refactor: rename "Permissions" enum to "RequiredPermission"

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2025-05-20 02:05:21 -04:00 · 2023-05-19 13:55:12 +02:00 · 2023-05-19 13:55:12 +02:00 · 488238d854
commit 488238d854
parent 6b73016583
10 changed files with 73 additions and 68 deletions
--- a/backend/src/permissions/permissions.enum.ts
+++ b/backend/src/permissions/permissions.enum.ts
@ -1,15 +0,0 @@
-/*
- * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
- *
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-/**
- * Represents the Permissions a user may hold in a request
- */
-export enum Permission {
-  READ = 'read',
-  WRITE = 'write',
-  CREATE = 'create',
-  OWNER = 'owner',
-}
--- a/backend/src/permissions/permissions.guard.ts
+++ b/backend/src/permissions/permissions.guard.ts
@ -10,8 +10,8 @@ import { extractNoteFromRequest } from '../api/utils/extract-note-from-request';
 import { CompleteRequest } from '../api/utils/request.type';
 import { ConsoleLoggerService } from '../logger/console-logger.service';
 import { NotesService } from '../notes/notes.service';
-import { Permission } from './permissions.enum';
 import { PermissionsService } from './permissions.service';
+import { RequiredPermission } from './required-permission.enum';

 /**
 * This guards controller methods from access, if the user has not the appropriate permissions.
@ -31,7 +31,7 @@ export class PermissionsGuard implements CanActivate {
  }

  async canActivate(context: ExecutionContext): Promise<boolean> {
-    const permissions = this.reflector.get<Permission[]>(
+    const permissions = this.reflector.get<RequiredPermission[]>(
      'permissions',
      context.getHandler(),
    );
@ -45,7 +45,7 @@ export class PermissionsGuard implements CanActivate {
    const request: CompleteRequest = context.switchToHttp().getRequest();
    const user = request.user ?? null;
    // handle CREATE permissions, as this does not need any note
-    if (permissions[0] === Permission.CREATE) {
+    if (permissions[0] === RequiredPermission.CREATE) {
      return this.permissionsService.mayCreate(user);
    }
    // Attention: This gets the note an additional time if used in conjunction with GetNoteInterceptor or NoteHeaderInterceptor
--- a/backend/src/permissions/permissions.service.spec.ts
+++ b/backend/src/permissions/permissions.service.spec.ts
@ -44,9 +44,9 @@ import { User } from '../users/user.entity';
 import { UsersModule } from '../users/users.module';
 import { NoteGroupPermission } from './note-group-permission.entity';
 import { NoteUserPermission } from './note-user-permission.entity';
-import { Permission } from './permissions.enum';
 import { PermissionsModule } from './permissions.module';
 import { PermissionsService } from './permissions.service';
+import { RequiredPermission } from './required-permission.enum';

 function mockedEventEmitter(eventEmitter: EventEmitter2) {
  return jest.spyOn(eventEmitter, 'emit').mockImplementationOnce((event) => {
@ -188,6 +188,7 @@ describe('PermissionsService', () => {
      return isOwner;
    });
  }
+
  beforeEach(() => {
    mockNoteRepo(noteRepo);
    eventEmitterEmitSpy = mockedEventEmitter(eventEmitter);
@ -793,14 +794,18 @@ describe('PermissionsService', () => {
      it('with mayRead', async () => {
        mockMayReadTrue();
        expect(
-          await service.checkPermissionOnNote(Permission.READ, user1, notes[0]),
+          await service.checkPermissionOnNote(
+            RequiredPermission.READ,
+            user1,
+            notes[0],
+          ),
        ).toBeTruthy();
      });
      it('with mayWrite', async () => {
        mockMayWriteTrue();
        expect(
          await service.checkPermissionOnNote(
-            Permission.WRITE,
+            RequiredPermission.WRITE,
            user1,
            notes[0],
          ),
@ -810,7 +815,7 @@ describe('PermissionsService', () => {
        mockIsOwner(true);
        expect(
          await service.checkPermissionOnNote(
-            Permission.OWNER,
+            RequiredPermission.OWNER,
            user1,
            notes[0],
          ),
@ -824,7 +829,7 @@ describe('PermissionsService', () => {
        mockIsOwner(false);
        expect(
          await service.checkPermissionOnNote(
-            Permission.OWNER,
+            RequiredPermission.OWNER,
            user1,
            notes[0],
          ),
--- a/backend/src/permissions/permissions.service.ts
+++ b/backend/src/permissions/permissions.service.ts
@ -27,7 +27,7 @@ import { UsersService } from '../users/users.service';
 import { checkArrayForDuplicates } from '../utils/arrayDuplicatCheck';
 import { NoteGroupPermission } from './note-group-permission.entity';
 import { NoteUserPermission } from './note-user-permission.entity';
-import { Permission } from './permissions.enum';
+import { RequiredPermission } from './required-permission.enum';

@Injectable()
 export class PermissionsService {
@ -44,22 +44,22 @@ export class PermissionsService {
   * Checks if the given {@link User} is has the in {@link desiredPermission} specified permission on {@link Note}.
   *
   * @async
-   * @param {Permission} desiredPermission - permission level to check for
+   * @param {RequiredPermission} desiredPermission - permission level to check for
   * @param {User} user - The user whose permission should be checked. Value is null if guest access should be checked
   * @param {Note} note - The note for which the permission should be checked
   * @return if the user has the specified permission on the note
   */
  public async checkPermissionOnNote(
-    desiredPermission: Exclude<Permission, Permission.CREATE>,
+    desiredPermission: Exclude<RequiredPermission, RequiredPermission.CREATE>,
    user: User | null,
    note: Note,
  ): Promise<boolean> {
    switch (desiredPermission) {
-      case Permission.READ:
+      case RequiredPermission.READ:
        return await this.mayRead(user, note);
-      case Permission.WRITE:
+      case RequiredPermission.WRITE:
        return await this.mayWrite(user, note);
-      case Permission.OWNER:
+      case RequiredPermission.OWNER:
        return await this.isOwner(user, note);
    }
  }
--- a/backend/src/permissions/require-permission.decorator.ts
+++ b/backend/src/permissions/require-permission.decorator.ts
@ -5,7 +5,7 @@
 */
 import { CustomDecorator, SetMetadata } from '@nestjs/common';

-import { Permission } from './permissions.enum';
+import { RequiredPermission } from './required-permission.enum';

 /**
 * This decorator gathers the {@link Permission Permission} a user must hold for the {@link PermissionsGuard}
@ -14,5 +14,5 @@ import { Permission } from './permissions.enum';
 */
 // eslint-disable-next-line func-style,@typescript-eslint/naming-convention
 export const RequirePermission = (
-  ...permissions: Permission[]
+  ...permissions: RequiredPermission[]
 ): CustomDecorator => SetMetadata('permissions', permissions);
--- a/backend/src/permissions/required-permission.enum.ts
+++ b/backend/src/permissions/required-permission.enum.ts
@ -0,0 +1,15 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+/**
+ * Represents the required access level a user needs to use a specific API endpoint.
+ */
+export enum RequiredPermission {
+  READ = 'read',
+  WRITE = 'write',
+  OWNER = 'owner',
+  CREATE = 'create',
+}