feat: wip casl policies (#334)
* feat: wip casl policies * feat: add ability guard on pipeline resolvers * fix: test
This commit is contained in:
Jérémy M
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { TokenService } from './token.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { ConfigService } from '@nestjs/config';
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CommentThreadTargetService } from './comment-thread-target.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('CommentThreadTargetService', () => {
|
||||
let service: CommentThreadTargetService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CommentThreadService } from './comment-thread.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('CommentThreadService', () => {
|
||||
let service: CommentThreadService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CommentService } from './comment.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('CommentService', () => {
|
||||
let service: CommentService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { CompanyService } from './company.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('CompanyService', () => {
|
||||
let service: CompanyService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PersonService } from './person.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('PersonService', () => {
|
||||
let service: PersonService;
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineProgressResolver } from './pipeline-progress.resolver';
|
||||
import { PipelineProgressService } from '../services/pipeline-progress.service';
|
||||
import { AbilityFactory } from 'src/ability/ability.factory';
|
||||
|
||||
describe('PipelineProgressResolver', () => {
|
||||
let resolver: PipelineProgressResolver;
|
||||
@ -13,6 +14,10 @@ describe('PipelineProgressResolver', () => {
|
||||
provide: PipelineProgressService,
|
||||
useValue: {},
|
||||
},
|
||||
{
|
||||
provide: AbilityFactory,
|
||||
useValue: {},
|
||||
},
|
||||
],
|
||||
}).compile();
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
import { Resolver, Args, Query, Mutation } from '@nestjs/graphql';
|
||||
import { UseGuards } from '@nestjs/common';
|
||||
import { accessibleBy } from '@casl/prisma';
|
||||
import { JwtAuthGuard } from 'src/guards/jwt.auth.guard';
|
||||
import { Workspace } from '../../../core/@generated/workspace/workspace.model';
|
||||
import { AuthWorkspace } from '../../../decorators/auth-workspace.decorator';
|
||||
@ -11,7 +12,16 @@ import { AffectedRows } from '../../@generated/prisma/affected-rows.output';
|
||||
import { DeleteManyPipelineProgressArgs } from '../../@generated/pipeline-progress/delete-many-pipeline-progress.args';
|
||||
import { CreateOnePipelineProgressArgs } from '../../@generated/pipeline-progress/create-one-pipeline-progress.args';
|
||||
import { PipelineProgressService } from '../services/pipeline-progress.service';
|
||||
import { prepareFindManyArgs } from 'src/utils/prepare-find-many';
|
||||
import { AbilityGuard } from 'src/guards/ability.guard';
|
||||
import { CheckAbilities } from 'src/decorators/check-abilities.decorator';
|
||||
import {
|
||||
CreatePipelineProgressAbilityHandler,
|
||||
ReadPipelineProgressAbilityHandler,
|
||||
UpdatePipelineProgressAbilityHandler,
|
||||
DeletePipelineProgressAbilityHandler,
|
||||
} from 'src/ability/handlers/pipeline-progress.ability-handler';
|
||||
import { UserAbility } from 'src/decorators/user-ability.decorator';
|
||||
import { AppAbility } from 'src/ability/ability.factory';
|
||||
|
||||
@UseGuards(JwtAuthGuard)
|
||||
@Resolver(() => PipelineProgress)
|
||||
@ -21,20 +31,26 @@ export class PipelineProgressResolver {
|
||||
) {}
|
||||
|
||||
@Query(() => [PipelineProgress])
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(ReadPipelineProgressAbilityHandler)
|
||||
async findManyPipelineProgress(
|
||||
@Args() args: FindManyPipelineProgressArgs,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@UserAbility() ability: AppAbility,
|
||||
) {
|
||||
const preparedArgs = prepareFindManyArgs<FindManyPipelineProgressArgs>(
|
||||
args,
|
||||
workspace,
|
||||
);
|
||||
return this.pipelineProgressService.findMany(preparedArgs);
|
||||
return this.pipelineProgressService.findMany({
|
||||
...args,
|
||||
where: {
|
||||
...args.where,
|
||||
AND: [accessibleBy(ability).PipelineProgress],
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
@Mutation(() => PipelineProgress, {
|
||||
nullable: true,
|
||||
})
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(UpdatePipelineProgressAbilityHandler)
|
||||
async updateOnePipelineProgress(
|
||||
@Args() args: UpdateOnePipelineProgressArgs,
|
||||
): Promise<PipelineProgress | null> {
|
||||
@ -46,6 +62,8 @@ export class PipelineProgressResolver {
|
||||
@Mutation(() => AffectedRows, {
|
||||
nullable: false,
|
||||
})
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(DeletePipelineProgressAbilityHandler)
|
||||
async deleteManyPipelineProgress(
|
||||
@Args() args: DeleteManyPipelineProgressArgs,
|
||||
): Promise<AffectedRows> {
|
||||
@ -57,6 +75,8 @@ export class PipelineProgressResolver {
|
||||
@Mutation(() => PipelineProgress, {
|
||||
nullable: false,
|
||||
})
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(CreatePipelineProgressAbilityHandler)
|
||||
async createOnePipelineProgress(
|
||||
@Args() args: CreateOnePipelineProgressArgs,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineStageResolver } from './pipeline-stage.resolver';
|
||||
import { PipelineStageService } from '../services/pipeline-stage.service';
|
||||
import { AbilityFactory } from 'src/ability/ability.factory';
|
||||
|
||||
describe('PipelineStageResolver', () => {
|
||||
let resolver: PipelineStageResolver;
|
||||
@ -13,6 +14,10 @@ describe('PipelineStageResolver', () => {
|
||||
provide: PipelineStageService,
|
||||
useValue: {},
|
||||
},
|
||||
{
|
||||
provide: AbilityFactory,
|
||||
useValue: {},
|
||||
},
|
||||
],
|
||||
}).compile();
|
||||
|
||||
|
||||
@ -1,12 +1,15 @@
|
||||
import { Resolver, Args, Query } from '@nestjs/graphql';
|
||||
import { UseGuards } from '@nestjs/common';
|
||||
import { accessibleBy } from '@casl/prisma';
|
||||
import { JwtAuthGuard } from 'src/guards/jwt.auth.guard';
|
||||
import { Workspace } from '../../../core/@generated/workspace/workspace.model';
|
||||
import { AuthWorkspace } from '../../../decorators/auth-workspace.decorator';
|
||||
import { PipelineStage } from '../../../core/@generated/pipeline-stage/pipeline-stage.model';
|
||||
import { FindManyPipelineStageArgs } from '../../../core/@generated/pipeline-stage/find-many-pipeline-stage.args';
|
||||
import { PipelineStageService } from '../services/pipeline-stage.service';
|
||||
import { prepareFindManyArgs } from 'src/utils/prepare-find-many';
|
||||
import { AbilityGuard } from 'src/guards/ability.guard';
|
||||
import { CheckAbilities } from 'src/decorators/check-abilities.decorator';
|
||||
import { ReadPipelineStageAbilityHandler } from 'src/ability/handlers/pipeline-stage.ability-handler';
|
||||
import { UserAbility } from 'src/decorators/user-ability.decorator';
|
||||
import { AppAbility } from 'src/ability/ability.factory';
|
||||
|
||||
@UseGuards(JwtAuthGuard)
|
||||
@Resolver(() => PipelineStage)
|
||||
@ -14,15 +17,18 @@ export class PipelineStageResolver {
|
||||
constructor(private readonly pipelineStageService: PipelineStageService) {}
|
||||
|
||||
@Query(() => [PipelineStage])
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(ReadPipelineStageAbilityHandler)
|
||||
async findManyPipelineStage(
|
||||
@Args() args: FindManyPipelineStageArgs,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@UserAbility() ability: AppAbility,
|
||||
) {
|
||||
const preparedArgs = prepareFindManyArgs<FindManyPipelineStageArgs>(
|
||||
args,
|
||||
workspace,
|
||||
);
|
||||
|
||||
return this.pipelineStageService.findMany(preparedArgs);
|
||||
return this.pipelineStageService.findMany({
|
||||
...args,
|
||||
where: {
|
||||
...args.where,
|
||||
AND: [accessibleBy(ability).PipelineStage],
|
||||
},
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineResolver } from './pipeline.resolver';
|
||||
import { PipelineService } from '../services/pipeline.service';
|
||||
import { AbilityFactory } from 'src/ability/ability.factory';
|
||||
|
||||
describe('PipelineResolver', () => {
|
||||
let resolver: PipelineResolver;
|
||||
@ -13,6 +14,10 @@ describe('PipelineResolver', () => {
|
||||
provide: PipelineService,
|
||||
useValue: {},
|
||||
},
|
||||
{
|
||||
provide: AbilityFactory,
|
||||
useValue: {},
|
||||
},
|
||||
],
|
||||
}).compile();
|
||||
|
||||
|
||||
@ -1,12 +1,15 @@
|
||||
import { Resolver, Args, Query } from '@nestjs/graphql';
|
||||
import { UseGuards } from '@nestjs/common';
|
||||
import { accessibleBy } from '@casl/prisma';
|
||||
import { JwtAuthGuard } from 'src/guards/jwt.auth.guard';
|
||||
import { Workspace } from '../../@generated/workspace/workspace.model';
|
||||
import { AuthWorkspace } from '../../../decorators/auth-workspace.decorator';
|
||||
import { Pipeline } from '../../@generated/pipeline/pipeline.model';
|
||||
import { FindManyPipelineArgs } from '../../@generated/pipeline/find-many-pipeline.args';
|
||||
import { PipelineService } from '../services/pipeline.service';
|
||||
import { prepareFindManyArgs } from 'src/utils/prepare-find-many';
|
||||
import { AbilityGuard } from 'src/guards/ability.guard';
|
||||
import { CheckAbilities } from 'src/decorators/check-abilities.decorator';
|
||||
import { ReadPipelineAbilityHandler } from 'src/ability/handlers/pipeline.ability-handler';
|
||||
import { UserAbility } from 'src/decorators/user-ability.decorator';
|
||||
import { AppAbility } from 'src/ability/ability.factory';
|
||||
|
||||
@UseGuards(JwtAuthGuard)
|
||||
@Resolver(() => Pipeline)
|
||||
@ -14,14 +17,18 @@ export class PipelineResolver {
|
||||
constructor(private readonly pipelineService: PipelineService) {}
|
||||
|
||||
@Query(() => [Pipeline])
|
||||
@UseGuards(AbilityGuard)
|
||||
@CheckAbilities(ReadPipelineAbilityHandler)
|
||||
async findManyPipeline(
|
||||
@Args() args: FindManyPipelineArgs,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@UserAbility() ability: AppAbility,
|
||||
) {
|
||||
const preparedArgs = prepareFindManyArgs<FindManyPipelineArgs>(
|
||||
args,
|
||||
workspace,
|
||||
);
|
||||
return this.pipelineService.findMany(preparedArgs);
|
||||
return this.pipelineService.findMany({
|
||||
...args,
|
||||
where: {
|
||||
...args.where,
|
||||
AND: [accessibleBy(ability).Pipeline],
|
||||
},
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineProgressService } from './pipeline-progress.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('PipelineProgressService', () => {
|
||||
let service: PipelineProgressService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineStageService } from './pipeline-stage.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('PipelineStageService', () => {
|
||||
let service: PipelineStageService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { PipelineService } from './pipeline.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('PipelineService', () => {
|
||||
let service: PipelineService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { UserService } from './user.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
import { WorkspaceService } from '../workspace/services/workspace.service';
|
||||
import { WorkspaceMemberService } from '../workspace/services/workspace-member.service';
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { WorkspaceMemberService } from './workspace-member.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('WorkspaceMemberService', () => {
|
||||
let service: WorkspaceMemberService;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import { WorkspaceService } from './workspace.service';
|
||||
import { PrismaService } from 'src/database/prisma.service';
|
||||
import { prismaMock } from 'src/prisma-mock/jest-prisma-singleton';
|
||||
import { prismaMock } from 'src/database/client-mock/jest-prisma-singleton';
|
||||
|
||||
describe('WorkspaceService', () => {
|
||||
let service: WorkspaceService;
|
||||
|
||||
Reference in New Issue
Block a user