Skip to content

Commit

Permalink
BC-7894 - Add FILESTORAGE_REMOVE to permission DrawingElement check (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
bischofmax authored Sep 3, 2024
1 parent ad4eb83 commit 9f1c77d
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 7 deletions.
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { ObjectId } from '@mikro-orm/mongodb';
import { BoardNodeAuthorizable, BoardRoles } from '@modules/board';
import { Test, TestingModule } from '@nestjs/testing';
import { Permission } from '@shared/domain/interface';
import { roleFactory, setupEntities, userFactory } from '@shared/testing';
import { BoardNodeAuthorizable, BoardRoles } from '@modules/board';
import {
columnBoardFactory,
drawingElementFactory,
Expand Down Expand Up @@ -535,7 +535,7 @@ describe(BoardNodeRule.name, () => {
});

describe('when boardDoAuthorizable.board is a drawingElement', () => {
describe('when required permissions do not include FILESTORAGE_CREATE or FILESTORAGE_VIEW', () => {
describe('when required permissions do not include FILESTORAGE_CREATE or FILESTORAGE_VIEW or FILESTORAGE_REMOVE', () => {
describe('when user is Editor', () => {
const setup = () => {
const user = userFactory.buildWithId();
Expand Down Expand Up @@ -640,6 +640,16 @@ describe(BoardNodeRule.name, () => {
requiredPermissions: [Permission.FILESTORAGE_CREATE],
});

expect(res).toBe(true);
});
it('should return true if trying to "write" ', () => {
const { user, boardNodeAuthorizable } = setup();

const res = service.hasPermission(user, boardNodeAuthorizable, {
action: Action.write,
requiredPermissions: [Permission.FILESTORAGE_REMOVE],
});

expect(res).toBe(true);
});
});
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import { Injectable } from '@nestjs/common';
import { User } from '@shared/domain/entity/user.entity';
import { Permission } from '@shared/domain/interface';
import { EntityId } from '@shared/domain/types';
import {
BoardNodeAuthorizable,
BoardRoles,
Expand All @@ -12,6 +8,10 @@ import {
SubmissionItem,
UserWithBoardRoles,
} from '@modules/board';
import { Injectable } from '@nestjs/common';
import { User } from '@shared/domain/entity/user.entity';
import { Permission } from '@shared/domain/interface';
import { EntityId } from '@shared/domain/types';
import { AuthorizationHelper } from '../service/authorization.helper';
import { Action, AuthorizationContext, Rule } from '../type';

Expand Down Expand Up @@ -77,7 +77,8 @@ export class BoardNodeRule implements Rule<BoardNodeAuthorizable> {
): boolean {
const requiresFileStoragePermission =
context.requiredPermissions.includes(Permission.FILESTORAGE_CREATE) ||
context.requiredPermissions.includes(Permission.FILESTORAGE_VIEW);
context.requiredPermissions.includes(Permission.FILESTORAGE_VIEW) ||
context.requiredPermissions.includes(Permission.FILESTORAGE_REMOVE);

return isDrawingElement(boardNodeAuthorizable.boardNode) && requiresFileStoragePermission;
}
Expand Down

0 comments on commit 9f1c77d

Please sign in to comment.