From 473468b481c730b7d2dcdfa6db70f7acb7aebcf2 Mon Sep 17 00:00:00 2001 From: Michael Shanks Date: Wed, 27 May 2020 17:37:07 +0100 Subject: [PATCH] few changes from code review --- .../src/api/routes/tests/couchTestUtils.js | 14 ++--- .../server/src/api/routes/tests/view.spec.js | 4 +- packages/server/src/utilities/accessLevels.js | 54 ++++++++++++------- 3 files changed, 43 insertions(+), 29 deletions(-) diff --git a/packages/server/src/api/routes/tests/couchTestUtils.js b/packages/server/src/api/routes/tests/couchTestUtils.js index efec051ff8..be360635a8 100644 --- a/packages/server/src/api/routes/tests/couchTestUtils.js +++ b/packages/server/src/api/routes/tests/couchTestUtils.js @@ -41,7 +41,7 @@ exports.createModel = async (request, instanceId, model) => { return res.body } -exports.createRecord = async (request, instanceId, modelId, record) => { +exports.createRecord = async ({ request, instanceId, modelId, record }) => { record = record || { modelId, name: "test name", @@ -108,7 +108,7 @@ exports.createUser = async ( return res.body } -const createUser_WithOnePermission = async ( +const createUserWithOnePermission = async ( request, instanceId, permName, @@ -127,7 +127,7 @@ const createUser_WithOnePermission = async ( ) } -const createUser_WithAdminPermissions = async (request, instanceId) => { +const createUserWithAdminPermissions = async (request, instanceId) => { let permissions = await generateAdminPermissions(instanceId) return await createUserWithPermissions( @@ -138,7 +138,7 @@ const createUser_WithAdminPermissions = async (request, instanceId) => { ) } -const createUser_WithAllPermissionExceptOne = async ( +const createUserWithAllPermissionExceptOne = async ( request, instanceId, permName, @@ -203,7 +203,7 @@ exports.testPermissionsForEndpoint = async ({ permissionName, itemId, }) => { - const headers = await createUser_WithOnePermission( + const headers = await createUserWithOnePermission( request, instanceId, permissionName, @@ -214,7 +214,7 @@ exports.testPermissionsForEndpoint = async ({ .set(headers) .expect(200) - const noPermsHeaders = await createUser_WithAllPermissionExceptOne( + const noPermsHeaders = await createUserWithAllPermissionExceptOne( request, instanceId, permissionName, @@ -233,7 +233,7 @@ exports.builderEndpointShouldBlockNormalUsers = async ({ body, instanceId, }) => { - const headers = await createUser_WithAdminPermissions(request, instanceId) + const headers = await createUserWithAdminPermissions(request, instanceId) await createRequest(request, method, url, body) .set(headers) diff --git a/packages/server/src/api/routes/tests/view.spec.js b/packages/server/src/api/routes/tests/view.spec.js index df2c6e0048..c6231cf336 100644 --- a/packages/server/src/api/routes/tests/view.spec.js +++ b/packages/server/src/api/routes/tests/view.spec.js @@ -105,8 +105,8 @@ describe("/views", () => { it("should return records from custom view", async () => { await createView() - const rec1 = await createRecord(request, instance._id, model._id) - await createRecord(request, instance._id, model._id) + const rec1 = await createRecord({ request, instanceId: instance._id, modelId: model._id }) + await createRecord({ request, instanceId: instance._id, modelId: model._id }) const res = await request .get(`/api/${instance._id}/views/TestView`) .set(defaultHeaders) diff --git a/packages/server/src/utilities/accessLevels.js b/packages/server/src/utilities/accessLevels.js index b859d35f61..56e1647c31 100644 --- a/packages/server/src/utilities/accessLevels.js +++ b/packages/server/src/utilities/accessLevels.js @@ -2,29 +2,29 @@ const viewController = require("../api/controllers/view") const modelController = require("../api/controllers/model") const workflowController = require("../api/controllers/workflow") -exports.ADMIN_LEVEL_ID = "ADMIN" -exports.POWERUSER_LEVEL_ID = "POWER_USER" +const ADMIN_LEVEL_ID = "ADMIN" +const POWERUSER_LEVEL_ID = "POWER_USER" -exports.READ_MODEL = "read-model" -exports.WRITE_MODEL = "write-model" -exports.READ_VIEW = "read-view" -exports.EXECUTE_WORKFLOW = "execute-workflow" -exports.USER_MANAGEMENT = "user-management" -exports.BUILDER = "builder" -exports.LIST_USERS = "list-users" +const READ_MODEL = "read-model" +const WRITE_MODEL = "write-model" +const READ_VIEW = "read-view" +const EXECUTE_WORKFLOW = "execute-workflow" +const USER_MANAGEMENT = "user-management" +const BUILDER = "builder" +const LIST_USERS = "list-users" -exports.adminPermissions = [ +const adminPermissions = [ { - name: exports.USER_MANAGEMENT, + name: USER_MANAGEMENT, }, ] -exports.generateAdminPermissions = async instanceId => [ - ...exports.adminPermissions, - ...(await exports.generatePowerUserPermissions(instanceId)), +const generateAdminPermissions = async instanceId => [ + ...adminPermissions, + ...(await generatePowerUserPermissions(instanceId)), ] -exports.generatePowerUserPermissions = async instanceId => { +const generatePowerUserPermissions = async instanceId => { const fetchModelsCtx = { params: { instanceId, @@ -51,22 +51,22 @@ exports.generatePowerUserPermissions = async instanceId => { const readModelPermissions = models.map(m => ({ itemId: m._id, - name: exports.READ_MODEL, + name: READ_MODEL, })) const writeModelPermissions = models.map(m => ({ itemId: m._id, - name: exports.WRITE_MODEL, + name: WRITE_MODEL, })) const viewPermissions = views.map(v => ({ itemId: v.name, - name: exports.READ_VIEW, + name: READ_VIEW, })) const executeWorkflowPermissions = workflows.map(w => ({ itemId: w._id, - name: exports.EXECUTE_WORKFLOW, + name: EXECUTE_WORKFLOW, })) return [ @@ -74,6 +74,20 @@ exports.generatePowerUserPermissions = async instanceId => { ...writeModelPermissions, ...viewPermissions, ...executeWorkflowPermissions, - { name: exports.LIST_USERS }, + { name: LIST_USERS }, ] } + +module.exports = { + ADMIN_LEVEL_ID, + POWERUSER_LEVEL_ID, + READ_MODEL, + WRITE_MODEL, + READ_VIEW, + EXECUTE_WORKFLOW, + USER_MANAGEMENT, + BUILDER, + LIST_USERS, + generateAdminPermissions, + generatePowerUserPermissions, +}