mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-18 17:25:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1039 from hedgedoc/fix/permissionsCreationAndFinding

Browse source
This commit is contained in:
Yannick Bungers 2021-04-18 22:45:24 +02:00 committed by GitHub
commit eaa5254418
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 54 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/notes/note.entity.ts
View file

@ -39,9 +39,14 @@ export class Note {
@OneToMany( @OneToMany(
(_) => NoteGroupPermission, (_) => NoteGroupPermission,
(groupPermission) => groupPermission.note, (groupPermission) => groupPermission.note,
{ cascade: true }, // This ensures that embedded NoteGroupPermissions are automatically saved to the database
) )
groupPermissions: NoteGroupPermission[]; groupPermissions: NoteGroupPermission[];
@OneToMany((_) => NoteUserPermission, (userPermission) => userPermission.note) @OneToMany(
(_) => NoteUserPermission,
(userPermission) => userPermission.note,
{ cascade: true }, // This ensures that embedded NoteUserPermission are automatically saved to the database
)
userPermissions: NoteUserPermission[]; userPermissions: NoteUserPermission[];
@Column({ @Column({
nullable: false, nullable: false,

6
src/notes/notes.service.ts
View file

@ -183,7 +183,9 @@ export class NotesService {
'authorColors', 'authorColors',
'owner', 'owner',
'groupPermissions', 'groupPermissions',
'groupPermissions.group',
'userPermissions', 'userPermissions',
'userPermissions.user',
'tags', 'tags',
], ],
}); });
@ -224,6 +226,8 @@ export class NotesService {
//TODO: Calculate patch //TODO: Calculate patch
revisions.push(Revision.create(noteContent, noteContent)); revisions.push(Revision.create(noteContent, noteContent));
note.revisions = Promise.resolve(revisions); note.revisions = Promise.resolve(revisions);
note.userPermissions = [];
note.groupPermissions = [];
return await this.noteRepository.save(note); return await this.noteRepository.save(note);
} }
@ -270,6 +274,7 @@ export class NotesService {
user, user,
newUserPermission.canEdit, newUserPermission.canEdit,
); );
createdPermission.note = note;
note.userPermissions.push(createdPermission); note.userPermissions.push(createdPermission);
} }
@ -282,6 +287,7 @@ export class NotesService {
group, group,
newGroupPermission.canEdit, newGroupPermission.canEdit,
); );
createdPermission.note = note;
note.groupPermissions.push(createdPermission); note.groupPermissions.push(createdPermission);
} }

10
src/permissions/note-group-permission.entity.ts
View file

@ -10,10 +10,16 @@ import { Note } from '../notes/note.entity';
@Entity() @Entity()
export class NoteGroupPermission { export class NoteGroupPermission {
@ManyToOne((_) => Group, { primary: true }) @ManyToOne((_) => Group, {
primary: true,
onDelete: 'CASCADE', // This deletes the NoteGroupPermission, when the associated Group is deleted
})
group: Group; group: Group;
@ManyToOne((_) => Note, (note) => note.groupPermissions, { primary: true }) @ManyToOne((_) => Note, (note) => note.groupPermissions, {
primary: true,
onDelete: 'CASCADE', // This deletes the NoteGroupPermission, when the associated Note is deleted
})
note: Note; note: Note;
@Column() @Column()

10
src/permissions/note-user-permission.entity.ts
View file

@ -10,10 +10,16 @@ import { User } from '../users/user.entity';
@Entity() @Entity()
export class NoteUserPermission { export class NoteUserPermission {
@ManyToOne((_) => User, { primary: true }) @ManyToOne((_) => User, {
primary: true,
onDelete: 'CASCADE', // This deletes the NoteUserPermission, when the associated Note is deleted
})
user: User; user: User;
@ManyToOne((_) => Note, (note) => note.userPermissions, { primary: true }) @ManyToOne((_) => Note, (note) => note.userPermissions, {
primary: true,
onDelete: 'CASCADE', // This deletes the NoteUserPermission, when the associated Note is deleted
})
note: Note; note: Note;
@Column() @Column()

26
test/public-api/notes.e2e-spec.ts
View file

@ -26,6 +26,7 @@ import { User } from '../../src/users/user.entity';
import { UsersModule } from '../../src/users/users.module'; import { UsersModule } from '../../src/users/users.module';
import { promises as fs } from 'fs'; import { promises as fs } from 'fs';
import { MediaService } from '../../src/media/media.service'; import { MediaService } from '../../src/media/media.service';
import { NotePermissionsUpdateDto } from '../../src/notes/note-permissions.dto';
import { join } from 'path'; import { join } from 'path';
describe('Notes', () => { describe('Notes', () => {
@ -155,6 +156,31 @@ describe('Notes', () => {
new NotInDBError("Note with id/alias 'test3' not found."), new NotInDBError("Note with id/alias 'test3' not found."),
); );
}); });
it('works with an existing alias with permissions', async () => {
const note = await notesService.createNote(content, 'test3', user);
const updateNotePermission = new NotePermissionsUpdateDto();
updateNotePermission.sharedToUsers = [
{
username: user.userName,
canEdit: true,
},
];
updateNotePermission.sharedToGroups = [];
await notesService.updateNotePermissions(note, updateNotePermission);
const updatedNote = await notesService.getNoteByIdOrAlias(note.alias);
expect(updatedNote.userPermissions).toHaveLength(1);
expect(updatedNote.userPermissions[0].canEdit).toEqual(
updateNotePermission.sharedToUsers[0].canEdit,
);
expect(updatedNote.userPermissions[0].user.userName).toEqual(
user.userName,
);
expect(updatedNote.groupPermissions).toHaveLength(0);
await request(app.getHttpServer()).delete('/notes/test3').expect(204);
await expect(notesService.getNoteByIdOrAlias('test3')).rejects.toEqual(
new NotInDBError("Note with id/alias 'test3' not found."),
);
});
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await request(app.getHttpServer()) await request(app.getHttpServer())
.delete(`/notes/${forbiddenNoteId}`) .delete(`/notes/${forbiddenNoteId}`)