Merge pull request #3820 from appwrite/feat-grant-verified-dimension
Feat grant verified dimension
This commit is contained in:
commit
0e7f9cf2ad
4 changed files with 66 additions and 24 deletions
38
composer.lock
generated
38
composer.lock
generated
|
@ -2060,16 +2060,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/database",
|
"name": "utopia-php/database",
|
||||||
"version": "0.25.3",
|
"version": "0.25.4",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/utopia-php/database.git",
|
"url": "https://github.com/utopia-php/database.git",
|
||||||
"reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b"
|
"reference": "2883de82eee99e5744bf6e4123095a530c48a194"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/utopia-php/database/zipball/40c5cd4762b0c647df8fdb21813392b8ef5d211b",
|
"url": "https://api.github.com/repos/utopia-php/database/zipball/2883de82eee99e5744bf6e4123095a530c48a194",
|
||||||
"reference": "40c5cd4762b0c647df8fdb21813392b8ef5d211b",
|
"reference": "2883de82eee99e5744bf6e4123095a530c48a194",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -2118,9 +2118,9 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/utopia-php/database/issues",
|
"issues": "https://github.com/utopia-php/database/issues",
|
||||||
"source": "https://github.com/utopia-php/database/tree/0.25.3"
|
"source": "https://github.com/utopia-php/database/tree/0.25.4"
|
||||||
},
|
},
|
||||||
"time": "2022-09-13T18:37:36+00:00"
|
"time": "2022-09-14T06:22:33+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/domains",
|
"name": "utopia-php/domains",
|
||||||
|
@ -4124,16 +4124,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/comparator",
|
"name": "sebastian/comparator",
|
||||||
"version": "4.0.6",
|
"version": "4.0.7",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/sebastianbergmann/comparator.git",
|
"url": "https://github.com/sebastianbergmann/comparator.git",
|
||||||
"reference": "55f4261989e546dc112258c7a75935a81a7ce382"
|
"reference": "7fa545db548c90bdebeb9da0583001a252be5578"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/55f4261989e546dc112258c7a75935a81a7ce382",
|
"url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/7fa545db548c90bdebeb9da0583001a252be5578",
|
||||||
"reference": "55f4261989e546dc112258c7a75935a81a7ce382",
|
"reference": "7fa545db548c90bdebeb9da0583001a252be5578",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -4186,7 +4186,7 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/sebastianbergmann/comparator/issues",
|
"issues": "https://github.com/sebastianbergmann/comparator/issues",
|
||||||
"source": "https://github.com/sebastianbergmann/comparator/tree/4.0.6"
|
"source": "https://github.com/sebastianbergmann/comparator/tree/4.0.7"
|
||||||
},
|
},
|
||||||
"funding": [
|
"funding": [
|
||||||
{
|
{
|
||||||
|
@ -4194,7 +4194,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"time": "2020-10-26T15:49:45+00:00"
|
"time": "2022-09-14T06:33:43+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/complexity",
|
"name": "sebastian/complexity",
|
||||||
|
@ -4384,16 +4384,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/exporter",
|
"name": "sebastian/exporter",
|
||||||
"version": "4.0.4",
|
"version": "4.0.5",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/sebastianbergmann/exporter.git",
|
"url": "https://github.com/sebastianbergmann/exporter.git",
|
||||||
"reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9"
|
"reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/65e8b7db476c5dd267e65eea9cab77584d3cfff9",
|
"url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d",
|
||||||
"reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9",
|
"reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -4449,7 +4449,7 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/sebastianbergmann/exporter/issues",
|
"issues": "https://github.com/sebastianbergmann/exporter/issues",
|
||||||
"source": "https://github.com/sebastianbergmann/exporter/tree/4.0.4"
|
"source": "https://github.com/sebastianbergmann/exporter/tree/4.0.5"
|
||||||
},
|
},
|
||||||
"funding": [
|
"funding": [
|
||||||
{
|
{
|
||||||
|
@ -4457,7 +4457,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"time": "2021-11-11T14:18:36+00:00"
|
"time": "2022-09-14T06:03:37+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/global-state",
|
"name": "sebastian/global-state",
|
||||||
|
@ -5384,5 +5384,5 @@
|
||||||
"platform-overrides": {
|
"platform-overrides": {
|
||||||
"php": "8.0"
|
"php": "8.0"
|
||||||
},
|
},
|
||||||
"plugin-api-version": "2.2.0"
|
"plugin-api-version": "2.3.0"
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,6 +9,7 @@ use Appwrite\Auth\Hash\Phpass;
|
||||||
use Appwrite\Auth\Hash\Scrypt;
|
use Appwrite\Auth\Hash\Scrypt;
|
||||||
use Appwrite\Auth\Hash\Scryptmodified;
|
use Appwrite\Auth\Hash\Scryptmodified;
|
||||||
use Appwrite\Auth\Hash\Sha;
|
use Appwrite\Auth\Hash\Sha;
|
||||||
|
use Utopia\Database\Database;
|
||||||
use Utopia\Database\Document;
|
use Utopia\Database\Document;
|
||||||
use Utopia\Database\DateTime;
|
use Utopia\Database\DateTime;
|
||||||
use Utopia\Database\Role;
|
use Utopia\Database\Role;
|
||||||
|
@ -421,6 +422,17 @@ class Auth
|
||||||
if ($user->getId()) {
|
if ($user->getId()) {
|
||||||
$roles[] = Role::user($user->getId())->toString();
|
$roles[] = Role::user($user->getId())->toString();
|
||||||
$roles[] = Role::users()->toString();
|
$roles[] = Role::users()->toString();
|
||||||
|
|
||||||
|
$emailVerified = $user->getAttribute('emailVerification', false);
|
||||||
|
$phoneVerified = $user->getAttribute('phoneVerification', false);
|
||||||
|
|
||||||
|
if ($emailVerified || $phoneVerified) {
|
||||||
|
$roles[] = Role::user($user->getId(), Database::DIMENSION_VERIFIED)->toString();
|
||||||
|
$roles[] = Role::users(Database::DIMENSION_VERIFIED)->toString();
|
||||||
|
} else {
|
||||||
|
$roles[] = Role::user($user->getId(), Database::DIMENSION_UNVERIFIED)->toString();
|
||||||
|
$roles[] = Role::users(Database::DIMENSION_UNVERIFIED)->toString();
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
return [Role::guests()->toString()];
|
return [Role::guests()->toString()];
|
||||||
}
|
}
|
||||||
|
|
|
@ -351,6 +351,8 @@ class AuthTest extends TestCase
|
||||||
{
|
{
|
||||||
$user = new Document([
|
$user = new Document([
|
||||||
'$id' => ID::custom('123'),
|
'$id' => ID::custom('123'),
|
||||||
|
'emailVerification' => true,
|
||||||
|
'phoneVerification' => true,
|
||||||
'memberships' => [
|
'memberships' => [
|
||||||
[
|
[
|
||||||
'$id' => ID::custom('456'),
|
'$id' => ID::custom('456'),
|
||||||
|
@ -374,9 +376,11 @@ class AuthTest extends TestCase
|
||||||
|
|
||||||
$roles = Auth::getRoles($user);
|
$roles = Auth::getRoles($user);
|
||||||
|
|
||||||
$this->assertCount(9, $roles);
|
$this->assertCount(11, $roles);
|
||||||
$this->assertContains(Role::users()->toString(), $roles);
|
$this->assertContains(Role::users()->toString(), $roles);
|
||||||
$this->assertContains(Role::user(ID::custom('123'))->toString(), $roles);
|
$this->assertContains(Role::user(ID::custom('123'))->toString(), $roles);
|
||||||
|
$this->assertContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
|
$this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles);
|
||||||
|
@ -384,6 +388,21 @@ class AuthTest extends TestCase
|
||||||
$this->assertContains(Role::team(ID::custom('def'), 'guest')->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('def'), 'guest')->toString(), $roles);
|
||||||
$this->assertContains(Role::member(ID::custom('456'))->toString(), $roles);
|
$this->assertContains(Role::member(ID::custom('456'))->toString(), $roles);
|
||||||
$this->assertContains(Role::member(ID::custom('abc'))->toString(), $roles);
|
$this->assertContains(Role::member(ID::custom('abc'))->toString(), $roles);
|
||||||
|
|
||||||
|
// Disable all verification
|
||||||
|
$user['emailVerification'] = false;
|
||||||
|
$user['phoneVerification'] = false;
|
||||||
|
|
||||||
|
$roles = Auth::getRoles($user);
|
||||||
|
$this->assertContains(Role::users(Database::DIMENSION_UNVERIFIED)->toString(), $roles);
|
||||||
|
$this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_UNVERIFIED)->toString(), $roles);
|
||||||
|
|
||||||
|
// Enable single verification type
|
||||||
|
$user['emailVerification'] = true;
|
||||||
|
|
||||||
|
$roles = Auth::getRoles($user);
|
||||||
|
$this->assertContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
|
$this->assertContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testPrivilegedUserRoles(): void
|
public function testPrivilegedUserRoles(): void
|
||||||
|
@ -391,6 +410,8 @@ class AuthTest extends TestCase
|
||||||
Authorization::setRole(Auth::USER_ROLE_OWNER);
|
Authorization::setRole(Auth::USER_ROLE_OWNER);
|
||||||
$user = new Document([
|
$user = new Document([
|
||||||
'$id' => ID::custom('123'),
|
'$id' => ID::custom('123'),
|
||||||
|
'emailVerification' => true,
|
||||||
|
'phoneVerification' => true,
|
||||||
'memberships' => [
|
'memberships' => [
|
||||||
[
|
[
|
||||||
'$id' => ID::custom('def'),
|
'$id' => ID::custom('def'),
|
||||||
|
@ -417,6 +438,8 @@ class AuthTest extends TestCase
|
||||||
$this->assertCount(7, $roles);
|
$this->assertCount(7, $roles);
|
||||||
$this->assertNotContains(Role::users()->toString(), $roles);
|
$this->assertNotContains(Role::users()->toString(), $roles);
|
||||||
$this->assertNotContains(Role::user(ID::custom('123'))->toString(), $roles);
|
$this->assertNotContains(Role::user(ID::custom('123'))->toString(), $roles);
|
||||||
|
$this->assertNotContains(Role::users(Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
|
$this->assertNotContains(Role::user(ID::custom('123'), Database::DIMENSION_VERIFIED)->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'))->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'), 'administrator')->toString(), $roles);
|
||||||
$this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles);
|
$this->assertContains(Role::team(ID::custom('abc'), 'moderator')->toString(), $roles);
|
||||||
|
|
|
@ -121,13 +121,20 @@ class MessagingChannelsTest extends TestCase
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check for correct amount of subscriptions:
|
* Check for correct amount of subscriptions:
|
||||||
* - XXX users
|
* - XXX users (2 roles per user)
|
||||||
* - XXX teams
|
* - XXX teams
|
||||||
* - XXX team roles (3 roles per team)
|
* - XXX team roles (2 roles per team)
|
||||||
|
* - XXX member roles (2 roles per team)
|
||||||
* - 1 guests
|
* - 1 guests
|
||||||
* - 1 users
|
* - 1 users
|
||||||
|
* - 1 users unverified
|
||||||
*/
|
*/
|
||||||
$this->assertCount(($this->connectionsAuthenticated + (4 * $this->connectionsPerChannel) + 2), $this->realtime->subscriptions['1']);
|
$userRoles = 2 * $this->connectionsAuthenticated;
|
||||||
|
$userGroupRoles = 2;
|
||||||
|
$teamRoles = 2 * $this->connectionsPerChannel;
|
||||||
|
$memberRoles = 2 * $this->connectionsPerChannel;
|
||||||
|
$guestRoles = 1;
|
||||||
|
$this->assertCount(($userRoles + $userGroupRoles + $teamRoles + $memberRoles + $guestRoles), $this->realtime->subscriptions['1']);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check for connections
|
* Check for connections
|
||||||
|
@ -139,7 +146,7 @@ class MessagingChannelsTest extends TestCase
|
||||||
$this->realtime->unsubscribe(-1);
|
$this->realtime->unsubscribe(-1);
|
||||||
|
|
||||||
$this->assertCount($this->connectionsTotal, $this->realtime->connections);
|
$this->assertCount($this->connectionsTotal, $this->realtime->connections);
|
||||||
$this->assertCount(($this->connectionsAuthenticated + (4 * $this->connectionsPerChannel) + 2), $this->realtime->subscriptions['1']);
|
$this->assertCount(($userRoles + $userGroupRoles + $teamRoles + $memberRoles + $guestRoles), $this->realtime->subscriptions['1']);
|
||||||
|
|
||||||
for ($i = 0; $i < $this->connectionsCount; $i++) {
|
for ($i = 0; $i < $this->connectionsCount; $i++) {
|
||||||
$this->realtime->unsubscribe($i);
|
$this->realtime->unsubscribe($i);
|
||||||
|
|
Loading…
Reference in a new issue