Merge pull request #166 from Vicg853/fix/role-update

Fix/role update
Fixing related files
2022-05-15 17:04:42 +05:30 · 2022-05-14 23:21:45 -03:00 · 2022-05-14 05:07:13 -03:00 · 2022-05-14 04:37:36 -03:00 · 2022-05-13 07:49:45 +05:30 · 2022-05-13 07:38:45 +05:30
8 changed files with 39 additions and 30 deletions
--- a/server/handlers/oauth_login.go
+++ b/server/handlers/oauth_login.go
@@ -52,7 +52,7 @@ func OAuthLoginHandler() gin.HandlerFunc {

 			// use protected roles verification for admin login only.
 			// though if not associated with user, it will be rejected from oauth_callback
-			if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) {
+			if !utils.IsValidRoles(rolesSplit, append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
 				c.JSON(400, gin.H{
 					"error": "invalid role",
 				})
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@@ -58,7 +58,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	roles := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
 	currentRoles := strings.Split(user.Roles, ",")
 	if len(params.Roles) > 0 {
-		if !utils.IsValidRoles(currentRoles, params.Roles) {
+		if !utils.IsValidRoles(params.Roles, currentRoles) {
 			return res, fmt.Errorf(`invalid roles`)
 		}

--- a/server/resolvers/magic_link_login.go
+++ b/server/resolvers/magic_link_login.go
@@ -52,7 +52,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
 		// define roles for new user
 		if len(params.Roles) > 0 {
 			// check if roles exists
-			if !utils.IsValidRoles(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
+			if !utils.IsValidRoles(params.Roles, envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles)) {
 				return res, fmt.Errorf(`invalid roles`)
 			} else {
 				inputRoles = params.Roles
--- a/server/test/resolvers_test.go
+++ b/server/test/resolvers_test.go
@@ -11,10 +11,10 @@ import (

 func TestResolvers(t *testing.T) {
 	databases := map[string]string{
-		// constants.DbTypeSqlite: "../../data.db",
+		constants.DbTypeSqlite: "../../data.db",
 		// constants.DbTypeArangodb: "http://localhost:8529",
 		// constants.DbTypeMongodb:  "mongodb://localhost:27017",
-		constants.DbTypeCassandraDB: "127.0.0.1:9042",
+		// constants.DbTypeCassandraDB: "127.0.0.1:9042",
 	}

 	for dbType, dbURL := range databases {
--- a/server/test/test.go
+++ b/server/test/test.go
@@ -31,31 +31,31 @@ type TestSetup struct {
 }

 func cleanData(email string) {
-	// verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)
-	// if err == nil {
-	// 	err = db.Provider.DeleteVerificationRequest(verificationRequest)
-	// }
+	verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)
+	if err == nil {
+		err = db.Provider.DeleteVerificationRequest(verificationRequest)
+	}

-	// verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeForgotPassword)
-	// if err == nil {
-	// 	err = db.Provider.DeleteVerificationRequest(verificationRequest)
-	// }
+	verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeForgotPassword)
+	if err == nil {
+		err = db.Provider.DeleteVerificationRequest(verificationRequest)
+	}

-	// verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeUpdateEmail)
-	// if err == nil {
-	// 	err = db.Provider.DeleteVerificationRequest(verificationRequest)
-	// }
+	verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeUpdateEmail)
+	if err == nil {
+		err = db.Provider.DeleteVerificationRequest(verificationRequest)
+	}

-	// verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeMagicLinkLogin)
-	// if err == nil {
-	// 	err = db.Provider.DeleteVerificationRequest(verificationRequest)
-	// }
+	verificationRequest, err = db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeMagicLinkLogin)
+	if err == nil {
+		err = db.Provider.DeleteVerificationRequest(verificationRequest)
+	}

-	// dbUser, err := db.Provider.GetUserByEmail(email)
-	// if err == nil {
-	// 	db.Provider.DeleteUser(dbUser)
-	// 	db.Provider.DeleteSession(dbUser.ID)
-	// }
+	dbUser, err := db.Provider.GetUserByEmail(email)
+	if err == nil {
+		db.Provider.DeleteUser(dbUser)
+		db.Provider.DeleteSession(dbUser.ID)
+	}
 }

 func createContext(s TestSetup) (*http.Request, context.Context) {
--- a/server/test/update_user_test.go
+++ b/server/test/update_user_test.go
@@ -24,6 +24,7 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		})

 		user := *signupRes.User
+
 		adminRole := "supplier"
 		userRole := "user"
 		newRoles := []*string{&adminRole, &userRole}
@@ -40,6 +41,15 @@ func updateUserTest(t *testing.T, s TestSetup) {
 			ID:    user.ID,
 			Roles: newRoles,
 		})
+		// supplier is not part of envs
+		assert.Error(t, err)
+		adminRole = "admin"
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyProtectedRoles, []string{adminRole})
+		newRoles = []*string{&adminRole, &userRole}
+		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
+			ID:    user.ID,
+			Roles: newRoles,
+		})
 		assert.Nil(t, err)
 		cleanData(email)
 	})
--- a/server/token/auth_token.go
+++ b/server/token/auth_token.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
-	"os"
 	"strings"
 	"time"

@@ -318,7 +317,7 @@ func CreateIDToken(user models.User, roles []string, hostname, nonce string) (st
 	}

 	// check for the extra access token script
-	accessTokenScript := os.Getenv(constants.EnvKeyCustomAccessTokenScript)
+	accessTokenScript := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCustomAccessTokenScript)
 	if accessTokenScript != "" {
 		vm := otto.New()

--- a/server/utils/validator.go
+++ b/server/utils/validator.go
@@ -54,8 +54,8 @@ func IsValidOrigin(url string) bool {
 // IsValidRoles validates roles
 func IsValidRoles(userRoles []string, roles []string) bool {
 	valid := true
-	for _, role := range roles {
-		if !StringSliceContains(userRoles, role) {
+	for _, userRole := range userRoles {
+		if !StringSliceContains(roles, userRole) {
 			valid = false
 			break
 		}
Author	SHA1	Message	Date
Lakhan Samani	5884802e60	Merge pull request #166 from Vicg853/fix/role-update Fix/role update	2022-05-15 17:04:42 +05:30
Vicg853	241f977b2a	Fixing related files	2022-05-14 23:21:45 -03:00
Vicg853	049ea64475	Merge branch 'main' of github.com:Vicg853/authorizer into fix/role-update	2022-05-14 05:07:13 -03:00
Vicg853	5e4f34c889	Fixing login isValidRole usage	2022-05-14 04:37:36 -03:00
Lakhan Samani	ab717d956a	fix: update role test	2022-05-13 07:49:45 +05:30
Lakhan Samani	6209c4d506	Merge pull request #165 from Vicg853/fix/role-update Unable to update user role fix	2022-05-13 07:38:45 +05:30
Vicg853	1efa419cdf	Clean up	2022-05-12 16:43:07 -03:00
Vicg853	4ceb6db4ba	Adding possible test error cause comment	2022-05-12 16:40:49 -03:00
Vicg853	9edc8d0fb5	Inverted userRoles by role fix. Roles can now be updated	2022-05-12 16:40:19 -03:00
Lakhan Samani	773213e5a4	fix: clean test data	2022-05-11 20:25:57 +05:30
Lakhan Samani	b7aeff57af	fixes #160	2022-04-30 12:45:08 +05:30