From 7167ea2a5f0416fdd2f7a22069834b43aed47829 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Wed, 21 Sep 2022 20:17:17 +1200 Subject: [PATCH] Update permissions --- .../e2e/Services/GraphQL/GraphQLAuthTest.php | 8 +++-- tests/e2e/Services/GraphQL/GraphQLBase.php | 8 +++-- .../GraphQL/GraphQLContentTypeTest.php | 29 +++++++++++------- .../GraphQL/GraphQLDatabaseClientTest.php | 19 ++++++++---- .../GraphQL/GraphQLDatabaseServerTest.php | 22 ++++++++++---- .../GraphQL/GraphQLStorageClientTest.php | 28 ++++++++++++----- .../GraphQL/GraphQLStorageServerTest.php | 30 +++++++++++++------ 7 files changed, 102 insertions(+), 42 deletions(-) diff --git a/tests/e2e/Services/GraphQL/GraphQLAuthTest.php b/tests/e2e/Services/GraphQL/GraphQLAuthTest.php index 834dd2de5d..17d3cae6da 100644 --- a/tests/e2e/Services/GraphQL/GraphQLAuthTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLAuthTest.php @@ -207,6 +207,7 @@ class GraphQLAuthTest extends Scope // Create document as account 1 $query = $this->getQuery(self::$CREATE_DOCUMENT); + $userId = $this->account1['body']['data']['accountCreate']['_id']; $gqlPayload = [ 'query' => $query, 'variables' => [ @@ -216,8 +217,11 @@ class GraphQLAuthTest extends Scope 'data' => [ 'name' => 'John Doe', ], - 'read' => ['user:' . $this->account1['body']['data']['accountCreate']['_id']], - 'write' => ['user:' . $this->account1['body']['data']['accountCreate']['_id']], + 'permissions' => [ + Permission::read(Role::user($userId)), + Permission::update(Role::user($userId)), + Permission::delete(Role::user($userId)), + ], ] ]; $document = $this->client->call(Client::METHOD_POST, '/graphql', [ diff --git a/tests/e2e/Services/GraphQL/GraphQLBase.php b/tests/e2e/Services/GraphQL/GraphQLBase.php index 9ac6ef3ac3..3ab57b7aca 100644 --- a/tests/e2e/Services/GraphQL/GraphQLBase.php +++ b/tests/e2e/Services/GraphQL/GraphQLBase.php @@ -1196,10 +1196,14 @@ trait GraphQLBase }'; case self::$CREATE_BUCKET: return 'mutation createBucket($bucketId: String!, $name: String!, $fileSecurity: Boolean, $permissions: [String!]) { - storageCreateBucket(bucketId: $bucketId, name: $name, permission: $permission, permissions: $permissions) { + storageCreateBucket(bucketId: $bucketId, name: $name, fileSecurity: $fileSecurity, permissions: $permissions) { _id + _createdAt + _updatedAt + _permissions name enabled + fileSecurity } }'; case self::$GET_BUCKETS: @@ -1223,7 +1227,7 @@ trait GraphQLBase }'; case self::$UPDATE_BUCKET: return 'mutation updateBucket($bucketId: String!, $name: String!, $fileSecurity: Boolean, $permissions: [String!]) { - storageUpdateBucket(bucketId: $bucketId, name: $name, permission: $permission, permissions: $permissions) { + storageUpdateBucket(bucketId: $bucketId, name: $name, fileSecurity: $fileSecurity, permissions: $permissions) { _id name enabled diff --git a/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php b/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php index 7de17b5d21..02f8e35728 100644 --- a/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLContentTypeTest.php @@ -7,6 +7,8 @@ use Tests\E2E\Client; use Tests\E2E\Scopes\ProjectCustom; use Tests\E2E\Scopes\Scope; use Tests\E2E\Scopes\SideServer; +use Utopia\Database\Permission; +use Utopia\Database\Role; class GraphQLContentTypeTest extends Scope { @@ -103,9 +105,13 @@ class GraphQLContentTypeTest extends Scope 'variables' => [ 'bucketId' => 'unique()', 'name' => 'Test Bucket', - 'permission' => 'bucket', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => false, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; $bucket = $this->client->call(Client::METHOD_POST, '/graphql', \array_merge([ @@ -123,9 +129,12 @@ class GraphQLContentTypeTest extends Scope 'bucketId' => $bucket['_id'], 'fileId' => 'unique()', 'file' => null, - 'permissions' => 'file', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => true, + 'permissions' => [ + Permission::read(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]), 'map' => \json_encode([ @@ -152,7 +161,7 @@ class GraphQLContentTypeTest extends Scope 'x-appwrite-project' => $projectId, ], $this->getHeaders())); - $this->assertEquals('No query supplied.', $response['body']['message']); + $this->assertEquals('No query passed in the request.', $response['body']['message']); } public function testPostEmptyBody() @@ -163,7 +172,7 @@ class GraphQLContentTypeTest extends Scope 'x-appwrite-project' => $projectId, ], $this->getHeaders()), []); - $this->assertEquals('No query supplied.', $response['body']['message']); + $this->assertEquals('No query passed in the request.', $response['body']['message']); } public function testPostRandomBody() @@ -185,7 +194,7 @@ class GraphQLContentTypeTest extends Scope 'x-appwrite-project' => $projectId, ], $this->getHeaders())); - $this->assertEquals('No query supplied.', $response['body']['message']); + $this->assertEquals('No query passed in the request.', $response['body']['message']); } public function testGetEmptyQuery() @@ -207,6 +216,6 @@ class GraphQLContentTypeTest extends Scope 'x-appwrite-project' => $projectId, ], $this->getHeaders())); - $this->assertEquals('No query supplied.', $response['body']['message']); + $this->assertEquals('No query passed in the request.', $response['body']['message']); } } diff --git a/tests/e2e/Services/GraphQL/GraphQLDatabaseClientTest.php b/tests/e2e/Services/GraphQL/GraphQLDatabaseClientTest.php index 83605771e8..8486e38177 100644 --- a/tests/e2e/Services/GraphQL/GraphQLDatabaseClientTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLDatabaseClientTest.php @@ -6,6 +6,8 @@ use Tests\E2E\Client; use Tests\E2E\Scopes\ProjectCustom; use Tests\E2E\Scopes\Scope; use Tests\E2E\Scopes\SideClient; +use Utopia\Database\Permission; +use Utopia\Database\Role; class GraphQLDatabaseClientTest extends Scope { @@ -52,9 +54,13 @@ class GraphQLDatabaseClientTest extends Scope 'databaseId' => $database['_id'], 'collectionId' => 'actors', 'name' => 'Actors', - 'permission' => 'collection', - 'read' => ['role:all'], - 'write' => ['role:member'], + 'documentSecurity' => false, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::users()), + Permission::update(Role::users()), + Permission::delete(Role::users()), + ], ] ]; @@ -158,8 +164,11 @@ class GraphQLDatabaseClientTest extends Scope 'name' => 'John Doe', 'age' => 35, ], - 'read' => ['role:all'], - 'write' => ['role:all'], + 'permissions' => [ + Permission::read(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; diff --git a/tests/e2e/Services/GraphQL/GraphQLDatabaseServerTest.php b/tests/e2e/Services/GraphQL/GraphQLDatabaseServerTest.php index 14edc1d6ca..27a5d1cda8 100644 --- a/tests/e2e/Services/GraphQL/GraphQLDatabaseServerTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLDatabaseServerTest.php @@ -7,6 +7,8 @@ use Tests\E2E\Client; use Tests\E2E\Scopes\ProjectCustom; use Tests\E2E\Scopes\Scope; use Tests\E2E\Scopes\SideServer; +use Utopia\Database\Permission; +use Utopia\Database\Role; class GraphQLDatabaseServerTest extends Scope { @@ -52,9 +54,13 @@ class GraphQLDatabaseServerTest extends Scope 'databaseId' => $database['_id'], 'collectionId' => 'actors', 'name' => 'Actors', - 'permission' => 'collection', - 'read' => ['role:all'], - 'write' => ['role:member'], + 'documentSecurity' => false, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::users()), + Permission::update(Role::users()), + Permission::delete(Role::users()), + ], ] ]; @@ -394,8 +400,12 @@ class GraphQLDatabaseServerTest extends Scope 'salary' => 9999.9, 'role' => 'crew', ], - 'read' => ['role:all'], - 'write' => ['role:all'], + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; @@ -775,7 +785,7 @@ class GraphQLDatabaseServerTest extends Scope 'databaseId' => $data['database']['_id'], 'collectionId' => $data['collection']['_id'], 'name' => 'New Collection Name', - 'permission' => 'collection', + 'documentSecurity' => false, ] ]; diff --git a/tests/e2e/Services/GraphQL/GraphQLStorageClientTest.php b/tests/e2e/Services/GraphQL/GraphQLStorageClientTest.php index 3e74ada14b..915257e97a 100644 --- a/tests/e2e/Services/GraphQL/GraphQLStorageClientTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLStorageClientTest.php @@ -7,6 +7,8 @@ use Tests\E2E\Client; use Tests\E2E\Scopes\ProjectCustom; use Tests\E2E\Scopes\Scope; use Tests\E2E\Scopes\SideClient; +use Utopia\Database\Permission; +use Utopia\Database\Role; class GraphQLStorageClientTest extends Scope { @@ -23,9 +25,13 @@ class GraphQLStorageClientTest extends Scope 'variables' => [ 'bucketId' => 'actors', 'name' => 'Actors', - 'permission' => 'bucket', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => false, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; @@ -57,9 +63,12 @@ class GraphQLStorageClientTest extends Scope 'bucketId' => $bucket['_id'], 'fileId' => 'unique()', 'file' => null, - 'permissions' => 'file', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => true, + 'permissions' => [ + Permission::read(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]), 'map' => \json_encode([ @@ -237,8 +246,11 @@ class GraphQLStorageClientTest extends Scope 'variables' => [ 'bucketId' => $file['bucketId'], 'fileId' => $file['_id'], - 'read' => ['role:all'], - 'write' => ['role:all'], + 'permissions' => [ + Permission::read(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; diff --git a/tests/e2e/Services/GraphQL/GraphQLStorageServerTest.php b/tests/e2e/Services/GraphQL/GraphQLStorageServerTest.php index e41245bba1..bf9de278ba 100644 --- a/tests/e2e/Services/GraphQL/GraphQLStorageServerTest.php +++ b/tests/e2e/Services/GraphQL/GraphQLStorageServerTest.php @@ -23,9 +23,13 @@ class GraphQLStorageServerTest extends Scope 'variables' => [ 'bucketId' => 'actors', 'name' => 'Actors', - 'permission' => 'bucket', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => false, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]; @@ -56,9 +60,13 @@ class GraphQLStorageServerTest extends Scope 'bucketId' => $bucket['_id'], 'fileId' => 'unique()', 'file' => null, - 'permissions' => 'file', - 'read' => ['role:all'], - 'write' => ['role:all'], + 'fileSecurity' => true, + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ]), 'map' => \json_encode([ @@ -286,7 +294,7 @@ class GraphQLStorageServerTest extends Scope 'variables' => [ 'bucketId' => $bucket['_id'], 'name' => 'Actors Updated', - 'permission' => 'bucket', + 'fileSecurity' => false, ] ]; @@ -318,8 +326,12 @@ class GraphQLStorageServerTest extends Scope 'variables' => [ 'bucketId' => $file['bucketId'], 'fileId' => $file['_id'], - 'read' => ['role:all'], - 'write' => ['role:all'], + 'permissions' => [ + Permission::read(Role::any()), + Permission::create(Role::any()), + Permission::update(Role::any()), + Permission::delete(Role::any()), + ], ] ];