From 7b9f86d7eadb5048c4d96b9cad1e7b92407ef5b0 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Fri, 28 Jul 2023 17:06:53 +0100 Subject: [PATCH] Fix found by authorized test case. --- .../backend-core/src/middleware/tests/builder.spec.ts | 8 ++++---- .../server/src/middleware/tests/authorized.spec.js | 10 +++++----- packages/shared-core/src/sdk/documents/users.ts | 3 ++- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/packages/backend-core/src/middleware/tests/builder.spec.ts b/packages/backend-core/src/middleware/tests/builder.spec.ts index 52d2fbae9f..d350eff4f6 100644 --- a/packages/backend-core/src/middleware/tests/builder.spec.ts +++ b/packages/backend-core/src/middleware/tests/builder.spec.ts @@ -149,8 +149,8 @@ describe("check service difference", () => { const ctx = buildUserCtx({ ...basicUser, builder: { - apps: [appId] - } + apps: [appId], + }, }) const next = jest.fn() doInAppContext(appId, () => { @@ -168,8 +168,8 @@ describe("check service difference", () => { const ctx = buildUserCtx({ ...basicUser, builder: { - apps: ["app_a"] - } + apps: ["app_a"], + }, }) const next = jest.fn() doInAppContext("app_b", () => { diff --git a/packages/server/src/middleware/tests/authorized.spec.js b/packages/server/src/middleware/tests/authorized.spec.js index 436ab7d041..3adc4d99a1 100644 --- a/packages/server/src/middleware/tests/authorized.spec.js +++ b/packages/server/src/middleware/tests/authorized.spec.js @@ -9,7 +9,7 @@ jest.mock("../../environment", () => ({ ) const authorizedMiddleware = require("../authorized").default const env = require("../../environment") -const { permissions } = require("@budibase/backend-core") +const { PermissionType, PermissionLevel } = require("@budibase/types") const APP_ID = "" @@ -112,7 +112,7 @@ describe("Authorization middleware", () => { it("throws if the user does not have builder permissions", async () => { config.setEnvironment(false) - config.setMiddlewareRequiredPermission(permissions.PermissionType.BUILDER) + config.setMiddlewareRequiredPermission(PermissionType.BUILDER) config.setUser({ role: { _id: "" @@ -124,13 +124,13 @@ describe("Authorization middleware", () => { }) it("passes on to next() middleware if the user has resource permission", async () => { - config.setResourceId(permissions.PermissionType.QUERY) + config.setResourceId(PermissionType.QUERY) config.setUser({ role: { _id: "" } }) - config.setMiddlewareRequiredPermission(permissions.PermissionType.QUERY) + config.setMiddlewareRequiredPermission(PermissionType.QUERY) await config.executeMiddleware() expect(config.next).toHaveBeenCalled() @@ -154,7 +154,7 @@ describe("Authorization middleware", () => { _id: "" }, }) - config.setMiddlewareRequiredPermission(permissions.PermissionType.ADMIN, permissions.PermissionLevel.BASIC) + config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC) await config.executeMiddleware() expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission") diff --git a/packages/shared-core/src/sdk/documents/users.ts b/packages/shared-core/src/sdk/documents/users.ts index 92379a03ba..d55321ee8b 100644 --- a/packages/shared-core/src/sdk/documents/users.ts +++ b/packages/shared-core/src/sdk/documents/users.ts @@ -37,7 +37,8 @@ export function hasAppBuilderPermissions(user?: User | ContextUser) { if (!user) { return false } - return !user.builder?.global && user.builder?.apps?.length !== 0 + const appLength = user.builder?.apps?.length + return !user.builder?.global && appLength && appLength > 0 } // checks if a user is capable of building any app