deletions app/src/controllers/invite.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,37 @@ const controller = {
}
// Assign array of permCode to the bucket or object
invite.permissionsCode.forEach(async permCode => {
await setPermissions(permCode, invite, token, userId, req);
if (invite.type === ResourceType.OBJECT) {
// Check for object existence
await objectService.read(invite.resource).catch(() => {
inviteService.delete(token);
throw new Problem(409, {
detail: `Object '${invite.resource}' not found`,
instance: req.originalUrl,
objectId: invite.resource
});
});

// Grant invitation permission and cleanup
await objectPermissionService.addPermissions(invite.resource, [
{ userId: userId, permCode: permCode }
], invite.createdBy);
} else if (invite.type === ResourceType.BUCKET) {
// Check for object existence
await bucketService.read(invite.resource).catch(() => {
inviteService.delete(token);
throw new Problem(409, {
detail: `Bucket '${invite.resource}' not found`,
instance: req.originalUrl,
bucketId: invite.resource
});
});

// Grant invitation permission and cleanup
await bucketPermissionService.addPermissions(invite.resource, [
{ userId: userId, permCode: permCode }
], invite.createdBy);
}
});

// Cleanup invite on success
Expand All @@ -197,46 +227,4 @@ const controller = {
}
};

/**
* @function setPermissions
* Set permissions to bucket or object
* @param {object} invite service object
* @param {object} token object
* @param {string} [currentUserId=SYSTEM_USER] The optional userId uuid actor; defaults to system user if unspecified
* @param {object} res Express response object
*/
async function setPermissions(permCode, invite, token, userId, req) {
if (invite.type === ResourceType.OBJECT) {
// Check for object existence
await objectService.read(invite.resource).catch(() => {
inviteService.delete(token);
throw new Problem(409, {
detail: `Object '${invite.resource}' not found`,
instance: req.originalUrl,
objectId: invite.resource
});
});

// Grant invitation permission and cleanup
await objectPermissionService.addPermissions(invite.resource, [
{ userId: userId, permCode: permCode }
], invite.createdBy);
} else if (invite.type === ResourceType.BUCKET) {
// Check for object existence
await bucketService.read(invite.resource).catch(() => {
inviteService.delete(token);
throw new Problem(409, {
detail: `Bucket '${invite.resource}' not found`,
instance: req.originalUrl,
bucketId: invite.resource
});
});

// Grant invitation permission and cleanup
await bucketPermissionService.addPermissions(invite.resource, [
{ userId: userId, permCode: permCode }
], invite.createdBy);
}
}

module.exports = controller;
47 changes: 17 additions & 30 deletions app/tests/unit/controllers/invite.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -362,7 +362,7 @@ describe('createInvite', () => {

describe('useInvite', () => {
const bucketAddPermissionsSpy = jest.spyOn(bucketPermissionService, 'addPermissions');
//const bucketReadSpy = jest.spyOn(bucketService, 'read');
const bucketReadSpy = jest.spyOn(bucketService, 'read');
const getCurrentIdentitySpy = jest.spyOn(utils, 'getCurrentIdentity');
const getCurrentUserIdSpy = jest.spyOn(userService, 'getCurrentUserId');
const inviteDeleteSpy = jest.spyOn(inviteService, 'delete');
Expand Down Expand Up @@ -468,24 +468,20 @@ describe('useInvite', () => {
};

inviteReadSpy.mockResolvedValue({
email: email, resource: RESOURCE, type: ResourceType.OBJECT,
createdBy: SYSTEM_USER, permissionsCode: ['READ', 'UPDATE']
email: email, resource: RESOURCE, type: ResourceType.OBJECT, createdBy: SYSTEM_USER, permissionsCode: ['READ']
});
objectAddPermissionsSpy.mockResolvedValue({});
objectReadSpy.mockResolvedValue({});

await controller.useInvite(req, res, next);

expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
//expect(bucketReadSpy).toHaveBeenCalledTimes(0);
expect(bucketReadSpy).toHaveBeenCalledTimes(0);
expect(inviteDeleteSpy).toHaveBeenCalledTimes(1);
expect(inviteDeleteSpy).toHaveBeenCalledWith(TOKEN);
expect(inviteReadSpy).toHaveBeenCalledTimes(1);
expect(inviteReadSpy).toHaveBeenCalledWith(TOKEN);
expect(objectAddPermissionsSpy).toHaveBeenCalledTimes(0);
// expect(objectAddPermissionsSpy).toHaveBeenCalledWith(RESOURCE, [
// { userId: USR_ID, permCode: Permissions.READ }
// ], SYSTEM_USER);
expect(objectReadSpy).toHaveBeenCalledTimes(1);
expect(objectReadSpy).toHaveBeenCalledWith(RESOURCE);
expect(next).toHaveBeenCalledTimes(0);
Expand All @@ -501,21 +497,16 @@ describe('useInvite', () => {
};

inviteReadSpy.mockResolvedValue({ email: email, resource: RESOURCE, type: ResourceType.BUCKET });
//bucketReadSpy.mockRejectedValue({});
bucketReadSpy.mockRejectedValue({});

await controller.useInvite(req, res, next);

expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
//expect(bucketReadSpy).toHaveBeenCalledTimes(0);
//expect(bucketReadSpy).toHaveBeenCalledWith(RESOURCE);
expect(bucketReadSpy).toHaveBeenCalledTimes(0);
expect(inviteDeleteSpy).toHaveBeenCalledTimes(0);
//expect(inviteDeleteSpy).toHaveBeenCalledWith(TOKEN);
expect(inviteReadSpy).toHaveBeenCalledTimes(1);
expect(inviteReadSpy).toHaveBeenCalledWith(TOKEN);
expect(objectAddPermissionsSpy).toHaveBeenCalledTimes(0);
expect(objectReadSpy).toHaveBeenCalledTimes(0);
expect(next).toHaveBeenCalledTimes(1);
expect(next).toHaveBeenCalledWith(new Problem(409));
expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
});

it('should 200 when bucket grant successful', async () => {
Expand All @@ -526,28 +517,24 @@ describe('useInvite', () => {
};

inviteReadSpy.mockResolvedValue({
email: email, resource: RESOURCE, type: ResourceType.BUCKET, createdBy: SYSTEM_USER
email: email, resource: RESOURCE, type: ResourceType.BUCKET, createdBy: SYSTEM_USER, permissionsCode: ['READ']
});
bucketAddPermissionsSpy.mockResolvedValue({});
//bucketReadSpy.mockResolvedValue({});
bucketReadSpy.mockResolvedValue({});

await controller.useInvite(req, res, next);

expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
//expect(bucketReadSpy).toHaveBeenCalledTimes(0);
// expect(bucketAddPermissionsSpy).toHaveBeenCalledWith(RESOURCE, [
// { userId: USR_ID, permCode: Permissions.READ }
// ], SYSTEM_USER);
//expect(bucketReadSpy).toHaveBeenCalledWith(RESOURCE);
expect(inviteDeleteSpy).toHaveBeenCalledTimes(0);
//expect(inviteDeleteSpy).toHaveBeenCalledWith(TOKEN);
expect(bucketReadSpy).toHaveBeenCalledTimes(1);
expect(inviteDeleteSpy).toHaveBeenCalledTimes(1);
expect(inviteDeleteSpy).toHaveBeenCalledWith(TOKEN);
expect(inviteReadSpy).toHaveBeenCalledTimes(1);
expect(inviteReadSpy).toHaveBeenCalledWith(TOKEN);
expect(objectAddPermissionsSpy).toHaveBeenCalledTimes(0);
expect(objectReadSpy).toHaveBeenCalledTimes(0);
expect(next).toHaveBeenCalledTimes(1);
//expect(res.json).toHaveBeenCalledWith({ resource: RESOURCE, type: ResourceType.BUCKET });
//expect(res.status).toHaveBeenCalledWith(200);
expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
expect(bucketReadSpy).toHaveBeenCalledTimes(1);
expect(next).toHaveBeenCalledTimes(0);
expect(res.json).toHaveBeenCalledWith({ resource: RESOURCE, type: ResourceType.BUCKET });
expect(res.status).toHaveBeenCalledWith(200);
});

it('should 500 for unexpected errors', async () => {
Expand All @@ -558,7 +545,7 @@ describe('useInvite', () => {
await controller.useInvite(req, res, next);

expect(bucketAddPermissionsSpy).toHaveBeenCalledTimes(0);
//expect(bucketReadSpy).toHaveBeenCalledTimes(0);
expect(bucketReadSpy).toHaveBeenCalledTimes(0);
expect(inviteDeleteSpy).toHaveBeenCalledTimes(0);
expect(inviteReadSpy).toHaveBeenCalledTimes(1);
expect(inviteReadSpy).toHaveBeenCalledWith(TOKEN);
Expand Down

0 comments on commit 03e5b48

Please sign in to comment.