IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2026-02-06 09:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3547 from gradido/refactor_community_auth

Browse Source 
fix(backend): allow reading gmsApiKey admins only
This commit is contained in:
einhornimmond 2025-10-08 18:54:11 +02:00 committed by GitHub
commit 9953dd685e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 15 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/src/graphql/updateHomeCommunity.js
View File

@ -8,7 +8,7 @@ export const updateHomeCommunity = gql`
location: $location
hieroTopicId: $hieroTopicId
) {
id
uuid
}
}
`

4
backend/src/auth/ADMIN_RIGHTS.ts
View File

@ -5,8 +5,6 @@ export const ADMIN_RIGHTS = [
RIGHTS.DELETE_USER,
RIGHTS.UNDELETE_USER,
RIGHTS.COMMUNITY_UPDATE,
RIGHTS.COMMUNITY_BY_UUID,
RIGHTS.COMMUNITY_BY_IDENTIFIER,
RIGHTS.HOME_COMMUNITY,
RIGHTS.COMMUNITY_WITH_API_KEYS,
RIGHTS.PROJECT_BRANDING_MUTATE,
]

2
backend/src/auth/DLT_CONNECTOR_RIGHTS.ts
View File

@ -1,3 +1,3 @@
import { RIGHTS } from './RIGHTS'
export const DLT_CONNECTOR_RIGHTS = [RIGHTS.COMMUNITY_BY_IDENTIFIER, RIGHTS.HOME_COMMUNITY]
export const DLT_CONNECTOR_RIGHTS = [RIGHTS.COMMUNITIES, RIGHTS.COMMUNITY_UPDATE]

4
backend/src/auth/RIGHTS.ts
View File

@ -69,9 +69,7 @@ export enum RIGHTS {
SET_USER_ROLE = 'SET_USER_ROLE',
DELETE_USER = 'DELETE_USER',
UNDELETE_USER = 'UNDELETE_USER',
COMMUNITY_BY_UUID = 'COMMUNITY_BY_UUID',
COMMUNITY_BY_IDENTIFIER = 'COMMUNITY_BY_IDENTIFIER',
HOME_COMMUNITY = 'HOME_COMMUNITY',
COMMUNITY_UPDATE = 'COMMUNITY_UPDATE',
COMMUNITY_WITH_API_KEYS = 'COMMUNITY_WITH_API_KEYS',
PROJECT_BRANDING_MUTATE = 'PROJECT_BRANDING_MUTATE',
}

1
backend/src/graphql/model/AdminCommunityView.ts
View File

@ -38,7 +38,6 @@ export class AdminCommunityView {
this.updatedAt = dbCom.updatedAt
this.uuid = dbCom.communityUuid
this.authenticatedAt = dbCom.authenticatedAt
this.gmsApiKey = dbCom.gmsApiKey
this.hieroTopicId = dbCom.hieroTopicId
if (dbCom.location) {
this.location = Point2Location(dbCom.location as Point)

4
backend/src/graphql/model/Community.ts
View File

@ -12,7 +12,6 @@ export class Community {
this.creationDate = dbCom.creationDate
this.uuid = dbCom.communityUuid
this.authenticatedAt = dbCom.authenticatedAt
this.gmsApiKey = dbCom.gmsApiKey
this.hieroTopicId = dbCom.hieroTopicId
}
@ -40,9 +39,6 @@ export class Community {
@Field(() => Date, { nullable: true })
authenticatedAt: Date | null
@Field(() => String, { nullable: true })
gmsApiKey: string | null
@Field(() => String, { nullable: true })
hieroTopicId: string | null
}

10
backend/src/graphql/resolver/CommunityResolver.test.ts
View File

@ -324,6 +324,10 @@ describe('CommunityResolver', () => {
beforeEach(async () => {
jest.clearAllMocks()
await userFactory(testEnv, peterLustig)
// login as admin
await mutate({ mutation: login, variables: peterLoginData })
comHomeCom1 = DbCommunity.create()
comHomeCom1.foreign = false
comHomeCom1.url = 'http://localhost'
@ -547,13 +551,10 @@ describe('CommunityResolver', () => {
describe('with empty list', () => {
beforeEach(async () => {
await cleanDB()
jest.clearAllMocks()
await DbCommunity.clear()
})
it('returns no community entry', async () => {
// const result: Community[] = await query({ query: getCommunities })
// expect(result.length).toEqual(0)
await expect(query({ query: communitiesQuery })).resolves.toMatchObject({
data: {
communities: [],
@ -785,7 +786,6 @@ describe('CommunityResolver', () => {
).resolves.toMatchObject({
data: {
updateHomeCommunity: {
id: expect.any(Number),
foreign: homeCom?.foreign,
name: homeCom?.name,
description: homeCom?.description,

12
backend/src/graphql/resolver/CommunityResolver.ts
View File

@ -35,7 +35,7 @@ export class CommunityResolver {
)
}
@Authorized([RIGHTS.COMMUNITIES])
@Authorized([RIGHTS.COMMUNITY_WITH_API_KEYS])
@Query(() => [AdminCommunityView])
async allCommunities(@Args() paginated: Paginated): Promise<AdminCommunityView[]> {
// communityUUID could be oneTimePassCode (uint32 number)
@ -54,7 +54,7 @@ export class CommunityResolver {
return dbCommunities.map((dbCom: DbCommunity) => new Community(dbCom))
}
@Authorized([RIGHTS.COMMUNITY_BY_IDENTIFIER])
@Authorized([RIGHTS.COMMUNITIES])
@Query(() => Community)
async communityByIdentifier(
@Arg('communityIdentifier') communityIdentifier: string,
@ -67,7 +67,7 @@ export class CommunityResolver {
return new Community(community)
}
@Authorized([RIGHTS.HOME_COMMUNITY])
@Authorized([RIGHTS.COMMUNITIES])
@Query(() => Community)
async homeCommunity(): Promise<Community> {
const community = await getHomeCommunity()
@ -78,10 +78,10 @@ export class CommunityResolver {
}
@Authorized([RIGHTS.COMMUNITY_UPDATE])
@Mutation(() => Community)
@Mutation(() => AdminCommunityView)
async updateHomeCommunity(
@Args() { uuid, gmsApiKey, location, hieroTopicId }: EditCommunityInput,
): Promise<Community> {
): Promise<AdminCommunityView> {
const homeCom = await getCommunityByUuid(uuid)
if (!homeCom) {
throw new LogError('HomeCommunity with uuid not found: ', uuid)
@ -101,6 +101,6 @@ export class CommunityResolver {
homeCom.hieroTopicId = hieroTopicId ?? null
await DbCommunity.save(homeCom)
}
return new Community(homeCom)
return new AdminCommunityView(homeCom)
}
}

1
backend/src/seeds/graphql/mutations.ts
View File

@ -375,7 +375,6 @@ export const logout = gql`
export const updateHomeCommunityQuery = gql`
mutation ($uuid: String!, $gmsApiKey: String!) {
updateHomeCommunity(uuid: $uuid, gmsApiKey: $gmsApiKey) {
id
foreign
name
description

3
backend/src/seeds/graphql/queries.ts
View File

@ -146,7 +146,6 @@ export const communitiesQuery = gql`
creationDate
uuid
authenticatedAt
gmsApiKey
}
}
`
@ -162,7 +161,6 @@ export const getCommunityByIdentifierQuery = gql`
creationDate
uuid
authenticatedAt
gmsApiKey
}
}
`
@ -178,7 +176,6 @@ export const getHomeCommunityQuery = gql`
creationDate
uuid
authenticatedAt
gmsApiKey
}
}
`