CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-26 18:20:43 +12:00
Code Issues Projects Releases Wiki Activity

Use permission helpers

Browse source
This commit is contained in:
Jake Barnby 2022-08-14 17:21:11 +12:00
parent 9e02c26908
commit fe5d3a1892
25 changed files with 429 additions and 418 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

93
app/controllers/api/account.php
View file

@ -27,7 +27,9 @@ use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Exception\Duplicate;
use Utopia\Database\Permission;
use Utopia\Database\Query;
use Utopia\Database\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\UID;
use Utopia\Locale\Locale;
@ -97,9 +99,9 @@ App::post('/v1/account')
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,
@ -202,9 +204,9 @@ App::post('/v1/account/sessions/email')
Authorization::setRole('user:' . $profile->getId());
$session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [
"read(user:{$profile->getId()})",
"update(user:{$profile->getId()})",
"delete(user:{$profile->getId()})",
Permission::read(Role::user($profile->getId())),
Permission::update(Role::user($profile->getId())),
Permission::delete(Role::user($profile->getId())),
]));
$dbForProject->deleteCachedDocument('users', $profile->getId());
@ -484,9 +486,9 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => true,
@ -551,9 +553,9 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$dbForProject->updateDocument('users', $user->getId(), $user);
$session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -654,9 +656,9 @@ App::post('/v1/account/sessions/magic-url')
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,
@ -692,9 +694,9 @@ App::post('/v1/account/sessions/magic-url')
$token = $dbForProject->createDocument('tokens', $token
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -800,9 +802,9 @@ App::put('/v1/account/sessions/magic-url')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -904,9 +906,9 @@ App::post('/v1/account/sessions/phone')
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => null,
'phone' => $number,
@ -944,9 +946,9 @@ App::post('/v1/account/sessions/phone')
$token = $dbForProject->createDocument('tokens', $token
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -1039,9 +1041,9 @@ App::put('/v1/account/sessions/phone')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -1141,9 +1143,9 @@ App::post('/v1/account/sessions/anonymous')
$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => null,
'emailVerification' => false,
@ -1186,10 +1188,9 @@ App::post('/v1/account/sessions/anonymous')
Authorization::setRole('user:' . $user->getId());
$session = $dbForProject->createDocument('sessions', $session-> setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -2014,9 +2015,9 @@ App::post('/v1/account/recovery')
$recovery = $dbForProject->createDocument('tokens', $recovery
->setAttribute('$permissions', [
"read(user:{$profile->getId()})",
"update(user:{$profile->getId()})",
"delete(user:{$profile->getId()})",
Permission::read(Role::user($profile->getId())),
Permission::update(Role::user($profile->getId())),
Permission::delete(Role::user($profile->getId())),
]));
$dbForProject->deleteCachedDocument('users', $profile->getId());
@ -2178,9 +2179,9 @@ App::post('/v1/account/verification')
$verification = $dbForProject->createDocument('tokens', $verification
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());
@ -2336,9 +2337,9 @@ App::post('/v1/account/verification/phone')
$verification = $dbForProject->createDocument('tokens', $verification
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());

16
app/controllers/api/functions.php
View file

@ -9,6 +9,8 @@ use Appwrite\Event\Func;
use Appwrite\Event\Validator\Event as ValidatorEvent;
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Database\Validator\CustomId;
use Utopia\Database\Permission;
use Utopia\Database\Role;
use Utopia\Database\Validator\UID;
use Appwrite\Stats\Stats;
use Utopia\Storage\Device;
@ -570,9 +572,9 @@ App::post('/v1/functions/:functionId/deployments')
$deployment = $dbForProject->createDocument('deployments', new Document([
'$id' => $deploymentId,
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'resourceId' => $function->getId(),
'resourceType' => 'functions',
@ -602,9 +604,9 @@ App::post('/v1/functions/:functionId/deployments')
$deployment = $dbForProject->createDocument('deployments', new Document([
'$id' => $deploymentId,
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'resourceId' => $function->getId(),
'resourceType' => 'functions',
@ -860,7 +862,7 @@ App::post('/v1/functions/:functionId/executions')
/** @var Document $execution */
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', new Document([
'$id' => $executionId,
'$permissions' => !$user->isEmpty() ? ["read(user:{$user->getId()})"] : [],
'$permissions' => !$user->isEmpty() ? [Permission::read(Role::user($user->getId()))] : [],
'functionId' => $function->getId(),
'deploymentId' => $deployment->getId(),
'trigger' => 'http', // http / schedule / event

24
app/controllers/api/projects.php
View file

@ -17,7 +17,9 @@ use Utopia\Audit\Audit;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Permission;
use Utopia\Database\Query;
use Utopia\Database\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\UID;
use Utopia\Domains\Domain;
@ -88,11 +90,11 @@ App::post('/v1/projects')
$project = $dbForConsole->createDocument('projects', new Document([
'$id' => $projectId,
'$permissions' => [
"read(team:{$teamId})",
"update(team:{$teamId}/owner)",
"update(team:{$teamId}/developer)",
"delete(team:{$teamId}/owner)",
"delete(team:{$teamId}/developer)",
Permission::read(Role::team($teamId)),
Permission::update(Role::team($teamId, 'owner')),
Permission::update(Role::team($teamId, 'developer')),
Permission::delete(Role::team($teamId, 'owner')),
Permission::delete(Role::team($teamId, 'developer')),
],
'name' => $name,
@ -597,9 +599,9 @@ App::post('/v1/projects/:projectId/webhooks')
$webhook = new Document([
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'projectInternalId' => $project->getInternalId(),
'projectId' => $project->getId(),
@ -844,9 +846,9 @@ App::post('/v1/projects/:projectId/keys')
$key = new Document([
'$id' => $dbForConsole->getId(),
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'projectInternalId' => $project->getInternalId(),
'projectId' => $project->getId(),

44
app/controllers/api/teams.php
View file

@ -21,7 +21,9 @@ use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Exception\Authorization as AuthorizationException;
use Utopia\Database\Exception\Duplicate;
use Utopia\Database\Permission;
use Utopia\Database\Query;
use Utopia\Database\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Key;
use Utopia\Database\Validator\UID;
@ -60,9 +62,9 @@ App::post('/v1/teams')
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
'$id' => $teamId ,
'$permissions' => [
'read(team:' . $teamId . ')',
'update(team:' . $teamId . '/owner)',
'delete(team:' . $teamId . '/owner)',
Permission::read(Role::team($teamId)),
Permission::update(Role::team($teamId, 'owner')),
Permission::delete(Role::team($teamId, 'owner')),
],
'name' => $name,
'total' => ($isPrivilegedUser || $isAppUser) ? 0 : 1,
@ -74,12 +76,12 @@ App::post('/v1/teams')
$membership = new Document([
'$id' => $membershipId,
'$permissions' => [
"read(user:{$user->getId()})",
"read(team:{$team->getId()})",
"update(user:{$user->getId()})",
"update(team:{$team->getId()}/owner)",
"delete(user:{$user->getId()})",
"delete(team:{$team->getId()}/owner)",
Permission::read(Role::user($user->getId())),
Permission::read(Role::team($team->getId())),
Permission::update(Role::user($user->getId())),
Permission::update(Role::team($team->getId(), 'owner')),
Permission::delete(Role::user($user->getId())),
Permission::delete(Role::team($team->getId(), 'owner')),
],
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
@ -338,10 +340,10 @@ App::post('/v1/teams/:teamId/memberships')
$invitee = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
"read(any)",
"read(user:{$userId})",
"update(user:{$userId})",
"delete(user:{$userId})",
Permission::read(Role::any()),
Permission::read(Role::user($userId)),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,
@ -379,11 +381,11 @@ App::post('/v1/teams/:teamId/memberships')
$membership = new Document([
'$id' => $membershipId,
'$permissions' => [
'read(any)',
"update(user:{$invitee->getId()})",
"update(team:{$team->getId()}/owner)",
"delete(user:{$invitee->getId()})",
"delete(team:{$team->getId()}/owner)",
Permission::read(Role::any()),
Permission::update(Role::user($invitee->getId())),
Permission::update(Role::team($team->getId(), 'owner')),
Permission::delete(Role::user($invitee->getId())),
Permission::delete(Role::team($team->getId(), 'owner')),
],
'userId' => $invitee->getId(),
'userInternalId' => $invitee->getInternalId(),
@ -735,9 +737,9 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
$session = $dbForProject->createDocument('sessions', $session
->setAttribute('$permissions', [
"read(user:{$user->getId()})",
"update(user:{$user->getId()})",
"delete(user:{$user->getId()})",
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
]));
$dbForProject->deleteCachedDocument('users', $user->getId());

6
app/controllers/api/users.php
View file

@ -58,9 +58,9 @@ App::post('/v1/users')
$user = $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
'read(any)',
'update(user:' . $userId . ')',
'delete(user:' . $userId . ')',
Permission::read(Role::any()),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
'email' => $email,
'emailVerification' => false,

8
app/http.php
View file

@ -10,6 +10,8 @@ use Swoole\Http\Response as SwooleResponse;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Permission;
use Utopia\Database\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Audit\Audit;
use Utopia\Abuse\Adapters\TimeLimit;
@ -169,9 +171,9 @@ $http->on('start', function (Server $http) use ($payloadSize, $register) {
'encryption' => true,
'antivirus' => true,
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'search' => 'buckets Default',
]));

2
app/workers/functions.php
View file

@ -237,7 +237,7 @@ class FunctionsV1 extends Worker
$executionId = $dbForProject->getId();
$execution = $dbForProject->createDocument('executions', new Document([
'$id' => $executionId,
'$permissions' => $user->isEmpty() ? [] : ['read(user:' . $user->getId() . ')'],
'$permissions' => $user->isEmpty() ? [] : [Permission::read(Role::user($user->getId()))],
'functionId' => $functionId,
'deploymentId' => $deploymentId,
'trigger' => $trigger,

2
src/Appwrite/Utopia/Response/Model/Bucket.php
View file

@ -32,7 +32,7 @@ class Bucket extends Model
'type' => self::TYPE_STRING,
'description' => 'File permissions.',
'default' => [],
'example' => ['read(any)'],
'example' => [Permission::read(Role::any())],
'array' => true,
])
->addRule('fileSecurity', [

2
src/Appwrite/Utopia/Response/Model/Collection.php
View file

@ -32,7 +32,7 @@ class Collection extends Model
'type' => self::TYPE_STRING,
'description' => 'Collection permissions.',
'default' => '',
'example' => 'read(any)',
'example' => Permission::read(Role::any()),
'array' => true
])
->addRule('databaseId', [

2
src/Appwrite/Utopia/Response/Model/Document.php
View file

@ -58,7 +58,7 @@ class Document extends Any
'type' => self::TYPE_STRING,
'description' => 'Document write permissions.',
'default' => '',
'example' => 'read(user:608f9da25e7e1)',
'example' => Permission::read(Role::user('608f9da25e7e1')),
'array' => true,
])
;

2
src/Appwrite/Utopia/Response/Model/File.php
View file

@ -38,7 +38,7 @@ class File extends Model
'type' => self::TYPE_STRING,
'description' => 'File permissions.',
'default' => [],
'example' => 'read(any)',
'example' => Permission::read(Role::any()),
'array' => true,
])
->addRule('name', [

212
tests/e2e/Services/Databases/DatabasesBase.php
View file

@ -45,10 +45,10 @@ trait DatabasesBase
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -91,9 +91,9 @@ trait DatabasesBase
'title' => 'Captain America',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
]);
@ -792,9 +792,9 @@ trait DatabasesBase
]
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -813,9 +813,9 @@ trait DatabasesBase
]
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -834,9 +834,9 @@ trait DatabasesBase
],
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -849,9 +849,9 @@ trait DatabasesBase
'releaseYear' => 2020, // Missing title, expect an 400 error
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1428,9 +1428,9 @@ trait DatabasesBase
'$createdAt' => 5 // Should be ignored
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
]);
@ -1452,9 +1452,9 @@ trait DatabasesBase
'title' => 'Thor: Ragnarok',
],
'permissions' => [
'read(users)',
'update(users)',
'delete(users)',
Permission::read(Role::users()),
Permission::update(Role::users()),
Permission::delete(Role::users()),
],
]);
@ -1498,9 +1498,9 @@ trait DatabasesBase
'actors' => [],
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1554,8 +1554,8 @@ trait DatabasesBase
'collectionId' => 'unique()',
'name' => 'invalidDocumentStructure',
'permissions' => [
'create(any)',
'read(any)',
Permission::create(Role::any()),
Permission::read(Role::any()),
],
'documentSecurity' => true,
]);
@ -1753,9 +1753,9 @@ trait DatabasesBase
'email' => 'user@example.com',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1768,9 +1768,9 @@ trait DatabasesBase
'enum' => 'yes',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1783,9 +1783,9 @@ trait DatabasesBase
'ip' => '1.1.1.1',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1798,9 +1798,9 @@ trait DatabasesBase
'url' => 'http://www.example.com',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1813,9 +1813,9 @@ trait DatabasesBase
'range' => 3,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1828,9 +1828,9 @@ trait DatabasesBase
'floatRange' => 1.4,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1843,9 +1843,9 @@ trait DatabasesBase
'probability' => 0.99999,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1858,9 +1858,9 @@ trait DatabasesBase
'upperBound' => 8,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1873,9 +1873,9 @@ trait DatabasesBase
'lowerBound' => 8,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1902,9 +1902,9 @@ trait DatabasesBase
'email' => 'user@@example.com',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1917,9 +1917,9 @@ trait DatabasesBase
'enum' => 'badEnum',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1932,9 +1932,9 @@ trait DatabasesBase
'ip' => '1.1.1.1.1',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1947,9 +1947,9 @@ trait DatabasesBase
'url' => 'example...com',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1962,9 +1962,9 @@ trait DatabasesBase
'range' => 11,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1977,9 +1977,9 @@ trait DatabasesBase
'floatRange' => 2.5,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -1992,9 +1992,9 @@ trait DatabasesBase
'probability' => 1.1,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2007,9 +2007,9 @@ trait DatabasesBase
'upperBound' => 11,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2022,9 +2022,9 @@ trait DatabasesBase
'lowerBound' => 3,
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2097,7 +2097,7 @@ trait DatabasesBase
'actors' => [],
],
'permissions' => [
'read(any)',
Permission::read(Role::any()),
],
]);
@ -2263,8 +2263,8 @@ trait DatabasesBase
'attribute' => 'one',
],
'permissions' => [
'read(user:other)',
'update(user:other)',
Permission::read(Role::user('other')),
Permission::update(Role::user('other')),
],
]);
@ -2380,9 +2380,9 @@ trait DatabasesBase
]
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2403,9 +2403,9 @@ trait DatabasesBase
]
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2426,9 +2426,9 @@ trait DatabasesBase
]
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -2522,10 +2522,10 @@ trait DatabasesBase
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [
'create(user:' . $this->getUser()['$id'] . ')',
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::create(Role::user($this->getUser()['$id'])),
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
'documentSecurity' => true,
]);
@ -2561,9 +2561,9 @@ trait DatabasesBase
'title' => 'Captain America',
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -2581,7 +2581,7 @@ trait DatabasesBase
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
]
]);
@ -2594,8 +2594,8 @@ trait DatabasesBase
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
]);

8
tests/e2e/Services/Databases/DatabasesConsoleClientTest.php
View file

@ -36,10 +36,10 @@ class DatabasesConsoleClientTest extends Scope
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);

8
tests/e2e/Services/Databases/DatabasesCustomClientTest.php
View file

@ -78,10 +78,10 @@ class DatabasesCustomClientTest extends Scope
'name' => 'AppwriteBeginner',
],
'permissions' => [
"read(user:user2)",
"read(user:{$userId})",
"update(user:{$userId})",
"delete(user:{$userId})",
Permission::read(Role::user('user2')),
Permission::read(Role::user($userId)),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
]);

74
tests/e2e/Services/Databases/DatabasesCustomServerTest.php
View file

@ -251,10 +251,10 @@ class DatabasesCustomServerTest extends Scope
'name' => 'Test 1',
'collectionId' => 'first',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -267,10 +267,10 @@ class DatabasesCustomServerTest extends Scope
'name' => 'Test 2',
'collectionId' => 'second',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -411,10 +411,10 @@ class DatabasesCustomServerTest extends Scope
'name' => 'Test 1',
'collectionId' => 'first',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -449,10 +449,10 @@ class DatabasesCustomServerTest extends Scope
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -506,9 +506,9 @@ class DatabasesCustomServerTest extends Scope
'unneeded' => 'dolor'
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -732,10 +732,10 @@ class DatabasesCustomServerTest extends Scope
'collectionId' => 'unique()',
'name' => 'TestCleanupDuplicateIndexOnDeleteAttribute',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -855,9 +855,9 @@ class DatabasesCustomServerTest extends Scope
'lastName' => 'Holland',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
]);
@ -871,9 +871,9 @@ class DatabasesCustomServerTest extends Scope
'lastName' => 'Jackson',
],
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
],
]);
@ -984,10 +984,10 @@ class DatabasesCustomServerTest extends Scope
'collectionId' => 'attributeRowWidthLimit',
'name' => 'attributeRowWidthLimit',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -1050,10 +1050,10 @@ class DatabasesCustomServerTest extends Scope
'collectionId' => 'testLimitException',
'name' => 'testLimitException',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);

20
tests/e2e/Services/Databases/DatabasesPermissionsGuestTest.php
View file

@ -31,10 +31,10 @@ class DatabasesPermissionsGuestTest extends Scope
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -58,12 +58,12 @@ class DatabasesPermissionsGuestTest extends Scope
public function readDocumentsProvider()
{
return [
[['read(any)']],
[['read(users)']],
[['update(any)', 'delete(any)']],
[['read(any)', 'update(any)', 'delete(any)']],
[['read(users)', 'update(users)', 'delete(users)']],
[['read(any)', 'update(users)', 'delete(users)']],
[[Permission::read(Role::any())]],
[[Permission::read(Role::users())]],
[[Permission::update(Role::any()), Permission::delete(Role::any())]],
[[Permission::read(Role::any()), Permission::update(Role::any()), Permission::delete(Role::any())]],
[[Permission::read(Role::users()), Permission::update(Role::users()), Permission::delete(Role::users())]],
[[Permission::read(Role::any()), Permission::update(Role::users()), Permission::delete(Role::users())]],
];
}

38
tests/e2e/Services/Databases/DatabasesPermissionsMemberTest.php
View file

@ -6,6 +6,8 @@ use Tests\E2E\Client;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectCustom;
use Tests\E2E\Scopes\SideClient;
use Utopia\Database\Permission;
use Utopia\Database\Role;
class DatabasesPermissionsMemberTest extends Scope
{
@ -26,16 +28,16 @@ class DatabasesPermissionsMemberTest extends Scope
public function permissionsProvider(): array
{
return [
[['read(any)']],
[['read(users)']],
[['read(user:random)']],
[['read(user:lorem)', 'update(user:lorem)', 'delete(user:lorem)',]],
[['read(user:dolor)', 'update(user:dolor)', 'delete(user:dolor)',]],
[['read(user:dolor)', 'read(user:lorem)', 'update(user:dolor)', 'delete(user:dolor)',]],
[['update(any)', 'delete(any)']],
[['read(any)', 'update(any)', 'delete(any)']],
[['read(users)', 'update(users)', 'delete(users)']],
[['read(any)', 'update(users)', 'delete(users)']],
[[Permission::read(Role::any())]],
[[Permission::read(Role::users())]],
[[Permission::read(Role::user('random'))]],
[[Permission::read(Role::user('lorem')), Permission::update(Role::user('lorem')), Permission::delete(Role::user('lorem'))]],
[[Permission::read(Role::user('dolor')), Permission::update(Role::user('dolor')), Permission::delete(Role::user('dolor'))]],
[[Permission::read(Role::user('dolor')), Permission::read(Role::user('lorem')), Permission::update(Role::user('dolor')), Permission::delete(Role::user('dolor'))]],
[[Permission::update(Role::any()), Permission::delete(Role::any())]],
[[Permission::read(Role::any()), Permission::update(Role::any()), Permission::delete(Role::any())]],
[[Permission::read(Role::users()), Permission::update(Role::users()), Permission::delete(Role::users())]],
[[Permission::read(Role::any()), Permission::update(Role::users()), Permission::delete(Role::users())]],
];
}
@ -63,10 +65,10 @@ class DatabasesPermissionsMemberTest extends Scope
'collectionId' => 'unique()',
'name' => 'Movies',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -85,10 +87,10 @@ class DatabasesPermissionsMemberTest extends Scope
'collectionId' => 'unique()',
'name' => 'Private Movies',
'permissions' => [
'read(users)',
'create(users)',
'update(users)',
'delete(users)',
Permission::read(Role::users()),
Permission::create(Role::users()),
Permission::update(Role::users()),
Permission::delete(Role::users()),
],
'documentSecurity' => true,
]);

16
tests/e2e/Services/Databases/DatabasesPermissionsTeamTest.php
View file

@ -45,10 +45,10 @@ class DatabasesPermissionsTeamTest extends Scope
'collectionId' => 'collection1',
'name' => 'Collection 1',
'permissions' => [
'read(team:' . $teams['team1']['$id'] . ')',
'create(team:' . $teams['team1']['$id'] . '/admin)',
'update(team:' . $teams['team1']['$id'] . '/admin)',
'delete(team:' . $teams['team1']['$id'] . '/admin)',
Permission::read(Role::team($teams['team1']['$id'])),
Permission::create(Role::team($teams['team1']['$id'], 'admin')),
Permission::update(Role::team($teams['team1']['$id'], 'admin')),
Permission::delete(Role::team($teams['team1']['$id'], 'admin')),
],
]);
@ -64,10 +64,10 @@ class DatabasesPermissionsTeamTest extends Scope
'collectionId' => 'collection2',
'name' => 'Collection 2',
'permissions' => [
'read(team:' . $teams['team2']['$id'] . ')',
'create(team:' . $teams['team2']['$id'] . '/owner)',
'update(team:' . $teams['team2']['$id'] . '/owner)',
'delete(team:' . $teams['team2']['$id'] . '/owner)',
Permission::read(Role::team($teams['team2']['$id'])),
Permission::create(Role::team($teams['team2']['$id'], 'owner')),
Permission::update(Role::team($teams['team2']['$id'], 'owner')),
Permission::delete(Role::team($teams['team2']['$id'], 'owner')),
]
]);

8
tests/e2e/Services/Realtime/RealtimeConsoleClientTest.php
View file

@ -160,10 +160,10 @@ class RealtimeConsoleClientTest extends Scope
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);

56
tests/e2e/Services/Realtime/RealtimeCustomClientTest.php
View file

@ -645,10 +645,10 @@ class RealtimeCustomClientTest extends Scope
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [
'read(users)',
'create(users)',
'update(users)',
'delete(users)',
Permission::read(Role::users()),
Permission::create(Role::users()),
Permission::update(Role::users()),
Permission::delete(Role::users()),
],
'documentSecurity' => true,
]);
@ -685,9 +685,9 @@ class RealtimeCustomClientTest extends Scope
'name' => 'Chris Evans'
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -731,9 +731,9 @@ class RealtimeCustomClientTest extends Scope
'name' => 'Chris Evans 2'
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -776,9 +776,9 @@ class RealtimeCustomClientTest extends Scope
'name' => 'Bradley Cooper'
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -868,10 +868,10 @@ class RealtimeCustomClientTest extends Scope
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
]
]);
@ -1061,10 +1061,10 @@ class RealtimeCustomClientTest extends Scope
'bucketId' => 'unique()',
'name' => 'Bucket 1',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
]
]);
@ -1080,9 +1080,9 @@ class RealtimeCustomClientTest extends Scope
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -1121,10 +1121,10 @@ class RealtimeCustomClientTest extends Scope
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);

84
tests/e2e/Services/Storage/StorageBase.php
View file

@ -23,10 +23,10 @@ trait StorageBase
'maximumFileSize' => 2000000, //2MB
'allowedFileExtensions' => ["jpg", "png"],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $bucket['headers']['status-code']);
@ -41,9 +41,9 @@ trait StorageBase
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $file['headers']['status-code']);
@ -68,10 +68,10 @@ trait StorageBase
'name' => 'Test Bucket 2',
'fileSecurity' => true,
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $bucket2['headers']['status-code']);
@ -104,9 +104,9 @@ trait StorageBase
'fileId' => $fileId,
'file' => $curlFile,
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$counter++;
@ -145,9 +145,9 @@ trait StorageBase
'fileId' => $fileId,
'file' => $curlFile,
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@fclose($handle);
@ -166,9 +166,9 @@ trait StorageBase
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(404, $res['headers']['status-code']);
@ -184,9 +184,9 @@ trait StorageBase
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-1.png'), 'image/png', 'kitten-1.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -204,9 +204,9 @@ trait StorageBase
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-a/kitten-3.gif'), 'image/gif', 'kitten-3.gif'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -227,10 +227,10 @@ trait StorageBase
'maximumFileSize' => 200000000, //200MB
'allowedFileExtensions' => ["jpg", "png"],
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -479,9 +479,9 @@ trait StorageBase
'fileId' => 'testcache',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $file['headers']['status-code']);
@ -525,9 +525,9 @@ trait StorageBase
'fileId' => 'testcache',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-2.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $file['headers']['status-code']);
@ -571,9 +571,9 @@ trait StorageBase
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);
@ -601,9 +601,9 @@ trait StorageBase
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(user:' . $this->getUser()['$id'] . ')',
'update(user:' . $this->getUser()['$id'] . ')',
'delete(user:' . $this->getUser()['$id'] . ')',
Permission::read(Role::user($this->getUser()['$id'])),
Permission::update(Role::user($this->getUser()['$id'])),
Permission::delete(Role::user($this->getUser()['$id'])),
]
]);

42
tests/e2e/Services/Storage/StorageCustomClientTest.php
View file

@ -30,10 +30,10 @@ class StorageCustomClientTest extends Scope
'bucketId' => 'unique()',
'name' => 'Test Bucket',
'permissions' => [
'read(any)',
'create(users)',
'update(users)',
'delete(users)',
Permission::read(Role::any()),
Permission::create(Role::users()),
Permission::update(Role::users()),
Permission::delete(Role::users()),
],
]);
@ -124,10 +124,10 @@ class StorageCustomClientTest extends Scope
'name' => 'Test Bucket',
'fileSecurity' => true,
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
$this->assertEquals(201, $bucket['headers']['status-code']);
@ -170,7 +170,7 @@ class StorageCustomClientTest extends Scope
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
'folderId' => 'xyz',
'permissions' => [
'read(user:notme)',
Permission::read(Role::user('notme')),
],
]);
@ -188,8 +188,8 @@ class StorageCustomClientTest extends Scope
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
'folderId' => 'xyz',
'permissions' => [
'update(user:notme)',
'delete(user:notme)',
Permission::update(Role::user('notme')),
Permission::delete(Role::user('notme')),
]
]);
@ -207,9 +207,9 @@ class StorageCustomClientTest extends Scope
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'),
'folderId' => 'xyz',
'permissions' => [
'read(user:notme)',
'update(user:notme)',
'delete(user:notme)',
Permission::read(Role::user('notme')),
Permission::update(Role::user('notme')),
Permission::delete(Role::user('notme')),
],
]);
@ -233,7 +233,7 @@ class StorageCustomClientTest extends Scope
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(user:notme)',
Permission::read(Role::user('notme')),
],
]);
@ -248,8 +248,8 @@ class StorageCustomClientTest extends Scope
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'update(user:notme)',
'delete(user:notme)',
Permission::update(Role::user('notme')),
Permission::delete(Role::user('notme')),
]
]);
@ -264,10 +264,10 @@ class StorageCustomClientTest extends Scope
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(user:notme)',
'create(user:notme)',
'update(user:notme)',
'delete(user:notme)',
Permission::read(Role::user('notme')),
Permission::create(Role::user('notme')),
Permission::update(Role::user('notme')),
Permission::delete(Role::user('notme')),
],
]);

48
tests/e2e/Services/Webhooks/WebhooksBase.php
View file

@ -42,10 +42,10 @@ trait WebhooksBase
'collectionId' => 'unique()',
'name' => 'Actors',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);
@ -195,9 +195,9 @@ trait WebhooksBase
'lastName' => 'Evans',
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -257,9 +257,9 @@ trait WebhooksBase
'lastName' => 'Evans2',
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -319,9 +319,9 @@ trait WebhooksBase
],
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -380,10 +380,10 @@ trait WebhooksBase
'bucketId' => 'unique()',
'name' => 'Test Bucket',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);
@ -488,9 +488,9 @@ trait WebhooksBase
'fileId' => 'unique()',
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'folderId' => 'xyz',
]);
@ -549,10 +549,10 @@ trait WebhooksBase
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]);

8
tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php
View file

@ -158,10 +158,10 @@ class WebhooksCustomServerTest extends Scope
'collectionId' => 'unique()',
'name' => 'Demo',
'permissions' => [
'read(any)',
'create(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::create(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'documentSecurity' => true,
]);

24
tests/unit/Messaging/MessagingTest.php
View file

@ -218,9 +218,9 @@ class MessagingTest extends TestCase
collection: new Document([
'$id' => 'collection',
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
])
);
@ -237,9 +237,9 @@ class MessagingTest extends TestCase
'$id' => 'test',
'$collection' => 'collection',
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]),
database: new Document([
@ -279,9 +279,9 @@ class MessagingTest extends TestCase
bucket: new Document([
'$id' => 'bucket',
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
])
);
@ -298,9 +298,9 @@ class MessagingTest extends TestCase
'$id' => 'test',
'$collection' => 'bucket',
'$permissions' => [
'read(any)',
'update(any)',
'delete(any)',
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
]),
bucket: new Document([