feat: refactoring casl permission checks for recursive nested operations (#778)
* feat: nested casl abilities * fix: remove unused packages * Fixes * Fix createMany broken * Fix lint * Fix lint * Fix lint * Fix lint * Fixes * Fix CommentThread * Fix bugs * Fix lint * Fix bugs * Fixed auto routing * Fixed app path --------- Co-authored-by: Charles Bochet <charles@twenty.com> Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
This commit is contained in:
Jérémy M
@ -1,9 +1,6 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CanActivate } from '@nestjs/common';
|
||||
|
||||
import { CommentThreadService } from 'src/core/comment/services/comment-thread.service';
|
||||
import { CreateOneCommentGuard } from 'src/guards/create-one-comment.guard';
|
||||
import { CreateOneCommentThreadGuard } from 'src/guards/create-one-comment-thread.guard';
|
||||
import { AbilityFactory } from 'src/ability/ability.factory';
|
||||
|
||||
import { CommentThreadResolver } from './comment-thread.resolver';
|
||||
@ -12,8 +9,6 @@ describe('CommentThreadResolver', () => {
|
||||
let resolver: CommentThreadResolver;
|
||||
|
||||
beforeEach(async () => {
|
||||
const mockGuard: CanActivate = { canActivate: jest.fn(() => true) };
|
||||
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
providers: [
|
||||
CommentThreadResolver,
|
||||
@ -26,12 +21,7 @@ describe('CommentThreadResolver', () => {
|
||||
useValue: {},
|
||||
},
|
||||
],
|
||||
})
|
||||
.overrideGuard(CreateOneCommentGuard)
|
||||
.useValue(mockGuard)
|
||||
.overrideGuard(CreateOneCommentThreadGuard)
|
||||
.useValue(mockGuard)
|
||||
.compile();
|
||||
}).compile();
|
||||
|
||||
resolver = module.get<CommentThreadResolver>(CommentThreadResolver);
|
||||
});
|
||||
|
||||
@ -9,7 +9,6 @@ import { Workspace } from 'src/core/@generated/workspace/workspace.model';
|
||||
import { AuthWorkspace } from 'src/decorators/auth-workspace.decorator';
|
||||
import { CommentThread } from 'src/core/@generated/comment-thread/comment-thread.model';
|
||||
import { CreateOneCommentThreadArgs } from 'src/core/@generated/comment-thread/create-one-comment-thread.args';
|
||||
import { CreateOneCommentThreadGuard } from 'src/guards/create-one-comment-thread.guard';
|
||||
import { FindManyCommentThreadArgs } from 'src/core/@generated/comment-thread/find-many-comment-thread.args';
|
||||
import { CommentThreadService } from 'src/core/comment/services/comment-thread.service';
|
||||
import { UpdateOneCommentThreadArgs } from 'src/core/@generated/comment-thread/update-one-comment-thread.args';
|
||||
@ -35,7 +34,6 @@ import { DeleteManyCommentThreadArgs } from 'src/core/@generated/comment-thread/
|
||||
export class CommentThreadResolver {
|
||||
constructor(private readonly commentThreadService: CommentThreadService) {}
|
||||
|
||||
@UseGuards(CreateOneCommentThreadGuard)
|
||||
@Mutation(() => CommentThread, {
|
||||
nullable: false,
|
||||
})
|
||||
@ -51,6 +49,15 @@ export class CommentThreadResolver {
|
||||
data: {
|
||||
...args.data,
|
||||
...{ workspace: { connect: { id: workspace.id } } },
|
||||
commentThreadTargets: args.data?.commentThreadTargets?.createMany
|
||||
? {
|
||||
createMany: {
|
||||
data: args.data.commentThreadTargets.createMany.data.map(
|
||||
(target) => ({ ...target, workspaceId: workspace.id }),
|
||||
),
|
||||
},
|
||||
}
|
||||
: undefined,
|
||||
},
|
||||
select: prismaSelect.value,
|
||||
} as Prisma.CommentThreadCreateArgs);
|
||||
@ -65,6 +72,7 @@ export class CommentThreadResolver {
|
||||
@CheckAbilities(UpdateCommentThreadAbilityHandler)
|
||||
async updateOneCommentThread(
|
||||
@Args() args: UpdateOneCommentThreadArgs,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@PrismaSelector({ modelName: 'CommentThread' })
|
||||
prismaSelect: PrismaSelect<'CommentThread'>,
|
||||
): Promise<Partial<CommentThread>> {
|
||||
@ -84,7 +92,18 @@ export class CommentThreadResolver {
|
||||
}
|
||||
const updatedCommentThread = await this.commentThreadService.update({
|
||||
where: args.where,
|
||||
data: args.data,
|
||||
data: {
|
||||
...args.data,
|
||||
commentThreadTargets: args.data?.commentThreadTargets?.createMany
|
||||
? {
|
||||
createMany: {
|
||||
data: args.data.commentThreadTargets.createMany.data.map(
|
||||
(target) => ({ ...target, workspaceId: workspace.id }),
|
||||
),
|
||||
},
|
||||
}
|
||||
: undefined,
|
||||
},
|
||||
select: prismaSelect.value,
|
||||
} as Prisma.CommentThreadUpdateArgs);
|
||||
|
||||
|
||||
@ -1,8 +1,6 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CanActivate } from '@nestjs/common';
|
||||
|
||||
import { CommentService } from 'src/core/comment/services/comment.service';
|
||||
import { CreateOneCommentGuard } from 'src/guards/create-one-comment.guard';
|
||||
import { AbilityFactory } from 'src/ability/ability.factory';
|
||||
|
||||
import { CommentResolver } from './comment.resolver';
|
||||
@ -11,8 +9,6 @@ describe('CommentResolver', () => {
|
||||
let resolver: CommentResolver;
|
||||
|
||||
beforeEach(async () => {
|
||||
const mockGuard: CanActivate = { canActivate: jest.fn(() => true) };
|
||||
|
||||
const module: TestingModule = await Test.createTestingModule({
|
||||
providers: [
|
||||
CommentResolver,
|
||||
@ -25,10 +21,7 @@ describe('CommentResolver', () => {
|
||||
useValue: {},
|
||||
},
|
||||
],
|
||||
})
|
||||
.overrideGuard(CreateOneCommentGuard)
|
||||
.useValue(mockGuard)
|
||||
.compile();
|
||||
}).compile();
|
||||
|
||||
resolver = module.get<CommentResolver>(CommentResolver);
|
||||
});
|
||||
|
||||
@ -8,7 +8,6 @@ import { Workspace } from 'src/core/@generated/workspace/workspace.model';
|
||||
import { AuthWorkspace } from 'src/decorators/auth-workspace.decorator';
|
||||
import { CreateOneCommentArgs } from 'src/core/@generated/comment/create-one-comment.args';
|
||||
import { Comment } from 'src/core/@generated/comment/comment.model';
|
||||
import { CreateOneCommentGuard } from 'src/guards/create-one-comment.guard';
|
||||
import { CommentService } from 'src/core/comment/services/comment.service';
|
||||
import {
|
||||
PrismaSelector,
|
||||
@ -25,7 +24,6 @@ import { User } from 'src/core/@generated/user/user.model';
|
||||
export class CommentResolver {
|
||||
constructor(private readonly commentService: CommentService) {}
|
||||
|
||||
@UseGuards(CreateOneCommentGuard)
|
||||
@Mutation(() => Comment, {
|
||||
nullable: false,
|
||||
})
|
||||
|
||||
@ -7,33 +7,35 @@ export class CommentThreadTargetService {
|
||||
constructor(private readonly prismaService: PrismaService) {}
|
||||
|
||||
// Find
|
||||
findFirst = this.prismaService.commentThreadTarget.findFirst;
|
||||
findFirstOrThrow = this.prismaService.commentThreadTarget.findFirstOrThrow;
|
||||
findFirst = this.prismaService.client.commentThreadTarget.findFirst;
|
||||
findFirstOrThrow =
|
||||
this.prismaService.client.commentThreadTarget.findFirstOrThrow;
|
||||
|
||||
findUnique = this.prismaService.commentThreadTarget.findUnique;
|
||||
findUniqueOrThrow = this.prismaService.commentThreadTarget.findUniqueOrThrow;
|
||||
findUnique = this.prismaService.client.commentThreadTarget.findUnique;
|
||||
findUniqueOrThrow =
|
||||
this.prismaService.client.commentThreadTarget.findUniqueOrThrow;
|
||||
|
||||
findMany = this.prismaService.commentThreadTarget.findMany;
|
||||
findMany = this.prismaService.client.commentThreadTarget.findMany;
|
||||
|
||||
// Create
|
||||
create = this.prismaService.commentThreadTarget.create;
|
||||
createMany = this.prismaService.commentThreadTarget.createMany;
|
||||
create = this.prismaService.client.commentThreadTarget.create;
|
||||
createMany = this.prismaService.client.commentThreadTarget.createMany;
|
||||
|
||||
// Update
|
||||
update = this.prismaService.commentThreadTarget.update;
|
||||
upsert = this.prismaService.commentThreadTarget.upsert;
|
||||
updateMany = this.prismaService.commentThreadTarget.updateMany;
|
||||
update = this.prismaService.client.commentThreadTarget.update;
|
||||
upsert = this.prismaService.client.commentThreadTarget.upsert;
|
||||
updateMany = this.prismaService.client.commentThreadTarget.updateMany;
|
||||
|
||||
// Delete
|
||||
delete = this.prismaService.commentThreadTarget.delete;
|
||||
deleteMany = this.prismaService.commentThreadTarget.deleteMany;
|
||||
delete = this.prismaService.client.commentThreadTarget.delete;
|
||||
deleteMany = this.prismaService.client.commentThreadTarget.deleteMany;
|
||||
|
||||
// Aggregate
|
||||
aggregate = this.prismaService.commentThreadTarget.aggregate;
|
||||
aggregate = this.prismaService.client.commentThreadTarget.aggregate;
|
||||
|
||||
// Count
|
||||
count = this.prismaService.commentThreadTarget.count;
|
||||
count = this.prismaService.client.commentThreadTarget.count;
|
||||
|
||||
// GroupBy
|
||||
groupBy = this.prismaService.commentThreadTarget.groupBy;
|
||||
groupBy = this.prismaService.client.commentThreadTarget.groupBy;
|
||||
}
|
||||
|
||||
@ -7,33 +7,33 @@ export class CommentThreadService {
|
||||
constructor(private readonly prismaService: PrismaService) {}
|
||||
|
||||
// Find
|
||||
findFirst = this.prismaService.commentThread.findFirst;
|
||||
findFirstOrThrow = this.prismaService.commentThread.findFirstOrThrow;
|
||||
findFirst = this.prismaService.client.commentThread.findFirst;
|
||||
findFirstOrThrow = this.prismaService.client.commentThread.findFirstOrThrow;
|
||||
|
||||
findUnique = this.prismaService.commentThread.findUnique;
|
||||
findUniqueOrThrow = this.prismaService.commentThread.findUniqueOrThrow;
|
||||
findUnique = this.prismaService.client.commentThread.findUnique;
|
||||
findUniqueOrThrow = this.prismaService.client.commentThread.findUniqueOrThrow;
|
||||
|
||||
findMany = this.prismaService.commentThread.findMany;
|
||||
findMany = this.prismaService.client.commentThread.findMany;
|
||||
|
||||
// Create
|
||||
create = this.prismaService.commentThread.create;
|
||||
createMany = this.prismaService.commentThread.createMany;
|
||||
create = this.prismaService.client.commentThread.create;
|
||||
createMany = this.prismaService.client.commentThread.createMany;
|
||||
|
||||
// Update
|
||||
update = this.prismaService.commentThread.update;
|
||||
upsert = this.prismaService.commentThread.upsert;
|
||||
updateMany = this.prismaService.commentThread.updateMany;
|
||||
update = this.prismaService.client.commentThread.update;
|
||||
upsert = this.prismaService.client.commentThread.upsert;
|
||||
updateMany = this.prismaService.client.commentThread.updateMany;
|
||||
|
||||
// Delete
|
||||
delete = this.prismaService.commentThread.delete;
|
||||
deleteMany = this.prismaService.commentThread.deleteMany;
|
||||
delete = this.prismaService.client.commentThread.delete;
|
||||
deleteMany = this.prismaService.client.commentThread.deleteMany;
|
||||
|
||||
// Aggregate
|
||||
aggregate = this.prismaService.commentThread.aggregate;
|
||||
aggregate = this.prismaService.client.commentThread.aggregate;
|
||||
|
||||
// Count
|
||||
count = this.prismaService.commentThread.count;
|
||||
count = this.prismaService.client.commentThread.count;
|
||||
|
||||
// GroupBy
|
||||
groupBy = this.prismaService.commentThread.groupBy;
|
||||
groupBy = this.prismaService.client.commentThread.groupBy;
|
||||
}
|
||||
|
||||
@ -7,33 +7,33 @@ export class CommentService {
|
||||
constructor(private readonly prismaService: PrismaService) {}
|
||||
|
||||
// Find
|
||||
findFirst = this.prismaService.comment.findFirst;
|
||||
findFirstOrThrow = this.prismaService.comment.findFirstOrThrow;
|
||||
findFirst = this.prismaService.client.comment.findFirst;
|
||||
findFirstOrThrow = this.prismaService.client.comment.findFirstOrThrow;
|
||||
|
||||
findUnique = this.prismaService.comment.findUnique;
|
||||
findUniqueOrThrow = this.prismaService.comment.findUniqueOrThrow;
|
||||
findUnique = this.prismaService.client.comment.findUnique;
|
||||
findUniqueOrThrow = this.prismaService.client.comment.findUniqueOrThrow;
|
||||
|
||||
findMany = this.prismaService.comment.findMany;
|
||||
findMany = this.prismaService.client.comment.findMany;
|
||||
|
||||
// Create
|
||||
create = this.prismaService.comment.create;
|
||||
createMany = this.prismaService.comment.createMany;
|
||||
create = this.prismaService.client.comment.create;
|
||||
createMany = this.prismaService.client.comment.createMany;
|
||||
|
||||
// Update
|
||||
update = this.prismaService.comment.update;
|
||||
upsert = this.prismaService.comment.upsert;
|
||||
updateMany = this.prismaService.comment.updateMany;
|
||||
update = this.prismaService.client.comment.update;
|
||||
upsert = this.prismaService.client.comment.upsert;
|
||||
updateMany = this.prismaService.client.comment.updateMany;
|
||||
|
||||
// Delete
|
||||
delete = this.prismaService.comment.delete;
|
||||
deleteMany = this.prismaService.comment.deleteMany;
|
||||
delete = this.prismaService.client.comment.delete;
|
||||
deleteMany = this.prismaService.client.comment.deleteMany;
|
||||
|
||||
// Aggregate
|
||||
aggregate = this.prismaService.comment.aggregate;
|
||||
aggregate = this.prismaService.client.comment.aggregate;
|
||||
|
||||
// Count
|
||||
count = this.prismaService.comment.count;
|
||||
count = this.prismaService.client.comment.count;
|
||||
|
||||
// GroupBy
|
||||
groupBy = this.prismaService.comment.groupBy;
|
||||
groupBy = this.prismaService.client.comment.groupBy;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user