Fix found by authorized test case.

This commit is contained in:
mike12345567 2023-07-28 17:06:53 +01:00
parent 3a211b8865
commit 7b9f86d7ea
3 changed files with 11 additions and 10 deletions

View File

@ -149,8 +149,8 @@ describe("check service difference", () => {
const ctx = buildUserCtx({ const ctx = buildUserCtx({
...basicUser, ...basicUser,
builder: { builder: {
apps: [appId] apps: [appId],
} },
}) })
const next = jest.fn() const next = jest.fn()
doInAppContext(appId, () => { doInAppContext(appId, () => {
@ -168,8 +168,8 @@ describe("check service difference", () => {
const ctx = buildUserCtx({ const ctx = buildUserCtx({
...basicUser, ...basicUser,
builder: { builder: {
apps: ["app_a"] apps: ["app_a"],
} },
}) })
const next = jest.fn() const next = jest.fn()
doInAppContext("app_b", () => { doInAppContext("app_b", () => {

View File

@ -9,7 +9,7 @@ jest.mock("../../environment", () => ({
) )
const authorizedMiddleware = require("../authorized").default const authorizedMiddleware = require("../authorized").default
const env = require("../../environment") const env = require("../../environment")
const { permissions } = require("@budibase/backend-core") const { PermissionType, PermissionLevel } = require("@budibase/types")
const APP_ID = "" const APP_ID = ""
@ -112,7 +112,7 @@ describe("Authorization middleware", () => {
it("throws if the user does not have builder permissions", async () => { it("throws if the user does not have builder permissions", async () => {
config.setEnvironment(false) config.setEnvironment(false)
config.setMiddlewareRequiredPermission(permissions.PermissionType.BUILDER) config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
config.setUser({ config.setUser({
role: { role: {
_id: "" _id: ""
@ -124,13 +124,13 @@ describe("Authorization middleware", () => {
}) })
it("passes on to next() middleware if the user has resource permission", async () => { it("passes on to next() middleware if the user has resource permission", async () => {
config.setResourceId(permissions.PermissionType.QUERY) config.setResourceId(PermissionType.QUERY)
config.setUser({ config.setUser({
role: { role: {
_id: "" _id: ""
} }
}) })
config.setMiddlewareRequiredPermission(permissions.PermissionType.QUERY) config.setMiddlewareRequiredPermission(PermissionType.QUERY)
await config.executeMiddleware() await config.executeMiddleware()
expect(config.next).toHaveBeenCalled() expect(config.next).toHaveBeenCalled()
@ -154,7 +154,7 @@ describe("Authorization middleware", () => {
_id: "" _id: ""
}, },
}) })
config.setMiddlewareRequiredPermission(permissions.PermissionType.ADMIN, permissions.PermissionLevel.BASIC) config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC)
await config.executeMiddleware() await config.executeMiddleware()
expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission") expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")

View File

@ -37,7 +37,8 @@ export function hasAppBuilderPermissions(user?: User | ContextUser) {
if (!user) { if (!user) {
return false return false
} }
return !user.builder?.global && user.builder?.apps?.length !== 0 const appLength = user.builder?.apps?.length
return !user.builder?.global && appLength && appLength > 0
} }
// checks if a user is capable of building any app // checks if a user is capable of building any app