ID and test fixes
This commit is contained in:
parent
9c260164ef
commit
613a0f8006
|
@ -97,7 +97,7 @@ App::post('/v1/account')
|
|||
}
|
||||
|
||||
try {
|
||||
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
|
||||
$userId = $userId == 'unique()' ? ID::unique() : $userId;
|
||||
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$permissions' => [
|
||||
|
@ -188,7 +188,7 @@ App::post('/v1/account/sessions/email')
|
|||
$secret = Auth::tokenGenerator();
|
||||
$session = new Document(array_merge(
|
||||
[
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => ID::custom($profile->getId()),
|
||||
'userInternalId' => ID::custom($profile->getInternalId()),
|
||||
'provider' => Auth::SESSION_PROVIDER_EMAIL,
|
||||
|
@ -486,13 +486,13 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
}
|
||||
|
||||
try {
|
||||
$userId = $dbForProject->getId();
|
||||
$userId = ID::unique();
|
||||
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
Permission::delete(Role::user(ID::custom($userId))),
|
||||
Permission::update(Role::user($userId)),
|
||||
Permission::delete(Role::user($userId)),
|
||||
],
|
||||
'email' => $email,
|
||||
'emailVerification' => true,
|
||||
|
@ -525,7 +525,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
|
||||
$session = new Document(array_merge([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => ID::custom($user->getId()),
|
||||
'userInternalId' => ID::custom($user->getInternalId()),
|
||||
'provider' => $provider,
|
||||
|
@ -656,10 +656,10 @@ App::post('/v1/account/sessions/magic-url')
|
|||
}
|
||||
}
|
||||
|
||||
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
|
||||
$userId = $userId == 'unique()' ? ID::unique() : $userId;
|
||||
|
||||
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
|
@ -684,7 +684,7 @@ App::post('/v1/account/sessions/magic-url')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
|
||||
|
||||
$token = new Document([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_MAGIC_URL,
|
||||
|
@ -788,7 +788,7 @@ App::put('/v1/account/sessions/magic-url')
|
|||
|
||||
$session = new Document(array_merge(
|
||||
[
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'provider' => Auth::SESSION_PROVIDER_MAGIC_URL,
|
||||
|
@ -906,10 +906,10 @@ App::post('/v1/account/sessions/phone')
|
|||
}
|
||||
}
|
||||
|
||||
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
|
||||
$userId = $userId == 'unique()' ? ID::unique() : $userId;
|
||||
|
||||
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
|
@ -936,7 +936,7 @@ App::post('/v1/account/sessions/phone')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_PHONE);
|
||||
|
||||
$token = new Document([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_PHONE,
|
||||
|
@ -1027,7 +1027,7 @@ App::put('/v1/account/sessions/phone')
|
|||
|
||||
$session = new Document(array_merge(
|
||||
[
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'provider' => Auth::SESSION_PROVIDER_PHONE,
|
||||
|
@ -1144,13 +1144,13 @@ App::post('/v1/account/sessions/anonymous')
|
|||
}
|
||||
}
|
||||
|
||||
$userId = $dbForProject->getId();
|
||||
$userId = ID::unique();
|
||||
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
Permission::delete(Role::user(ID::custom($userId))),
|
||||
Permission::update(Role::user($userId)),
|
||||
Permission::delete(Role::user($userId)),
|
||||
],
|
||||
'email' => null,
|
||||
'emailVerification' => false,
|
||||
|
@ -1176,7 +1176,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
|
||||
$session = new Document(array_merge(
|
||||
[
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'provider' => Auth::SESSION_PROVIDER_ANONYMOUS,
|
||||
|
@ -2007,7 +2007,7 @@ App::post('/v1/account/recovery')
|
|||
|
||||
$secret = Auth::tokenGenerator();
|
||||
$recovery = new Document([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $profile->getId(),
|
||||
'userInternalId' => $profile->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_RECOVERY,
|
||||
|
@ -2169,7 +2169,7 @@ App::post('/v1/account/verification')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
|
||||
|
||||
$verification = new Document([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_VERIFICATION,
|
||||
|
@ -2325,7 +2325,7 @@ App::post('/v1/account/verification/phone')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);
|
||||
|
||||
$verification = new Document([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => $user->getId(),
|
||||
'userInternalId' => $user->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_PHONE,
|
||||
|
|
|
@ -176,11 +176,11 @@ App::post('/v1/databases')
|
|||
->inject('events')
|
||||
->action(function (string $databaseId, string $name, Response $response, Database $dbForProject, EventAudit $audits, Stats $usage, Event $events) {
|
||||
|
||||
$databaseId = $databaseId == 'unique()' ? $dbForProject->getId() : $databaseId;
|
||||
$databaseId = $databaseId == 'unique()' ? ID::unique() : $databaseId;
|
||||
|
||||
try {
|
||||
$dbForProject->createDocument('databases', new Document([
|
||||
'$id' => ID::custom($databaseId),
|
||||
'$id' => $databaseId,
|
||||
'name' => $name,
|
||||
'search' => implode(' ', [$databaseId, $name]),
|
||||
]));
|
||||
|
@ -522,13 +522,13 @@ App::post('/v1/databases/:databaseId/collections')
|
|||
throw new Exception('Database not found', 404, Exception::DATABASE_NOT_FOUND);
|
||||
}
|
||||
|
||||
$collectionId = $collectionId == 'unique()' ? $dbForProject->getId() : $collectionId;
|
||||
$collectionId = $collectionId == 'unique()' ? ID::unique() : $collectionId;
|
||||
|
||||
$permissions = PermissionsProcessor::handleAggregates($permissions);
|
||||
|
||||
try {
|
||||
$dbForProject->createDocument('database_' . $database->getInternalId(), new Document([
|
||||
'$id' => ID::custom($collectionId),
|
||||
'$id' => $collectionId,
|
||||
'$permissions' => $permissions ?? [],
|
||||
'databaseInternalId' => $database->getInternalId(),
|
||||
'databaseId' => $databaseId,
|
||||
|
@ -1954,7 +1954,7 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
|
|||
}
|
||||
|
||||
$data['$collection'] = $collection->getId(); // Adding this param to make API easier for developers
|
||||
$data['$id'] = $documentId == 'unique()' ? $dbForProject->getId() : $documentId;
|
||||
$data['$id'] = $documentId == 'unique()' ? ID::unique() : $documentId;
|
||||
$data['$permissions'] = $permissions;
|
||||
|
||||
try {
|
||||
|
|
|
@ -67,9 +67,9 @@ App::post('/v1/functions')
|
|||
->inject('events')
|
||||
->action(function (string $functionId, string $name, array $execute, string $runtime, array $vars, array $events, string $schedule, int $timeout, Response $response, Database $dbForProject, Event $eventsInstance) {
|
||||
|
||||
$functionId = ($functionId == 'unique()') ? $dbForProject->getId() : $functionId;
|
||||
$functionId = ($functionId == 'unique()') ? ID::unique() : $functionId;
|
||||
$function = $dbForProject->createDocument('functions', new Document([
|
||||
'$id' => ID::custom($functionId),
|
||||
'$id' => $functionId,
|
||||
'execute' => $execute,
|
||||
'status' => 'disabled',
|
||||
'name' => $name,
|
||||
|
@ -506,7 +506,7 @@ App::post('/v1/functions/:functionId/deployments')
|
|||
}
|
||||
|
||||
$contentRange = $request->getHeader('content-range');
|
||||
$deploymentId = $dbForProject->getId();
|
||||
$deploymentId = ID::unique();
|
||||
$chunk = 1;
|
||||
$chunks = 1;
|
||||
|
||||
|
@ -579,7 +579,7 @@ App::post('/v1/functions/:functionId/deployments')
|
|||
|
||||
if ($deployment->isEmpty()) {
|
||||
$deployment = $dbForProject->createDocument('deployments', new Document([
|
||||
'$id' => ID::custom($deploymentId),
|
||||
'$id' => $deploymentId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::any()),
|
||||
|
@ -611,7 +611,7 @@ App::post('/v1/functions/:functionId/deployments')
|
|||
} else {
|
||||
if ($deployment->isEmpty()) {
|
||||
$deployment = $dbForProject->createDocument('deployments', new Document([
|
||||
'$id' => ID::custom($deploymentId),
|
||||
'$id' => $deploymentId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::any()),
|
||||
|
@ -872,11 +872,11 @@ App::post('/v1/functions/:functionId/executions')
|
|||
throw new Exception($validator->getDescription(), 401, Exception::USER_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
$executionId = $dbForProject->getId();
|
||||
$executionId = ID::unique();
|
||||
|
||||
/** @var Document $execution */
|
||||
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', new Document([
|
||||
'$id' => ID::custom($executionId),
|
||||
'$id' => $executionId,
|
||||
'$permissions' => !$user->isEmpty() ? [Permission::read(Role::user(ID::custom($user->getId())))] : [],
|
||||
'functionId' => ID::custom($function->getId()),
|
||||
'deploymentId' => ID::custom($deployment->getId()),
|
||||
|
|
|
@ -83,14 +83,14 @@ App::post('/v1/projects')
|
|||
$auths[$method['key'] ?? ''] = true;
|
||||
}
|
||||
|
||||
$projectId = ($projectId == 'unique()') ? $dbForConsole->getId() : $projectId;
|
||||
$projectId = ($projectId == 'unique()') ? ID::unique() : $projectId;
|
||||
|
||||
if ($projectId === 'console') {
|
||||
throw new Exception("'console' is a reserved project.", 400, Exception::PROJECT_RESERVED_PROJECT);
|
||||
}
|
||||
|
||||
$project = $dbForConsole->createDocument('projects', new Document([
|
||||
'$id' => ID::custom($projectId),
|
||||
'$id' => $projectId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::team(ID::custom($teamId))),
|
||||
Permission::update(Role::team(ID::custom($teamId), 'owner')),
|
||||
|
@ -606,7 +606,7 @@ App::post('/v1/projects/:projectId/webhooks')
|
|||
$security = (bool) filter_var($security, FILTER_VALIDATE_BOOLEAN);
|
||||
|
||||
$webhook = new Document([
|
||||
'$id' => ID::custom($dbForConsole->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::any()),
|
||||
|
@ -854,7 +854,7 @@ App::post('/v1/projects/:projectId/keys')
|
|||
}
|
||||
|
||||
$key = new Document([
|
||||
'$id' => ID::custom($dbForConsole->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::any()),
|
||||
|
@ -1054,7 +1054,7 @@ App::post('/v1/projects/:projectId/platforms')
|
|||
}
|
||||
|
||||
$platform = new Document([
|
||||
'$id' => ID::custom($dbForConsole->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'$permissions' => [
|
||||
'read(any)',
|
||||
'update(any)',
|
||||
|
@ -1270,7 +1270,7 @@ App::post('/v1/projects/:projectId/domains')
|
|||
$domain = new Domain($domain);
|
||||
|
||||
$domain = new Document([
|
||||
'$id' => ID::custom($dbForConsole->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'$permissions' => [
|
||||
'read(any)',
|
||||
'update(any)',
|
||||
|
|
|
@ -72,7 +72,7 @@ App::post('/v1/storage/buckets')
|
|||
->inject('events')
|
||||
->action(function (string $bucketId, string $name, ?array $permissions, string $fileSecurity, bool $enabled, int $maximumFileSize, array $allowedFileExtensions, bool $encryption, bool $antivirus, Response $response, Database $dbForProject, Audit $audits, Stats $usage, Event $events) {
|
||||
|
||||
$bucketId = $bucketId === 'unique()' ? $dbForProject->getId() : $bucketId;
|
||||
$bucketId = $bucketId === 'unique()' ? ID::unique() : $bucketId;
|
||||
try {
|
||||
$files = Config::getParam('collections', [])['files'] ?? [];
|
||||
if (empty($files)) {
|
||||
|
@ -107,7 +107,7 @@ App::post('/v1/storage/buckets')
|
|||
}
|
||||
|
||||
$dbForProject->createDocument('buckets', new Document([
|
||||
'$id' => ID::custom($bucketId),
|
||||
'$id' => $bucketId,
|
||||
'$collection' => ID::custom('buckets'),
|
||||
'$permissions' => $permissions,
|
||||
'name' => $name,
|
||||
|
@ -375,7 +375,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
|||
}
|
||||
|
||||
/**
|
||||
* Add permissions for current the user for any missing types
|
||||
* Add permissions for current the user for any missing types
|
||||
* from the allowed permissions for this resource type.
|
||||
*/
|
||||
$permissions = PermissionsProcessor::addDefaultsIfNeeded(
|
||||
|
@ -420,7 +420,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
|||
$fileSize = (\is_array($file['size']) && isset($file['size'][0])) ? $file['size'][0] : $file['size'];
|
||||
|
||||
$contentRange = $request->getHeader('content-range');
|
||||
$fileId = $fileId === 'unique()' ? $dbForProject->getId() : $fileId;
|
||||
$fileId = $fileId === 'unique()' ? ID::unique() : $fileId;
|
||||
$chunk = 1;
|
||||
$chunks = 1;
|
||||
|
||||
|
@ -539,7 +539,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
|||
try {
|
||||
if ($file->isEmpty()) {
|
||||
$doc = new Document([
|
||||
'$id' => ID::custom($fileId),
|
||||
'$id' => $fileId,
|
||||
'$permissions' => $permissions,
|
||||
'bucketId' => ID::custom($bucket->getId()),
|
||||
'name' => $fileName,
|
||||
|
@ -688,7 +688,7 @@ App::get('/v1/storage/buckets/:bucketId/files')
|
|||
$queries[] = $orderType === Database::ORDER_ASC ? Query::orderAsc('') : Query::orderDesc('');
|
||||
if (!empty($cursor)) {
|
||||
if ($bucket->getAttribute('fileSecurity', false)) {
|
||||
$cursorDocument = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor);
|
||||
$cursorDocument = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor);
|
||||
} else {
|
||||
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $cursor));
|
||||
}
|
||||
|
|
|
@ -61,9 +61,9 @@ App::post('/v1/teams')
|
|||
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
|
||||
$isAppUser = Auth::isAppUser(Authorization::getRoles());
|
||||
|
||||
$teamId = $teamId == 'unique()' ? $dbForProject->getId() : $teamId;
|
||||
$teamId = $teamId == 'unique()' ? ID::unique() : $teamId;
|
||||
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
|
||||
'$id' => ID::custom($teamId ),
|
||||
'$id' => $teamId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::team(ID::custom($teamId))),
|
||||
Permission::update(Role::team(ID::custom($teamId), 'owner')),
|
||||
|
@ -75,9 +75,9 @@ App::post('/v1/teams')
|
|||
])));
|
||||
|
||||
if (!$isPrivilegedUser && !$isAppUser) { // Don't add user on server mode
|
||||
$membershipId = $dbForProject->getId();
|
||||
$membershipId = ID::unique();
|
||||
$membership = new Document([
|
||||
'$id' => ID::custom($membershipId),
|
||||
'$id' => $membershipId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::user(ID::custom($user->getId()))),
|
||||
Permission::read(Role::team(ID::custom($team->getId()))),
|
||||
|
@ -346,14 +346,14 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
}
|
||||
|
||||
try {
|
||||
$userId = $dbForProject->getId();
|
||||
$userId = ID::unique();
|
||||
$invitee = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::read(Role::user(ID::custom($userId))),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
Permission::delete(Role::user(ID::custom($userId))),
|
||||
Permission::read(Role::user($userId)),
|
||||
Permission::update(Role::user($userId)),
|
||||
Permission::delete(Role::user($userId)),
|
||||
],
|
||||
'email' => $email,
|
||||
'emailVerification' => false,
|
||||
|
@ -387,9 +387,9 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
||||
$membershipId = $dbForProject->getId();
|
||||
$membershipId = ID::unique();
|
||||
$membership = new Document([
|
||||
'$id' => ID::custom($membershipId),
|
||||
'$id' => $membershipId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($invitee->getId()))),
|
||||
|
@ -734,7 +734,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
|
|||
$expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$secret = Auth::tokenGenerator();
|
||||
$session = new Document(array_merge([
|
||||
'$id' => ID::custom($dbForProject->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'userId' => ID::custom($user->getId()),
|
||||
'userInternalId' => ID::custom($user->getInternalId()),
|
||||
'provider' => Auth::SESSION_PROVIDER_EMAIL,
|
||||
|
|
|
@ -58,13 +58,13 @@ App::post('/v1/users')
|
|||
$email = \strtolower($email);
|
||||
|
||||
try {
|
||||
$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;
|
||||
$userId = $userId == 'unique()' ? ID::unique() : $userId;
|
||||
$user = $dbForProject->createDocument('users', new Document([
|
||||
'$id' => ID::custom($userId),
|
||||
'$id' => $userId,
|
||||
'$permissions' => [
|
||||
Permission::read(Role::any()),
|
||||
Permission::update(Role::user(ID::custom($userId))),
|
||||
Permission::delete(Role::user(ID::custom($userId))),
|
||||
Permission::update(Role::user($userId)),
|
||||
Permission::delete(Role::user($userId)),
|
||||
],
|
||||
'email' => $email,
|
||||
'emailVerification' => false,
|
||||
|
|
|
@ -13,6 +13,7 @@ use Utopia\Abuse\Abuse;
|
|||
use Utopia\Abuse\Adapters\TimeLimit;
|
||||
use Utopia\App;
|
||||
use Utopia\CLI\Console;
|
||||
use Utopia\Database\ID;
|
||||
use Utopia\Logger\Log;
|
||||
use Utopia\Database\Database;
|
||||
use Utopia\Database\DateTime;
|
||||
|
@ -146,7 +147,7 @@ $server->onStart(function () use ($stats, $register, $containerId, &$statsDocume
|
|||
try {
|
||||
$attempts++;
|
||||
$document = new Document([
|
||||
'$id' => ID::custom($database->getId()),
|
||||
'$id' => ID::unique(),
|
||||
'$collection' => ID::custom('realtime'),
|
||||
'$permissions' => [],
|
||||
'container' => $containerId,
|
||||
|
|
|
@ -10,6 +10,7 @@ use Utopia\Database\Database;
|
|||
use Utopia\Database\DateTime;
|
||||
use Utopia\App;
|
||||
use Utopia\CLI\Console;
|
||||
use Utopia\Database\ID;
|
||||
use Utopia\Storage\Storage;
|
||||
use Utopia\Database\Document;
|
||||
use Utopia\Config\Config;
|
||||
|
@ -78,9 +79,9 @@ class BuildsV1 extends Worker
|
|||
$buildId = $deployment->getAttribute('buildId', '');
|
||||
$startTime = DateTime::now();
|
||||
if (empty($buildId)) {
|
||||
$buildId = $dbForProject->getId();
|
||||
$buildId = ID::unique();
|
||||
$build = $dbForProject->createDocument('builds', new Document([
|
||||
'$id' => ID::custom($buildId),
|
||||
'$id' => $buildId,
|
||||
'$permissions' => [],
|
||||
'startTime' => $startTime,
|
||||
'deploymentId' => ID::custom($deployment->getId()),
|
||||
|
|
|
@ -14,6 +14,7 @@ use Utopia\Config\Config;
|
|||
use Utopia\Database\Database;
|
||||
use Utopia\Database\DateTime;
|
||||
use Utopia\Database\Document;
|
||||
use Utopia\Database\ID;
|
||||
use Utopia\Database\Query;
|
||||
|
||||
require_once __DIR__ . '/../init.php';
|
||||
|
@ -234,9 +235,9 @@ class FunctionsV1 extends Worker
|
|||
/** Create execution or update execution status */
|
||||
$execution = $dbForProject->getDocument('executions', $executionId ?? '');
|
||||
if ($execution->isEmpty()) {
|
||||
$executionId = $dbForProject->getId();
|
||||
$executionId = ID::unique();
|
||||
$execution = $dbForProject->createDocument('executions', new Document([
|
||||
'$id' => ID::custom($executionId),
|
||||
'$id' => $executionId,
|
||||
'$permissions' => $user->isEmpty() ? [] : [Permission::read(Role::user(ID::custom($user->getId())))],
|
||||
'functionId' => ID::custom($functionId),
|
||||
'deploymentId' => ID::custom($deploymentId),
|
||||
|
|
4
composer.lock
generated
4
composer.lock
generated
|
@ -2033,7 +2033,7 @@
|
|||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/utopia-php/database.git",
|
||||
"reference": "75ac6965dea2ddada8ecb6bb7ede2e8a7f2249c2"
|
||||
"reference": "fe06d672973541ecd4e61e6a7f2f294686f5a61f"
|
||||
},
|
||||
"require": {
|
||||
"ext-mongodb": "*",
|
||||
|
@ -2083,7 +2083,7 @@
|
|||
"upf",
|
||||
"utopia"
|
||||
],
|
||||
"time": "2022-08-14T09:23:08+00:00"
|
||||
"time": "2022-08-14T13:17:09+00:00"
|
||||
},
|
||||
{
|
||||
"name": "utopia-php/domains",
|
||||
|
|
|
@ -21,9 +21,9 @@ class PermissionsProcessor
|
|||
if (!\str_starts_with($permission, $type)) {
|
||||
continue;
|
||||
}
|
||||
$permissionsContents = \str_replace([$type . '(', ')', ' '], '', $permission);
|
||||
$permissionsContents = \str_replace([$type . '(', ')', '"', ' '], '', $permission);
|
||||
foreach ($subTypes as $subType) {
|
||||
$permissions[] = $subType . '(' . $permissionsContents . ')';
|
||||
$permissions[] = $subType . '("' . $permissionsContents . '")';
|
||||
}
|
||||
unset($permissions[$i]);
|
||||
}
|
||||
|
@ -40,7 +40,7 @@ class PermissionsProcessor
|
|||
$permissions = [];
|
||||
if (!empty($userId)) {
|
||||
foreach ($allowedPermissions as $permission) {
|
||||
$permissions[] = $permission . '(user:' . $userId . ')';
|
||||
$permissions[] = $permission . '("user:' . $userId . '")';
|
||||
}
|
||||
}
|
||||
return $permissions;
|
||||
|
@ -48,7 +48,7 @@ class PermissionsProcessor
|
|||
foreach ($allowedPermissions as $permission) {
|
||||
// Default any missing allowed permissions to the current user
|
||||
if (empty(\preg_grep("#^{$permission}\(.+\)$#", $permissions)) && !empty($userId)) {
|
||||
$permissions[] = $permission . '(user:' . $userId . ')';
|
||||
$permissions[] = $permission . '("user:' . $userId . '")';
|
||||
}
|
||||
}
|
||||
return $permissions;
|
||||
|
@ -65,7 +65,7 @@ class PermissionsProcessor
|
|||
if (!\str_starts_with($permission, $type)) {
|
||||
continue;
|
||||
}
|
||||
$role = \str_replace([$type, '(', ')', ' '], '', $permission);
|
||||
$role = \str_replace([$type, '(', ')', '"', ' '], '', $permission);
|
||||
if (!Authorization::isRole($role)) {
|
||||
return false;
|
||||
}
|
||||
|
@ -79,7 +79,7 @@ class PermissionsProcessor
|
|||
{
|
||||
return match ($resourceType) {
|
||||
'document',
|
||||
'file' => empty(\preg_grep("#^create\(.+\)$#", $permissions)),
|
||||
'file' => empty(\preg_grep("#^create\(\".+\"\)$#", $permissions)),
|
||||
default => true
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@ class Queries extends ValidatorQueries
|
|||
{
|
||||
/**
|
||||
* Expression constructor
|
||||
*
|
||||
*
|
||||
* This Queries Validator that filters indexes for only available indexes
|
||||
*
|
||||
* @param QueryValidator $validator
|
||||
|
|
|
@ -28,7 +28,7 @@ class Execution extends Model
|
|||
'default' => '',
|
||||
'example' => '1975-12-06 13:30:59',
|
||||
])
|
||||
->addRule('$roles', [
|
||||
->addRule('$permissions', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'Execution roles.',
|
||||
'default' => '',
|
||||
|
|
|
@ -8,8 +8,8 @@ use Tests\E2E\Scopes\Scope;
|
|||
use Tests\E2E\Scopes\ProjectCustom;
|
||||
use Tests\E2E\Scopes\SideClient;
|
||||
use Utopia\Database\DateTime;
|
||||
|
||||
use Utopia\Database\ID;
|
||||
|
||||
use function sleep;
|
||||
|
||||
class AccountCustomClientTest extends Scope
|
||||
|
|
|
@ -1542,9 +1542,9 @@ trait DatabasesBase
|
|||
$this->assertEquals($document['body']['releaseYear'], 2017);
|
||||
$this->assertEquals(true, DateTime::isValid($document['body']['$createdAt']));
|
||||
$this->assertEquals(true, DateTime::isValid($document['body']['birthDay']));
|
||||
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
|
||||
$document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
|
||||
'content-type' => 'application/json',
|
||||
|
@ -1565,9 +1565,9 @@ trait DatabasesBase
|
|||
$this->assertEquals($document['body']['$collection'], $data['moviesId']);
|
||||
$this->assertEquals($document['body']['title'], 'Thor: Ragnarok');
|
||||
$this->assertEquals($document['body']['releaseYear'], 2017);
|
||||
$this->assertContains('read(users)', $document['body']['$permissions']);
|
||||
$this->assertContains('update(users)', $document['body']['$permissions']);
|
||||
$this->assertContains('delete(users)', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::users()), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::users()), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::users()), $document['body']['$permissions']);
|
||||
|
||||
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
|
||||
'content-type' => 'application/json',
|
||||
|
@ -2212,9 +2212,9 @@ trait DatabasesBase
|
|||
|
||||
if ($this->getSide() == 'client') {
|
||||
$this->assertCount(3, $document['body']['$permissions']);
|
||||
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
}
|
||||
|
||||
if ($this->getSide() == 'server') {
|
||||
|
@ -2246,7 +2246,7 @@ trait DatabasesBase
|
|||
// existing document permissions on update, unless none were supplied,
|
||||
// so that specific types can be removed if wanted.
|
||||
$this->assertCount(1, $document['body']['$permissions']);
|
||||
$this->assertContains('read(any)', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
|
||||
|
||||
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
|
||||
'content-type' => 'application/json',
|
||||
|
@ -2261,7 +2261,7 @@ trait DatabasesBase
|
|||
// existing document permissions on update, unless none were supplied,
|
||||
// so that specific types can be removed if wanted.
|
||||
$this->assertCount(1, $document['body']['$permissions']);
|
||||
$this->assertContains('read(any)', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
|
||||
|
||||
// Reset Permissions
|
||||
|
||||
|
@ -2300,7 +2300,7 @@ trait DatabasesBase
|
|||
$this->assertEquals('EnforceCollectionPermissions', $database['body']['name']);
|
||||
|
||||
$databaseId = $database['body']['$id'];
|
||||
$user = 'user:' . $this->getUser()['$id'];
|
||||
$user = $this->getUser()['$id'];
|
||||
$collection = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
|
@ -2310,10 +2310,10 @@ trait DatabasesBase
|
|||
'name' => 'enforceCollectionPermissions',
|
||||
'documentSecurity' => true,
|
||||
'permissions' => [
|
||||
'read(' . $user . ')',
|
||||
'create(' . $user . ')',
|
||||
'update(' . $user . ')',
|
||||
'delete(' . $user . ')',
|
||||
Permission::read(Role::user($user)),
|
||||
Permission::create(Role::user($user)),
|
||||
Permission::update(Role::user($user)),
|
||||
Permission::delete(Role::user($user)),
|
||||
],
|
||||
]);
|
||||
|
||||
|
@ -2366,9 +2366,9 @@ trait DatabasesBase
|
|||
'attribute' => 'one',
|
||||
],
|
||||
'permissions' => [
|
||||
'read(' . $user . ')',
|
||||
'update(' . $user . ')',
|
||||
'delete(' . $user . ')',
|
||||
Permission::read(Role::user($user)),
|
||||
Permission::update(Role::user($user)),
|
||||
Permission::delete(Role::user($user)),
|
||||
]
|
||||
]);
|
||||
|
||||
|
@ -2383,8 +2383,8 @@ trait DatabasesBase
|
|||
'attribute' => 'one',
|
||||
],
|
||||
'permissions' => [
|
||||
'update(' . $user . ')',
|
||||
'delete(' . $user . ')',
|
||||
Permission::update(Role::user($user)),
|
||||
Permission::delete(Role::user($user)),
|
||||
]
|
||||
]);
|
||||
|
||||
|
@ -2709,9 +2709,9 @@ trait DatabasesBase
|
|||
|
||||
$this->assertEquals(201, $document['headers']['status-code']);
|
||||
$this->assertCount(3, $document['body']['$permissions']);
|
||||
$this->assertContains('read(any)', $document['body']['$permissions']);
|
||||
$this->assertContains('update(any)', $document['body']['$permissions']);
|
||||
$this->assertContains('delete(any)', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::any()), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::any()), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::any()), $document['body']['$permissions']);
|
||||
|
||||
// Send only read permission
|
||||
$document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents/' . $id, array_merge([
|
||||
|
@ -2740,8 +2740,8 @@ trait DatabasesBase
|
|||
if ($this->getSide() == 'server') {
|
||||
$this->assertEquals(200, $document['headers']['status-code']);
|
||||
$this->assertCount(2, $document['body']['$permissions']);
|
||||
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document['body']['$permissions']);
|
||||
}
|
||||
|
||||
// remove collection
|
||||
|
|
|
@ -6,6 +6,7 @@ use Tests\E2E\Client;
|
|||
use Tests\E2E\Scopes\Scope;
|
||||
use Tests\E2E\Scopes\ProjectCustom;
|
||||
use Tests\E2E\Scopes\SideConsole;
|
||||
use Utopia\Database\ID;
|
||||
|
||||
class StorageConsoleClientTest extends Scope
|
||||
{
|
||||
|
|
|
@ -147,9 +147,9 @@ class StorageCustomClientTest extends Scope
|
|||
|
||||
$this->assertEquals($file['headers']['status-code'], 201);
|
||||
$this->assertNotEmpty($file['body']['$id']);
|
||||
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
|
||||
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
|
||||
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $file['body']['$permissions']);
|
||||
$this->assertContains(Permission::read(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
|
||||
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
|
||||
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $file['body']['$permissions']);
|
||||
$this->assertEquals(true, DateTime::isValid($file['body']['$createdAt']));
|
||||
$this->assertEquals('permissions.png', $file['body']['name']);
|
||||
$this->assertEquals('image/png', $file['body']['mimeType']);
|
||||
|
|
|
@ -4,6 +4,7 @@ namespace Tests\E2E\Services\Teams;
|
|||
|
||||
use Tests\E2E\Client;
|
||||
use Utopia\Database\DateTime;
|
||||
use Utopia\Database\ID;
|
||||
|
||||
trait TeamsBaseClient
|
||||
{
|
||||
|
|
|
@ -6,6 +6,7 @@ use Tests\E2E\Client;
|
|||
use Tests\E2E\Scopes\Scope;
|
||||
use Tests\E2E\Scopes\ProjectConsole;
|
||||
use Tests\E2E\Scopes\SideClient;
|
||||
use Utopia\Database\ID;
|
||||
|
||||
class TeamsConsoleClientTest extends Scope
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue