From abd4cf132a5e730436eb65310d34a845e0a672c5 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Wed, 24 Jul 2024 15:27:11 +0200 Subject: [PATCH 1/7] Bump h5p server --- package-lock.json | 66 ++++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 41 insertions(+), 27 deletions(-) diff --git a/package-lock.json b/package-lock.json index f7daa471e75..53c6d70a6ed 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,7 +21,7 @@ "@hendt/xml2json": "^1.0.3", "@hpi-schul-cloud/commons": "^1.3.4", "@keycloak/keycloak-admin-client": "^25.0.1", - "@lumieducation/h5p-server": "^9.2.0", + "@lumieducation/h5p-server": "^9.3.2", "@mikro-orm/cli": "^5.6.16", "@mikro-orm/core": "^5.6.16", "@mikro-orm/migrations-mongodb": "^5.6.16", @@ -3902,30 +3902,30 @@ } }, "node_modules/@lumieducation/h5p-server": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/@lumieducation/h5p-server/-/h5p-server-9.2.0.tgz", - "integrity": "sha512-npW5hXyFikFS7LakT6O+4FQgJNHEAyEMRm9VTifyZcNuQ+lMWoz2gGbEuoT4PcTyaK+a1f6G8V8G3882fL0qKQ==", + "version": "9.3.2", + "resolved": "https://registry.npmjs.org/@lumieducation/h5p-server/-/h5p-server-9.3.2.tgz", + "integrity": "sha512-rNtL0N44zgRLrJ/5lCpSMg/YanMNlnrhMFDVTzDm5O8VTbHxNfnz1W5bA4UHRslB3nnqcBTBjZxs1ETO0WGPPw==", "license": "GPL-3.0-or-later", "dependencies": { - "ajv": "^8.11.0", + "ajv": "^8.12.0", "ajv-keywords": "^5.1.0", - "async-lock": "^1.3.1", - "axios": "^0.27.0", - "cache-manager": "^3.6.1", + "async-lock": "^1.4.0", + "axios": "^1.4.0", + "cache-manager": "^4.0.0", "debug": "^4.3.4", "flat": "^5.0.2", - "fs-extra": "^10.1.0", + "fs-extra": "^11.1.1", "get-all-files": "^4.1.0", "https-proxy-agent": "^5.0.1", - "image-size": "^1.0.1", + "image-size": "^1.0.2", "jsonpath": "^1.1.1", "merge": "^2.1.1", "mime-types": "^2.1.35", "nanoid": "^3.3.2", "node-machine-id": "^1.1.12", "promisepipe": "^3.0.0", - "qs": "^6.10.3", - "sanitize-html": "^2.7.0", + "qs": "^6.11.1", + "sanitize-html": "^2.10.0", "stream-buffers": "^3.0.2", "tmp-promise": "^3.0.3", "upath": "^2.0.1", @@ -3933,25 +3933,15 @@ "yazl": "^2.5.1" } }, - "node_modules/@lumieducation/h5p-server/node_modules/axios": { - "version": "0.27.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz", - "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.14.9", - "form-data": "^4.0.0" - } - }, "node_modules/@lumieducation/h5p-server/node_modules/cache-manager": { - "version": "3.6.3", - "resolved": "https://registry.npmjs.org/cache-manager/-/cache-manager-3.6.3.tgz", - "integrity": "sha512-dS4DnV6c6cQcVH5OxzIU1XZaACXwvVIiUPkFytnRmLOACuBGv3GQgRQ1RJGRRw4/9DF14ZK2RFlZu1TUgDniMg==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/cache-manager/-/cache-manager-4.1.0.tgz", + "integrity": "sha512-ZGM6dLxrP65bfOZmcviWMadUOCICqpLs92+P/S5tj8onz+k+tB7Gr+SAgOUHCQtfm2gYEQDHiKeul4+tYPOJ8A==", "license": "MIT", "dependencies": { "async": "3.2.3", "lodash.clonedeep": "^4.5.0", - "lru-cache": "6.0.0" + "lru-cache": "^7.10.1" } }, "node_modules/@lumieducation/h5p-server/node_modules/debug": { @@ -3969,6 +3959,29 @@ } } }, + "node_modules/@lumieducation/h5p-server/node_modules/fs-extra": { + "version": "11.2.0", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==", + "license": "MIT", + "dependencies": { + "graceful-fs": "^4.2.0", + "jsonfile": "^6.0.1", + "universalify": "^2.0.0" + }, + "engines": { + "node": ">=14.14" + } + }, + "node_modules/@lumieducation/h5p-server/node_modules/lru-cache": { + "version": "7.18.3", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz", + "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==", + "license": "ISC", + "engines": { + "node": ">=12" + } + }, "node_modules/@lumieducation/h5p-server/node_modules/qs": { "version": "6.12.3", "resolved": "https://registry.npmjs.org/qs/-/qs-6.12.3.tgz", @@ -11589,6 +11602,7 @@ }, "node_modules/fs-extra": { "version": "10.1.0", + "dev": true, "license": "MIT", "dependencies": { "graceful-fs": "^4.2.0", diff --git a/package.json b/package.json index a792816c932..80726ac5b97 100644 --- a/package.json +++ b/package.json @@ -137,7 +137,7 @@ "@hendt/xml2json": "^1.0.3", "@hpi-schul-cloud/commons": "^1.3.4", "@keycloak/keycloak-admin-client": "^25.0.1", - "@lumieducation/h5p-server": "^9.2.0", + "@lumieducation/h5p-server": "^9.3.2", "@mikro-orm/cli": "^5.6.16", "@mikro-orm/core": "^5.6.16", "@mikro-orm/migrations-mongodb": "^5.6.16", From b118570499756be0fbcebe8f5f45a62f142703d4 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Wed, 24 Jul 2024 15:27:27 +0200 Subject: [PATCH 2/7] Add permission system --- .../service/contentStorage.service.ts | 14 +++++-- .../modules/h5p-editor/types/lumi-types.ts | 9 ----- .../src/modules/h5p-editor/uc/h5p.uc.ts | 3 -- .../permission-system.ts | 40 +++++++++++++++++++ .../service/h5p-library-management.service.ts | 24 ++++++----- 5 files changed, 64 insertions(+), 26 deletions(-) create mode 100644 apps/server/src/modules/h5p-library-management/permission-system.ts diff --git a/apps/server/src/modules/h5p-editor/service/contentStorage.service.ts b/apps/server/src/modules/h5p-editor/service/contentStorage.service.ts index caad97b0145..ddb220acd20 100644 --- a/apps/server/src/modules/h5p-editor/service/contentStorage.service.ts +++ b/apps/server/src/modules/h5p-editor/service/contentStorage.service.ts @@ -1,12 +1,13 @@ +import { S3ClientAdapter } from '@infra/s3-client'; import { ContentId, + ContentPermission, IContentMetadata, IContentStorage, IFileStats, ILibraryName, IUser as ILumiUser, LibraryName, - Permission, } from '@lumieducation/h5p-server'; import { HttpException, @@ -17,7 +18,6 @@ import { NotFoundException, UnprocessableEntityException, } from '@nestjs/common'; -import { S3ClientAdapter } from '@infra/s3-client'; import { ErrorUtils } from '@src/core/error/utils'; import { Readable } from 'stream'; import { H5pFileDto } from '../controller/dto/h5p-file.dto'; @@ -184,8 +184,14 @@ export class ContentStorage implements IContentStorage { return result; } - public getUserPermissions(): Promise { - const permissions = [Permission.Delete, Permission.Download, Permission.Edit, Permission.Embed, Permission.View]; + public getUserPermissions(): Promise { + const permissions = [ + ContentPermission.Delete, + ContentPermission.Download, + ContentPermission.Edit, + ContentPermission.Embed, + ContentPermission.View, + ]; return Promise.resolve(permissions); } diff --git a/apps/server/src/modules/h5p-editor/types/lumi-types.ts b/apps/server/src/modules/h5p-editor/types/lumi-types.ts index 2d9ec1db8a2..dcf7d1495f8 100644 --- a/apps/server/src/modules/h5p-editor/types/lumi-types.ts +++ b/apps/server/src/modules/h5p-editor/types/lumi-types.ts @@ -15,12 +15,6 @@ export class LumiUserWithContentData implements IUser { schoolId: EntityId; - canCreateRestricted: boolean; - - canInstallRecommended: boolean; - - canUpdateAndInstallLibraries: boolean; - email: string; id: EntityId; @@ -34,9 +28,6 @@ export class LumiUserWithContentData implements IUser { this.contentParentId = parentParams.parentId; this.schoolId = parentParams.schoolId; - this.canCreateRestricted = user.canCreateRestricted; - this.canInstallRecommended = user.canInstallRecommended; - this.canUpdateAndInstallLibraries = user.canUpdateAndInstallLibraries; this.email = user.email; this.id = user.id; this.name = user.name; diff --git a/apps/server/src/modules/h5p-editor/uc/h5p.uc.ts b/apps/server/src/modules/h5p-editor/uc/h5p.uc.ts index deca6dd0a7d..a6794b544a4 100644 --- a/apps/server/src/modules/h5p-editor/uc/h5p.uc.ts +++ b/apps/server/src/modules/h5p-editor/uc/h5p.uc.ts @@ -356,9 +356,6 @@ export class H5PEditorUc { private changeUserType(currentUser: ICurrentUser): LumiIUser { const user: LumiIUser = { - canCreateRestricted: false, - canInstallRecommended: false, - canUpdateAndInstallLibraries: false, email: '', id: currentUser.userId, name: '', diff --git a/apps/server/src/modules/h5p-library-management/permission-system.ts b/apps/server/src/modules/h5p-library-management/permission-system.ts new file mode 100644 index 00000000000..b7bf71f5b7e --- /dev/null +++ b/apps/server/src/modules/h5p-library-management/permission-system.ts @@ -0,0 +1,40 @@ +/* eslint-disable @typescript-eslint/no-unused-vars */ +import { + ContentPermission, + GeneralPermission, + IPermissionSystem, + IUser, + TemporaryFilePermission, + UserDataPermission, +} from '@lumieducation/h5p-server'; + +export default class PermissionSystem implements IPermissionSystem { + checkForUserData( + actingUser: IUser, + permission: UserDataPermission, + contentId: string, + affectedUserId?: string + ): Promise { + return Promise.resolve(true); + } + + async checkForContent( + actingUser: IUser | undefined, + permission: ContentPermission, + contentId?: string + ): Promise { + return Promise.resolve(true); + } + + async checkForTemporaryFile( + user: IUser | undefined, + permission: TemporaryFilePermission, + filename?: string + ): Promise { + return Promise.resolve(true); + } + + async checkForGeneralAction(actingUser: IUser | undefined, permission: GeneralPermission): Promise { + return Promise.resolve(true); + } +} diff --git a/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts b/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts index a6ab56ae29a..5cc9593b04a 100644 --- a/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts +++ b/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts @@ -1,20 +1,21 @@ import { - H5PConfig, cacheImplementations, - LibraryManager, ContentTypeCache, + H5PConfig, + ILibraryAdministrationOverviewItem, IUser, LibraryAdministration, - ILibraryAdministrationOverviewItem, + LibraryManager, } from '@lumieducation/h5p-server'; import ContentManager from '@lumieducation/h5p-server/build/src/ContentManager'; import ContentTypeInformationRepository from '@lumieducation/h5p-server/build/src/ContentTypeInformationRepository'; +import { IHubContentType } from '@lumieducation/h5p-server/build/src/types'; import { Injectable, InternalServerErrorException, NotFoundException } from '@nestjs/common'; +import { ConfigService } from '@nestjs/config'; import { ContentStorage, LibraryStorage } from '@src/modules/h5p-editor'; import { readFileSync } from 'fs'; import { parse } from 'yaml'; -import { ConfigService } from '@nestjs/config'; -import { IHubContentType } from '@lumieducation/h5p-server/build/src/types'; +import PermissionSystem from '../permission-system'; import { IH5PLibraryManagementConfig } from './h5p-library-management.config'; const h5pConfig = new H5PConfig(undefined, { @@ -75,8 +76,14 @@ export class H5PLibraryManagementService { undefined, h5pConfig ); - this.contentTypeRepo = new ContentTypeInformationRepository(this.contentTypeCache, this.libraryManager, h5pConfig); - const contentManager = new ContentManager(this.contentStorage); + const permissionSystem = new PermissionSystem(); + this.contentTypeRepo = new ContentTypeInformationRepository( + this.contentTypeCache, + this.libraryManager, + h5pConfig, + permissionSystem + ); + const contentManager = new ContentManager(this.contentStorage, permissionSystem); this.libraryAdministration = new LibraryAdministration(this.libraryManager, contentManager); const filePath = this.configService.get('H5P_EDITOR__LIBRARY_LIST_PATH'); @@ -115,9 +122,6 @@ export class H5PLibraryManagementService { private createDefaultIUser(): IUser { const user: IUser = { - canCreateRestricted: true, - canInstallRecommended: true, - canUpdateAndInstallLibraries: true, email: 'a@b.de', id: 'a', name: 'a', From 4d994f0a13538e08d928dadd2aa7f37aa09a4b49 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Fri, 26 Jul 2024 08:19:16 +0200 Subject: [PATCH 3/7] Add editor permission system and add specific permissions --- .../provider/editor-permission-system.ts} | 6 +-- .../provider/h5p-editor.provider.ts | 5 +- .../service/h5p-library-management.service.ts | 4 +- .../library-management-permission-system.ts | 49 +++++++++++++++++++ 4 files changed, 58 insertions(+), 6 deletions(-) rename apps/server/src/modules/{h5p-library-management/permission-system.ts => h5p-editor/provider/editor-permission-system.ts} (84%) create mode 100644 apps/server/src/modules/h5p-library-management/service/library-management-permission-system.ts diff --git a/apps/server/src/modules/h5p-library-management/permission-system.ts b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.ts similarity index 84% rename from apps/server/src/modules/h5p-library-management/permission-system.ts rename to apps/server/src/modules/h5p-editor/provider/editor-permission-system.ts index b7bf71f5b7e..616099f680d 100644 --- a/apps/server/src/modules/h5p-library-management/permission-system.ts +++ b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.ts @@ -8,14 +8,14 @@ import { UserDataPermission, } from '@lumieducation/h5p-server'; -export default class PermissionSystem implements IPermissionSystem { +export default class EditorPermissionSystem implements IPermissionSystem { checkForUserData( actingUser: IUser, permission: UserDataPermission, contentId: string, affectedUserId?: string ): Promise { - return Promise.resolve(true); + return Promise.resolve(false); } async checkForContent( @@ -35,6 +35,6 @@ export default class PermissionSystem implements IPermissionSystem { } async checkForGeneralAction(actingUser: IUser | undefined, permission: GeneralPermission): Promise { - return Promise.resolve(true); + return Promise.resolve(false); } } diff --git a/apps/server/src/modules/h5p-editor/provider/h5p-editor.provider.ts b/apps/server/src/modules/h5p-editor/provider/h5p-editor.provider.ts index d7b3e4e5668..27a72c68d29 100644 --- a/apps/server/src/modules/h5p-editor/provider/h5p-editor.provider.ts +++ b/apps/server/src/modules/h5p-editor/provider/h5p-editor.provider.ts @@ -1,8 +1,9 @@ import { H5PEditor, cacheImplementations } from '@lumieducation/h5p-server'; import { IH5PEditorOptions, ITranslationFunction } from '@lumieducation/h5p-server/build/src/types'; +import { ContentStorage, LibraryStorage, TemporaryFileStorage, Translator } from '../service'; import { h5pConfig, h5pUrlGenerator } from '../service/config/h5p-service-config'; -import { ContentStorage, Translator, LibraryStorage, TemporaryFileStorage } from '../service'; +import EditorPermissionSystem from './editor-permission-system'; export const H5PEditorProvider = { provide: H5PEditor, @@ -14,9 +15,11 @@ export const H5PEditorProvider = { ) { const cache = new cacheImplementations.CachedKeyValueStorage('kvcache'); + const permissionSystem = new EditorPermissionSystem(); const h5pOptions: IH5PEditorOptions = { enableHubLocalization: true, enableLibraryNameLocalization: true, + permissionSystem, }; // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access const translationFunction: ITranslationFunction = await Translator.translate(); diff --git a/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts b/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts index 5cc9593b04a..b32f8d6f763 100644 --- a/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts +++ b/apps/server/src/modules/h5p-library-management/service/h5p-library-management.service.ts @@ -15,8 +15,8 @@ import { ConfigService } from '@nestjs/config'; import { ContentStorage, LibraryStorage } from '@src/modules/h5p-editor'; import { readFileSync } from 'fs'; import { parse } from 'yaml'; -import PermissionSystem from '../permission-system'; import { IH5PLibraryManagementConfig } from './h5p-library-management.config'; +import LibraryManagementPermissionSystem from './library-management-permission-system'; const h5pConfig = new H5PConfig(undefined, { baseUrl: '/api/v3/h5p-editor', @@ -76,7 +76,7 @@ export class H5PLibraryManagementService { undefined, h5pConfig ); - const permissionSystem = new PermissionSystem(); + const permissionSystem = new LibraryManagementPermissionSystem(); this.contentTypeRepo = new ContentTypeInformationRepository( this.contentTypeCache, this.libraryManager, diff --git a/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.ts b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.ts new file mode 100644 index 00000000000..b73111cc1e1 --- /dev/null +++ b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.ts @@ -0,0 +1,49 @@ +/* eslint-disable @typescript-eslint/no-unused-vars */ +import { + ContentPermission, + GeneralPermission, + IPermissionSystem, + IUser, + TemporaryFilePermission, + UserDataPermission, +} from '@lumieducation/h5p-server'; + +export default class LibraryManagementPermissionSystem implements IPermissionSystem { + checkForUserData( + actingUser: IUser, + permission: UserDataPermission, + contentId: string, + affectedUserId?: string + ): Promise { + return Promise.resolve(false); + } + + async checkForContent( + actingUser: IUser | undefined, + permission: ContentPermission, + contentId?: string + ): Promise { + return Promise.resolve(false); + } + + async checkForTemporaryFile( + user: IUser | undefined, + permission: TemporaryFilePermission, + filename?: string + ): Promise { + return Promise.resolve(false); + } + + async checkForGeneralAction(actingUser: IUser | undefined, permission: GeneralPermission): Promise { + switch (permission) { + case GeneralPermission.InstallRecommended: + return Promise.resolve(true); + case GeneralPermission.UpdateAndInstallLibraries: + return Promise.resolve(true); + case GeneralPermission.CreateRestricted: + return Promise.resolve(true); + default: + return false; + } + } +} From de2cca7bc4dd8ca05efde9815375a485f8932b88 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Mon, 29 Jul 2024 09:10:40 +0200 Subject: [PATCH 4/7] Add tests --- .../provider/editor-permission-system.spec.ts | 210 ++++++++++++++++++ ...brary-management-permission-system.spec.ts | 210 ++++++++++++++++++ 2 files changed, 420 insertions(+) create mode 100644 apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts create mode 100644 apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts diff --git a/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts new file mode 100644 index 00000000000..3baefa4f8b0 --- /dev/null +++ b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts @@ -0,0 +1,210 @@ +import { + ContentPermission, + GeneralPermission, + TemporaryFilePermission, + UserDataPermission, +} from '@lumieducation/h5p-server'; +import EditorPermissionSystem from './editor-permission-system'; + +describe('EditorPermissionSystem', () => { + const buildUser = () => { + return { id: '1', email: '', name: '', type: '' }; + }; + + describe('checkForUserData', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.DeleteFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.DeleteState, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.EditFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.EditState, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ListStates, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ViewFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ViewState, '1'); + + expect(result).toBe(false); + }); + }); + + describe('checkForContent', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Create, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Delete, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Download, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Edit, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Embed, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.List, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.View, '1'); + + expect(result).toBe(true); + }); + }); + + describe('checkForTemporaryFile', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.Create, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.Delete, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.List, '1'); + + expect(result).toBe(true); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.View, '1'); + + expect(result).toBe(true); + }); + }); + + describe('checkForGeneralAction', () => { + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.InstallRecommended); + + expect(result).toBe(false); + }); + + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.UpdateAndInstallLibraries); + + expect(result).toBe(false); + }); + + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new EditorPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.CreateRestricted); + + expect(result).toBe(false); + }); + }); +}); diff --git a/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts new file mode 100644 index 00000000000..b1f9dadac36 --- /dev/null +++ b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts @@ -0,0 +1,210 @@ +import { + ContentPermission, + GeneralPermission, + TemporaryFilePermission, + UserDataPermission, +} from '@lumieducation/h5p-server'; +import LibraryManagementPermissionSystem from './library-management-permission-system'; + +describe('LibraryManagementPermissionSystem', () => { + const buildUser = () => { + return { id: '1', email: '', name: '', type: '' }; + }; + + describe('checkForUserData', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.DeleteFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.DeleteState, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.EditFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.EditState, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ListStates, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ViewFinished, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForUserData(user, UserDataPermission.ViewState, '1'); + + expect(result).toBe(false); + }); + }); + + describe('checkForContent', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Create, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Delete, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Download, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Edit, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.Embed, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.List, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForContent(user, ContentPermission.View, '1'); + + expect(result).toBe(false); + }); + }); + + describe('checkForTemporaryFile', () => { + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.Create, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.Delete, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.List, '1'); + + expect(result).toBe(false); + }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForTemporaryFile(user, TemporaryFilePermission.View, '1'); + + expect(result).toBe(false); + }); + }); + + describe('checkForGeneralAction', () => { + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.InstallRecommended); + + expect(result).toBe(true); + }); + + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.UpdateAndInstallLibraries); + + expect(result).toBe(true); + }); + + it('should return true', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + const result = await permissionSystem.checkForGeneralAction(user, GeneralPermission.CreateRestricted); + + expect(result).toBe(true); + }); + }); +}); From 94fec0675b696e7bee667f9e46185041684acf14 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Mon, 29 Jul 2024 10:39:20 +0200 Subject: [PATCH 5/7] Fix tests --- .../h5p-editor/service/contentStorage.service.spec.ts | 6 ------ .../service/temporary-file-storage.service.spec.ts | 3 --- 2 files changed, 9 deletions(-) diff --git a/apps/server/src/modules/h5p-editor/service/contentStorage.service.spec.ts b/apps/server/src/modules/h5p-editor/service/contentStorage.service.spec.ts index 2b976bfce10..e237530bd9a 100644 --- a/apps/server/src/modules/h5p-editor/service/contentStorage.service.spec.ts +++ b/apps/server/src/modules/h5p-editor/service/contentStorage.service.spec.ts @@ -66,9 +66,6 @@ const helpers = { createUser() { return { - canCreateRestricted: false, - canInstallRecommended: false, - canUpdateAndInstallLibraries: false, email: 'example@schul-cloud.org', id: '12345', name: 'Example User', @@ -131,9 +128,6 @@ describe('ContentStorage', () => { const existingContent = helpers.buildContent(0).withID(); const iUser: IUser = { - canCreateRestricted: false, - canInstallRecommended: false, - canUpdateAndInstallLibraries: false, email: 'example@schul-cloud.org', id: new ObjectId().toHexString(), name: 'Example User', diff --git a/apps/server/src/modules/h5p-editor/service/temporary-file-storage.service.spec.ts b/apps/server/src/modules/h5p-editor/service/temporary-file-storage.service.spec.ts index 4a51d5010a2..8956992f8dd 100644 --- a/apps/server/src/modules/h5p-editor/service/temporary-file-storage.service.spec.ts +++ b/apps/server/src/modules/h5p-editor/service/temporary-file-storage.service.spec.ts @@ -13,9 +13,6 @@ import { TemporaryFileStorage } from './temporary-file-storage.service'; const helpers = { createUser() { return { - canCreateRestricted: false, - canInstallRecommended: false, - canUpdateAndInstallLibraries: false, email: 'example@schul-cloud.org', id: '12345', name: 'Example User', From 806d4ce75a60fbad19deacb7fde01027b0a3d598 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Mon, 29 Jul 2024 10:47:37 +0200 Subject: [PATCH 6/7] Fix test descriptions --- .../provider/editor-permission-system.spec.ts | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts index 3baefa4f8b0..e0b1d85f19f 100644 --- a/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts +++ b/apps/server/src/modules/h5p-editor/provider/editor-permission-system.spec.ts @@ -77,7 +77,7 @@ describe('EditorPermissionSystem', () => { }); describe('checkForContent', () => { - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -86,7 +86,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -95,7 +95,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -104,7 +104,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -113,7 +113,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -122,7 +122,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -131,7 +131,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -142,7 +142,7 @@ describe('EditorPermissionSystem', () => { }); describe('checkForTemporaryFile', () => { - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -151,7 +151,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -160,7 +160,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -169,7 +169,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(true); }); - it('should return false', async () => { + it('should return true', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -180,7 +180,7 @@ describe('EditorPermissionSystem', () => { }); describe('checkForGeneralAction', () => { - it('should return true', async () => { + it('should return false', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -189,7 +189,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(false); }); - it('should return true', async () => { + it('should return false', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); @@ -198,7 +198,7 @@ describe('EditorPermissionSystem', () => { expect(result).toBe(false); }); - it('should return true', async () => { + it('should return false', async () => { const user = buildUser(); const permissionSystem = new EditorPermissionSystem(); From 102fb45e102afd1a41ac3d36b8044edf01122c55 Mon Sep 17 00:00:00 2001 From: Max Bischof Date: Mon, 29 Jul 2024 10:56:57 +0200 Subject: [PATCH 7/7] Add test to meet coverage --- .../library-management-permission-system.spec.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts index b1f9dadac36..67ba2d49698 100644 --- a/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts +++ b/apps/server/src/modules/h5p-library-management/service/library-management-permission-system.spec.ts @@ -206,5 +206,16 @@ describe('LibraryManagementPermissionSystem', () => { expect(result).toBe(true); }); + + it('should return false', async () => { + const user = buildUser(); + + const permissionSystem = new LibraryManagementPermissionSystem(); + // eslint-disable-next-line @typescript-eslint/ban-ts-comment + // @ts-expect-error + const result = await permissionSystem.checkForGeneralAction(user, 'not-existing-permission'); + + expect(result).toBe(false); + }); }); });