diff --git a/api/src/user/controllers/permission.controller.spec.ts b/api/src/user/controllers/permission.controller.spec.ts index 767a7aa2..d127c78f 100644 --- a/api/src/user/controllers/permission.controller.spec.ts +++ b/api/src/user/controllers/permission.controller.spec.ts @@ -24,7 +24,11 @@ import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; import { Model, ModelModel } from '../schemas/model.schema'; -import { Permission, PermissionModel } from '../schemas/permission.schema'; +import { + Permission, + PermissionFull, + PermissionModel, +} from '../schemas/permission.schema'; import { Role, RoleModel } from '../schemas/role.schema'; import { ModelService } from '../services/model.service'; import { PermissionService } from '../services/permission.service'; @@ -79,11 +83,11 @@ describe('PermissionController', () => { permissionModuleRef.get(PermissionService); allPermissions = await permissionService.findAll(); - adminRole = await roleService.findOne({ name: 'admin' }); - contentModel = await modelService.findOne({ name: 'Content' }); - createPermission = await permissionService.findOne({ + adminRole = (await roleService.findOne({ name: 'admin' })) as Role; + contentModel = (await modelService.findOne({ name: 'Content' })) as Model; + createPermission = (await permissionService.findOne({ action: Action.CREATE, - }); + })) as Permission; }); afterAll(closeInMongodConnection); @@ -110,16 +114,16 @@ describe('PermissionController', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as Model, }); return acc; }, - [], + [] as PermissionFull[], ); expect(result).toEqualPayload(permissionsWithRolesAndModels); diff --git a/api/src/user/controllers/permission.controller.ts b/api/src/user/controllers/permission.controller.ts index 4ebbbc8c..6f3acb03 100644 --- a/api/src/user/controllers/permission.controller.ts +++ b/api/src/user/controllers/permission.controller.ts @@ -92,13 +92,16 @@ export class PermissionController extends BaseController< @CsrfCheck(true) @Post() async create(@Body() permission: PermissionCreateDto) { - this.validate({ - dto: permission, - allowedIds: { - role: (await this.roleService.findOne(permission.role))?.id, - model: (await this.modelService.findOne(permission.model))?.id, - }, - }); + const role = await this.roleService.findOne(permission.role); + if (!role) { + throw new NotFoundException('Unable to find role'); + } + const model = await this.modelService.findOne(permission.model); + + if (!model) { + throw new NotFoundException('Unable to find model'); + } + return await this.permissionService.create(permission); } diff --git a/api/src/user/repositories/permission.repository.spec.ts b/api/src/user/repositories/permission.repository.spec.ts index 7e57831a..6f25fc64 100644 --- a/api/src/user/repositories/permission.repository.spec.ts +++ b/api/src/user/repositories/permission.repository.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -23,9 +23,13 @@ import { import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; -import { ModelModel } from '../schemas/model.schema'; -import { Permission, PermissionModel } from '../schemas/permission.schema'; -import { RoleModel } from '../schemas/role.schema'; +import { ModelModel, Model as ModelSchema } from '../schemas/model.schema'; +import { + Permission, + PermissionFull, + PermissionModel, +} from '../schemas/permission.schema'; +import { Role, RoleModel } from '../schemas/role.schema'; import { Action } from '../types/action.type'; describe('PermissionRepository', () => { @@ -56,12 +60,12 @@ describe('PermissionRepository', () => { permissionModel = module.get>( getModelToken('Permission'), ); - permission = await permissionRepository.findOne({ + permission = (await permissionRepository.findOne({ action: Action.CREATE, - }); - permissionToDelete = await permissionRepository.findOne({ + })) as Permission; + permissionToDelete = (await permissionRepository.findOne({ action: Action.UPDATE, - }); + })) as Permission; }); afterAll(async () => { @@ -104,16 +108,16 @@ describe('PermissionRepository', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as ModelSchema, }); return acc; }, - [], + [] as PermissionFull[], ); expect(permissionModel.find).toHaveBeenCalledWith({}, undefined); expect(result).toEqualPayload(permissionsWithRolesAndModels); diff --git a/api/src/user/services/permission.service.spec.ts b/api/src/user/services/permission.service.spec.ts index 91355dd1..9b2947d3 100644 --- a/api/src/user/services/permission.service.spec.ts +++ b/api/src/user/services/permission.service.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -24,13 +24,13 @@ import { import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; -import { ModelModel } from '../schemas/model.schema'; +import { ModelModel, Model as ModelSchema } from '../schemas/model.schema'; import { Permission, PermissionFull, PermissionModel, } from '../schemas/permission.schema'; -import { RoleModel } from '../schemas/role.schema'; +import { Role, RoleModel } from '../schemas/role.schema'; import { Action } from '../types/action.type'; import { PermissionService } from './permission.service'; @@ -70,9 +70,9 @@ describe('PermissionService', () => { modelRepository = module.get(ModelRepository); permissionRepository = module.get(PermissionRepository); - permission = await permissionRepository.findOne({ + permission = (await permissionRepository.findOne({ action: Action.CREATE, - }); + })) as Permission; }); afterAll(async () => { @@ -112,16 +112,16 @@ describe('PermissionService', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as ModelSchema, }); return acc; }, - [], + [] as PermissionFull[], ); expect(permissionRepository.findAllAndPopulate).toHaveBeenCalled(); expect(result).toEqualPayload(permissionsWithRolesAndModels);