fix: merge conflict

server/handlers/oauth_login.go

@@ -56,8 +56,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 
 			// use protected roles verification for admin login only.
 			// though if not associated with user, it will be rejected from oauth_callback
-			if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) {
-				log.Debug("Invalid roles: ", roles)
+			if !utils.IsValidRoles(rolesSplit, append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
 				c.JSON(400, gin.H{
 					"error": "invalid role",
 				})

server/resolvers/login.go

@@ -58,7 +58,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	roles := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
 	currentRoles := strings.Split(user.Roles, ",")
 	if len(params.Roles) > 0 {
-		if !utils.IsValidRoles(currentRoles, params.Roles) {
+		if !utils.IsValidRoles(params.Roles, currentRoles) {
 			return res, fmt.Errorf(`invalid roles`)
 		}
 

server/resolvers/magic_link_login.go

@@ -52,7 +52,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
 		// define roles for new user
 		if len(params.Roles) > 0 {
 			// check if roles exists
-			if !utils.IsValidRoles(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
+			if !utils.IsValidRoles(params.Roles, envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles)) {
 				return res, fmt.Errorf(`invalid roles`)
 			} else {
 				inputRoles = params.Roles

server/test/resolvers_test.go

@@ -11,10 +11,10 @@ import (
 
 func TestResolvers(t *testing.T) {
 	databases := map[string]string{
-		// constants.DbTypeSqlite: "../../data.db",
+		constants.DbTypeSqlite: "../../data.db",
 		// constants.DbTypeArangodb: "http://localhost:8529",
 		// constants.DbTypeMongodb:  "mongodb://localhost:27017",
-		constants.DbTypeCassandraDB: "127.0.0.1:9042",
+		// constants.DbTypeCassandraDB: "127.0.0.1:9042",
 	}
 
 	for dbType, dbURL := range databases {

server/test/update_user_test.go

@@ -24,6 +24,7 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		})
 
 		user := *signupRes.User
+
 		adminRole := "supplier"
 		userRole := "user"
 		newRoles := []*string{&adminRole, &userRole}
@@ -40,6 +41,15 @@ func updateUserTest(t *testing.T, s TestSetup) {
 			ID:    user.ID,
 			Roles: newRoles,
 		})
+		// supplier is not part of envs
+		assert.Error(t, err)
+		adminRole = "admin"
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyProtectedRoles, []string{adminRole})
+		newRoles = []*string{&adminRole, &userRole}
+		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
+			ID:    user.ID,
+			Roles: newRoles,
+		})
 		assert.Nil(t, err)
 		cleanData(email)
 	})

server/utils/validator.go

@@ -54,8 +54,8 @@ func IsValidOrigin(url string) bool {
 // IsValidRoles validates roles
 func IsValidRoles(userRoles []string, roles []string) bool {
 	valid := true
-	for _, role := range roles {
-		if !StringSliceContains(userRoles, role) {
+	for _, userRole := range userRoles {
+		if !StringSliceContains(roles, userRole) {
 			valid = false
 			break
 		}