mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-05-23 19:47:03 -04:00
Move permission update functions to permissions controller
Signed-off-by: Yannick Bungers <git@innay.de>
This commit is contained in:
Yannick Bungers
Yannick Bungers
parent
e1e3138561
commit
70d7ca5475
6 changed files with 888 additions and 865 deletions
|
|
@ -16,7 +16,6 @@ import {
|
|||
AlreadyInDBError,
|
||||
ForbiddenIdError,
|
||||
NotInDBError,
|
||||
PermissionsUpdateInconsistentError,
|
||||
} from '../errors/errors';
|
||||
import { Group } from '../groups/group.entity';
|
||||
import { GroupsModule } from '../groups/groups.module';
|
||||
|
|
@ -32,10 +31,6 @@ import { User } from '../users/user.entity';
|
|||
import { UsersModule } from '../users/users.module';
|
||||
import { Alias } from './alias.entity';
|
||||
import { AliasService } from './alias.service';
|
||||
import {
|
||||
NoteGroupPermissionUpdateDto,
|
||||
NoteUserPermissionUpdateDto,
|
||||
} from './note-permissions.dto';
|
||||
import { Note } from './note.entity';
|
||||
import { NotesService } from './notes.service';
|
||||
import { Tag } from './tag.entity';
|
||||
|
|
@ -45,7 +40,6 @@ describe('NotesService', () => {
|
|||
let noteRepo: Repository<Note>;
|
||||
let revisionRepo: Repository<Revision>;
|
||||
let userRepo: Repository<User>;
|
||||
let groupRepo: Repository<Group>;
|
||||
let forbiddenNoteId: string;
|
||||
|
||||
beforeEach(async () => {
|
||||
|
|
@ -122,8 +116,6 @@ describe('NotesService', () => {
|
|||
revisionRepo = module.get<Repository<Revision>>(
|
||||
getRepositoryToken(Revision),
|
||||
);
|
||||
userRepo = module.get<Repository<User>>(getRepositoryToken(User));
|
||||
groupRepo = module.get<Repository<Group>>(getRepositoryToken(Group));
|
||||
});
|
||||
|
||||
it('should be defined', () => {
|
||||
|
|
@ -357,536 +349,6 @@ describe('NotesService', () => {
|
|||
});
|
||||
});
|
||||
|
||||
describe('updateNotePermissions', () => {
|
||||
const userPermissionUpdate = new NoteUserPermissionUpdateDto();
|
||||
userPermissionUpdate.username = 'hardcoded';
|
||||
userPermissionUpdate.canEdit = true;
|
||||
const groupPermissionUpate = new NoteGroupPermissionUpdateDto();
|
||||
groupPermissionUpate.groupName = 'testGroup';
|
||||
groupPermissionUpate.canEdit = false;
|
||||
const user = User.create(userPermissionUpdate.username, 'Testy') as User;
|
||||
const group = Group.create(
|
||||
groupPermissionUpate.groupName,
|
||||
groupPermissionUpate.groupName,
|
||||
false,
|
||||
) as Group;
|
||||
const note = Note.create(user) as Note;
|
||||
describe('works', () => {
|
||||
it('with empty GroupPermissions and with empty UserPermissions', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const savedNote = await service.updateNotePermissions(note, {
|
||||
sharedToUsers: [],
|
||||
sharedToGroups: [],
|
||||
});
|
||||
expect(await savedNote.userPermissions).toHaveLength(0);
|
||||
expect(await savedNote.groupPermissions).toHaveLength(0);
|
||||
});
|
||||
it('with empty GroupPermissions and with new UserPermissions', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
const savedNote = await service.updateNotePermissions(note, {
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [],
|
||||
});
|
||||
expect(await savedNote.userPermissions).toHaveLength(1);
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect(await savedNote.groupPermissions).toHaveLength(0);
|
||||
});
|
||||
it('with empty GroupPermissions and with existing UserPermissions', async () => {
|
||||
const noteWithPreexistingPermissions: Note = { ...note };
|
||||
noteWithPreexistingPermissions.userPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithPreexistingPermissions,
|
||||
user: user,
|
||||
canEdit: !userPermissionUpdate.canEdit,
|
||||
},
|
||||
]);
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
const savedNote = await service.updateNotePermissions(note, {
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [],
|
||||
});
|
||||
expect(await savedNote.userPermissions).toHaveLength(1);
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect(await savedNote.groupPermissions).toHaveLength(0);
|
||||
});
|
||||
it('with new GroupPermissions and with empty UserPermissions', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
const savedNote = await service.updateNotePermissions(note, {
|
||||
sharedToUsers: [],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
});
|
||||
expect(await savedNote.userPermissions).toHaveLength(0);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
it('with new GroupPermissions and with new UserPermissions', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
const savedNote = await service.updateNotePermissions(note, {
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
});
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
it('with new GroupPermissions and with existing UserPermissions', async () => {
|
||||
const noteWithUserPermission: Note = { ...note };
|
||||
noteWithUserPermission.userPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithUserPermission,
|
||||
user: user,
|
||||
canEdit: !userPermissionUpdate.canEdit,
|
||||
},
|
||||
]);
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
const savedNote = await service.updateNotePermissions(
|
||||
noteWithUserPermission,
|
||||
{
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
},
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
it('with existing GroupPermissions and with empty UserPermissions', async () => {
|
||||
const noteWithPreexistingPermissions: Note = { ...note };
|
||||
noteWithPreexistingPermissions.groupPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithPreexistingPermissions,
|
||||
group: group,
|
||||
canEdit: !groupPermissionUpate.canEdit,
|
||||
},
|
||||
]);
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const savedNote = await service.updateNotePermissions(
|
||||
noteWithPreexistingPermissions,
|
||||
{
|
||||
sharedToUsers: [],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
},
|
||||
);
|
||||
expect(await savedNote.userPermissions).toHaveLength(0);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
it('with existing GroupPermissions and with new UserPermissions', async () => {
|
||||
const noteWithPreexistingPermissions: Note = { ...note };
|
||||
noteWithPreexistingPermissions.groupPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithPreexistingPermissions,
|
||||
group: group,
|
||||
canEdit: !groupPermissionUpate.canEdit,
|
||||
},
|
||||
]);
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
const savedNote = await service.updateNotePermissions(
|
||||
noteWithPreexistingPermissions,
|
||||
{
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
},
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
it('with existing GroupPermissions and with existing UserPermissions', async () => {
|
||||
const noteWithPreexistingPermissions: Note = { ...note };
|
||||
noteWithPreexistingPermissions.groupPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithPreexistingPermissions,
|
||||
group: group,
|
||||
canEdit: !groupPermissionUpate.canEdit,
|
||||
},
|
||||
]);
|
||||
noteWithPreexistingPermissions.userPermissions = Promise.resolve([
|
||||
{
|
||||
note: noteWithPreexistingPermissions,
|
||||
user: user,
|
||||
canEdit: !userPermissionUpdate.canEdit,
|
||||
},
|
||||
]);
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
jest.spyOn(userRepo, 'findOne').mockResolvedValueOnce(user);
|
||||
jest.spyOn(groupRepo, 'findOne').mockResolvedValueOnce(group);
|
||||
const savedNote = await service.updateNotePermissions(
|
||||
noteWithPreexistingPermissions,
|
||||
{
|
||||
sharedToUsers: [userPermissionUpdate],
|
||||
sharedToGroups: [groupPermissionUpate],
|
||||
},
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].user.username).toEqual(
|
||||
userPermissionUpdate.username,
|
||||
);
|
||||
expect((await savedNote.userPermissions)[0].canEdit).toEqual(
|
||||
userPermissionUpdate.canEdit,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].group.name).toEqual(
|
||||
groupPermissionUpate.groupName,
|
||||
);
|
||||
expect((await savedNote.groupPermissions)[0].canEdit).toEqual(
|
||||
groupPermissionUpate.canEdit,
|
||||
);
|
||||
});
|
||||
});
|
||||
describe('fails:', () => {
|
||||
it('userPermissions has duplicate entries', async () => {
|
||||
await expect(
|
||||
service.updateNotePermissions(note, {
|
||||
sharedToUsers: [userPermissionUpdate, userPermissionUpdate],
|
||||
sharedToGroups: [],
|
||||
}),
|
||||
).rejects.toThrow(PermissionsUpdateInconsistentError);
|
||||
});
|
||||
|
||||
it('groupPermissions has duplicate entries', async () => {
|
||||
await expect(
|
||||
service.updateNotePermissions(note, {
|
||||
sharedToUsers: [],
|
||||
sharedToGroups: [groupPermissionUpate, groupPermissionUpate],
|
||||
}),
|
||||
).rejects.toThrow(PermissionsUpdateInconsistentError);
|
||||
});
|
||||
|
||||
it('userPermissions and groupPermissions have duplicate entries', async () => {
|
||||
await expect(
|
||||
service.updateNotePermissions(note, {
|
||||
sharedToUsers: [userPermissionUpdate, userPermissionUpdate],
|
||||
sharedToGroups: [groupPermissionUpate, groupPermissionUpate],
|
||||
}),
|
||||
).rejects.toThrow(PermissionsUpdateInconsistentError);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('setUserPermission', () => {
|
||||
describe('works', () => {
|
||||
it('with user not added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
const resultNote = await service.setUserPermission(note, user, true);
|
||||
const noteUserPermission = NoteUserPermission.create(user, note, true);
|
||||
expect((await resultNote.userPermissions)[0]).toStrictEqual(
|
||||
noteUserPermission,
|
||||
);
|
||||
});
|
||||
it('with user not added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
const resultNote = await service.setUserPermission(note, user, false);
|
||||
const noteUserPermission = NoteUserPermission.create(user, note, false);
|
||||
expect((await resultNote.userPermissions)[0]).toStrictEqual(
|
||||
noteUserPermission,
|
||||
);
|
||||
});
|
||||
it('with user added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
note.userPermissions = Promise.resolve([
|
||||
NoteUserPermission.create(user, note, false),
|
||||
]);
|
||||
|
||||
const resultNote = await service.setUserPermission(note, user, true);
|
||||
const noteUserPermission = NoteUserPermission.create(user, note, true);
|
||||
expect((await resultNote.userPermissions)[0]).toStrictEqual(
|
||||
noteUserPermission,
|
||||
);
|
||||
});
|
||||
it('with user added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
note.userPermissions = Promise.resolve([
|
||||
NoteUserPermission.create(user, note, true),
|
||||
]);
|
||||
const resultNote = await service.setUserPermission(note, user, false);
|
||||
const noteUserPermission = NoteUserPermission.create(user, note, false);
|
||||
expect((await resultNote.userPermissions)[0]).toStrictEqual(
|
||||
noteUserPermission,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('removeUserPermission', () => {
|
||||
describe('works', () => {
|
||||
it('with user added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
note.userPermissions = Promise.resolve([
|
||||
NoteUserPermission.create(user, note, true),
|
||||
]);
|
||||
|
||||
const resultNote = await service.removeUserPermission(note, user);
|
||||
expect((await resultNote.userPermissions).length).toStrictEqual(0);
|
||||
});
|
||||
it('with user not added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
note.userPermissions = Promise.resolve([
|
||||
NoteUserPermission.create(user, note, false),
|
||||
]);
|
||||
const resultNote = await service.removeUserPermission(note, user);
|
||||
expect((await resultNote.userPermissions).length).toStrictEqual(0);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('setGroupPermission', () => {
|
||||
describe('works', () => {
|
||||
it('with group not added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
const resultNote = await service.setGroupPermission(note, group, true);
|
||||
const noteGroupPermission = NoteGroupPermission.create(
|
||||
group,
|
||||
note,
|
||||
true,
|
||||
);
|
||||
expect((await resultNote.groupPermissions)[0]).toStrictEqual(
|
||||
noteGroupPermission,
|
||||
);
|
||||
});
|
||||
it('with group not added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
const resultNote = await service.setGroupPermission(note, group, false);
|
||||
const noteGroupPermission = NoteGroupPermission.create(
|
||||
group,
|
||||
note,
|
||||
false,
|
||||
);
|
||||
expect((await resultNote.groupPermissions)[0]).toStrictEqual(
|
||||
noteGroupPermission,
|
||||
);
|
||||
});
|
||||
it('with group added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
note.groupPermissions = Promise.resolve([
|
||||
NoteGroupPermission.create(group, note, false),
|
||||
]);
|
||||
|
||||
const resultNote = await service.setGroupPermission(note, group, true);
|
||||
const noteGroupPermission = NoteGroupPermission.create(
|
||||
group,
|
||||
note,
|
||||
true,
|
||||
);
|
||||
expect((await resultNote.groupPermissions)[0]).toStrictEqual(
|
||||
noteGroupPermission,
|
||||
);
|
||||
});
|
||||
it('with group added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
note.groupPermissions = Promise.resolve([
|
||||
NoteGroupPermission.create(group, note, true),
|
||||
]);
|
||||
const resultNote = await service.setGroupPermission(note, group, false);
|
||||
const noteGroupPermission = NoteGroupPermission.create(
|
||||
group,
|
||||
note,
|
||||
false,
|
||||
);
|
||||
expect((await resultNote.groupPermissions)[0]).toStrictEqual(
|
||||
noteGroupPermission,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('removeGroupPermission', () => {
|
||||
describe('works', () => {
|
||||
it('with user added before and editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
note.groupPermissions = Promise.resolve([
|
||||
NoteGroupPermission.create(group, note, true),
|
||||
]);
|
||||
|
||||
const resultNote = await service.removeGroupPermission(note, group);
|
||||
expect((await resultNote.groupPermissions).length).toStrictEqual(0);
|
||||
});
|
||||
it('with user not added before and not editable', async () => {
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const note = Note.create(null) as Note;
|
||||
const group = Group.create('test', 'Testy', false) as Group;
|
||||
note.groupPermissions = Promise.resolve([
|
||||
NoteGroupPermission.create(group, note, false),
|
||||
]);
|
||||
const resultNote = await service.removeGroupPermission(note, group);
|
||||
expect((await resultNote.groupPermissions).length).toStrictEqual(0);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('changeOwner', () => {
|
||||
it('works', async () => {
|
||||
const note = Note.create(null) as Note;
|
||||
const user = User.create('test', 'Testy') as User;
|
||||
jest
|
||||
.spyOn(noteRepo, 'save')
|
||||
.mockImplementationOnce(async (entry: Note) => {
|
||||
return entry;
|
||||
});
|
||||
const resultNote = await service.changeOwner(note, user);
|
||||
expect(await resultNote.owner).toStrictEqual(user);
|
||||
});
|
||||
});
|
||||
|
||||
describe('toTagList', () => {
|
||||
it('works', async () => {
|
||||
const note = {} as Note;
|
||||
|
|
|
|||
|
|
@ -12,26 +12,18 @@ import {
|
|||
AlreadyInDBError,
|
||||
ForbiddenIdError,
|
||||
NotInDBError,
|
||||
PermissionsUpdateInconsistentError,
|
||||
} from '../errors/errors';
|
||||
import { Group } from '../groups/group.entity';
|
||||
import { GroupsService } from '../groups/groups.service';
|
||||
import { HistoryEntry } from '../history/history-entry.entity';
|
||||
import { ConsoleLoggerService } from '../logger/console-logger.service';
|
||||
import { NoteGroupPermission } from '../permissions/note-group-permission.entity';
|
||||
import { NoteUserPermission } from '../permissions/note-user-permission.entity';
|
||||
import { Revision } from '../revisions/revision.entity';
|
||||
import { RevisionsService } from '../revisions/revisions.service';
|
||||
import { User } from '../users/user.entity';
|
||||
import { UsersService } from '../users/users.service';
|
||||
import { checkArrayForDuplicates } from '../utils/arrayDuplicatCheck';
|
||||
import { Alias } from './alias.entity';
|
||||
import { AliasService } from './alias.service';
|
||||
import { NoteMetadataDto } from './note-metadata.dto';
|
||||
import {
|
||||
NotePermissionsDto,
|
||||
NotePermissionsUpdateDto,
|
||||
} from './note-permissions.dto';
|
||||
import { NotePermissionsDto } from './note-permissions.dto';
|
||||
import { NoteDto } from './note.dto';
|
||||
import { Note } from './note.entity';
|
||||
import { Tag } from './tag.entity';
|
||||
|
|
@ -271,182 +263,6 @@ export class NotesService {
|
|||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Update a notes permissions.
|
||||
* @param {Note} note - the note
|
||||
* @param {NotePermissionsUpdateDto} newPermissions - the permissions the not should be set to
|
||||
* @return {Note} the note with the new permissions
|
||||
* @throws {NotInDBError} there is no note with this id or alias
|
||||
* @throws {PermissionsUpdateInconsistentError} the new permissions specify a user or group twice.
|
||||
*/
|
||||
async updateNotePermissions(
|
||||
note: Note,
|
||||
newPermissions: NotePermissionsUpdateDto,
|
||||
): Promise<Note> {
|
||||
const users = newPermissions.sharedToUsers.map(
|
||||
(userPermission) => userPermission.username,
|
||||
);
|
||||
|
||||
const groups = newPermissions.sharedToGroups.map(
|
||||
(groupPermission) => groupPermission.groupName,
|
||||
);
|
||||
|
||||
if (checkArrayForDuplicates(users) || checkArrayForDuplicates(groups)) {
|
||||
this.logger.debug(
|
||||
`The PermissionUpdate requested specifies the same user or group multiple times.`,
|
||||
'updateNotePermissions',
|
||||
);
|
||||
throw new PermissionsUpdateInconsistentError(
|
||||
'The PermissionUpdate requested specifies the same user or group multiple times.',
|
||||
);
|
||||
}
|
||||
|
||||
note.userPermissions = Promise.resolve([]);
|
||||
note.groupPermissions = Promise.resolve([]);
|
||||
|
||||
// Create new userPermissions
|
||||
for (const newUserPermission of newPermissions.sharedToUsers) {
|
||||
const user = await this.usersService.getUserByUsername(
|
||||
newUserPermission.username,
|
||||
);
|
||||
const createdPermission = NoteUserPermission.create(
|
||||
user,
|
||||
note,
|
||||
newUserPermission.canEdit,
|
||||
);
|
||||
createdPermission.note = note;
|
||||
(await note.userPermissions).push(createdPermission);
|
||||
}
|
||||
|
||||
// Create groupPermissions
|
||||
for (const newGroupPermission of newPermissions.sharedToGroups) {
|
||||
const group = await this.groupsService.getGroupByName(
|
||||
newGroupPermission.groupName,
|
||||
);
|
||||
const createdPermission = NoteGroupPermission.create(
|
||||
group,
|
||||
note,
|
||||
newGroupPermission.canEdit,
|
||||
);
|
||||
createdPermission.note = note;
|
||||
(await note.groupPermissions).push(createdPermission);
|
||||
}
|
||||
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Set permission for a specific user on a note.
|
||||
* @param {Note} note - the note
|
||||
* @param {User} permissionUser - the user for which the permission should be set
|
||||
* @param {boolean} canEdit - specifies if the user can edit the note
|
||||
* @return {Note} the note with the new permission
|
||||
*/
|
||||
async setUserPermission(
|
||||
note: Note,
|
||||
permissionUser: User,
|
||||
canEdit: boolean,
|
||||
): Promise<Note> {
|
||||
const permissions = await note.userPermissions;
|
||||
const permission = permissions.find(
|
||||
(value: NoteUserPermission, index: number) => {
|
||||
if (value.user.id == permissionUser.id) {
|
||||
if (value.canEdit != canEdit) {
|
||||
value.canEdit = canEdit;
|
||||
permissions[index] = value;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
},
|
||||
);
|
||||
if (permission == undefined) {
|
||||
const noteUserPermission = NoteUserPermission.create(
|
||||
permissionUser,
|
||||
note,
|
||||
canEdit,
|
||||
);
|
||||
(await note.userPermissions).push(noteUserPermission);
|
||||
}
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Remove permission for a specific user on a note.
|
||||
* @param {Note} note - the note
|
||||
* @param {User} permissionUser - the user for which the permission should be set
|
||||
* @return {Note} the note with the new permission
|
||||
*/
|
||||
async removeUserPermission(note: Note, permissionUser: User): Promise<Note> {
|
||||
const permissions = await note.userPermissions;
|
||||
const permissionsFiltered = permissions.filter(
|
||||
(value: NoteUserPermission) => {
|
||||
return value.user.id != permissionUser.id;
|
||||
},
|
||||
);
|
||||
note.userPermissions = Promise.resolve(permissionsFiltered);
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Set permission for a specific group on a note.
|
||||
* @param {Note} note - the note
|
||||
* @param {Group} permissionGroup - the group for which the permission should be set
|
||||
* @param {boolean} canEdit - specifies if the group can edit the note
|
||||
* @return {Note} the note with the new permission
|
||||
*/
|
||||
async setGroupPermission(
|
||||
note: Note,
|
||||
permissionGroup: Group,
|
||||
canEdit: boolean,
|
||||
): Promise<Note> {
|
||||
const permissions = await note.groupPermissions;
|
||||
const permission = permissions.find(
|
||||
(value: NoteGroupPermission, index: number) => {
|
||||
if (value.group.id == permissionGroup.id) {
|
||||
if (value.canEdit != canEdit) {
|
||||
value.canEdit = canEdit;
|
||||
permissions[index] = value;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
},
|
||||
);
|
||||
if (permission == undefined) {
|
||||
const noteGroupPermission = NoteGroupPermission.create(
|
||||
permissionGroup,
|
||||
note,
|
||||
canEdit,
|
||||
);
|
||||
(await note.groupPermissions).push(noteGroupPermission);
|
||||
}
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Remove permission for a specific group on a note.
|
||||
* @param {Note} note - the note
|
||||
* @param {Group} permissionGroup - the group for which the permission should be set
|
||||
* @return {Note} the note with the new permission
|
||||
*/
|
||||
async removeGroupPermission(
|
||||
note: Note,
|
||||
permissionGroup: Group,
|
||||
): Promise<Note> {
|
||||
const permissions = await note.groupPermissions;
|
||||
const permissionsFiltered = permissions.filter(
|
||||
(value: NoteGroupPermission) => {
|
||||
return value.group.id != permissionGroup.id;
|
||||
},
|
||||
);
|
||||
note.groupPermissions = Promise.resolve(permissionsFiltered);
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Calculate the updateUser (for the NoteDto) for a Note.
|
||||
|
|
@ -529,18 +345,6 @@ export class NotesService {
|
|||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Updates the owner of a note.
|
||||
* @param {Note} note - the note to use
|
||||
* @param {User} owner - the new owner
|
||||
* @return {Note} the updated note
|
||||
*/
|
||||
async changeOwner(note: Note, owner: User): Promise<Note> {
|
||||
note.owner = Promise.resolve(owner);
|
||||
return await this.noteRepository.save(note);
|
||||
}
|
||||
|
||||
/**
|
||||
* @async
|
||||
* Build NoteDto from a note.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue