Update permissions
This commit is contained in:
parent
9f008a18ea
commit
0389cc9ef2
2 changed files with 26 additions and 19 deletions
|
@ -6,6 +6,8 @@ use Tests\E2E\Client;
|
|||
use Tests\E2E\Scopes\ProjectCustom;
|
||||
use Tests\E2E\Scopes\Scope;
|
||||
use Tests\E2E\Scopes\SideClient;
|
||||
use Utopia\Database\Role;
|
||||
use Utopia\Database\Permission;
|
||||
|
||||
class GraphQLAuthTest extends Scope
|
||||
{
|
||||
|
@ -100,15 +102,17 @@ class GraphQLAuthTest extends Scope
|
|||
|
||||
// Create collection
|
||||
$query = $this->getQuery(self::$CREATE_COLLECTION);
|
||||
$userId = $this->account1['body']['data']['accountCreate']['_id'];
|
||||
$gqlPayload = [
|
||||
'query' => $query,
|
||||
'variables' => [
|
||||
'databaseId' => $this->database['body']['data']['databasesCreate']['_id'],
|
||||
'collectionId' => 'unique()',
|
||||
'name' => 'Actors',
|
||||
'permission' => 'document',
|
||||
'read' => ['role:member'],
|
||||
'write' => ['role:member'],
|
||||
'documentSecurity' => true,
|
||||
'permissions' => [
|
||||
Permission::create(Role::user($userId))
|
||||
]
|
||||
]
|
||||
];
|
||||
$this->collection = $this->client->call(Client::METHOD_POST, '/graphql', [
|
||||
|
@ -144,6 +148,7 @@ class GraphQLAuthTest extends Scope
|
|||
|
||||
// Create document as account 1
|
||||
$query = $this->getQuery(self::$CREATE_DOCUMENT);
|
||||
$userId = $this->account1['body']['data']['accountCreate']['_id'];
|
||||
$gqlPayload = [
|
||||
'query' => $query,
|
||||
'variables' => [
|
||||
|
@ -153,8 +158,11 @@ class GraphQLAuthTest extends Scope
|
|||
'data' => [
|
||||
'name' => 'John Doe',
|
||||
],
|
||||
'read' => ['user:' . $this->account1['body']['data']['accountCreate']['_id']],
|
||||
'write' => ['user:' . $this->account1['body']['data']['accountCreate']['_id']],
|
||||
'permissions' => [
|
||||
Permission::read(Role::user($userId)),
|
||||
Permission::update(Role::user($userId)),
|
||||
Permission::delete(Role::user($userId)),
|
||||
]
|
||||
]
|
||||
];
|
||||
$document = $this->client->call(Client::METHOD_POST, '/graphql', [
|
||||
|
@ -189,9 +197,8 @@ class GraphQLAuthTest extends Scope
|
|||
'cookie' => 'a_session_' . $projectId . '=' . $this->token2,
|
||||
], $gqlPayload);
|
||||
|
||||
$message = 'No document found';
|
||||
$this->assertArrayHasKey('errors', $document['body']);
|
||||
$this->assertEquals($message, $document['body']['errors'][0]['message']);
|
||||
$this->assertEquals('Document with the requested ID could not be found.', $document['body']['errors'][0]['message']);
|
||||
}
|
||||
|
||||
public function testValidAuth()
|
||||
|
|
|
@ -413,8 +413,8 @@ trait GraphQLBase
|
|||
}
|
||||
}';
|
||||
case self::$CREATE_DOCUMENT:
|
||||
return 'mutation createDocument($databaseId: String!, $collectionId: String!, $documentId: String!, $data: Json!, $read: [String!]!, $write: [String!]!){
|
||||
databasesCreateDocument(databaseId: $databaseId, collectionId: $collectionId, documentId: $documentId, data: $data, read: $read, write: $write) {
|
||||
return 'mutation createDocument($databaseId: String!, $collectionId: String!, $documentId: String!, $data: Json!, $permissions: [String!]){
|
||||
databasesCreateDocument(databaseId: $databaseId, collectionId: $collectionId, documentId: $documentId, data: $data, permissions: $permissions) {
|
||||
_id
|
||||
_collectionId
|
||||
_permissions
|
||||
|
@ -479,8 +479,8 @@ trait GraphQLBase
|
|||
actorsDelete(id: $id)
|
||||
}';
|
||||
case self::$UPDATE_DOCUMENT:
|
||||
return 'mutation updateDocument($databaseId: String!, $collectionId: String!, $documentId: String!, $data: Json!, $read: [String!], $write: [String!]){
|
||||
databasesUpdateDocument(databaseId: $databaseId, collectionId: $collectionId, documentId: $documentId, data: $data, read: $read, write: $write) {
|
||||
return 'mutation updateDocument($databaseId: String!, $collectionId: String!, $documentId: String!, $data: Json!, $permissions: [String!]){
|
||||
databasesUpdateDocument(databaseId: $databaseId, collectionId: $collectionId, documentId: $documentId, data: $data, permissions: $permissions) {
|
||||
_id
|
||||
_collection
|
||||
data
|
||||
|
@ -1197,8 +1197,8 @@ trait GraphQLBase
|
|||
functionsRetryBuild(functionId: $functionId, deploymentId: $deploymentId, buildId: $buildId)
|
||||
}';
|
||||
case self::$CREATE_BUCKET:
|
||||
return 'mutation createBucket($bucketId: String!, $name: String!, $permission: String!, $read: [String!]!, $write: [String!]!) {
|
||||
storageCreateBucket(bucketId: $bucketId, name: $name, permission: $permission, read: $read, write: $write) {
|
||||
return 'mutation createBucket($bucketId: String!, $name: String!, $fileSecurity: Boolean, $permissions: [String!]) {
|
||||
storageCreateBucket(bucketId: $bucketId, name: $name, permission: $permission, permissions: $permissions) {
|
||||
_id
|
||||
name
|
||||
enabled
|
||||
|
@ -1224,8 +1224,8 @@ trait GraphQLBase
|
|||
}
|
||||
}';
|
||||
case self::$UPDATE_BUCKET:
|
||||
return 'mutation updateBucket($bucketId: String!, $name: String!, $permission: String!, $read: [String!], $write: [String!]) {
|
||||
storageUpdateBucket(bucketId: $bucketId, name: $name, permission: $permission, read: $read, write: $write) {
|
||||
return 'mutation updateBucket($bucketId: String!, $name: String!, $fileSecurity: Boolean, $permissions: [String!]) {
|
||||
storageUpdateBucket(bucketId: $bucketId, name: $name, permission: $permission, permissions: $permissions) {
|
||||
_id
|
||||
name
|
||||
enabled
|
||||
|
@ -1236,8 +1236,8 @@ trait GraphQLBase
|
|||
storageDeleteBucket(bucketId: $bucketId)
|
||||
}';
|
||||
case self::$CREATE_FILE:
|
||||
return 'mutation createFile($bucketId: String!, $fileId: String!, $file: InputFile!, $read: [String!]!, $write: [String!]!) {
|
||||
storageCreateFile(bucketId: $bucketId, fileId: $fileId, file: $file, read: $read, write: $write) {
|
||||
return 'mutation createFile($bucketId: String!, $fileId: String!, $file: InputFile!, $permissions: [String!]) {
|
||||
storageCreateFile(bucketId: $bucketId, fileId: $fileId, file: $file, permissions: $permissions) {
|
||||
_id
|
||||
bucketId
|
||||
name
|
||||
|
@ -1273,8 +1273,8 @@ trait GraphQLBase
|
|||
storageGetFileView(bucketId: $bucketId, fileId: $fileId)
|
||||
}';
|
||||
case self::$UPDATE_FILE:
|
||||
return 'mutation updateFile($bucketId: String!, $fileId: String!, $read: [String!], $write: [String!]) {
|
||||
storageUpdateFile(bucketId: $bucketId, fileId: $fileId, read: $read, write: $write) {
|
||||
return 'mutation updateFile($bucketId: String!, $fileId: String!, $permissions: [String!]) {
|
||||
storageUpdateFile(bucketId: $bucketId, fileId: $fileId, permissions: $permissions) {
|
||||
_id
|
||||
name
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue