johanels/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-12-11 22:14:05 +01:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

Merge pull request #5135 from penpot/palba-eva-viewer-role

Browse Source 
  Add viewer role
This commit is contained in:
Andrey Antukh
2024-10-18 10:31:40 +02:00
committed by GitHub
parent b4c2f2ecaa bd08e99080
commit 1aa2c0f9de
62 changed files with 1207 additions and 448 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/test/backend_tests/helpers.clj
View File

@@ -332,6 +332,7 @@
(t/is (nil? (:error out)))
(:result out)))
(defn create-webhook*
([params] (create-webhook* *system* params))
([system {:keys [team-id id uri mtype is-active]

2
backend/test/backend_tests/rpc_project_test.clj
View File

@@ -152,7 +152,7 @@
(t/is (th/ex-info? error))
(t/is (th/ex-of-type? error :not-found))))
(t/deftest permissions-checks-delete-project
(t/deftest permissions-checks-pin-project
(let [profile1 (th/create-profile* 1)
profile2 (th/create-profile* 2)
project (th/create-project* 1 {:team-id (:default-team-id profile1)

156
backend/test/backend_tests/rpc_webhooks_test.clj
View File

@@ -19,6 +19,23 @@
(t/use-fixtures :once th/state-init)
(t/use-fixtures :each th/database-reset)
(defn create-webhook-params [id team]
{::th/type :create-webhook
::rpc/profile-id id
:team-id team
:uri (u/uri "http://example.com")
:mtype "application/json"})
(defn check-webhook-format
([result]
(t/is (contains? result :id))
(t/is (contains? result :team-id))
(t/is (contains? result :created-at))
(t/is (contains? result :profile-id))
(t/is (contains? result :updated-at))
(t/is (contains? result :uri))
(t/is (contains? result :mtype))))
(t/deftest webhook-crud
(with-mocks [http-mock {:target 'app.http.client/req!
:return {:status 200}}]
@@ -39,15 +56,8 @@
(t/is (nil? (:error out)))
(t/is (= 1 (:call-count @http-mock)))
;; (th/print-result! out)
(let [result (:result out)]
(t/is (contains? result :id))
(t/is (contains? result :team-id))
(t/is (contains? result :created-at))
(t/is (contains? result :updated-at))
(t/is (contains? result :uri))
(t/is (contains? result :mtype))
(check-webhook-format result)
(t/is (= (:uri params) (:uri result)))
(t/is (= (:team-id params) (:team-id result)))
@@ -69,12 +79,7 @@
(t/is (= 0 (:call-count @http-mock)))
(let [result (:result out)]
(t/is (contains? result :id))
(t/is (contains? result :team-id))
(t/is (contains? result :created-at))
(t/is (contains? result :updated-at))
(t/is (contains? result :uri))
(t/is (contains? result :mtype))
(check-webhook-format result)
(t/is (= (:id params) (:id result)))
(t/is (= (:id @whook) (:id result)))
@@ -130,13 +135,14 @@
(let [rows (th/db-exec! ["select * from webhook"])]
(t/is (= 0 (count rows))))))
(t/testing "delete webhook (unauthorozed)"
(th/reset-mock! http-mock)
(t/testing "delete webhook (unauthorized)"
(let [params {::th/type :delete-webhook
::rpc/profile-id uuid/zero
:id (:id @whook)}
out (th/command! params)]
;; (th/print-result! out)
(t/is (= 0 (:call-count @http-mock)))
(let [error (:error out)
error-data (ex-data error)]
@@ -144,6 +150,124 @@
(t/is (= (:type error-data) :not-found))
(t/is (= (:code error-data) :object-not-found))))))))
(t/deftest webhooks-permissions-crud-viewer-only
(with-mocks [http-mock {:target 'app.http.client/req!
:return {:status 200}}]
(let [owner (th/create-profile* 1 {:is-active true})
viewer (th/create-profile* 2 {:is-active true})
team (th/create-team* 1 {:profile-id (:id owner)})
whook (volatile! nil)]
(th/create-team-role* {:team-id (:id team)
:profile-id (:id viewer)
:role :viewer})
;; Assert all roles for team
(let [roles (th/db-query :team-profile-rel {:team-id (:id team)})]
(t/is (= 2 (count roles))))
(t/testing "viewer creates a webhook"
(let [viewers-webhook (create-webhook-params (:id viewer) (:id team))
out (th/command! viewers-webhook)]
(t/is (nil? (:error out)))
(t/is (= 1 (:call-count @http-mock)))
(let [result (:result out)]
(check-webhook-format result)
(t/is (= (:uri viewers-webhook) (:uri result)))
(t/is (= (:team-id viewers-webhook) (:team-id result)))
(t/is (= (::rpc/profile-id viewers-webhook) (:profile-id result)))
(t/is (= (:mtype viewers-webhook) (:mtype result)))
(vreset! whook result))))
(th/reset-mock! http-mock)
(t/testing "viewer updates it's own webhook (success)"
(let [params {::th/type :update-webhook
::rpc/profile-id (:id viewer)
:id (:id @whook)
:uri (:uri @whook)
:mtype "application/transit+json"
:is-active false}
out (th/command! params)
result (:result out)]
(t/is (nil? (:error out)))
(t/is (= 0 (:call-count @http-mock)))
(check-webhook-format result)
(t/is (= (:is-active params) (:is-active result)))
(t/is (= (:team-id @whook) (:team-id result)))
(t/is (= (:mtype params) (:mtype result)))
(vreset! whook result)))
(th/reset-mock! http-mock)
(t/testing "viewer deletes it's own webhook (success)"
(let [params {::th/type :delete-webhook
::rpc/profile-id (:id viewer)
:id (:id @whook)}
out (th/command! params)]
(t/is (= 0 (:call-count @http-mock)))
(t/is (nil? (:error out)))
(t/is (nil? (:result out)))
(let [rows (th/db-exec! ["select * from webhook"])]
(t/is (= 0 (count rows))))))
(th/reset-mock! http-mock))))
(t/deftest webhooks-permissions-crud-viewer-owner
(with-mocks [http-mock {:target 'app.http.client/req!
:return {:status 200}}]
(let [owner (th/create-profile* 1 {:is-active true})
viewer (th/create-profile* 2 {:is-active true})
team (th/create-team* 1 {:profile-id (:id owner)})
whook (volatile! nil)]
(th/create-team-role* {:team-id (:id team)
:profile-id (:id viewer)
:role :viewer})
(t/testing "owner creates a wehbook"
(let [owners-webhook (create-webhook-params (:id owner) (:id team))
out (th/command! owners-webhook)
result (:result out)]
(t/is (nil? (:error out)))
(t/is (= 1 (:call-count @http-mock)))
(check-webhook-format result)
(t/is (= (:uri owners-webhook) (:uri result)))
(t/is (= (:team-id owners-webhook) (:team-id result)))
(t/is (= (:mtype owners-webhook) (:mtype result)))
(vreset! whook result)))
(th/reset-mock! http-mock)
(t/testing "viewer updates owner's webhook (unauthorized)"
(let [params {::th/type :update-webhook
::rpc/profile-id (:id viewer)
:id (:id @whook)
:uri (str (:uri @whook) "/test")
:mtype "application/transit+json"
:is-active false}
out (th/command! params)]
(t/is (= 0 (:call-count @http-mock)))
(let [error (:error out)
error-data (ex-data error)]
(t/is (th/ex-info? error))
(t/is (= (:type error-data) :not-found))
(t/is (= (:code error-data) :object-not-found)))))
(th/reset-mock! http-mock)
(t/testing "viewer deletes owner's webhook (unauthorized)"
(let [params {::th/type :delete-webhook
::rpc/profile-id (:id viewer)
:id (:id @whook)}
out (th/command! params)
error (:error out)
error-data (ex-data error)]
(t/is (= 0 (:call-count @http-mock)))
(t/is (th/ex-info? error))
(t/is (= (:type error-data) :not-found))
(t/is (= (:code error-data) :object-not-found)))))))
(t/deftest webhooks-quotes
(with-mocks [http-mock {:target 'app.http.client/req!
:return {:status 200}}]