diff --git a/api/src/user/controllers/permission.controller.spec.ts b/api/src/user/controllers/permission.controller.spec.ts index 767a7aa2..d127c78f 100644 --- a/api/src/user/controllers/permission.controller.spec.ts +++ b/api/src/user/controllers/permission.controller.spec.ts @@ -24,7 +24,11 @@ import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; import { Model, ModelModel } from '../schemas/model.schema'; -import { Permission, PermissionModel } from '../schemas/permission.schema'; +import { + Permission, + PermissionFull, + PermissionModel, +} from '../schemas/permission.schema'; import { Role, RoleModel } from '../schemas/role.schema'; import { ModelService } from '../services/model.service'; import { PermissionService } from '../services/permission.service'; @@ -79,11 +83,11 @@ describe('PermissionController', () => { permissionModuleRef.get(PermissionService); allPermissions = await permissionService.findAll(); - adminRole = await roleService.findOne({ name: 'admin' }); - contentModel = await modelService.findOne({ name: 'Content' }); - createPermission = await permissionService.findOne({ + adminRole = (await roleService.findOne({ name: 'admin' })) as Role; + contentModel = (await modelService.findOne({ name: 'Content' })) as Model; + createPermission = (await permissionService.findOne({ action: Action.CREATE, - }); + })) as Permission; }); afterAll(closeInMongodConnection); @@ -110,16 +114,16 @@ describe('PermissionController', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as Model, }); return acc; }, - [], + [] as PermissionFull[], ); expect(result).toEqualPayload(permissionsWithRolesAndModels); diff --git a/api/src/user/controllers/permission.controller.ts b/api/src/user/controllers/permission.controller.ts index 4ebbbc8c..6f3acb03 100644 --- a/api/src/user/controllers/permission.controller.ts +++ b/api/src/user/controllers/permission.controller.ts @@ -92,13 +92,16 @@ export class PermissionController extends BaseController< @CsrfCheck(true) @Post() async create(@Body() permission: PermissionCreateDto) { - this.validate({ - dto: permission, - allowedIds: { - role: (await this.roleService.findOne(permission.role))?.id, - model: (await this.modelService.findOne(permission.model))?.id, - }, - }); + const role = await this.roleService.findOne(permission.role); + if (!role) { + throw new NotFoundException('Unable to find role'); + } + const model = await this.modelService.findOne(permission.model); + + if (!model) { + throw new NotFoundException('Unable to find model'); + } + return await this.permissionService.create(permission); } diff --git a/api/src/user/controllers/role.controller.spec.ts b/api/src/user/controllers/role.controller.spec.ts index b1f1c7d3..62073080 100644 --- a/api/src/user/controllers/role.controller.spec.ts +++ b/api/src/user/controllers/role.controller.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -30,7 +30,7 @@ import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; import { UserRepository } from '../repositories/user.repository'; import { PermissionModel } from '../schemas/permission.schema'; -import { Role, RoleModel } from '../schemas/role.schema'; +import { Role, RoleFull, RoleModel } from '../schemas/role.schema'; import { UserModel } from '../schemas/user.schema'; import { PermissionService } from '../services/permission.service'; import { RoleService } from '../services/role.service'; @@ -83,8 +83,8 @@ describe('RoleController', () => { roleService = module.get(RoleService); permissionService = module.get(PermissionService); userService = module.get(UserService); - roleAdmin = await roleService.findOne({ name: 'admin' }); - rolePublic = await roleService.findOne({ name: 'public' }); + roleAdmin = (await roleService.findOne({ name: 'admin' })) as Role; + rolePublic = (await roleService.findOne({ name: 'public' })) as Role; }); afterAll(async () => { @@ -126,7 +126,7 @@ describe('RoleController', () => { acc.push(roleWithPermissionsAndUsers); return acc; - }, []); + }, [] as RoleFull[]); expect(roleService.findAndPopulate).toHaveBeenCalledWith({}, pageQuery); expect(result).toEqualPayload(rolesWithPermissionsAndUsers); @@ -136,10 +136,10 @@ describe('RoleController', () => { describe('findOne', () => { it('should find one role', async () => { jest.spyOn(roleService, 'findOne'); - const result = await roleController.findOne(roleAdmin.id, []); + const result = (await roleController.findOne(roleAdmin.id, [])) as Role; expect(roleService.findOne).toHaveBeenCalledWith(roleAdmin.id); expect(result).toEqualPayload( - roleFixtures.find((role) => role.name === 'admin'), + roleFixtures.find((role) => role.name === 'admin') as Role, ); }); diff --git a/api/src/user/repositories/permission.repository.spec.ts b/api/src/user/repositories/permission.repository.spec.ts index 7e57831a..6f25fc64 100644 --- a/api/src/user/repositories/permission.repository.spec.ts +++ b/api/src/user/repositories/permission.repository.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -23,9 +23,13 @@ import { import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; -import { ModelModel } from '../schemas/model.schema'; -import { Permission, PermissionModel } from '../schemas/permission.schema'; -import { RoleModel } from '../schemas/role.schema'; +import { ModelModel, Model as ModelSchema } from '../schemas/model.schema'; +import { + Permission, + PermissionFull, + PermissionModel, +} from '../schemas/permission.schema'; +import { Role, RoleModel } from '../schemas/role.schema'; import { Action } from '../types/action.type'; describe('PermissionRepository', () => { @@ -56,12 +60,12 @@ describe('PermissionRepository', () => { permissionModel = module.get>( getModelToken('Permission'), ); - permission = await permissionRepository.findOne({ + permission = (await permissionRepository.findOne({ action: Action.CREATE, - }); - permissionToDelete = await permissionRepository.findOne({ + })) as Permission; + permissionToDelete = (await permissionRepository.findOne({ action: Action.UPDATE, - }); + })) as Permission; }); afterAll(async () => { @@ -104,16 +108,16 @@ describe('PermissionRepository', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as ModelSchema, }); return acc; }, - [], + [] as PermissionFull[], ); expect(permissionModel.find).toHaveBeenCalledWith({}, undefined); expect(result).toEqualPayload(permissionsWithRolesAndModels); diff --git a/api/src/user/repositories/role.repository.spec.ts b/api/src/user/repositories/role.repository.spec.ts index 8ead57f6..d3338eab 100644 --- a/api/src/user/repositories/role.repository.spec.ts +++ b/api/src/user/repositories/role.repository.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -22,7 +22,7 @@ import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; import { UserRepository } from '../repositories/user.repository'; import { PermissionModel } from '../schemas/permission.schema'; -import { Role, RoleModel } from '../schemas/role.schema'; +import { Role, RoleFull, RoleModel } from '../schemas/role.schema'; import { User, UserModel } from '../schemas/user.schema'; import { roleFixtures } from './../../utils/test/fixtures/role'; @@ -54,13 +54,13 @@ describe('RoleRepository', () => { permissionRepository = module.get(PermissionRepository); roleModel = module.get>(getModelToken('Role')); - role = await roleRepository.findOne({ name: 'admin' }); + role = (await roleRepository.findOne({ name: 'admin' })) as Role; users = (await userRepository.findAll()).filter((user) => user.roles.includes(role.id), ); - roleToDelete = await roleRepository.findOne({ + roleToDelete = (await roleRepository.findOne({ name: 'manager', - }); + })) as Role; }); afterAll(async () => { @@ -104,7 +104,7 @@ describe('RoleRepository', () => { }; acc.push(roleWithPermissionsAndUsers); return acc; - }, []); + }, [] as RoleFull[]); expect(roleModel.find).toHaveBeenCalledWith({}, undefined); expect(result).toEqualPayload(rolesWithPermissionsAndUsers); diff --git a/api/src/user/services/permission.service.spec.ts b/api/src/user/services/permission.service.spec.ts index 91355dd1..9b2947d3 100644 --- a/api/src/user/services/permission.service.spec.ts +++ b/api/src/user/services/permission.service.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -24,13 +24,13 @@ import { import { ModelRepository } from '../repositories/model.repository'; import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; -import { ModelModel } from '../schemas/model.schema'; +import { ModelModel, Model as ModelSchema } from '../schemas/model.schema'; import { Permission, PermissionFull, PermissionModel, } from '../schemas/permission.schema'; -import { RoleModel } from '../schemas/role.schema'; +import { Role, RoleModel } from '../schemas/role.schema'; import { Action } from '../types/action.type'; import { PermissionService } from './permission.service'; @@ -70,9 +70,9 @@ describe('PermissionService', () => { modelRepository = module.get(ModelRepository); permissionRepository = module.get(PermissionRepository); - permission = await permissionRepository.findOne({ + permission = (await permissionRepository.findOne({ action: Action.CREATE, - }); + })) as Permission; }); afterAll(async () => { @@ -112,16 +112,16 @@ describe('PermissionService', () => { ...currPermission, role: allRoles.find((role) => { return role.id === currPermission.role; - }), + }) as Role, model: allModels.find((model) => { return model.id === currPermission.model; - }), + }) as ModelSchema, }); return acc; }, - [], + [] as PermissionFull[], ); expect(permissionRepository.findAllAndPopulate).toHaveBeenCalled(); expect(result).toEqualPayload(permissionsWithRolesAndModels); diff --git a/api/src/user/services/role.service.spec.ts b/api/src/user/services/role.service.spec.ts index 604f1c11..f16f96fc 100644 --- a/api/src/user/services/role.service.spec.ts +++ b/api/src/user/services/role.service.spec.ts @@ -1,5 +1,5 @@ /* - * Copyright © 2024 Hexastack. All rights reserved. + * Copyright © 2025 Hexastack. All rights reserved. * * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms: * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission. @@ -21,7 +21,7 @@ import { PermissionRepository } from '../repositories/permission.repository'; import { RoleRepository } from '../repositories/role.repository'; import { UserRepository } from '../repositories/user.repository'; import { Permission, PermissionModel } from '../schemas/permission.schema'; -import { Role, RoleModel } from '../schemas/role.schema'; +import { Role, RoleFull, RoleModel } from '../schemas/role.schema'; import { User, UserModel } from '../schemas/user.schema'; import { roleFixtures } from './../../utils/test/fixtures/role'; @@ -55,7 +55,7 @@ describe('RoleService', () => { userRepository = module.get(UserRepository); permissionRepository = module.get(PermissionRepository); - role = await roleRepository.findOne({ name: 'admin' }); + role = (await roleRepository.findOne({ name: 'admin' })) as Role; users = (await userRepository.findAll()).filter((user) => user.roles.includes(role.id), ); @@ -105,7 +105,7 @@ describe('RoleService', () => { }; acc.push(roleWithPermissionsAndUsers); return acc; - }, []); + }, [] as RoleFull[]); expect(roleRepository.findPageAndPopulate).toHaveBeenCalledWith( {},