Add a simpler test.

2024-03-05 10:05:05 +00:00 · 2024-03-05 10:05:05 +00:00 · aa124524d4
parent 4c6745ad20
commit aa124524d4
4 changed files with 44 additions and 6 deletions
--- a/packages/backend-core/src/cache/user.ts
+++ b/packages/backend-core/src/cache/user.ts
@ -6,7 +6,7 @@ import env from "../environment"
 import * as accounts from "../accounts"
 import { UserDB } from "../users"
 import { sdk } from "@budibase/shared-core"
-import { User } from "@budibase/types"
+import { User, UserMetadata } from "@budibase/types"

 const EXPIRY_SECONDS = 3600

@ -15,7 +15,7 @@ const EXPIRY_SECONDS = 3600
 */
 async function populateFromDB(userId: string, tenantId: string) {
  const db = tenancy.getTenantDB(tenantId)
-  const user = await db.get<any>(userId)
+  const user = await db.get<UserMetadata>(userId)
  user.budibaseAccess = true
  if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
    const account = await accounts.getAccount(user.email)
--- a/packages/server/src/api/controllers/user.ts
+++ b/packages/server/src/api/controllers/user.ts
@ -1,6 +1,6 @@
 import { generateUserFlagID, InternalTables } from "../../db/utils"
 import { getFullUser } from "../../utilities/users"
-import { context } from "@budibase/backend-core"
+import { cache, context } from "@budibase/backend-core"
 import {
  ContextUserMetadata,
  Ctx,
@ -42,6 +42,7 @@ export async function updateMetadata(
  // this isn't applicable to the user
  delete metadata.roles
  ctx.body = await db.put(metadata)
+  await cache.user.invalidateUser(user._id!)
 }

 export async function destroyMetadata(ctx: UserCtx<void, { message: string }>) {
--- a/packages/server/src/api/routes/tests/application.spec.ts
+++ b/packages/server/src/api/routes/tests/application.spec.ts
@ -256,7 +256,44 @@ describe("/applications", () => {
  })

  describe("permissions", () => {
-    it("should only return apps a user has access to", async () => {
+    it.only("should only return apps a user has access to", async () => {
+      const user = await config.createUser({
+        builder: { global: false },
+        admin: { global: false },
+      })
+
+      const table = await config.api.table.save({
+        name: "table",
+        type: "table",
+        sourceId: INTERNAL_TABLE_SOURCE_ID,
+        sourceType: TableSourceType.INTERNAL,
+        schema: {
+          name: {
+            type: FieldType.STRING,
+            name: "name",
+          },
+        },
+      })
+
+      await config.withUser(user, async () => {
+        const apps = await config.api.application.fetch()
+        expect(apps).toHaveLength(0)
+      })
+
+      await config.api.user.update({
+        ...user,
+        builder: {
+          [config.getAppId()]: true,
+        },
+      })
+
+      await config.withUser(user, async () => {
+        const apps = await config.api.application.fetch()
+        expect(apps).toHaveLength(1)
+      })
+    })
+
+    it("should only return apps a user has access to through a custom role on a group", async () => {
      const user = await config.createUser({
        builder: { global: false },
        admin: { global: false },
--- a/packages/server/src/tests/utilities/TestConfiguration.ts
+++ b/packages/server/src/tests/utilities/TestConfiguration.ts
@ -299,11 +299,11 @@ export default class TestConfiguration {
    }
  }

-  withUser(user: User, f: () => Promise<void>) {
+  async withUser(user: User, f: () => Promise<void>) {
    const oldUser = this.user
    this.user = user
    try {
-      return f()
+      return await f()
    } finally {
      this.user = oldUser
    }