1
0
Fork 0
mirror of synced 2024-06-14 16:54:52 +12:00

Test fixes

This commit is contained in:
Jake Barnby 2022-08-14 02:10:28 +12:00
parent c6c5ce0619
commit 68cc919aaa
18 changed files with 61 additions and 154 deletions

View file

@ -98,7 +98,6 @@ App::post('/v1/account')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],
@ -204,7 +203,6 @@ App::post('/v1/account/sessions/email')
$session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [
"read(user:{$profile->getId()})",
"create(user:{$profile->getId()})",
"update(user:{$profile->getId()})",
"delete(user:{$profile->getId()})",
]));
@ -487,7 +485,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],
@ -555,7 +552,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -659,7 +655,6 @@ App::post('/v1/account/sessions/magic-url')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],
@ -698,7 +693,6 @@ App::post('/v1/account/sessions/magic-url')
$token = $dbForProject->createDocument('tokens', $token
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -807,7 +801,6 @@ App::put('/v1/account/sessions/magic-url')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -912,7 +905,6 @@ App::post('/v1/account/sessions/phone')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],
@ -953,7 +945,6 @@ App::post('/v1/account/sessions/phone')
$token = $dbForProject->createDocument('tokens', $token
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -1049,7 +1040,6 @@ App::put('/v1/account/sessions/phone')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -1152,7 +1142,6 @@ App::post('/v1/account/sessions/anonymous')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],
@ -1198,7 +1187,7 @@ App::post('/v1/account/sessions/anonymous')
$session = $dbForProject->createDocument('sessions', $session-> setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -2026,7 +2015,6 @@ App::post('/v1/account/recovery')
$recovery = $dbForProject->createDocument('tokens', $recovery
->setAttribute('$permissions', [
"read(user:{$profile->getId()})",
"create(user:{$profile->getId()})",
"update(user:{$profile->getId()})",
"delete(user:{$profile->getId()})",
]));
@ -2191,7 +2179,6 @@ App::post('/v1/account/verification')
$verification = $dbForProject->createDocument('tokens', $verification
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));
@ -2350,7 +2337,6 @@ App::post('/v1/account/verification/phone')
$verification = $dbForProject->createDocument('tokens', $verification
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));

View file

@ -1865,10 +1865,8 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
}
}
$documentSecurity = $collection->getAttribute('documentSecurity', false);
$validator = new Authorization('create');
$valid = $validator->isValid($collection->getCreate());
if (!$valid && !$documentSecurity) {
if (!$validator->isValid($collection->getCreate())) {
throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED);
}
@ -1882,13 +1880,6 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
);
$permissions = PermissionsProcessor::handleAggregates($permissions);
if ($documentSecurity) {
$valid |= $validator->isValid((new Document(['$permissions' => $permissions]))->getCreate());
}
if (!$valid) {
throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED);
}
if (!PermissionsProcessor::allowedForUserType($permissions)) {
throw new Exception('Permissions must be one of: (' . \implode(', ', Authorization::getRoles()) . ')', 400, Exception::USER_UNAUTHORIZED);
}

View file

@ -87,8 +87,6 @@ App::post('/v1/projects')
'$id' => $projectId,
'$permissions' => [
"read(team:{$teamId})",
"create(team:{$teamId}/owner)",
"create(team:{$teamId}/developer)",
"update(team:{$teamId}/owner)",
"update(team:{$teamId}/developer)",
"delete(team:{$teamId}/owner)",
@ -598,7 +596,6 @@ App::post('/v1/projects/:projectId/webhooks')
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -846,7 +843,6 @@ App::post('/v1/projects/:projectId/keys')
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -1046,7 +1042,6 @@ App::post('/v1/projects/:projectId/platforms')
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -1262,7 +1257,6 @@ App::post('/v1/projects/:projectId/domains')
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],

View file

@ -368,11 +368,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
$permissions = PermissionsProcessor::handleAggregates($permissions);
$validator = new Authorization('create');
$valid = $validator->isValid($bucket->getCreate());
if ($bucket->getAttribute('fileSecurity', false)) {
$valid |= $validator->isValid($permissions);
}
if (!$valid) {
if (!$validator->isValid($bucket->getCreate())) {
throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED);
}

View file

@ -61,7 +61,6 @@ App::post('/v1/teams')
'$id' => $teamId ,
'$permissions' => [
'read(team:' . $teamId . ')',
'create(team:' . $teamId . '/owner)',
'update(team:' . $teamId . '/owner)',
'delete(team:' . $teamId . '/owner)',
],
@ -737,7 +736,6 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"create(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
]));

View file

@ -59,7 +59,6 @@ App::post('/v1/users')
'$id' => $userId,
'$permissions' => [
'read(any)',
'create(user:' . $userId . ')',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
],

View file

@ -170,7 +170,6 @@ $http->on('start', function (Server $http) use ($payloadSize, $register) {
'antivirus' => true,
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],

View file

@ -145,8 +145,7 @@ $fileUpdatePermissions = $this->getParam('fileUpdatePermissions', null);
<h3 class="margin-bottom-large">Permissions</h3>
<?php echo $fileUpdatePermissions->setParam('method', 'storage.getFile')->render();
?>
<?php echo $fileUpdatePermissions->render(); ?>
</div>
</form>

View file

@ -42,7 +42,7 @@ class PermissionsProcessor
$permissions = [];
if (!empty($userId)) {
foreach ($allowedPermissions as $permission) {
$permissions[] = $permission . '(' . $userId . ')';
$permissions[] = $permission . '(user:' . $userId . ')';
}
}
return $permissions;

View file

@ -44,7 +44,12 @@ trait DatabasesBase
]), [
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
'documentSecurity' => true,
]);
@ -87,7 +92,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
@ -789,7 +793,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -811,7 +814,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -833,7 +835,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -849,7 +850,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -859,7 +859,7 @@ trait DatabasesBase
$this->assertEquals($document1['body']['title'], 'Captain America');
$this->assertEquals($document1['body']['releaseYear'], 1944);
$this->assertIsArray($document1['body']['$permissions']);
$this->assertCount(4, $document1['body']['$permissions']);
$this->assertCount(3, $document1['body']['$permissions']);
$this->assertCount(2, $document1['body']['actors']);
$this->assertEquals($document1['body']['actors'][0], 'Chris Evans');
$this->assertEquals($document1['body']['actors'][1], 'Samuel Jackson');
@ -869,7 +869,7 @@ trait DatabasesBase
$this->assertEquals($document2['body']['releaseYear'], 2019);
$this->assertEquals($document2['body']['duration'], null);
$this->assertIsArray($document2['body']['$permissions']);
$this->assertCount(4, $document2['body']['$permissions']);
$this->assertCount(3, $document2['body']['$permissions']);
$this->assertCount(3, $document2['body']['actors']);
$this->assertEquals($document2['body']['actors'][0], 'Tom Holland');
$this->assertEquals($document2['body']['actors'][1], 'Zendaya Maree Stoermer');
@ -880,7 +880,7 @@ trait DatabasesBase
$this->assertEquals($document3['body']['releaseYear'], 2017);
$this->assertEquals($document3['body']['duration'], 0);
$this->assertIsArray($document3['body']['$permissions']);
$this->assertCount(4, $document3['body']['$permissions']);
$this->assertCount(3, $document3['body']['$permissions']);
$this->assertCount(2, $document3['body']['actors']);
$this->assertEquals($document3['body']['actors'][0], 'Tom Holland');
$this->assertEquals($document3['body']['actors'][1], 'Zendaya Maree Stoermer');
@ -965,7 +965,7 @@ trait DatabasesBase
]);
$this->assertEquals(201, $movies['headers']['status-code']);
$this->assertEquals($movies['body']['name'], 'Movies');
$this->assertEquals('Movies', $movies['body']['name']);
return ['moviesId' => $movies['body']['$id']];
}
@ -985,7 +985,7 @@ trait DatabasesBase
], $this->getHeaders()));
$this->assertEquals(200, $documents['headers']['status-code']);
$this->assertEquals($documents['body']['total'], 0);
$this->assertEquals(0, $documents['body']['total']);
return [];
}
@ -1351,7 +1351,7 @@ trait DatabasesBase
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'queries' => ['$createdAt.greater("1976-06-12")'],
'queries' => ['$createdAt.greater(132)'],
]);
$this->assertCount(3, $documents['body']['documents']);
@ -1360,7 +1360,7 @@ trait DatabasesBase
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'queries' => ['$createdAt.lesser("1976-06-12")'],
'queries' => ['$createdAt.lesser(132)'],
]);
$this->assertCount(0, $documents['body']['documents']);
@ -1429,7 +1429,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
@ -1442,7 +1441,6 @@ trait DatabasesBase
$this->assertEquals($document['body']['releaseYear'], 2017);
$this->assertNotEquals($document['body']['$createdAt'], 5);
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
@ -1455,9 +1453,8 @@ trait DatabasesBase
],
'permissions' => [
'read(users)',
'create(users)',
'update(users)',
'delete(users)',
'update(users)',
'delete(users)',
],
]);
@ -1467,7 +1464,6 @@ trait DatabasesBase
$this->assertEquals($document['body']['title'], 'Thor: Ragnarok');
$this->assertEquals($document['body']['releaseYear'], 2017);
$this->assertContains('read(users)', $document['body']['$permissions']);
$this->assertContains('create(users)', $document['body']['$permissions']);
$this->assertContains('update(users)', $document['body']['$permissions']);
$this->assertContains('delete(users)', $document['body']['$permissions']);
@ -1503,7 +1499,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1558,7 +1553,10 @@ trait DatabasesBase
]), [
'collectionId' => 'unique()',
'name' => 'invalidDocumentStructure',
'permissions' => [],
'permissions' => [
'create(any)',
'read(any)',
],
'documentSecurity' => true,
]);
@ -1756,7 +1754,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1772,7 +1769,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1788,7 +1784,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1804,7 +1799,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1820,7 +1814,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1836,7 +1829,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1852,7 +1844,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1868,7 +1859,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1884,7 +1874,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1914,7 +1903,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1930,7 +1918,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1946,7 +1933,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1962,7 +1948,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1978,7 +1963,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -1994,7 +1978,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2010,7 +1993,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2026,7 +2008,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2042,7 +2023,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2094,9 +2074,8 @@ trait DatabasesBase
$this->assertIsArray($document['body']['$permissions']);
if ($this->getSide() == 'client') {
$this->assertCount(4, $document['body']['$permissions']);
$this->assertCount(3, $document['body']['$permissions']);
$this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
}
@ -2161,17 +2140,11 @@ trait DatabasesBase
'permissions' => [],
]);
if ($this->getSide() == 'client') {
$this->assertEquals(401, $document['headers']['status-code']);
}
if ($this->getSide() == 'server') {
$this->assertEquals(200, $document['headers']['status-code']);
$this->assertEquals($document['body']['title'], 'Captain America 3');
$this->assertEquals($document['body']['releaseYear'], 1946);
$this->assertCount(0, $document['body']['$permissions']);
$this->assertEquals([], $document['body']['$permissions']);
}
$this->assertEquals(200, $document['headers']['status-code']);
$this->assertEquals($document['body']['title'], 'Captain America 3');
$this->assertEquals($document['body']['releaseYear'], 1946);
$this->assertCount(0, $document['body']['$permissions']);
$this->assertEquals([], $document['body']['$permissions']);
return $data;
}
@ -2257,7 +2230,6 @@ trait DatabasesBase
],
'permissions' => [
'read(' . $user . ')',
'create(' . $user . ')',
'update(' . $user . ')',
'delete(' . $user . ')',
]
@ -2274,7 +2246,6 @@ trait DatabasesBase
'attribute' => 'one',
],
'permissions' => [
'create(' . $user . ')',
'update(' . $user . ')',
'delete(' . $user . ')',
]
@ -2293,7 +2264,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:other)',
'create(user:other)',
'update(user:other)',
],
]);
@ -2411,7 +2381,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2435,7 +2404,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2459,7 +2427,6 @@ trait DatabasesBase
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -2554,7 +2521,12 @@ trait DatabasesBase
]), [
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [],
'permissions' => [
'create(user:' . $this->getUser()['$id'] . ')',
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
'documentSecurity' => true,
]);
@ -2590,7 +2562,6 @@ trait DatabasesBase
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -2599,9 +2570,8 @@ trait DatabasesBase
$id = $document['body']['$id'];
$this->assertEquals(201, $document['headers']['status-code']);
$this->assertCount(4, $document['body']['$permissions']);
$this->assertCount(3, $document['body']['$permissions']);
$this->assertContains('read(any)', $document['body']['$permissions']);
$this->assertContains('create(any)', $document['body']['$permissions']);
$this->assertContains('update(any)', $document['body']['$permissions']);
$this->assertContains('delete(any)', $document['body']['$permissions']);
@ -2618,13 +2588,12 @@ trait DatabasesBase
$this->assertEquals(200, $document['headers']['status-code']);
$this->assertCount(1, $document['body']['$permissions']);
// send only mutation permissions
// Send only mutation permissions
$document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents/' . $id, array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
@ -2632,8 +2601,7 @@ trait DatabasesBase
if ($this->getSide() == 'server') {
$this->assertEquals(200, $document['headers']['status-code']);
$this->assertCount(3, $document['body']['$permissions']);
$this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertCount(2, $document['body']['$permissions']);
$this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
$this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']);
}

View file

@ -80,7 +80,6 @@ class DatabasesCustomClientTest extends Scope
'permissions' => [
"read(user:user2)",
"read(user:{$userId})",
"create(user:{$userId})",
"update(user:{$userId})",
"delete(user:{$userId})",
],

View file

@ -507,7 +507,6 @@ class DatabasesCustomServerTest extends Scope
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -857,7 +856,6 @@ class DatabasesCustomServerTest extends Scope
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
@ -874,7 +872,6 @@ class DatabasesCustomServerTest extends Scope
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
],
@ -882,13 +879,13 @@ class DatabasesCustomServerTest extends Scope
$this->assertEquals(201, $document1['headers']['status-code']);
$this->assertIsArray($document1['body']['$permissions']);
$this->assertCount(4, $document1['body']['$permissions']);
$this->assertCount(3, $document1['body']['$permissions']);
$this->assertEquals($document1['body']['firstName'], 'Tom');
$this->assertEquals($document1['body']['lastName'], 'Holland');
$this->assertEquals(201, $document2['headers']['status-code']);
$this->assertIsArray($document2['body']['$permissions']);
$this->assertCount(4, $document2['body']['$permissions']);
$this->assertCount(3, $document2['body']['$permissions']);
$this->assertEquals($document2['body']['firstName'], 'Samuel');
$this->assertEquals($document2['body']['lastName'], 'Jackson');

View file

@ -644,7 +644,12 @@ class RealtimeCustomClientTest extends Scope
]), [
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [],
'permissions' => [
'read(users)',
'create(users)',
'update(users)',
'delete(users)',
],
'documentSecurity' => true,
]);
@ -681,7 +686,6 @@ class RealtimeCustomClientTest extends Scope
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -728,7 +732,6 @@ class RealtimeCustomClientTest extends Scope
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -774,7 +777,6 @@ class RealtimeCustomClientTest extends Scope
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -1079,7 +1081,6 @@ class RealtimeCustomClientTest extends Scope
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],

View file

@ -42,7 +42,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -106,7 +105,6 @@ trait StorageBase
'file' => $curlFile,
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -148,7 +146,6 @@ trait StorageBase
'file' => $curlFile,
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -170,7 +167,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -189,7 +185,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-1.png'), 'image/png', 'kitten-1.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -210,7 +205,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-a/kitten-3.gif'), 'image/gif', 'kitten-3.gif'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -295,7 +289,7 @@ trait StorageBase
$this->assertEquals('image/png', $file1['body']['mimeType']);
$this->assertEquals(47218, $file1['body']['sizeOriginal']);
$this->assertIsArray($file1['body']['$permissions']);
$this->assertCount(4, $file1['body']['$permissions']);
$this->assertCount(3, $file1['body']['$permissions']);
$file2 = $this->client->call(Client::METHOD_GET, '/storage/buckets/' . $bucketId . '/files/' . $data['fileId'] . '/preview', array_merge([
'content-type' => 'application/json',
@ -486,7 +480,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -533,7 +526,6 @@ trait StorageBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-2.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -580,7 +572,6 @@ trait StorageBase
], $this->getHeaders()), [
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]
@ -599,7 +590,7 @@ trait StorageBase
//$this->assertNotEmpty($file['body']['fileOpenSSLTag']);
//$this->assertNotEmpty($file['body']['fileOpenSSLIV']);
$this->assertIsArray($file['body']['$permissions']);
$this->assertCount(4, $file['body']['$permissions']);
$this->assertCount(3, $file['body']['$permissions']);
/**
* Test for FAILURE unknown Bucket
@ -611,7 +602,6 @@ trait StorageBase
], $this->getHeaders()), [
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'create(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
]

View file

@ -188,7 +188,6 @@ class StorageCustomClientTest extends Scope
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
'folderId' => 'xyz',
'permissions' => [
'create(user:notme)',
'update(user:notme)',
'delete(user:notme)',
]
@ -250,7 +249,6 @@ class StorageCustomClientTest extends Scope
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'create(user:notme)',
'update(user:notme)',
'delete(user:notme)',
]

View file

@ -72,7 +72,7 @@ trait WebhooksBase
$this->assertNotEmpty($webhook['data']['$id']);
$this->assertEquals($webhook['data']['name'], 'Actors');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(4, $webhook['data']['$permissions']);
return array_merge(['actorsId' => $actorsId, 'databaseId' => $databaseId]);
}
@ -196,7 +196,6 @@ trait WebhooksBase
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -231,7 +230,7 @@ trait WebhooksBase
$this->assertEquals($webhook['data']['firstName'], 'Chris');
$this->assertEquals($webhook['data']['lastName'], 'Evans');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(3, $webhook['data']['$permissions']);
$data['documentId'] = $document['body']['$id'];
@ -259,7 +258,6 @@ trait WebhooksBase
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -294,7 +292,7 @@ trait WebhooksBase
$this->assertEquals($webhook['data']['firstName'], 'Chris1');
$this->assertEquals($webhook['data']['lastName'], 'Evans2');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(3, $webhook['data']['$permissions']);
return $data;
}
@ -322,7 +320,6 @@ trait WebhooksBase
],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -364,7 +361,7 @@ trait WebhooksBase
$this->assertEquals($webhook['data']['firstName'], 'Bradly');
$this->assertEquals($webhook['data']['lastName'], 'Cooper');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(3, $webhook['data']['$permissions']);
return $data;
}
@ -492,7 +489,6 @@ trait WebhooksBase
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],

View file

@ -55,7 +55,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($webhook['data']['$id']);
$this->assertEquals($webhook['data']['name'], 'Actors1');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(4, $webhook['data']['$permissions']);
return array_merge(['actorsId' => $actors['body']['$id']]);
}
@ -196,7 +196,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($webhook['data']['$id']);
$this->assertEquals($webhook['data']['name'], 'Demo');
$this->assertIsArray($webhook['data']['$permissions']);
$this->assertCount(2, $webhook['data']['$permissions']);
$this->assertCount(4, $webhook['data']['$permissions']);
return [];
}
@ -394,7 +394,7 @@ class WebhooksCustomServerTest extends Scope
], $this->getHeaders()), [
'functionId' => 'unique()',
'name' => 'Test',
'execute' => ['create(any)'],
'execute' => ['any'],
'runtime' => 'php-8.0',
'timeout' => 10,
]);
@ -443,7 +443,7 @@ class WebhooksCustomServerTest extends Scope
], $this->getHeaders()), [
'name' => 'Test',
'runtime' => 'php-8.0',
'execute' => ['create(any)'],
'execute' => ['any'],
'vars' => [
'key1' => 'value1',
]

View file

@ -208,7 +208,7 @@ class MessagingTest extends TestCase
'$collection' => 'collection',
'$permissions' => [
'read(admin)',
'create(admin)',
'update(admin)',
'delete(admin)',
],
@ -217,7 +217,6 @@ class MessagingTest extends TestCase
'$id' => 'collection',
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -240,7 +239,6 @@ class MessagingTest extends TestCase
'$collection' => 'collection',
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -249,7 +247,7 @@ class MessagingTest extends TestCase
'$id' => 'collection',
'$permissions' => [
'read(admin)',
'create(admin)',
'update(admin)',
'delete(admin)',
],
@ -276,7 +274,7 @@ class MessagingTest extends TestCase
'$collection' => 'bucket',
'$permissions' => [
'read(admin)',
'create(admin)',
'update(admin)',
'delete(admin)',
],
@ -285,7 +283,6 @@ class MessagingTest extends TestCase
'$id' => 'bucket',
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -305,7 +302,6 @@ class MessagingTest extends TestCase
'$collection' => 'bucket',
'$permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
],
@ -314,7 +310,7 @@ class MessagingTest extends TestCase
'$id' => 'bucket',
'$permissions' => [
'read(admin)',
'create(admin)',
'update(admin)',
'delete(admin)',
],