From c03509c5258d2d163e04a106619d1cd02e0af271 Mon Sep 17 00:00:00 2001
From: elweyn <heine.hannes@gmail.com>
Date: Mon, 27 Jun 2022 13:40:36 +0200
Subject: [PATCH] Change response value to boolean, add RIGHTS for
 createContribution, add new RIGHT in ROLES.

---
 backend/src/auth/RIGHTS.ts                           |  1 +
 backend/src/auth/ROLES.ts                            |  1 +
 backend/src/graphql/resolver/ContributionResolver.ts | 10 +++++-----
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/backend/src/auth/RIGHTS.ts b/backend/src/auth/RIGHTS.ts
index fc2b5342c..c10fc96de 100644
--- a/backend/src/auth/RIGHTS.ts
+++ b/backend/src/auth/RIGHTS.ts
@@ -25,6 +25,7 @@ export enum RIGHTS {
   REDEEM_TRANSACTION_LINK = 'REDEEM_TRANSACTION_LINK',
   LIST_TRANSACTION_LINKS = 'LIST_TRANSACTION_LINKS',
   GDT_BALANCE = 'GDT_BALANCE',
+  CREATE_CONTRIBUTION = 'CREATE_CONTRIBUTION',
   // Admin
   SEARCH_USERS = 'SEARCH_USERS',
   SET_USER_ROLE = 'SET_USER_ROLE',
diff --git a/backend/src/auth/ROLES.ts b/backend/src/auth/ROLES.ts
index 891fe1844..2d9ac2deb 100644
--- a/backend/src/auth/ROLES.ts
+++ b/backend/src/auth/ROLES.ts
@@ -23,6 +23,7 @@ export const ROLE_USER = new Role('user', [
   RIGHTS.REDEEM_TRANSACTION_LINK,
   RIGHTS.LIST_TRANSACTION_LINKS,
   RIGHTS.GDT_BALANCE,
+  RIGHTS.CREATE_CONTRIBUTION,
 ])
 export const ROLE_ADMIN = new Role('admin', Object.values(RIGHTS)) // all rights
 
diff --git a/backend/src/graphql/resolver/ContributionResolver.ts b/backend/src/graphql/resolver/ContributionResolver.ts
index 728ff6a49..0f516dc7c 100644
--- a/backend/src/graphql/resolver/ContributionResolver.ts
+++ b/backend/src/graphql/resolver/ContributionResolver.ts
@@ -1,3 +1,4 @@
+import { RIGHTS } from '@/auth/RIGHTS'
 import { Context, getUser } from '@/server/context'
 import { backendLogger as logger } from '@/server/logger'
 import { Contribution } from '@entity/Contribution'
@@ -8,13 +9,12 @@ import { isContributionValid } from './util/isContributionValid'
 
 @Resolver()
 export class ContributionResolver {
-  @Authorized([])
-  @Mutation(() => Contribution)
+  @Authorized([RIGHTS.CREATE_CONTRIBUTION])
+  @Mutation(() => Boolean)
   async createContribution(
     @Args() { amount, memo, creationDate }: CreateContributionArgs,
     @Ctx() context: Context,
-  ): Promise<Contribution> {
-    logger.trace('createContribution..')
+  ): Promise<boolean> {
     const user = getUser(context)
     if (!user) {
       throw new Error(`Could not find user`)
@@ -40,6 +40,6 @@ export class ContributionResolver {
 
     logger.trace('contribution to save', contribution)
     await Contribution.save(contribution)
-    return contribution
+    return true
   }
 }