From 381a26fa4c34643338efbe173f7d89114d67b676 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 00:44:55 +1200 Subject: [PATCH 1/7] Assign verified/unverified role to users --- src/Appwrite/Auth/Auth.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index c290d19862..f4cea0166e 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -9,6 +9,7 @@ use Appwrite\Auth\Hash\Phpass; use Appwrite\Auth\Hash\Scrypt; use Appwrite\Auth\Hash\Scryptmodified; use Appwrite\Auth\Hash\Sha; +use Utopia\Database\Database; use Utopia\Database\Document; use Utopia\Database\DateTime; use Utopia\Database\Role; @@ -421,6 +422,17 @@ class Auth if ($user->getId()) { $roles[] = Role::user($user->getId())->toString(); $roles[] = Role::users()->toString(); + + $emailVerified = $user->getAttribute('emailVerification', false); + $phoneVerified = $user->getAttribute('phoneVerification', false); + + if ($emailVerified || $phoneVerified) { + $roles[] = Role::user($user->getId(), Database::DIMENSION_VERIFIED)->toString(); + $roles[] = Role::users(Database::DIMENSION_VERIFIED)->toString(); + } else { + $roles[] = Role::user($user->getId(), Database::DIMENSION_UNVERIFIED)->toString(); + $roles[] = Role::users(Database::DIMENSION_UNVERIFIED)->toString(); + } } else { return [Role::guests()->toString()]; } From 53e6a3e31217155b96bc384365f7f420bf4d1842 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 00:45:57 +1200 Subject: [PATCH 2/7] Add verified/unverified role tests --- tests/unit/Auth/AuthTest.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tests/unit/Auth/AuthTest.php b/tests/unit/Auth/AuthTest.php index 1480fbb23f..43a2bef8ed 100644 --- a/tests/unit/Auth/AuthTest.php +++ b/tests/unit/Auth/AuthTest.php @@ -351,6 +351,8 @@ class AuthTest extends TestCase { $user = new Document([ '$id' => ID::custom('123'), + 'emailVerification' => true, + 'phoneVerification' => true, 'memberships' => [ [ '$id' => ID::custom('456'), @@ -374,9 +376,11 @@ class AuthTest extends TestCase $roles = Auth::getRoles($user); - $this->assertCount(9, $roles); + $this->assertCount(11, $roles); $this->assertContains(Role::users()->toString(), $roles); $this->assertContains(Role::user(ID::custom('123'))->toString(), $roles); + $this->assertContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles); + $this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles); @@ -384,6 +388,21 @@ class AuthTest extends TestCase $this->assertContains(Role::team(ID::custom('def'), 'guest')->toString(), $roles); $this->assertContains(Role::member(ID::custom('456'))->toString(), $roles); $this->assertContains(Role::member(ID::custom('abc'))->toString(), $roles); + + // Disable all verification + $user['emailVerification'] = false; + $user['phoneVerification'] = false; + + $roles = Auth::getRoles($user); + $this->assertContains(Role::users(Database::DIMENSION_UNVERIFIED)->toString(), $roles); + $this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_UNVERIFIED)->toString(), $roles); + + // Enable single verification type + $user['emailVerification'] = true; + + $roles = Auth::getRoles($user); + $this->assertContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles); + $this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles); } public function testPrivilegedUserRoles(): void @@ -391,6 +410,8 @@ class AuthTest extends TestCase Authorization::setRole(Auth::USER_ROLE_OWNER); $user = new Document([ '$id' => ID::custom('123'), + 'emailVerification' => true, + 'phoneVerification' => true, 'memberships' => [ [ '$id' => ID::custom('def'), @@ -417,6 +438,8 @@ class AuthTest extends TestCase $this->assertCount(7, $roles); $this->assertNotContains(Role::users()->toString(), $roles); $this->assertNotContains(Role::user(ID::custom('123'))->toString(), $roles); + $this->assertNotContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles); + $this->assertNotContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles); $this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles); From 69384903284313a73579939a7fc7c89a8f4f5b64 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 00:46:59 +1200 Subject: [PATCH 3/7] Update db to dev --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 4598a51ea5..a7c4934aa7 100644 --- a/composer.json +++ b/composer.json @@ -51,7 +51,7 @@ "utopia-php/cache": "0.6.*", "utopia-php/cli": "0.13.*", "utopia-php/config": "0.2.*", - "utopia-php/database": "0.25.*", + "utopia-php/database": "dev-refactor-permission-validators as 0.25.2", "utopia-php/locale": "0.4.*", "utopia-php/registry": "0.5.*", "utopia-php/preloader": "0.2.*", From 25fc9c2dc4731bfba9b6e1d8302f0d0bfc467de2 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 02:39:35 +1200 Subject: [PATCH 4/7] Update lock --- composer.lock | 41 +++++++++++++++++++++++++---------------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/composer.lock b/composer.lock index 1f61b8aef6..62b00640ff 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "aca68a1c1c7d762cabd02ce02cf40df4", + "content-hash": "5f6efc85afae8c174f16937974392ffa", "packages": [ { "name": "adhocore/jwt", @@ -2060,16 +2060,16 @@ }, { "name": "utopia-php/database", - "version": "0.25.2", + "version": "dev-refactor-permission-validators", "source": { "type": "git", "url": "https://github.com/utopia-php/database.git", - "reference": "140bbedf1c4d622990fb94d26681fcca235cd5b9" + "reference": "1338f5945623a6739087a7358edd7e0d14b80bdc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/database/zipball/140bbedf1c4d622990fb94d26681fcca235cd5b9", - "reference": "140bbedf1c4d622990fb94d26681fcca235cd5b9", + "url": "https://api.github.com/repos/utopia-php/database/zipball/1338f5945623a6739087a7358edd7e0d14b80bdc", + "reference": "1338f5945623a6739087a7358edd7e0d14b80bdc", "shasum": "" }, "require": { @@ -2118,9 +2118,9 @@ ], "support": { "issues": "https://github.com/utopia-php/database/issues", - "source": "https://github.com/utopia-php/database/tree/0.25.2" + "source": "https://github.com/utopia-php/database/tree/refactor-permission-validators" }, - "time": "2022-09-09T03:58:01+00:00" + "time": "2022-09-13T14:34:07+00:00" }, { "name": "utopia-php/domains", @@ -4812,16 +4812,16 @@ }, { "name": "sebastian/type", - "version": "3.1.0", + "version": "3.2.0", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/type.git", - "reference": "fb44e1cc6e557418387ad815780360057e40753e" + "reference": "fb3fe09c5f0bae6bc27ef3ce933a1e0ed9464b6e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/type/zipball/fb44e1cc6e557418387ad815780360057e40753e", - "reference": "fb44e1cc6e557418387ad815780360057e40753e", + "url": "https://api.github.com/repos/sebastianbergmann/type/zipball/fb3fe09c5f0bae6bc27ef3ce933a1e0ed9464b6e", + "reference": "fb3fe09c5f0bae6bc27ef3ce933a1e0ed9464b6e", "shasum": "" }, "require": { @@ -4833,7 +4833,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "3.1-dev" + "dev-master": "3.2-dev" } }, "autoload": { @@ -4856,7 +4856,7 @@ "homepage": "https://github.com/sebastianbergmann/type", "support": { "issues": "https://github.com/sebastianbergmann/type/issues", - "source": "https://github.com/sebastianbergmann/type/tree/3.1.0" + "source": "https://github.com/sebastianbergmann/type/tree/3.2.0" }, "funding": [ { @@ -4864,7 +4864,7 @@ "type": "github" } ], - "time": "2022-08-29T06:55:37+00:00" + "time": "2022-09-12T14:47:03+00:00" }, { "name": "sebastian/version", @@ -5358,9 +5358,18 @@ "time": "2022-08-12T06:47:24+00:00" } ], - "aliases": [], + "aliases": [ + { + "package": "utopia-php/database", + "version": "dev-refactor-permission-validators", + "alias": "0.25.2", + "alias_normalized": "0.25.2.0" + } + ], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": { + "utopia-php/database": 20 + }, "prefer-stable": false, "prefer-lowest": false, "platform": { From ce42915ce5dc6ba9ae7e543cf89fc3e44da0b027 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 18:10:42 +1200 Subject: [PATCH 5/7] Fix messaging channels subscription count tests --- tests/unit/Messaging/MessagingChannelsTest.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/tests/unit/Messaging/MessagingChannelsTest.php b/tests/unit/Messaging/MessagingChannelsTest.php index dd2ec04401..392f6d56fe 100644 --- a/tests/unit/Messaging/MessagingChannelsTest.php +++ b/tests/unit/Messaging/MessagingChannelsTest.php @@ -121,13 +121,20 @@ class MessagingChannelsTest extends TestCase /** * Check for correct amount of subscriptions: - * - XXX users + * - XXX users (2 roles per user) * - XXX teams - * - XXX team roles (3 roles per team) + * - XXX team roles (2 roles per team) + * - XXX member roles (2 roles per team) * - 1 guests * - 1 users + * - 1 users unverified */ - $this->assertCount(($this->connectionsAuthenticated + (4 * $this->connectionsPerChannel) + 2), $this->realtime->subscriptions['1']); + $userRoles = 2 * $this->connectionsAuthenticated; + $userGroupRoles = 2; + $teamRoles = 2 * $this->connectionsPerChannel; + $memberRoles = 2 * $this->connectionsPerChannel; + $guestRoles = 1; + $this->assertCount(($userRoles + $userGroupRoles + $teamRoles + $memberRoles + $guestRoles), $this->realtime->subscriptions['1']); /** * Check for connections @@ -139,7 +146,7 @@ class MessagingChannelsTest extends TestCase $this->realtime->unsubscribe(-1); $this->assertCount($this->connectionsTotal, $this->realtime->connections); - $this->assertCount(($this->connectionsAuthenticated + (4 * $this->connectionsPerChannel) + 2), $this->realtime->subscriptions['1']); + $this->assertCount(($userRoles + $userGroupRoles + $teamRoles + $memberRoles + $guestRoles), $this->realtime->subscriptions['1']); for ($i = 0; $i < $this->connectionsCount; $i++) { $this->realtime->unsubscribe($i); From d28afc21a6d218382f2c7721f5e9bb37a44a8818 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 18:11:42 +1200 Subject: [PATCH 6/7] Update db to tag --- composer.json | 2 +- composer.lock | 29 ++++++++++------------------- 2 files changed, 11 insertions(+), 20 deletions(-) diff --git a/composer.json b/composer.json index a7c4934aa7..4598a51ea5 100644 --- a/composer.json +++ b/composer.json @@ -51,7 +51,7 @@ "utopia-php/cache": "0.6.*", "utopia-php/cli": "0.13.*", "utopia-php/config": "0.2.*", - "utopia-php/database": "dev-refactor-permission-validators as 0.25.2", + "utopia-php/database": "0.25.*", "utopia-php/locale": "0.4.*", "utopia-php/registry": "0.5.*", "utopia-php/preloader": "0.2.*", diff --git a/composer.lock b/composer.lock index 0218e07b73..5ddf3f956e 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "5f6efc85afae8c174f16937974392ffa", + "content-hash": "aca68a1c1c7d762cabd02ce02cf40df4", "packages": [ { "name": "adhocore/jwt", @@ -2060,16 +2060,16 @@ }, { "name": "utopia-php/database", - "version": "dev-refactor-permission-validators", + "version": "0.25.3", "source": { "type": "git", "url": "https://github.com/utopia-php/database.git", - "reference": "1338f5945623a6739087a7358edd7e0d14b80bdc" + "reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/database/zipball/1338f5945623a6739087a7358edd7e0d14b80bdc", - "reference": "1338f5945623a6739087a7358edd7e0d14b80bdc", + "url": "https://api.github.com/repos/utopia-php/database/zipball/40c5cd4762b0c647df8fdb21813392b8ef5d211b", + "reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b", "shasum": "" }, "require": { @@ -2118,9 +2118,9 @@ ], "support": { "issues": "https://github.com/utopia-php/database/issues", - "source": "https://github.com/utopia-php/database/tree/refactor-permission-validators" + "source": "https://github.com/utopia-php/database/tree/0.25.3" }, - "time": "2022-09-13T14:34:07+00:00" + "time": "2022-09-13T18:37:36+00:00" }, { "name": "utopia-php/domains", @@ -5358,18 +5358,9 @@ "time": "2022-08-12T06:47:24+00:00" } ], - "aliases": [ - { - "package": "utopia-php/database", - "version": "dev-refactor-permission-validators", - "alias": "0.25.2", - "alias_normalized": "0.25.2.0" - } - ], + "aliases": [], "minimum-stability": "stable", - "stability-flags": { - "utopia-php/database": 20 - }, + "stability-flags": [], "prefer-stable": false, "prefer-lowest": false, "platform": { @@ -5393,5 +5384,5 @@ "platform-overrides": { "php": "8.0" }, - "plugin-api-version": "2.2.0" + "plugin-api-version": "2.3.0" } From ef144dbc24eaa3f475f5daba96ef4c1accd5e313 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 14 Sep 2022 19:24:50 +1200 Subject: [PATCH 7/7] Update lock --- composer.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/composer.lock b/composer.lock index 5ddf3f956e..85801ee5f1 100644 --- a/composer.lock +++ b/composer.lock @@ -2060,16 +2060,16 @@ }, { "name": "utopia-php/database", - "version": "0.25.3", + "version": "0.25.4", "source": { "type": "git", "url": "https://github.com/utopia-php/database.git", - "reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b" + "reference": "2883de82eee99e5744bf6e4123095a530c48a194" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/database/zipball/40c5cd4762b0c647df8fdb21813392b8ef5d211b", - "reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b", + "url": "https://api.github.com/repos/utopia-php/database/zipball/2883de82eee99e5744bf6e4123095a530c48a194", + "reference": "2883de82eee99e5744bf6e4123095a530c48a194", "shasum": "" }, "require": { @@ -2118,9 +2118,9 @@ ], "support": { "issues": "https://github.com/utopia-php/database/issues", - "source": "https://github.com/utopia-php/database/tree/0.25.3" + "source": "https://github.com/utopia-php/database/tree/0.25.4" }, - "time": "2022-09-13T18:37:36+00:00" + "time": "2022-09-14T06:22:33+00:00" }, { "name": "utopia-php/domains", @@ -4124,16 +4124,16 @@ }, { "name": "sebastian/comparator", - "version": "4.0.6", + "version": "4.0.7", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "55f4261989e546dc112258c7a75935a81a7ce382" + "reference": "7fa545db548c90bdebeb9da0583001a252be5578" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/55f4261989e546dc112258c7a75935a81a7ce382", - "reference": "55f4261989e546dc112258c7a75935a81a7ce382", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/7fa545db548c90bdebeb9da0583001a252be5578", + "reference": "7fa545db548c90bdebeb9da0583001a252be5578", "shasum": "" }, "require": { @@ -4186,7 +4186,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/comparator/issues", - "source": "https://github.com/sebastianbergmann/comparator/tree/4.0.6" + "source": "https://github.com/sebastianbergmann/comparator/tree/4.0.7" }, "funding": [ { @@ -4194,7 +4194,7 @@ "type": "github" } ], - "time": "2020-10-26T15:49:45+00:00" + "time": "2022-09-14T06:33:43+00:00" }, { "name": "sebastian/complexity", @@ -4384,16 +4384,16 @@ }, { "name": "sebastian/exporter", - "version": "4.0.4", + "version": "4.0.5", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/exporter.git", - "reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9" + "reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/65e8b7db476c5dd267e65eea9cab77584d3cfff9", - "reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9", + "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d", + "reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d", "shasum": "" }, "require": { @@ -4449,7 +4449,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/exporter/issues", - "source": "https://github.com/sebastianbergmann/exporter/tree/4.0.4" + "source": "https://github.com/sebastianbergmann/exporter/tree/4.0.5" }, "funding": [ { @@ -4457,7 +4457,7 @@ "type": "github" } ], - "time": "2021-11-11T14:18:36+00:00" + "time": "2022-09-14T06:03:37+00:00" }, { "name": "sebastian/global-state",