Merge branch '0.16.x' of github.com:appwrite/appwrite into 0.16.shmuel.1
Conflicts: composer.json composer.lock
This commit is contained in:
commit
a08c6f8235
13 changed files with 239 additions and 45 deletions
|
@ -1827,7 +1827,7 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
|
||||||
->param('documentId', '', new CustomId(), 'Document ID. Choose your own unique ID or pass the string "unique()" to auto generate it. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
|
->param('documentId', '', new CustomId(), 'Document ID. Choose your own unique ID or pass the string "unique()" to auto generate it. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
|
||||||
->param('collectionId', null, new UID(), 'Collection ID. You can create a new collection using the Database service [server integration](https://appwrite.io/docs/server/databases#databasesCreateCollection). Make sure to define attributes before creating documents.')
|
->param('collectionId', null, new UID(), 'Collection ID. You can create a new collection using the Database service [server integration](https://appwrite.io/docs/server/databases#databasesCreateCollection). Make sure to define attributes before creating documents.')
|
||||||
->param('data', [], new JSON(), 'Document data as JSON object.')
|
->param('data', [], new JSON(), 'Document data as JSON object.')
|
||||||
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE]), 'An array of permissions strings. By default the current user is granted with all permissions. [Learn more about permissions](/docs/permissions).', true)
|
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE, Database::PERMISSION_WRITE]), 'An array of permissions strings. By default the current user is granted with all permissions. [Learn more about permissions](/docs/permissions).', true)
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('dbForProject')
|
->inject('dbForProject')
|
||||||
->inject('user')
|
->inject('user')
|
||||||
|
@ -2207,7 +2207,7 @@ App::patch('/v1/databases/:databaseId/collections/:collectionId/documents/:docum
|
||||||
->param('collectionId', null, new UID(), 'Collection ID.')
|
->param('collectionId', null, new UID(), 'Collection ID.')
|
||||||
->param('documentId', null, new UID(), 'Document ID.')
|
->param('documentId', null, new UID(), 'Document ID.')
|
||||||
->param('data', [], new JSON(), 'Document data as JSON object. Include only attribute and value pairs to be updated.', true)
|
->param('data', [], new JSON(), 'Document data as JSON object. Include only attribute and value pairs to be updated.', true)
|
||||||
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of permissions strings. By default the current permissions are inherited. [Learn more about permissions](/docs/permissions).', true)
|
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE, Database::PERMISSION_WRITE]), 'An array of permissions strings. By default the current permissions are inherited. [Learn more about permissions](/docs/permissions).', true)
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('dbForProject')
|
->inject('dbForProject')
|
||||||
->inject('events')
|
->inject('events')
|
||||||
|
|
|
@ -1108,6 +1108,7 @@ App::post('/v1/functions/:functionId/executions')
|
||||||
$roles = Authorization::getRoles();
|
$roles = Authorization::getRoles();
|
||||||
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
|
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
|
||||||
$isAppUser = Auth::isAppUser($roles);
|
$isAppUser = Auth::isAppUser($roles);
|
||||||
|
|
||||||
if (!$isPrivilegedUser && !$isAppUser) {
|
if (!$isPrivilegedUser && !$isAppUser) {
|
||||||
$execution->setAttribute('stdout', '');
|
$execution->setAttribute('stdout', '');
|
||||||
$execution->setAttribute('stderr', '');
|
$execution->setAttribute('stderr', '');
|
||||||
|
|
|
@ -344,7 +344,7 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
||||||
->param('bucketId', null, new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](/docs/server/storage#createBucket).')
|
->param('bucketId', null, new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](/docs/server/storage#createBucket).')
|
||||||
->param('fileId', '', new CustomId(), 'File ID. Choose your own unique ID or pass the string "unique()" to auto generate it. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
|
->param('fileId', '', new CustomId(), 'File ID. Choose your own unique ID or pass the string "unique()" to auto generate it. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
|
||||||
->param('file', [], new File(), 'Binary file.', false)
|
->param('file', [], new File(), 'Binary file.', false)
|
||||||
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE]), 'An array of permission strings. By default the current user is granted with all permissions. [Learn more about permissions](/docs/permissions).', true)
|
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE, Database::PERMISSION_WRITE]), 'An array of permission strings. By default the current user is granted with all permissions. [Learn more about permissions](/docs/permissions).', true)
|
||||||
->inject('request')
|
->inject('request')
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('dbForProject')
|
->inject('dbForProject')
|
||||||
|
@ -1251,7 +1251,7 @@ App::put('/v1/storage/buckets/:bucketId/files/:fileId')
|
||||||
->label('sdk.response.model', Response::MODEL_FILE)
|
->label('sdk.response.model', Response::MODEL_FILE)
|
||||||
->param('bucketId', null, new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](/docs/server/storage#createBucket).')
|
->param('bucketId', null, new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](/docs/server/storage#createBucket).')
|
||||||
->param('fileId', '', new UID(), 'File unique ID.')
|
->param('fileId', '', new UID(), 'File unique ID.')
|
||||||
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of permission string. By default the current permissions are inherited. [Learn more about permissions](/docs/permissions).', true)
|
->param('permissions', null, new Permissions(APP_LIMIT_ARRAY_PARAMS_SIZE, [Database::PERMISSION_READ, Database::PERMISSION_UPDATE, Database::PERMISSION_DELETE, Database::PERMISSION_WRITE]), 'An array of permission string. By default the current permissions are inherited. [Learn more about permissions](/docs/permissions).', true)
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('dbForProject')
|
->inject('dbForProject')
|
||||||
->inject('user')
|
->inject('user')
|
||||||
|
|
|
@ -45,13 +45,13 @@
|
||||||
"appwrite/php-runtimes": "0.11.*",
|
"appwrite/php-runtimes": "0.11.*",
|
||||||
"utopia-php/framework": "0.21.*",
|
"utopia-php/framework": "0.21.*",
|
||||||
"utopia-php/logger": "0.3.*",
|
"utopia-php/logger": "0.3.*",
|
||||||
"utopia-php/abuse": "0.12.*",
|
"utopia-php/abuse": "0.13.*",
|
||||||
"utopia-php/analytics": "0.2.*",
|
"utopia-php/analytics": "0.2.*",
|
||||||
"utopia-php/audit": "0.13.*",
|
"utopia-php/audit": "0.14.*",
|
||||||
"utopia-php/cache": "0.6.*",
|
"utopia-php/cache": "0.6.*",
|
||||||
"utopia-php/cli": "0.13.*",
|
"utopia-php/cli": "0.13.*",
|
||||||
"utopia-php/config": "0.2.*",
|
"utopia-php/config": "0.2.*",
|
||||||
"utopia-php/database": "dev-fix-5permissions as 0.24.0",
|
"utopia-php/database": "0.25.*",
|
||||||
"utopia-php/locale": "0.4.*",
|
"utopia-php/locale": "0.4.*",
|
||||||
"utopia-php/registry": "0.5.*",
|
"utopia-php/registry": "0.5.*",
|
||||||
"utopia-php/preloader": "0.2.*",
|
"utopia-php/preloader": "0.2.*",
|
||||||
|
|
57
composer.lock
generated
57
composer.lock
generated
|
@ -4,7 +4,7 @@
|
||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "232d5f1757b2bf06864c75d289488401",
|
"content-hash": "9c6fd9ae7d343488bbc9ccca8357a9ca",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "adhocore/jwt",
|
"name": "adhocore/jwt",
|
||||||
|
@ -1741,23 +1741,23 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/abuse",
|
"name": "utopia-php/abuse",
|
||||||
"version": "0.12.0",
|
"version": "0.13.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/utopia-php/abuse.git",
|
"url": "https://github.com/utopia-php/abuse.git",
|
||||||
"reference": "aa1e1aae163ecf8ea81d48857ff55c241dcb695f"
|
"reference": "3157bee5eee631b549fa4e9cca0aaf982649f931"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/utopia-php/abuse/zipball/aa1e1aae163ecf8ea81d48857ff55c241dcb695f",
|
"url": "https://api.github.com/repos/utopia-php/abuse/zipball/3157bee5eee631b549fa4e9cca0aaf982649f931",
|
||||||
"reference": "aa1e1aae163ecf8ea81d48857ff55c241dcb695f",
|
"reference": "3157bee5eee631b549fa4e9cca0aaf982649f931",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
"ext-curl": "*",
|
"ext-curl": "*",
|
||||||
"ext-pdo": "*",
|
"ext-pdo": "*",
|
||||||
"php": ">=8.0",
|
"php": ">=8.0",
|
||||||
"utopia-php/database": "0.24.0"
|
"utopia-php/database": "0.25.0"
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"phpunit/phpunit": "^9.4",
|
"phpunit/phpunit": "^9.4",
|
||||||
|
@ -1789,9 +1789,9 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/utopia-php/abuse/issues",
|
"issues": "https://github.com/utopia-php/abuse/issues",
|
||||||
"source": "https://github.com/utopia-php/abuse/tree/0.12.0"
|
"source": "https://github.com/utopia-php/abuse/tree/0.13.0"
|
||||||
},
|
},
|
||||||
"time": "2022-08-27T09:50:09+00:00"
|
"time": "2022-09-06T08:33:02+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/analytics",
|
"name": "utopia-php/analytics",
|
||||||
|
@ -1850,22 +1850,22 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/audit",
|
"name": "utopia-php/audit",
|
||||||
"version": "0.13.0",
|
"version": "0.14.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/utopia-php/audit.git",
|
"url": "https://github.com/utopia-php/audit.git",
|
||||||
"reference": "a2f30ccfba7a61b1718b9ebd4557ed0d8a4dcb5b"
|
"reference": "fe5d59076512dd63db92d38035d3039170730e5e"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/utopia-php/audit/zipball/a2f30ccfba7a61b1718b9ebd4557ed0d8a4dcb5b",
|
"url": "https://api.github.com/repos/utopia-php/audit/zipball/fe5d59076512dd63db92d38035d3039170730e5e",
|
||||||
"reference": "a2f30ccfba7a61b1718b9ebd4557ed0d8a4dcb5b",
|
"reference": "fe5d59076512dd63db92d38035d3039170730e5e",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
"ext-pdo": "*",
|
"ext-pdo": "*",
|
||||||
"php": ">=8.0",
|
"php": ">=8.0",
|
||||||
"utopia-php/database": "0.24.0"
|
"utopia-php/database": "0.25.0"
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"phpunit/phpunit": "^9.3",
|
"phpunit/phpunit": "^9.3",
|
||||||
|
@ -1897,9 +1897,9 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/utopia-php/audit/issues",
|
"issues": "https://github.com/utopia-php/audit/issues",
|
||||||
"source": "https://github.com/utopia-php/audit/tree/0.13.0"
|
"source": "https://github.com/utopia-php/audit/tree/0.14.0"
|
||||||
},
|
},
|
||||||
"time": "2022-08-27T09:18:57+00:00"
|
"time": "2022-09-06T08:38:04+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/cache",
|
"name": "utopia-php/cache",
|
||||||
|
@ -2060,16 +2060,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/database",
|
"name": "utopia-php/database",
|
||||||
"version": "dev-fix-5permissions",
|
"version": "0.25.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/utopia-php/database.git",
|
"url": "https://github.com/utopia-php/database.git",
|
||||||
"reference": "afb5f9a8ccc7641169dc8837dd880e405cafc324"
|
"reference": "167fb53a6c199d4b9ce5fc513c78774ee92199e7"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/utopia-php/database/zipball/afb5f9a8ccc7641169dc8837dd880e405cafc324",
|
"url": "https://api.github.com/repos/utopia-php/database/zipball/167fb53a6c199d4b9ce5fc513c78774ee92199e7",
|
||||||
"reference": "afb5f9a8ccc7641169dc8837dd880e405cafc324",
|
"reference": "167fb53a6c199d4b9ce5fc513c78774ee92199e7",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -2118,9 +2118,9 @@
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"issues": "https://github.com/utopia-php/database/issues",
|
"issues": "https://github.com/utopia-php/database/issues",
|
||||||
"source": "https://github.com/utopia-php/database/tree/fix-5permissions"
|
"source": "https://github.com/utopia-php/database/tree/0.25.0"
|
||||||
},
|
},
|
||||||
"time": "2022-09-06T13:51:35+00:00"
|
"time": "2022-09-06T07:53:26+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "utopia-php/domains",
|
"name": "utopia-php/domains",
|
||||||
|
@ -5358,18 +5358,9 @@
|
||||||
"time": "2022-08-12T06:47:24+00:00"
|
"time": "2022-08-12T06:47:24+00:00"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"aliases": [
|
"aliases": [],
|
||||||
{
|
|
||||||
"package": "utopia-php/database",
|
|
||||||
"version": "dev-fix-5permissions",
|
|
||||||
"alias": "0.24.0",
|
|
||||||
"alias_normalized": "0.24.0.0"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"minimum-stability": "stable",
|
"minimum-stability": "stable",
|
||||||
"stability-flags": {
|
"stability-flags": [],
|
||||||
"utopia-php/database": 20
|
|
||||||
},
|
|
||||||
"prefer-stable": false,
|
"prefer-stable": false,
|
||||||
"prefer-lowest": false,
|
"prefer-lowest": false,
|
||||||
"platform": {
|
"platform": {
|
||||||
|
@ -5393,5 +5384,5 @@
|
||||||
"platform-overrides": {
|
"platform-overrides": {
|
||||||
"php": "8.0"
|
"php": "8.0"
|
||||||
},
|
},
|
||||||
"plugin-api-version": "2.2.0"
|
"plugin-api-version": "2.3.0"
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,6 +16,94 @@ class DatabasesCustomClientTest extends Scope
|
||||||
use ProjectCustom;
|
use ProjectCustom;
|
||||||
use SideClient;
|
use SideClient;
|
||||||
|
|
||||||
|
public function testAllowedPermissions(): void
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Test for SUCCESS
|
||||||
|
*/
|
||||||
|
|
||||||
|
$database = $this->client->call(Client::METHOD_POST, '/databases', [
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
'x-appwrite-key' => $this->getProject()['apiKey']
|
||||||
|
], [
|
||||||
|
'databaseId' => ID::unique(),
|
||||||
|
'name' => 'Test Database'
|
||||||
|
]);
|
||||||
|
|
||||||
|
$databaseId = $database['body']['$id'];
|
||||||
|
|
||||||
|
// Collection aliases write to create, update, delete
|
||||||
|
$movies = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
'x-appwrite-key' => $this->getProject()['apiKey']
|
||||||
|
]), [
|
||||||
|
'collectionId' => ID::unique(),
|
||||||
|
'name' => 'Movies',
|
||||||
|
'documentSecurity' => true,
|
||||||
|
'permissions' => [
|
||||||
|
Permission::write(Role::user($this->getUser()['$id'])),
|
||||||
|
],
|
||||||
|
]);
|
||||||
|
|
||||||
|
$moviesId = $movies['body']['$id'];
|
||||||
|
|
||||||
|
$this->assertContains(Permission::create(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
|
||||||
|
|
||||||
|
$this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/attributes/string', array_merge([
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
'x-appwrite-key' => $this->getProject()['apiKey']
|
||||||
|
]), [
|
||||||
|
'key' => 'title',
|
||||||
|
'size' => 256,
|
||||||
|
'required' => true,
|
||||||
|
]);
|
||||||
|
|
||||||
|
sleep(1);
|
||||||
|
|
||||||
|
// Document aliases write to update, delete
|
||||||
|
$document1 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
], $this->getHeaders()), [
|
||||||
|
'documentId' => ID::unique(),
|
||||||
|
'data' => [
|
||||||
|
'title' => 'Captain America',
|
||||||
|
],
|
||||||
|
'permissions' => [
|
||||||
|
Permission::write(Role::user($this->getUser()['$id'])),
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->assertNotContains(Permission::create(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test for FAILURE
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Document does not allow create permission
|
||||||
|
$document2 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
], $this->getHeaders()), [
|
||||||
|
'documentId' => ID::unique(),
|
||||||
|
'data' => [
|
||||||
|
'title' => 'Captain America',
|
||||||
|
],
|
||||||
|
'permissions' => [
|
||||||
|
Permission::create(Role::user($this->getUser()['$id'])),
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->assertEquals(400, $document2['headers']['status-code']);
|
||||||
|
}
|
||||||
|
|
||||||
public function testUpdateWithoutPermission(): array
|
public function testUpdateWithoutPermission(): array
|
||||||
{
|
{
|
||||||
// If document has been created by server and client tried to update it without adjusting permissions, permission validation should be skipped
|
// If document has been created by server and client tried to update it without adjusting permissions, permission validation should be skipped
|
||||||
|
|
|
@ -225,4 +225,54 @@ class DatabasesPermissionsGuestTest extends Scope
|
||||||
Authorization::setRole($role);
|
Authorization::setRole($role);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testWriteDocumentWithPermissions()
|
||||||
|
{
|
||||||
|
$database = $this->client->call(Client::METHOD_POST, '/databases', array_merge([
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
'x-appwrite-key' => $this->getProject()['apiKey']
|
||||||
|
]), [
|
||||||
|
'databaseId' => ID::unique(),
|
||||||
|
'name' => 'GuestPermissionsWrite',
|
||||||
|
]);
|
||||||
|
$this->assertEquals(201, $database['headers']['status-code']);
|
||||||
|
$this->assertEquals('GuestPermissionsWrite', $database['body']['name']);
|
||||||
|
|
||||||
|
$databaseId = $database['body']['$id'];
|
||||||
|
$movies = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', $this->getServerHeader(), [
|
||||||
|
'collectionId' => ID::unique(),
|
||||||
|
'name' => 'Movies',
|
||||||
|
'permissions' => [
|
||||||
|
Permission::create(Role::any()),
|
||||||
|
],
|
||||||
|
'documentSecurity' => true
|
||||||
|
]);
|
||||||
|
|
||||||
|
$moviesId = $movies['body']['$id'];
|
||||||
|
|
||||||
|
$this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/attributes/string', $this->getServerHeader(), [
|
||||||
|
'key' => 'title',
|
||||||
|
'size' => 256,
|
||||||
|
'required' => true,
|
||||||
|
]);
|
||||||
|
|
||||||
|
sleep(1);
|
||||||
|
|
||||||
|
$document = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', [
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
], [
|
||||||
|
'documentId' => ID::unique(),
|
||||||
|
'data' => [
|
||||||
|
'title' => 'Thor: Ragnarok',
|
||||||
|
],
|
||||||
|
'permissions' => [
|
||||||
|
Permission::read(Role::any()),
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->assertEquals(201, $document['headers']['status-code']);
|
||||||
|
$this->assertEquals('Thor: Ragnarok', $document['body']['title']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -727,6 +727,7 @@ class FunctionsCustomServerTest extends Scope
|
||||||
/**
|
/**
|
||||||
* @depends testUpdateDeployment
|
* @depends testUpdateDeployment
|
||||||
*/
|
*/
|
||||||
|
#[Retry(count: 2)]
|
||||||
public function testSyncCreateExecution($data): array
|
public function testSyncCreateExecution($data): array
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1122,7 +1122,6 @@ class RealtimeCustomClientTest extends Scope
|
||||||
], $this->getHeaders()), [
|
], $this->getHeaders()), [
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::read(Role::any()),
|
||||||
Permission::create(Role::any()),
|
|
||||||
Permission::update(Role::any()),
|
Permission::update(Role::any()),
|
||||||
Permission::delete(Role::any()),
|
Permission::delete(Role::any()),
|
||||||
],
|
],
|
||||||
|
|
|
@ -1065,6 +1065,68 @@ class StorageCustomClientTest extends Scope
|
||||||
$this->assertEmpty($file['body']);
|
$this->assertEmpty($file['body']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testAllowedPermissions(): void
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Test for SUCCESS
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Bucket aliases write to create, update, delete
|
||||||
|
$bucket = $this->client->call(Client::METHOD_POST, '/storage/buckets', [
|
||||||
|
'content-type' => 'application/json',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
'x-appwrite-key' => $this->getProject()['apiKey'],
|
||||||
|
], [
|
||||||
|
'bucketId' => ID::unique(),
|
||||||
|
'name' => 'Test Bucket',
|
||||||
|
'permissions' => [
|
||||||
|
Permission::write(Role::user($this->getUser()['$id'])),
|
||||||
|
],
|
||||||
|
'fileSecurity' => true,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$bucketId = $bucket['body']['$id'];
|
||||||
|
$this->assertEquals(201, $bucket['headers']['status-code']);
|
||||||
|
|
||||||
|
$this->assertContains(Permission::create(Role::user($this->getUser()['$id'])), $bucket['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $bucket['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $bucket['body']['$permissions']);
|
||||||
|
|
||||||
|
// File aliases write to update, delete
|
||||||
|
$file1 = $this->client->call(Client::METHOD_POST, '/storage/buckets/' . $bucketId . '/files', array_merge([
|
||||||
|
'content-type' => 'multipart/form-data',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
], $this->getHeaders()), [
|
||||||
|
'fileId' => ID::unique(),
|
||||||
|
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
|
||||||
|
'permissions' => [
|
||||||
|
Permission::write(Role::user($this->getUser()['$id'])),
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->assertNotContains(Permission::create(Role::user($this->getUser()['$id'])), $file1['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $file1['body']['$permissions']);
|
||||||
|
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $file1['body']['$permissions']);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test for FAILURE
|
||||||
|
*/
|
||||||
|
|
||||||
|
// File does not allow create permission
|
||||||
|
$file2 = $this->client->call(Client::METHOD_POST, '/storage/buckets/' . $bucketId . '/files', [
|
||||||
|
'content-type' => 'multipart/form-data',
|
||||||
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
|
], [
|
||||||
|
'fileId' => ID::unique(),
|
||||||
|
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
|
||||||
|
'permissions' => [
|
||||||
|
Permission::create(Role::user($this->getUser()['$id'])),
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->assertEquals(400, $file2['headers']['status-code']);
|
||||||
|
}
|
||||||
|
|
||||||
public function testCreateFileDefaultPermissions(): array
|
public function testCreateFileDefaultPermissions(): array
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
@ -1220,9 +1282,8 @@ class StorageCustomClientTest extends Scope
|
||||||
], $this->getHeaders()), [
|
], $this->getHeaders()), [
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::user(ID::custom('notme'))),
|
Permission::read(Role::user(ID::custom('notme'))),
|
||||||
Permission::create(Role::user(ID::custom('notme'))),
|
Permission::update(Role::user(ID::custom('notme'))),
|
||||||
Permission::update(Role::user(ID::custom('notme'))),
|
Permission::delete(Role::user(ID::custom('notme'))),
|
||||||
Permission::delete(Role::user(ID::custom('notme'))),
|
|
||||||
],
|
],
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Tests\E2E\Services\Users;
|
namespace Tests\E2E\Services\Users;
|
||||||
|
|
||||||
|
use Appwrite\Tests\Retry;
|
||||||
use Tests\E2E\Client;
|
use Tests\E2E\Client;
|
||||||
use Utopia\Database\ID;
|
use Utopia\Database\ID;
|
||||||
|
|
||||||
|
@ -852,6 +853,7 @@ trait UsersBase
|
||||||
/**
|
/**
|
||||||
* @depends testGetUser
|
* @depends testGetUser
|
||||||
*/
|
*/
|
||||||
|
#[Retry(count: 1)]
|
||||||
public function testUpdateUserStatus(array $data): array
|
public function testUpdateUserStatus(array $data): array
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -556,7 +556,6 @@ trait WebhooksBase
|
||||||
], $this->getHeaders()), [
|
], $this->getHeaders()), [
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::read(Role::any()),
|
||||||
Permission::create(Role::any()),
|
|
||||||
Permission::update(Role::any()),
|
Permission::update(Role::any()),
|
||||||
Permission::delete(Role::any()),
|
Permission::delete(Role::any()),
|
||||||
],
|
],
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Tests\E2E\Services\Webhooks;
|
namespace Tests\E2E\Services\Webhooks;
|
||||||
|
|
||||||
|
use Appwrite\Tests\Retry;
|
||||||
use Tests\E2E\Client;
|
use Tests\E2E\Client;
|
||||||
use Tests\E2E\Scopes\Scope;
|
use Tests\E2E\Scopes\Scope;
|
||||||
use Tests\E2E\Scopes\ProjectCustom;
|
use Tests\E2E\Scopes\ProjectCustom;
|
||||||
|
@ -416,6 +417,7 @@ class WebhooksCustomClientTest extends Scope
|
||||||
/**
|
/**
|
||||||
* @depends testDeleteAccountSessions
|
* @depends testDeleteAccountSessions
|
||||||
*/
|
*/
|
||||||
|
#[Retry(count: 1)]
|
||||||
public function testUpdateAccountName($data): array
|
public function testUpdateAccountName($data): array
|
||||||
{
|
{
|
||||||
$id = $data['id'] ?? '';
|
$id = $data['id'] ?? '';
|
||||||
|
|
Loading…
Reference in a new issue