CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-05-29 17:09:48 +12:00
Code Issues Projects Releases Wiki Activity

ID and test fixes

Browse source
This commit is contained in:
Jake Barnby 2022-08-15 02:22:38 +12:00
parent 9c260164ef
commit 613a0f8006
20 changed files with 114 additions and 108 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
app/controllers/api/account.php
View file

@ -97,7 +97,7 @@ App::post('/v1/account')
}
try {
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
$userId = $userId == 'unique()' ? ID::unique() : $userId;
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$permissions' => [
@ -188,7 +188,7 @@ App::post('/v1/account/sessions/email')
$secret = Auth::tokenGenerator();
$session = new Document(array_merge(
[
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => ID::custom($profile->getId()),
'userInternalId' => ID::custom($profile->getInternalId()),
'provider' => Auth::SESSION_PROVIDER_EMAIL,
@ -486,13 +486,13 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
}
try {
$userId = $dbForProject->getId();
$userId = ID::unique();
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($userId))),
Permission::delete(Role::user(ID::custom($userId))),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => true,
@ -525,7 +525,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_LOGIN_LONG);
$session = new Document(array_merge([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => ID::custom($user->getId()),
'userInternalId' => ID::custom($user->getInternalId()),
'provider' => $provider,
@ -656,10 +656,10 @@ App::post('/v1/account/sessions/magic-url')
}
}
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
$userId = $userId == 'unique()' ? ID::unique() : $userId;
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($userId))),
@ -684,7 +684,7 @@ App::post('/v1/account/sessions/magic-url')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
$token = new Document([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'type' => Auth::TOKEN_TYPE_MAGIC_URL,
@ -788,7 +788,7 @@ App::put('/v1/account/sessions/magic-url')
$session = new Document(array_merge(
[
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'provider' => Auth::SESSION_PROVIDER_MAGIC_URL,
@ -906,10 +906,10 @@ App::post('/v1/account/sessions/phone')
}
}
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
$userId = $userId == 'unique()' ? ID::unique() : $userId;
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($userId))),
@ -936,7 +936,7 @@ App::post('/v1/account/sessions/phone')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_PHONE);
$token = new Document([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'type' => Auth::TOKEN_TYPE_PHONE,
@ -1027,7 +1027,7 @@ App::put('/v1/account/sessions/phone')
$session = new Document(array_merge(
[
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'provider' => Auth::SESSION_PROVIDER_PHONE,
@ -1144,13 +1144,13 @@ App::post('/v1/account/sessions/anonymous')
}
}
$userId = $dbForProject->getId();
$userId = ID::unique();
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($userId))),
Permission::delete(Role::user(ID::custom($userId))),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => null,
'emailVerification' => false,
@ -1176,7 +1176,7 @@ App::post('/v1/account/sessions/anonymous')
$session = new Document(array_merge(
[
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'provider' => Auth::SESSION_PROVIDER_ANONYMOUS,
@ -2007,7 +2007,7 @@ App::post('/v1/account/recovery')
$secret = Auth::tokenGenerator();
$recovery = new Document([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $profile->getId(),
'userInternalId' => $profile->getInternalId(),
'type' => Auth::TOKEN_TYPE_RECOVERY,
@ -2169,7 +2169,7 @@ App::post('/v1/account/verification')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
$verification = new Document([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'type' => Auth::TOKEN_TYPE_VERIFICATION,
@ -2325,7 +2325,7 @@ App::post('/v1/account/verification/phone')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
$verification = new Document([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'type' => Auth::TOKEN_TYPE_PHONE,

10
app/controllers/api/databases.php
View file

@ -176,11 +176,11 @@ App::post('/v1/databases')
->inject('events')
->action(function (string $databaseId, string $name, Response $response, Database $dbForProject, EventAudit $audits, Stats $usage, Event $events) {
$databaseId = $databaseId == 'unique()' ? $dbForProject->getId() : $databaseId;
$databaseId = $databaseId == 'unique()' ? ID::unique() : $databaseId;
try {
$dbForProject->createDocument('databases', new Document([
'$id' => ID::custom($databaseId),
'$id' => $databaseId,
'name' => $name,
'search' => implode(' ', [$databaseId, $name]),
]));
@ -522,13 +522,13 @@ App::post('/v1/databases/:databaseId/collections')
throw new Exception('Database not found', 404, Exception::DATABASE_NOT_FOUND);
}
$collectionId = $collectionId == 'unique()' ? $dbForProject->getId() : $collectionId;
$collectionId = $collectionId == 'unique()' ? ID::unique() : $collectionId;
$permissions = PermissionsProcessor::handleAggregates($permissions);
try {
$dbForProject->createDocument('database_' . $database->getInternalId(), new Document([
'$id' => ID::custom($collectionId),
'$id' => $collectionId,
'$permissions' => $permissions ?? [],
'databaseInternalId' => $database->getInternalId(),
'databaseId' => $databaseId,
@ -1954,7 +1954,7 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
}
$data['$collection'] = $collection->getId(); // Adding this param to make API easier for developers
$data['$id'] = $documentId == 'unique()' ? $dbForProject->getId() : $documentId;
$data['$id'] = $documentId == 'unique()' ? ID::unique() : $documentId;
$data['$permissions'] = $permissions;
try {

14
app/controllers/api/functions.php
View file

@ -67,9 +67,9 @@ App::post('/v1/functions')
->inject('events')
->action(function (string $functionId, string $name, array $execute, string $runtime, array $vars, array $events, string $schedule, int $timeout, Response $response, Database $dbForProject, Event $eventsInstance) {
$functionId = ($functionId == 'unique()') ? $dbForProject->getId() : $functionId;
$functionId = ($functionId == 'unique()') ? ID::unique() : $functionId;
$function = $dbForProject->createDocument('functions', new Document([
'$id' => ID::custom($functionId),
'$id' => $functionId,
'execute' => $execute,
'status' => 'disabled',
'name' => $name,
@ -506,7 +506,7 @@ App::post('/v1/functions/:functionId/deployments')
}
$contentRange = $request->getHeader('content-range');
$deploymentId = $dbForProject->getId();
$deploymentId = ID::unique();
$chunk = 1;
$chunks = 1;
@ -579,7 +579,7 @@ App::post('/v1/functions/:functionId/deployments')
if ($deployment->isEmpty()) {
$deployment = $dbForProject->createDocument('deployments', new Document([
'$id' => ID::custom($deploymentId),
'$id' => $deploymentId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::any()),
@ -611,7 +611,7 @@ App::post('/v1/functions/:functionId/deployments')
} else {
if ($deployment->isEmpty()) {
$deployment = $dbForProject->createDocument('deployments', new Document([
'$id' => ID::custom($deploymentId),
'$id' => $deploymentId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::any()),
@ -872,11 +872,11 @@ App::post('/v1/functions/:functionId/executions')
throw new Exception($validator->getDescription(), 401, Exception::USER_UNAUTHORIZED);
}
$executionId = $dbForProject->getId();
$executionId = ID::unique();
/** @var Document $execution */
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', new Document([
'$id' => ID::custom($executionId),
'$id' => $executionId,
'$permissions' => !$user->isEmpty() ? [Permission::read(Role::user(ID::custom($user->getId())))] : [],
'functionId' => ID::custom($function->getId()),
'deploymentId' => ID::custom($deployment->getId()),

12
app/controllers/api/projects.php
View file

@ -83,14 +83,14 @@ App::post('/v1/projects')
$auths[$method['key'] ?? ''] = true;
}
$projectId = ($projectId == 'unique()') ? $dbForConsole->getId() : $projectId;
$projectId = ($projectId == 'unique()') ? ID::unique() : $projectId;
if ($projectId === 'console') {
throw new Exception("'console' is a reserved project.", 400, Exception::PROJECT_RESERVED_PROJECT);
}
$project = $dbForConsole->createDocument('projects', new Document([
'$id' => ID::custom($projectId),
'$id' => $projectId,
'$permissions' => [
Permission::read(Role::team(ID::custom($teamId))),
Permission::update(Role::team(ID::custom($teamId), 'owner')),
@ -606,7 +606,7 @@ App::post('/v1/projects/:projectId/webhooks')
$security = (bool) filter_var($security, FILTER_VALIDATE_BOOLEAN);
$webhook = new Document([
'$id' => ID::custom($dbForConsole->getId()),
'$id' => ID::unique(),
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::any()),
@ -854,7 +854,7 @@ App::post('/v1/projects/:projectId/keys')
}
$key = new Document([
'$id' => ID::custom($dbForConsole->getId()),
'$id' => ID::unique(),
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::any()),
@ -1054,7 +1054,7 @@ App::post('/v1/projects/:projectId/platforms')
}
$platform = new Document([
'$id' => ID::custom($dbForConsole->getId()),
'$id' => ID::unique(),
'$permissions' => [
'read(any)',
'update(any)',
@ -1270,7 +1270,7 @@ App::post('/v1/projects/:projectId/domains')
$domain = new Domain($domain);
$domain = new Document([
'$id' => ID::custom($dbForConsole->getId()),
'$id' => ID::unique(),
'$permissions' => [
'read(any)',
'update(any)',

12
app/controllers/api/storage.php
View file

@ -72,7 +72,7 @@ App::post('/v1/storage/buckets')
->inject('events')
->action(function (string $bucketId, string $name, ?array $permissions, string $fileSecurity, bool $enabled, int $maximumFileSize, array $allowedFileExtensions, bool $encryption, bool $antivirus, Response $response, Database $dbForProject, Audit $audits, Stats $usage, Event $events) {
$bucketId = $bucketId === 'unique()' ? $dbForProject->getId() : $bucketId;
$bucketId = $bucketId === 'unique()' ? ID::unique() : $bucketId;
try {
$files = Config::getParam('collections', [])['files'] ?? [];
if (empty($files)) {
@ -107,7 +107,7 @@ App::post('/v1/storage/buckets')
}
$dbForProject->createDocument('buckets', new Document([
'$id' => ID::custom($bucketId),
'$id' => $bucketId,
'$collection' => ID::custom('buckets'),
'$permissions' => $permissions,
'name' => $name,
@ -375,7 +375,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
}
/**
* Add permissions for current the user for any missing types
* Add permissions for current the user for any missing types
* from the allowed permissions for this resource type.
*/
$permissions = PermissionsProcessor::addDefaultsIfNeeded(
@ -420,7 +420,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
$fileSize = (\is_array($file['size']) && isset($file['size'][0])) ? $file['size'][0] : $file['size'];
$contentRange = $request->getHeader('content-range');
$fileId = $fileId === 'unique()' ? $dbForProject->getId() : $fileId;
$fileId = $fileId === 'unique()' ? ID::unique() : $fileId;
$chunk = 1;
$chunks = 1;
@ -539,7 +539,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
try {
if ($file->isEmpty()) {
$doc = new Document([
'$id' => ID::custom($fileId),
'$id' => $fileId,
'$permissions' => $permissions,
'bucketId' => ID::custom($bucket->getId()),
'name' => $fileName,
@ -688,7 +688,7 @@ App::get('/v1/storage/buckets/:bucketId/files')
$queries[] = $orderType === Database::ORDER_ASC ? Query::orderAsc('') : Query::orderDesc('');
if (!empty($cursor)) {
if ($bucket->getAttribute('fileSecurity', false)) {
$cursorDocument = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor);
$cursorDocument = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor);
} else {
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor));
}

24
app/controllers/api/teams.php
View file

@ -61,9 +61,9 @@ App::post('/v1/teams')
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$isAppUser = Auth::isAppUser(Authorization::getRoles());
$teamId = $teamId == 'unique()' ? $dbForProject->getId() : $teamId;
$teamId = $teamId == 'unique()' ? ID::unique() : $teamId;
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
'$id' => ID::custom($teamId ),
'$id' => $teamId,
'$permissions' => [
Permission::read(Role::team(ID::custom($teamId))),
Permission::update(Role::team(ID::custom($teamId), 'owner')),
@ -75,9 +75,9 @@ App::post('/v1/teams')
])));
if (!$isPrivilegedUser && !$isAppUser) { // Don't add user on server mode
$membershipId = $dbForProject->getId();
$membershipId = ID::unique();
$membership = new Document([
'$id' => ID::custom($membershipId),
'$id' => $membershipId,
'$permissions' => [
Permission::read(Role::user(ID::custom($user->getId()))),
Permission::read(Role::team(ID::custom($team->getId()))),
@ -346,14 +346,14 @@ App::post('/v1/teams/:teamId/memberships')
}
try {
$userId = $dbForProject->getId();
$userId = ID::unique();
$invitee = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::read(Role::user(ID::custom($userId))),
Permission::update(Role::user(ID::custom($userId))),
Permission::delete(Role::user(ID::custom($userId))),
Permission::read(Role::user($userId)),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,
@ -387,9 +387,9 @@ App::post('/v1/teams/:teamId/memberships')
$secret = Auth::tokenGenerator();
$membershipId = $dbForProject->getId();
$membershipId = ID::unique();
$membership = new Document([
'$id' => ID::custom($membershipId),
'$id' => $membershipId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($invitee->getId()))),
@ -734,7 +734,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_LOGIN_LONG);
$secret = Auth::tokenGenerator();
$session = new Document(array_merge([
'$id' => ID::custom($dbForProject->getId()),
'$id' => ID::unique(),
'userId' => ID::custom($user->getId()),
'userInternalId' => ID::custom($user->getInternalId()),
'provider' => Auth::SESSION_PROVIDER_EMAIL,

8
app/controllers/api/users.php
View file

@ -58,13 +58,13 @@ App::post('/v1/users')
$email = \strtolower($email);
try {
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
$userId = $userId == 'unique()' ? ID::unique() : $userId;
$user = $dbForProject->createDocument('users', new Document([
'$id' => ID::custom($userId),
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
Permission::update(Role::user(ID::custom($userId))),
Permission::delete(Role::user(ID::custom($userId))),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,

3
app/realtime.php
View file

@ -13,6 +13,7 @@ use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\TimeLimit;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Database\ID;
use Utopia\Logger\Log;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
@ -146,7 +147,7 @@ $server->onStart(function () use ($stats, $register, $containerId, &$statsDocume
try {
$attempts++;
$document = new Document([
'$id' => ID::custom($database->getId()),
'$id' => ID::unique(),
'$collection' => ID::custom('realtime'),
'$permissions' => [],
'container' => $containerId,

5
app/workers/builds.php
View file

@ -10,6 +10,7 @@ use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Database\ID;
use Utopia\Storage\Storage;
use Utopia\Database\Document;
use Utopia\Config\Config;
@ -78,9 +79,9 @@ class BuildsV1 extends Worker
$buildId = $deployment->getAttribute('buildId', '');
$startTime = DateTime::now();
if (empty($buildId)) {
$buildId = $dbForProject->getId();
$buildId = ID::unique();
$build = $dbForProject->createDocument('builds', new Document([
'$id' => ID::custom($buildId),
'$id' => $buildId,
'$permissions' => [],
'startTime' => $startTime,
'deploymentId' => ID::custom($deployment->getId()),

5
app/workers/functions.php
View file

@ -14,6 +14,7 @@ use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\ID;
use Utopia\Database\Query;
require_once __DIR__ . '/../init.php';
@ -234,9 +235,9 @@ class FunctionsV1 extends Worker
/** Create execution or update execution status */
$execution = $dbForProject->getDocument('executions', $executionId ?? '');
if ($execution->isEmpty()) {
$executionId = $dbForProject->getId();
$executionId = ID::unique();
$execution = $dbForProject->createDocument('executions', new Document([
'$id' => ID::custom($executionId),
'$id' => $executionId,
'$permissions' => $user->isEmpty() ? [] : [Permission::read(Role::user(ID::custom($user->getId())))],
'functionId' => ID::custom($functionId),
'deploymentId' => ID::custom($deploymentId),

4
composer.lock generated
View file

@ -2033,7 +2033,7 @@
"source": {
"type": "git",
"url": "https://github.com/utopia-php/database.git",
"reference": "75ac6965dea2ddada8ecb6bb7ede2e8a7f2249c2"
"reference": "fe06d672973541ecd4e61e6a7f2f294686f5a61f"
},
"require": {
"ext-mongodb": "*",
@ -2083,7 +2083,7 @@
"upf",
"utopia"
],
"time": "2022-08-14T09:23:08+00:00"
"time": "2022-08-14T13:17:09+00:00"
},
{
"name": "utopia-php/domains",

12
src/Appwrite/Permissions/PermissionsProcessor.php
View file

@ -21,9 +21,9 @@ class PermissionsProcessor
if (!\str_starts_with($permission, $type)) {
continue;
}
$permissionsContents = \str_replace([$type . '(', ')', ' '], '', $permission);
$permissionsContents = \str_replace([$type . '(', ')', '"', ' '], '', $permission);
foreach ($subTypes as $subType) {
$permissions[] = $subType . '(' . $permissionsContents . ')';
$permissions[] = $subType . '("' . $permissionsContents . '")';
}
unset($permissions[$i]);
}
@ -40,7 +40,7 @@ class PermissionsProcessor
$permissions = [];
if (!empty($userId)) {
foreach ($allowedPermissions as $permission) {
$permissions[] = $permission . '(user:' . $userId . ')';
$permissions[] = $permission . '("user:' . $userId . '")';
}
}
return $permissions;
@ -48,7 +48,7 @@ class PermissionsProcessor
foreach ($allowedPermissions as $permission) {
// Default any missing allowed permissions to the current user
if (empty(\preg_grep("#^{$permission}\(.+\)$#", $permissions)) && !empty($userId)) {
$permissions[] = $permission . '(user:' . $userId . ')';
$permissions[] = $permission . '("user:' . $userId . '")';
}
}
return $permissions;
@ -65,7 +65,7 @@ class PermissionsProcessor
if (!\str_starts_with($permission, $type)) {
continue;
}
$role = \str_replace([$type, '(', ')', ' '], '', $permission);
$role = \str_replace([$type, '(', ')', '"', ' '], '', $permission);
if (!Authorization::isRole($role)) {
return false;
}
@ -79,7 +79,7 @@ class PermissionsProcessor
{
return match ($resourceType) {
'document',
'file' => empty(\preg_grep("#^create\(.+\)$#", $permissions)),
'file' => empty(\preg_grep("#^create\(\".+\"\)$#", $permissions)),
default => true
};
}

2
src/Appwrite/Utopia/Database/Validator/Queries.php
View file

@ -9,7 +9,7 @@ class Queries extends ValidatorQueries
{
/**
* Expression constructor
*
*
* This Queries Validator that filters indexes for only available indexes
*
* @param QueryValidator $validator

2
src/Appwrite/Utopia/Response/Model/Execution.php
View file

@ -28,7 +28,7 @@ class Execution extends Model
'default' => '',
'example' => '1975-12-06 13:30:59',
])
->addRule('$roles', [
->addRule('$permissions', [
'type' => self::TYPE_STRING,
'description' => 'Execution roles.',
'default' => '',

2
tests/e2e/Services/Account/AccountCustomClientTest.php
View file

@ -8,8 +8,8 @@ use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectCustom;
use Tests\E2E\Scopes\SideClient;
use Utopia\Database\DateTime;
use Utopia\Database\ID;
use function sleep;
class AccountCustomClientTest extends Scope

52
tests/e2e/Services/Databases/DatabasesBase.php
View file

@ -1542,9 +1542,9 @@ trait DatabasesBase
$this->assertEquals($document['body']['releaseYear'], 2017);
$this->assertEquals(true, DateTime::isValid($document['body']['$createdAt']));
$this->assertEquals(true, DateTime::isValid($document['body']['birthDay']));
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
'content-type' => 'application/json',
@ -1565,9 +1565,9 @@ trait DatabasesBase
$this->assertEquals($document['body']['$collection'], $data['moviesId']);
$this->assertEquals($document['body']['title'], 'Thor: Ragnarok');
$this->assertEquals($document['body']['releaseYear'], 2017);
$this->assertContains('read(users)', $document['body']['$permissions']);
$this->assertContains('update(users)', $document['body']['$permissions']);
$this->assertContains('delete(users)', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::users()), $document['body']['$permissions']);
$this->assertContains(Permission::update(Role::users()), $document['body']['$permissions']);
$this->assertContains(Permission::delete(Role::users()), $document['body']['$permissions']);
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
'content-type' => 'application/json',
@ -2212,9 +2212,9 @@ trait DatabasesBase
if ($this->getSide() == 'client') {
$this->assertCount(3, $document['body']['$permissions']);
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
}
if ($this->getSide() == 'server') {
@ -2246,7 +2246,7 @@ trait DatabasesBase
// existing document permissions on update, unless none were supplied,
// so that specific types can be removed if wanted.
$this->assertCount(1, $document['body']['$permissions']);
$this->assertContains('read(any)', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
'content-type' => 'application/json',
@ -2261,7 +2261,7 @@ trait DatabasesBase
// existing document permissions on update, unless none were supplied,
// so that specific types can be removed if wanted.
$this->assertCount(1, $document['body']['$permissions']);
$this->assertContains('read(any)', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
// Reset Permissions
@ -2300,7 +2300,7 @@ trait DatabasesBase
$this->assertEquals('EnforceCollectionPermissions', $database['body']['name']);
$databaseId = $database['body']['$id'];
$user = 'user:' . $this->getUser()['$id'];
$user = $this->getUser()['$id'];
$collection = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
@ -2310,10 +2310,10 @@ trait DatabasesBase
'name' => 'enforceCollectionPermissions',
'documentSecurity' => true,
'permissions' => [
'read(' . $user . ')',
'create(' . $user . ')',
'update(' . $user . ')',
'delete(' . $user . ')',
Permission::read(Role::user($user)),
Permission::create(Role::user($user)),
Permission::update(Role::user($user)),
Permission::delete(Role::user($user)),
],
]);
@ -2366,9 +2366,9 @@ trait DatabasesBase
'attribute' => 'one',
],
'permissions' => [
'read(' . $user . ')',
'update(' . $user . ')',
'delete(' . $user . ')',
Permission::read(Role::user($user)),
Permission::update(Role::user($user)),
Permission::delete(Role::user($user)),
]
]);
@ -2383,8 +2383,8 @@ trait DatabasesBase
'attribute' => 'one',
],
'permissions' => [
'update(' . $user . ')',
'delete(' . $user . ')',
Permission::update(Role::user($user)),
Permission::delete(Role::user($user)),
]
]);
@ -2709,9 +2709,9 @@ trait DatabasesBase
$this->assertEquals(201, $document['headers']['status-code']);
$this->assertCount(3, $document['body']['$permissions']);
$this->assertContains('read(any)', $document['body']['$permissions']);
$this->assertContains('update(any)', $document['body']['$permissions']);
$this->assertContains('delete(any)', $document['body']['$permissions']);
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
$this->assertContains(Permission::update(Role::any()), $document['body']['$permissions']);
$this->assertContains(Permission::delete(Role::any()), $document['body']['$permissions']);
// Send only read permission
$document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents/' . $id, array_merge([
@ -2740,8 +2740,8 @@ trait DatabasesBase
if ($this->getSide() == 'server') {
$this->assertEquals(200, $document['headers']['status-code']);
$this->assertCount(2, $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
}
// remove collection

1
tests/e2e/Services/Storage/StorageConsoleClientTest.php
View file

@ -6,6 +6,7 @@ use Tests\E2E\Client;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectCustom;
use Tests\E2E\Scopes\SideConsole;
use Utopia\Database\ID;
class StorageConsoleClientTest extends Scope
{

6
tests/e2e/Services/Storage/StorageCustomClientTest.php
View file

@ -147,9 +147,9 @@ class StorageCustomClientTest extends Scope
$this->assertEquals($file['headers']['status-code'], 201);
$this->assertNotEmpty($file['body']['$id']);
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
$this->assertEquals(true, DateTime::isValid($file['body']['$createdAt']));
$this->assertEquals('permissions.png', $file['body']['name']);
$this->assertEquals('image/png', $file['body']['mimeType']);

1
tests/e2e/Services/Teams/TeamsBaseClient.php
View file

@ -4,6 +4,7 @@ namespace Tests\E2E\Services\Teams;
use Tests\E2E\Client;
use Utopia\Database\DateTime;
use Utopia\Database\ID;
trait TeamsBaseClient
{

1
tests/e2e/Services/Teams/TeamsConsoleClientTest.php
View file

@ -6,6 +6,7 @@ use Tests\E2E\Client;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectConsole;
use Tests\E2E\Scopes\SideClient;
use Utopia\Database\ID;
class TeamsConsoleClientTest extends Scope
{