Merge branch 'develop' into views-v2-frontend
This commit is contained in:
commit
cefb57d78a
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"version": "2.9.33-alpha.2",
|
||||
"version": "2.9.33-alpha.5",
|
||||
"npmClient": "yarn",
|
||||
"packages": [
|
||||
"packages/*"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
export { CommandWord, InitType, AnalyticsEvent } from "@budibase/types"
|
||||
|
||||
export const POSTHOG_TOKEN = "phc_yGOn4i7jWKaCTapdGR6lfA4AvmuEQ2ijn5zAVSFYPlS"
|
||||
export const POSTHOG_TOKEN = "phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU"
|
||||
export const GENERATED_USER_EMAIL = "admin@admin.com"
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
import Router from "@koa/router"
|
||||
import * as rowController from "../controllers/row"
|
||||
import authorized from "../../middleware/authorized"
|
||||
import authorized, { authorizedResource } from "../../middleware/authorized"
|
||||
import { paramResource, paramSubResource } from "../../middleware/resourceId"
|
||||
import { permissions } from "@budibase/backend-core"
|
||||
import { internalSearchValidator } from "./utils/validators"
|
||||
import trimViewRowInfo from "../../middleware/trimViewRowInfo"
|
||||
|
||||
const { PermissionType, PermissionLevel } = permissions
|
||||
|
||||
const router: Router = new Router()
|
||||
|
@ -269,8 +270,7 @@ router
|
|||
|
||||
router.post(
|
||||
"/api/v2/views/:viewId/search",
|
||||
paramResource("viewId"),
|
||||
authorized(PermissionType.TABLE, PermissionLevel.READ),
|
||||
authorizedResource(PermissionType.VIEW, PermissionLevel.READ, "viewId"),
|
||||
rowController.views.searchView
|
||||
)
|
||||
|
||||
|
|
|
@ -12,8 +12,10 @@ import {
|
|||
PermissionLevel,
|
||||
Row,
|
||||
Table,
|
||||
ViewV2,
|
||||
} from "@budibase/types"
|
||||
import * as setup from "./utilities"
|
||||
import { mocks } from "@budibase/backend-core/tests"
|
||||
|
||||
const { basicRow } = setup.structures
|
||||
const { BUILTIN_ROLE_IDS } = roles
|
||||
|
@ -27,6 +29,7 @@ describe("/permission", () => {
|
|||
let table: Table & { _id: string }
|
||||
let perms: Document[]
|
||||
let row: Row
|
||||
let view: ViewV2
|
||||
|
||||
afterAll(setup.afterAll)
|
||||
|
||||
|
@ -35,10 +38,12 @@ describe("/permission", () => {
|
|||
})
|
||||
|
||||
beforeEach(async () => {
|
||||
mocks.licenses.useCloudFree()
|
||||
mockedSdk.resourceActionAllowed.mockResolvedValue({ allowed: true })
|
||||
|
||||
table = (await config.createTable()) as typeof table
|
||||
row = await config.createRow()
|
||||
view = await config.api.viewV2.create({ tableId: table._id })
|
||||
perms = await config.api.permission.set({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: table._id,
|
||||
|
@ -162,6 +167,72 @@ describe("/permission", () => {
|
|||
expect(res.body[0]._id).toEqual(row._id)
|
||||
})
|
||||
|
||||
it("should be able to access the view data when the table is set to public and with no view permissions overrides", async () => {
|
||||
// replicate changes before checking permissions
|
||||
await config.publish()
|
||||
|
||||
const res = await config.api.viewV2.search(view.id, undefined, {
|
||||
usePublicUser: true,
|
||||
})
|
||||
expect(res.body.rows[0]._id).toEqual(row._id)
|
||||
})
|
||||
|
||||
it("should not be able to access the view data when the table is not public and there are no view permissions overrides", async () => {
|
||||
await config.api.permission.revoke({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: table._id,
|
||||
level: PermissionLevel.READ,
|
||||
})
|
||||
// replicate changes before checking permissions
|
||||
await config.publish()
|
||||
|
||||
await config.api.viewV2.search(view.id, undefined, {
|
||||
expectStatus: 403,
|
||||
usePublicUser: true,
|
||||
})
|
||||
})
|
||||
|
||||
it("should ignore the view permissions if the flag is not on", async () => {
|
||||
await config.api.permission.set({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: view.id,
|
||||
level: PermissionLevel.READ,
|
||||
})
|
||||
await config.api.permission.revoke({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: table._id,
|
||||
level: PermissionLevel.READ,
|
||||
})
|
||||
// replicate changes before checking permissions
|
||||
await config.publish()
|
||||
|
||||
await config.api.viewV2.search(view.id, undefined, {
|
||||
expectStatus: 403,
|
||||
usePublicUser: true,
|
||||
})
|
||||
})
|
||||
|
||||
it("should use the view permissions if the flag is on", async () => {
|
||||
mocks.licenses.useViewPermissions()
|
||||
await config.api.permission.set({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: view.id,
|
||||
level: PermissionLevel.READ,
|
||||
})
|
||||
await config.api.permission.revoke({
|
||||
roleId: STD_ROLE_ID,
|
||||
resourceId: table._id,
|
||||
level: PermissionLevel.READ,
|
||||
})
|
||||
// replicate changes before checking permissions
|
||||
await config.publish()
|
||||
|
||||
const res = await config.api.viewV2.search(view.id, undefined, {
|
||||
usePublicUser: true,
|
||||
})
|
||||
expect(res.body.rows[0]._id).toEqual(row._id)
|
||||
})
|
||||
|
||||
it("shouldn't allow writing from a public user", async () => {
|
||||
const res = await request
|
||||
.post(`/api/${table._id}/rows`)
|
||||
|
|
|
@ -6,8 +6,11 @@ import {
|
|||
users,
|
||||
} from "@budibase/backend-core"
|
||||
import { PermissionLevel, PermissionType, Role, UserCtx } from "@budibase/types"
|
||||
import { features } from "@budibase/pro"
|
||||
import builderMiddleware from "./builder"
|
||||
import { isWebhookEndpoint } from "./utils"
|
||||
import { paramResource } from "./resourceId"
|
||||
import { extractViewInfoFromID, isViewID } from "../db/utils"
|
||||
|
||||
function hasResource(ctx: any) {
|
||||
return ctx.resourceId != null
|
||||
|
@ -74,10 +77,37 @@ const checkAuthorizedResource = async (
|
|||
}
|
||||
}
|
||||
|
||||
export default (
|
||||
const resourceIdTranformers: Partial<
|
||||
Record<PermissionType, (ctx: UserCtx) => Promise<void>>
|
||||
> = {
|
||||
[PermissionType.VIEW]: async ctx => {
|
||||
const { resourceId } = ctx
|
||||
if (!resourceId) {
|
||||
ctx.throw(400, `Cannot obtain the view id`)
|
||||
return
|
||||
}
|
||||
|
||||
if (!isViewID(resourceId)) {
|
||||
ctx.throw(400, `"${resourceId}" is not a valid view id`)
|
||||
return
|
||||
}
|
||||
|
||||
if (await features.isViewPermissionEnabled()) {
|
||||
ctx.subResourceId = ctx.resourceId
|
||||
ctx.resourceId = extractViewInfoFromID(resourceId).tableId
|
||||
} else {
|
||||
ctx.resourceId = extractViewInfoFromID(resourceId).tableId
|
||||
delete ctx.subResourceId
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
const authorized =
|
||||
(
|
||||
permType: PermissionType,
|
||||
permLevel?: PermissionLevel,
|
||||
opts = { schema: false }
|
||||
opts = { schema: false },
|
||||
resourcePath?: string
|
||||
) =>
|
||||
async (ctx: any, next: any) => {
|
||||
// webhooks don't need authentication, each webhook unique
|
||||
|
@ -97,11 +127,27 @@ export default (
|
|||
permLevel === PermissionLevel.READ
|
||||
? PermissionLevel.WRITE
|
||||
: PermissionLevel.READ
|
||||
const appId = context.getAppId()
|
||||
if (appId && hasResource(ctx)) {
|
||||
resourceRoles = await roles.getRequiredResourceRole(permLevel!, ctx)
|
||||
|
||||
if (resourcePath) {
|
||||
// Reusing the existing middleware to extract the value
|
||||
paramResource(resourcePath)(ctx, () => {})
|
||||
}
|
||||
|
||||
if (resourceIdTranformers[permType]) {
|
||||
await resourceIdTranformers[permType]!(ctx)
|
||||
}
|
||||
|
||||
if (hasResource(ctx)) {
|
||||
const { resourceId, subResourceId } = ctx
|
||||
resourceRoles = await roles.getRequiredResourceRole(permLevel!, {
|
||||
resourceId,
|
||||
subResourceId,
|
||||
})
|
||||
if (opts && opts.schema) {
|
||||
otherLevelRoles = await roles.getRequiredResourceRole(otherLevel, ctx)
|
||||
otherLevelRoles = await roles.getRequiredResourceRole(otherLevel, {
|
||||
resourceId,
|
||||
subResourceId,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -143,3 +189,17 @@ export default (
|
|||
// csrf protection
|
||||
return csrf(ctx, next)
|
||||
}
|
||||
|
||||
export default (
|
||||
permType: PermissionType,
|
||||
permLevel?: PermissionLevel,
|
||||
opts = { schema: false }
|
||||
) => authorized(permType, permLevel, opts)
|
||||
|
||||
export const authorizedResource = (
|
||||
permType: PermissionType,
|
||||
permLevel: PermissionLevel,
|
||||
resourcePath: string
|
||||
) => {
|
||||
return authorized(permType, permLevel, undefined, resourcePath)
|
||||
}
|
||||
|
|
|
@ -43,6 +43,7 @@ export class ResourceIdGetter {
|
|||
}
|
||||
}
|
||||
|
||||
/** @deprecated we should use the authorizedResource middleware instead */
|
||||
export function paramResource(main: string) {
|
||||
return new ResourceIdGetter("params").mainResource(main).build()
|
||||
}
|
||||
|
|
|
@ -1,163 +0,0 @@
|
|||
jest.mock("../../environment", () => ({
|
||||
prod: false,
|
||||
isTest: () => true,
|
||||
isProd: () => this.prod,
|
||||
_set: function(key, value) {
|
||||
this.prod = value === "production"
|
||||
}
|
||||
})
|
||||
)
|
||||
const authorizedMiddleware = require("../authorized").default
|
||||
const env = require("../../environment")
|
||||
const { PermissionType, PermissionLevel } = require("@budibase/types")
|
||||
|
||||
const APP_ID = ""
|
||||
|
||||
class TestConfiguration {
|
||||
constructor(role) {
|
||||
this.middleware = authorizedMiddleware(role)
|
||||
this.next = jest.fn()
|
||||
this.throw = jest.fn()
|
||||
this.headers = {}
|
||||
this.ctx = {
|
||||
headers: {},
|
||||
request: {
|
||||
url: ""
|
||||
},
|
||||
appId: APP_ID,
|
||||
auth: {},
|
||||
next: this.next,
|
||||
throw: this.throw,
|
||||
get: (name) => this.headers[name],
|
||||
}
|
||||
}
|
||||
|
||||
executeMiddleware() {
|
||||
return this.middleware(this.ctx, this.next)
|
||||
}
|
||||
|
||||
setUser(user) {
|
||||
this.ctx.user = user
|
||||
}
|
||||
|
||||
setMiddlewareRequiredPermission(...perms) {
|
||||
this.middleware = authorizedMiddleware(...perms)
|
||||
}
|
||||
|
||||
setResourceId(id) {
|
||||
this.ctx.resourceId = id
|
||||
}
|
||||
|
||||
setAuthenticated(isAuthed) {
|
||||
this.ctx.isAuthenticated = isAuthed
|
||||
}
|
||||
|
||||
setRequestUrl(url) {
|
||||
this.ctx.request.url = url
|
||||
}
|
||||
|
||||
setEnvironment(isProd) {
|
||||
env._set("NODE_ENV", isProd ? "production" : "jest")
|
||||
}
|
||||
|
||||
setRequestHeaders(headers) {
|
||||
this.ctx.headers = headers
|
||||
}
|
||||
|
||||
afterEach() {
|
||||
jest.clearAllMocks()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
describe("Authorization middleware", () => {
|
||||
const next = jest.fn()
|
||||
let config
|
||||
|
||||
afterEach(() => {
|
||||
config.afterEach()
|
||||
})
|
||||
|
||||
beforeEach(() => {
|
||||
config = new TestConfiguration()
|
||||
})
|
||||
|
||||
describe("non-webhook call", () => {
|
||||
let config
|
||||
|
||||
beforeEach(() => {
|
||||
config = new TestConfiguration()
|
||||
config.setEnvironment(true)
|
||||
config.setAuthenticated(true)
|
||||
})
|
||||
|
||||
it("throws when no user data is present in context", async () => {
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "No user info found")
|
||||
})
|
||||
|
||||
it("passes on to next() middleware if user is an admin", async () => {
|
||||
config.setUser({
|
||||
_id: "user",
|
||||
role: {
|
||||
_id: "ADMIN",
|
||||
}
|
||||
})
|
||||
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it("throws if the user does not have builder permissions", async () => {
|
||||
config.setEnvironment(false)
|
||||
config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: ""
|
||||
}
|
||||
})
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "Not Authorized")
|
||||
})
|
||||
|
||||
it("passes on to next() middleware if the user has resource permission", async () => {
|
||||
config.setResourceId(PermissionType.QUERY)
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: ""
|
||||
}
|
||||
})
|
||||
config.setMiddlewareRequiredPermission(PermissionType.QUERY)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it("throws if the user session is not authenticated", async () => {
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: ""
|
||||
},
|
||||
})
|
||||
config.setAuthenticated(false)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "Session not authenticated")
|
||||
})
|
||||
|
||||
it("throws if the user does not have base permissions to perform the operation", async () => {
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: ""
|
||||
},
|
||||
})
|
||||
config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")
|
||||
})
|
||||
})
|
||||
})
|
|
@ -0,0 +1,272 @@
|
|||
jest.mock("@budibase/backend-core", () => ({
|
||||
...jest.requireActual("@budibase/backend-core"),
|
||||
roles: {
|
||||
...jest.requireActual("@budibase/backend-core").roles,
|
||||
getRequiredResourceRole: jest.fn().mockResolvedValue([]),
|
||||
},
|
||||
}))
|
||||
jest.mock("../../environment", () => ({
|
||||
prod: false,
|
||||
isTest: () => true,
|
||||
// @ts-ignore
|
||||
isProd: () => this.prod,
|
||||
_set: function (_key: string, value: string) {
|
||||
this.prod = value === "production"
|
||||
},
|
||||
}))
|
||||
|
||||
import { PermissionType, PermissionLevel } from "@budibase/types"
|
||||
|
||||
import authorizedMiddleware from "../authorized"
|
||||
import env from "../../environment"
|
||||
import { generateTableID, generateViewID } from "../../db/utils"
|
||||
import { roles } from "@budibase/backend-core"
|
||||
import { mocks } from "@budibase/backend-core/tests"
|
||||
import { initProMocks } from "../../tests/utilities/mocks/pro"
|
||||
|
||||
const APP_ID = ""
|
||||
|
||||
initProMocks()
|
||||
|
||||
class TestConfiguration {
|
||||
middleware: (ctx: any, next: any) => Promise<void>
|
||||
next: () => void
|
||||
throw: () => void
|
||||
headers: Record<string, any>
|
||||
ctx: any
|
||||
|
||||
constructor() {
|
||||
this.middleware = authorizedMiddleware(PermissionType.APP)
|
||||
this.next = jest.fn()
|
||||
this.throw = jest.fn()
|
||||
this.headers = {}
|
||||
this.ctx = {
|
||||
headers: {},
|
||||
request: {
|
||||
url: "",
|
||||
},
|
||||
appId: APP_ID,
|
||||
auth: {},
|
||||
next: this.next,
|
||||
throw: this.throw,
|
||||
get: (name: string) => this.headers[name],
|
||||
}
|
||||
}
|
||||
|
||||
executeMiddleware() {
|
||||
return this.middleware(this.ctx, this.next)
|
||||
}
|
||||
|
||||
setUser(user: any) {
|
||||
this.ctx.user = user
|
||||
}
|
||||
|
||||
setMiddlewareRequiredPermission(...perms: any[]) {
|
||||
// @ts-ignore
|
||||
this.middleware = authorizedMiddleware(...perms)
|
||||
}
|
||||
|
||||
setResourceId(id?: string) {
|
||||
this.ctx.resourceId = id
|
||||
}
|
||||
|
||||
setAuthenticated(isAuthed: boolean) {
|
||||
this.ctx.isAuthenticated = isAuthed
|
||||
}
|
||||
|
||||
setRequestUrl(url: string) {
|
||||
this.ctx.request.url = url
|
||||
}
|
||||
|
||||
setEnvironment(isProd: boolean) {
|
||||
env._set("NODE_ENV", isProd ? "production" : "jest")
|
||||
}
|
||||
|
||||
setRequestHeaders(headers: Record<string, any>) {
|
||||
this.ctx.headers = headers
|
||||
}
|
||||
|
||||
afterEach() {
|
||||
jest.clearAllMocks()
|
||||
}
|
||||
}
|
||||
|
||||
describe("Authorization middleware", () => {
|
||||
let config: TestConfiguration
|
||||
|
||||
afterEach(() => {
|
||||
config.afterEach()
|
||||
})
|
||||
|
||||
beforeEach(() => {
|
||||
jest.clearAllMocks()
|
||||
mocks.licenses.useCloudFree()
|
||||
config = new TestConfiguration()
|
||||
})
|
||||
|
||||
describe("non-webhook call", () => {
|
||||
beforeEach(() => {
|
||||
config = new TestConfiguration()
|
||||
config.setEnvironment(true)
|
||||
config.setAuthenticated(true)
|
||||
})
|
||||
|
||||
it("throws when no user data is present in context", async () => {
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "No user info found")
|
||||
})
|
||||
|
||||
it("passes on to next() middleware if user is an admin", async () => {
|
||||
config.setUser({
|
||||
_id: "user",
|
||||
role: {
|
||||
_id: "ADMIN",
|
||||
},
|
||||
})
|
||||
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it("throws if the user does not have builder permissions", async () => {
|
||||
config.setEnvironment(false)
|
||||
config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: "",
|
||||
},
|
||||
})
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).toHaveBeenCalledWith(403, "Not Authorized")
|
||||
})
|
||||
|
||||
it("passes on to next() middleware if the user has resource permission", async () => {
|
||||
config.setResourceId(PermissionType.QUERY)
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: "",
|
||||
},
|
||||
})
|
||||
config.setMiddlewareRequiredPermission(PermissionType.QUERY)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it("throws if the user session is not authenticated", async () => {
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: "",
|
||||
},
|
||||
})
|
||||
config.setAuthenticated(false)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenCalledWith(
|
||||
403,
|
||||
"Session not authenticated"
|
||||
)
|
||||
})
|
||||
|
||||
it("throws if the user does not have base permissions to perform the operation", async () => {
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: "",
|
||||
},
|
||||
})
|
||||
config.setMiddlewareRequiredPermission(
|
||||
PermissionType.APP,
|
||||
PermissionLevel.READ
|
||||
)
|
||||
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenCalledWith(
|
||||
403,
|
||||
"User does not have permission"
|
||||
)
|
||||
})
|
||||
|
||||
describe("view type", () => {
|
||||
const tableId = generateTableID()
|
||||
const viewId = generateViewID(tableId)
|
||||
|
||||
const mockedGetRequiredResourceRole =
|
||||
roles.getRequiredResourceRole as jest.MockedFunction<
|
||||
typeof roles.getRequiredResourceRole
|
||||
>
|
||||
|
||||
beforeEach(() => {
|
||||
config.setMiddlewareRequiredPermission(
|
||||
PermissionType.VIEW,
|
||||
PermissionLevel.READ
|
||||
)
|
||||
config.setResourceId(viewId)
|
||||
|
||||
mockedGetRequiredResourceRole.mockResolvedValue(["PUBLIC"])
|
||||
|
||||
config.setUser({
|
||||
_id: "user",
|
||||
role: {
|
||||
_id: "PUBLIC",
|
||||
},
|
||||
})
|
||||
})
|
||||
|
||||
it("will ignore view permissions if flag is off", async () => {
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).not.toBeCalled()
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
|
||||
expect(mockedGetRequiredResourceRole).toBeCalledTimes(1)
|
||||
expect(mockedGetRequiredResourceRole).toBeCalledWith(
|
||||
PermissionLevel.READ,
|
||||
expect.objectContaining({
|
||||
resourceId: tableId,
|
||||
subResourceId: undefined,
|
||||
})
|
||||
)
|
||||
})
|
||||
|
||||
it("will use view permissions if flag is on", async () => {
|
||||
mocks.licenses.useViewPermissions()
|
||||
await config.executeMiddleware()
|
||||
|
||||
expect(config.throw).not.toBeCalled()
|
||||
expect(config.next).toHaveBeenCalled()
|
||||
|
||||
expect(mockedGetRequiredResourceRole).toBeCalledTimes(1)
|
||||
expect(mockedGetRequiredResourceRole).toBeCalledWith(
|
||||
PermissionLevel.READ,
|
||||
expect.objectContaining({
|
||||
resourceId: tableId,
|
||||
subResourceId: viewId,
|
||||
})
|
||||
)
|
||||
})
|
||||
|
||||
it("throw an exception if the resource id is not provided", async () => {
|
||||
config.setResourceId(undefined)
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenNthCalledWith(
|
||||
1,
|
||||
400,
|
||||
"Cannot obtain the view id"
|
||||
)
|
||||
})
|
||||
|
||||
it("throw an exception if the resource id is not a valid view id", async () => {
|
||||
config.setResourceId(tableId)
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenNthCalledWith(
|
||||
1,
|
||||
400,
|
||||
`"${tableId}" is not a valid view id`
|
||||
)
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
|
@ -1,12 +1,13 @@
|
|||
import TestConfiguration from "../../../../tests/utilities/TestConfiguration"
|
||||
import { PermissionLevel } from "@budibase/types"
|
||||
import { mocks, structures } from "@budibase/backend-core/tests"
|
||||
import { resourceActionAllowed } from ".."
|
||||
import { generateViewID } from "../../../../db/utils"
|
||||
import { initProMocks } from "../../../../tests/utilities/mocks/pro"
|
||||
|
||||
initProMocks()
|
||||
|
||||
describe("permissions sdk", () => {
|
||||
beforeEach(() => {
|
||||
new TestConfiguration()
|
||||
mocks.licenses.useCloudFree()
|
||||
})
|
||||
|
||||
|
|
|
@ -78,12 +78,16 @@ export class ViewV2API extends TestAPI {
|
|||
search = async (
|
||||
viewId: string,
|
||||
params?: SearchViewRowRequest,
|
||||
{ expectStatus } = { expectStatus: 200 }
|
||||
{ expectStatus = 200, usePublicUser = false } = {}
|
||||
) => {
|
||||
return this.request
|
||||
.post(`/api/v2/views/${viewId}/search`)
|
||||
.send(params)
|
||||
.set(this.config.defaultHeaders())
|
||||
.set(
|
||||
usePublicUser
|
||||
? this.config.publicHeaders()
|
||||
: this.config.defaultHeaders()
|
||||
)
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(expectStatus)
|
||||
}
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
// init the licensing mock
|
||||
import { mocks } from "@budibase/backend-core/tests"
|
||||
import * as pro from "@budibase/pro"
|
||||
|
||||
export const initProMocks = () => {
|
||||
mocks.licenses.init(pro)
|
||||
|
||||
// use unlimited license by default
|
||||
mocks.licenses.useUnlimited()
|
||||
}
|
|
@ -15,4 +15,5 @@ export enum PermissionType {
|
|||
BUILDER = "builder",
|
||||
GLOBAL_BUILDER = "globalBuilder",
|
||||
QUERY = "query",
|
||||
VIEW = "view",
|
||||
}
|
||||
|
|
|
@ -54,24 +54,36 @@ if [ -d "../account-portal" ]; then
|
|||
yarn bootstrap
|
||||
|
||||
cd packages/server
|
||||
echo "Linking backend-core to account-portal"
|
||||
echo "Linking backend-core to account-portal (server)"
|
||||
yarn link "@budibase/backend-core"
|
||||
|
||||
echo "Linking string-templates to account-portal"
|
||||
echo "Linking string-templates to account-portal (server)"
|
||||
yarn link "@budibase/string-templates"
|
||||
|
||||
echo "Linking types to account-portal"
|
||||
echo "Linking types to account-portal (server)"
|
||||
yarn link "@budibase/types"
|
||||
|
||||
echo "Linking shared-core to account-portal (server)"
|
||||
yarn link "@budibase/shared-core"
|
||||
|
||||
if [ $pro_loaded_locally = true ]; then
|
||||
echo "Linking pro to account-portal"
|
||||
echo "Linking pro to account-portal (server)"
|
||||
yarn link "@budibase/pro"
|
||||
fi
|
||||
|
||||
cd ../ui
|
||||
echo "Linking bbui to account-portal"
|
||||
echo "Linking bbui to account-portal (ui)"
|
||||
yarn link "@budibase/bbui"
|
||||
|
||||
echo "Linking frontend-core to account-portal"
|
||||
echo "Linking shared-core to account-portal (ui)"
|
||||
yarn link "@budibase/shared-core"
|
||||
|
||||
echo "Linking string-templates to account-portal (ui)"
|
||||
yarn link "@budibase/string-templates"
|
||||
|
||||
echo "Linking types to account-portal (ui)"
|
||||
yarn link "@budibase/types"
|
||||
|
||||
echo "Linking frontend-core to account-portal (ui)"
|
||||
yarn link "@budibase/frontend-core"
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue