From abe8817696fa8b459e612ad090c0231cea172581 Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Mon, 13 Dec 2021 16:09:47 +0100 Subject: [PATCH 1/6] feat: Catch No Cookies --- frontend/src/main.js | 5 ++++ frontend/src/store/store.js | 60 ++++++++++++++++++++----------------- 2 files changed, 38 insertions(+), 27 deletions(-) diff --git a/frontend/src/main.js b/frontend/src/main.js index cbd7383aa..101a9204d 100755 --- a/frontend/src/main.js +++ b/frontend/src/main.js @@ -30,6 +30,11 @@ loadAllRules(i18n) addNavigationGuards(router, store, apolloProvider.defaultClient) +if (!store) { + // Please supply a support page + window.location.assign('https://gradido.net/') +} + /* eslint-disable no-new */ new Vue({ el: '#app', diff --git a/frontend/src/store/store.js b/frontend/src/store/store.js index c49197059..4cfe3c351 100644 --- a/frontend/src/store/store.js +++ b/frontend/src/store/store.js @@ -78,32 +78,38 @@ export const actions = { }, } -export const store = new Vuex.Store({ - plugins: [ - createPersistedState({ - storage: window.localStorage, - }), - ], - state: { - email: '', - language: null, - firstName: '', - lastName: '', - username: '', - description: '', - token: null, - isAdmin: false, - coinanimation: true, - newsletterState: null, - community: { - name: '', +let store + +try { + store = new Vuex.Store({ + plugins: [ + createPersistedState({ + storage: window.localStorage, + }), + ], + state: { + email: '', + language: null, + firstName: '', + lastName: '', + username: '', description: '', + token: null, + isAdmin: false, + coinanimation: true, + newsletterState: null, + community: { + name: '', + description: '', + }, + hasElopage: false, + publisherId: null, }, - hasElopage: false, - publisherId: null, - }, - getters: {}, - // Syncronous mutation of the state - mutations, - actions, -}) + getters: {}, + // Syncronous mutation of the state + mutations, + actions, + }) +} catch (error) {} + +export { store } From dc6a3a4caac37baf845887f2dc9bf00a5bf8c436 Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Tue, 14 Dec 2021 14:52:47 +0100 Subject: [PATCH 2/6] simple README for support --- frontend/src/main.js | 3 +-- support/README.md | 6 ++++++ support/README.md~ | 4 ++++ 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 support/README.md create mode 100644 support/README.md~ diff --git a/frontend/src/main.js b/frontend/src/main.js index 101a9204d..fe50f5526 100755 --- a/frontend/src/main.js +++ b/frontend/src/main.js @@ -31,8 +31,7 @@ loadAllRules(i18n) addNavigationGuards(router, store, apolloProvider.defaultClient) if (!store) { - // Please supply a support page - window.location.assign('https://gradido.net/') + setTimeout(window.location.assign('https://gradido.net/'), 5000) } /* eslint-disable no-new */ diff --git a/support/README.md b/support/README.md new file mode 100644 index 000000000..ba10edb46 --- /dev/null +++ b/support/README.md @@ -0,0 +1,6 @@ +## Cookies + +Die Gradido Wallet benötigt Zugriff auf die local strorage des +Browsers. Bitte stelle sicher, dass in deinem Browser Cookies für die +Gradido Wallet erlaubt sind. + diff --git a/support/README.md~ b/support/README.md~ new file mode 100644 index 000000000..a8877e594 --- /dev/null +++ b/support/README.md~ @@ -0,0 +1,4 @@ +## Cookies + +Die Gradido Wallet benötigt Zugriff auf die local strorage des Browsers. Bitte stelle sicher, dass in deinem Browser Cookies für die Gradido Wallet erlaubt sind. + From e89ac1eca032b46ba5e74bce50006ee8f1c6c216 Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Tue, 14 Dec 2021 14:53:52 +0100 Subject: [PATCH 3/6] remove emaca backup of README --- support/README.md~ | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 support/README.md~ diff --git a/support/README.md~ b/support/README.md~ deleted file mode 100644 index a8877e594..000000000 --- a/support/README.md~ +++ /dev/null @@ -1,4 +0,0 @@ -## Cookies - -Die Gradido Wallet benötigt Zugriff auf die local strorage des Browsers. Bitte stelle sicher, dass in deinem Browser Cookies für die Gradido Wallet erlaubt sind. - From 03d7e0231f243d5b46f41d8dfc4c25f85f0328a5 Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Tue, 14 Dec 2021 15:01:10 +0100 Subject: [PATCH 4/6] link to github support page --- frontend/src/main.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/frontend/src/main.js b/frontend/src/main.js index fe50f5526..edc9e575e 100755 --- a/frontend/src/main.js +++ b/frontend/src/main.js @@ -31,7 +31,10 @@ loadAllRules(i18n) addNavigationGuards(router, store, apolloProvider.defaultClient) if (!store) { - setTimeout(window.location.assign('https://gradido.net/'), 5000) + setTimeout( + window.location.assign('https://github.com/gradido/gradido/tree/master/support#cookies'), + 5000, + ) } /* eslint-disable no-new */ From e61d5a0bdb392ec478c70c82d0d04b5cdf76626c Mon Sep 17 00:00:00 2001 From: Moriz Wahl Date: Mon, 20 Dec 2021 15:05:49 +0100 Subject: [PATCH 5/6] Log error message to console, test is not working --- frontend/src/store/store.js | 5 ++++- frontend/src/store/store.test.js | 25 +++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/frontend/src/store/store.js b/frontend/src/store/store.js index 4cfe3c351..d219ecacd 100644 --- a/frontend/src/store/store.js +++ b/frontend/src/store/store.js @@ -110,6 +110,9 @@ try { mutations, actions, }) -} catch (error) {} +} catch (error) { + // eslint-disable-next-line no-console + console.log(error) +} export { store } diff --git a/frontend/src/store/store.test.js b/frontend/src/store/store.test.js index 4f25f5352..41a0540be 100644 --- a/frontend/src/store/store.test.js +++ b/frontend/src/store/store.test.js @@ -1,4 +1,8 @@ import { mutations, actions } from './store' +import Vuex from 'vuex' +import Vue from 'vue' + +jest.mock('vuex') const { language, @@ -298,4 +302,25 @@ describe('Vuex store', () => { }) }) }) + + describe('creation of store fails', () => { + const consoleErrorMock = jest.fn() + const warnHandler = Vue.config.warnHandler + beforeEach(() => { + Vue.config.warnHandler = (w) => {} + // eslint-disable-next-line no-console + console.error = consoleErrorMock + Vuex.Store = () => { + throw new Error('no-cookies-allowed') + } + }) + + afterEach(() => { + Vue.config.warnHandler = warnHandler + }) + + it.skip('logs an error message', () => { + expect(consoleErrorMock).toBeCalledWith('no-cookies-allowed') + }) + }) }) From dae95c7f656fdfff354b6f596fd642ec46314c8f Mon Sep 17 00:00:00 2001 From: elweyn Date: Mon, 27 Dec 2021 10:19:11 +0100 Subject: [PATCH 6/6] Authorized function for each AdminResolver funktions, adding a check that pendingCreation userId different from moderator id. --- backend/src/graphql/resolver/AdminResolver.ts | 30 +++++++------------ 1 file changed, 11 insertions(+), 19 deletions(-) diff --git a/backend/src/graphql/resolver/AdminResolver.ts b/backend/src/graphql/resolver/AdminResolver.ts index 3ccb0fa63..8739cd7f1 100644 --- a/backend/src/graphql/resolver/AdminResolver.ts +++ b/backend/src/graphql/resolver/AdminResolver.ts @@ -1,4 +1,4 @@ -import { Resolver, Query, Arg, Args, Authorized, Mutation } from 'type-graphql' +import { Resolver, Query, Arg, Args, Authorized, Mutation, Ctx } from 'type-graphql' import { getCustomRepository, Raw } from 'typeorm' import { UserAdmin } from '../model/UserAdmin' import { PendingCreation } from '../model/PendingCreation' @@ -66,7 +66,7 @@ export class AdminResolver { return await getUserCreations(user.id) } - // @Authorized([RIGHTS.SEARCH_USERS]) + @Authorized([RIGHTS.SEARCH_USERS]) @Mutation(() => UpdatePendingCreation) async updatePendingCreation( @Args() { id, email, amount, memo, creationDate, moderator }: UpdatePendingCreationArgs, @@ -94,24 +94,9 @@ export class AdminResolver { result.creation = await getUserCreations(user.id) return result - - // const creations = await getUserCreations(user.id) - // const creationDateObj = new Date(creationDate) - // if (isCreationValid(creations, amount, creationDateObj)) { - // const pendingCreationRepository = getCustomRepository(PendingCreationRepository) - // const loginPendingTaskAdmin = pendingCreationRepository.create() - // loginPendingTaskAdmin.userId = user.id - // loginPendingTaskAdmin.amount = BigInt(amount * 10000) - // loginPendingTaskAdmin.created = new Date() - // loginPendingTaskAdmin.date = creationDateObj - // loginPendingTaskAdmin.memo = memo - // loginPendingTaskAdmin.moderator = moderator - // - // pendingCreationRepository.save(loginPendingTaskAdmin) - // } - // return await getUserCreations(user.id) } + @Authorized([RIGHTS.SEARCH_USERS]) @Query(() => [PendingCreation]) async getPendingCreations(): Promise { const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository) @@ -139,6 +124,7 @@ export class AdminResolver { return pendingCreationsPromise.reverse() } + @Authorized([RIGHTS.SEARCH_USERS]) @Mutation(() => Boolean) async deletePendingCreation(@Arg('id') id: number): Promise { const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository) @@ -147,11 +133,17 @@ export class AdminResolver { return !!res } + @Authorized([RIGHTS.SEARCH_USERS]) @Mutation(() => Boolean) - async confirmPendingCreation(@Arg('id') id: number): Promise { + async confirmPendingCreation(@Arg('id') id: number, @Ctx() context: any): Promise { const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository) const pendingCreation = await loginPendingTasksAdminRepository.findOneOrFail(id) + const userRepository = getCustomRepository(UserRepository) + const moderatorUser = await userRepository.findByPubkeyHex(context.pubKey) + if (moderatorUser.id === pendingCreation.userId) + throw new Error('Moderator can not confirm own pending creation') + const transactionRepository = getCustomRepository(TransactionRepository) const receivedCallDate = new Date() let transaction = new Transaction()