feat(auth): add user and role management

2023-07-18 21:00:10 +00:00
parent a7104c41a2
commit 0deaa03218
108 changed files with 2909 additions and 388 deletions
--- a/packages/backend/src/graphql/queries/get-app.ts
+++ b/packages/backend/src/graphql/queries/get-app.ts
@@ -1,4 +1,5 @@
 import App from '../../models/app';
+import Connection from '../../models/connection';
 import Context from '../../types/express/context';

 type Params = {
@@ -6,13 +7,16 @@ type Params = {
 };

 const getApp = async (_parent: unknown, params: Params, context: Context) => {
-  context.currentUser.can('read', 'Connection');
+  const conditions = context.currentUser.can('read', 'Connection');
+
+  const userConnections = context.currentUser.$relatedQuery('connections');
+  const allConnections = Connection.query();
+  const connectionBaseQuery = conditions.isCreator ? userConnections : allConnections;

  const app = await App.findOneByKey(params.key);

  if (context.currentUser) {
-    const connections = await context.currentUser
-      .$relatedQuery('connections')
+    const connections = await connectionBaseQuery
      .select('connections.*')
      .fullOuterJoinRelated('steps')
      .where({
--- a/packages/backend/src/graphql/queries/get-connected-apps.ts
+++ b/packages/backend/src/graphql/queries/get-connected-apps.ts
@@ -1,6 +1,8 @@
 import { IConnection } from '@automatisch/types';
 import App from '../../models/app';
 import Context from '../../types/express/context';
+import Flow from '../../models/flow';
+import Connection from '../../models/connection';

 type Params = {
  name: string;
@@ -11,19 +13,25 @@ const getConnectedApps = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('read', 'Connection');
+  const conditions = context.currentUser.can('read', 'Connection');
+
+  const userConnections = context.currentUser.$relatedQuery('connections');
+  const allConnections = Connection.query();
+  const connectionBaseQuery = conditions.isCreator ? userConnections : allConnections;
+
+  const userFlows = context.currentUser.$relatedQuery('flows');
+  const allFlows = Flow.query();
+  const flowBaseQuery = conditions.isCreator ? userFlows : allFlows;

  let apps = await App.findAll(params.name);

-  const connections = await context.currentUser
-    .$relatedQuery('connections')
+  const connections = await connectionBaseQuery
    .select('connections.key')
    .where({ draft: false })
    .count('connections.id as count')
    .groupBy('connections.key');

-  const flows = await context.currentUser
-    .$relatedQuery('flows')
+  const flows = await flowBaseQuery
    .withGraphJoined('steps')
    .orderBy('created_at', 'desc');

--- a/packages/backend/src/graphql/queries/get-dynamic-data.ts
+++ b/packages/backend/src/graphql/queries/get-dynamic-data.ts
@@ -1,6 +1,7 @@
 import { IDynamicData, IJSONObject } from '@automatisch/types';
 import Context from '../../types/express/context';
 import App from '../../models/app';
+import Step from '../../models/step';
 import ExecutionStep from '../../models/execution-step';
 import globalVariable from '../../helpers/global-variable';
 import computeParameters from '../../helpers/compute-parameters';
@@ -16,10 +17,12 @@ const getDynamicData = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('update', 'Flow');
+  const conditions = context.currentUser.can('update', 'Flow');
+  const userSteps = context.currentUser.$relatedQuery('steps');
+  const allSteps = Step.query();
+  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;

-  const step = await context.currentUser
-    .$relatedQuery('steps')
+  const step = await stepBaseQuery
    .withGraphFetched({
      connection: true,
      flow: true,
--- a/packages/backend/src/graphql/queries/get-dynamic-fields.ts
+++ b/packages/backend/src/graphql/queries/get-dynamic-fields.ts
@@ -1,6 +1,7 @@
 import { IDynamicFields, IJSONObject } from '@automatisch/types';
 import Context from '../../types/express/context';
 import App from '../../models/app';
+import Step from '../../models/step';
 import globalVariable from '../../helpers/global-variable';

 type Params = {
@@ -14,10 +15,12 @@ const getDynamicFields = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('update', 'Flow');
+  const conditions = context.currentUser.can('update', 'Flow');
+  const userSteps = context.currentUser.$relatedQuery('steps');
+  const allSteps = Step.query();
+  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;

-  const step = await context.currentUser
-    .$relatedQuery('steps')
+  const step = await stepBaseQuery
    .withGraphFetched({
      connection: true,
      flow: true,
--- a/packages/backend/src/graphql/queries/get-execution-steps.ts
+++ b/packages/backend/src/graphql/queries/get-execution-steps.ts
@@ -1,5 +1,6 @@
 import Context from '../../types/express/context';
 import paginate from '../../helpers/pagination';
+import Execution from '../../models/execution';

 type Params = {
  executionId: string;
@@ -12,10 +13,12 @@ const getExecutionSteps = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('read', 'Execution');
+  const conditions = context.currentUser.can('read', 'Execution');
+  const userExecutions = context.currentUser.$relatedQuery('executions');
+  const allExecutions = Execution.query();
+  const executionBaseQuery = conditions.isCreator ? userExecutions : allExecutions;

-  const execution = await context.currentUser
-    .$relatedQuery('executions')
+  const execution = await executionBaseQuery
    .withSoftDeleted()
    .findById(params.executionId)
    .throwIfNotFound();
--- a/packages/backend/src/graphql/queries/get-execution.ts
+++ b/packages/backend/src/graphql/queries/get-execution.ts
@@ -1,4 +1,5 @@
 import Context from '../../types/express/context';
+import Execution from '../../models/execution';

 type Params = {
  executionId: string;
@@ -9,10 +10,12 @@ const getExecution = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('read', 'Execution');
+  const conditions = context.currentUser.can('read', 'Execution');
+  const userExecutions = context.currentUser.$relatedQuery('executions');
+  const allExecutions = Execution.query();
+  const executionBaseQuery = conditions.isCreator ? userExecutions : allExecutions;

-  const execution = await context.currentUser
-    .$relatedQuery('executions')
+  const execution = await executionBaseQuery
    .withGraphFetched({
      flow: {
        steps: true,
--- a/packages/backend/src/graphql/queries/get-executions.ts
+++ b/packages/backend/src/graphql/queries/get-executions.ts
@@ -1,5 +1,6 @@
 import { raw } from 'objection';
 import Context from '../../types/express/context';
+import Execution from '../../models/execution';
 import paginate from '../../helpers/pagination';

 type Params = {
@@ -12,7 +13,11 @@ const getExecutions = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('read', 'Execution');
+  const conditions = context.currentUser.can('read', 'Execution');
+
+  const userExecutions = context.currentUser.$relatedQuery('executions');
+  const allExecutions = Execution.query();
+  const executionBaseQuery = conditions.isCreator ? userExecutions : allExecutions;

  const selectStatusStatement = `
    case
@@ -23,8 +28,7 @@ const getExecutions = async (
    as status
  `;

-  const executions = context.currentUser
-    .$relatedQuery('executions')
+  const executions = executionBaseQuery
    .joinRelated('executionSteps as execution_steps')
    .select('executions.*', raw(selectStatusStatement))
    .withSoftDeleted()
--- a/packages/backend/src/graphql/queries/get-flow.ts
+++ b/packages/backend/src/graphql/queries/get-flow.ts
@@ -1,14 +1,17 @@
 import Context from '../../types/express/context';
+import Flow from '../../models/flow';

 type Params = {
  id: string;
 };

 const getFlow = async (_parent: unknown, params: Params, context: Context) => {
-  context.currentUser.can('read', 'Flow');
+  const conditions = context.currentUser.can('read', 'Flow');
+  const userFlows = context.currentUser.$relatedQuery('flows');
+  const allFlows = Flow.query();
+  const baseQuery = conditions.isCreator ? userFlows : allFlows;

-  const flow = await context.currentUser
-    .$relatedQuery('flows')
+  const flow = await baseQuery
    .withGraphJoined('[steps.[connection]]')
    .orderBy('steps.position', 'asc')
    .findOne({ 'flows.id': params.id })
--- a/packages/backend/src/graphql/queries/get-flows.ts
+++ b/packages/backend/src/graphql/queries/get-flows.ts
@@ -1,3 +1,4 @@
+import Flow from '../../models/flow';
 import Context from '../../types/express/context';
 import paginate from '../../helpers/pagination';

@@ -10,10 +11,12 @@ type Params = {
 };

 const getFlows = async (_parent: unknown, params: Params, context: Context) => {
-  context.currentUser.can('read', 'Flow');
+  const conditions = context.currentUser.can('read', 'Flow');
+  const userFlows = context.currentUser.$relatedQuery('flows');
+  const allFlows = Flow.query();
+  const baseQuery = conditions.isCreator ? userFlows : allFlows;

-  const flowsQuery = context.currentUser
-    .$relatedQuery('flows')
+  const flowsQuery = baseQuery
    .joinRelated({
      steps: true,
    })
--- a/packages/backend/src/graphql/queries/get-permission-catalog.ee.ts
+++ b/packages/backend/src/graphql/queries/get-permission-catalog.ee.ts
@@ -0,0 +1,7 @@
+import permissionCatalog from '../../helpers/permission-catalog.ee';
+
+const getPermissionCatalog = async () => {
+  return permissionCatalog;
+};
+
+export default getPermissionCatalog;
--- a/packages/backend/src/graphql/queries/get-role.ee.ts
+++ b/packages/backend/src/graphql/queries/get-role.ee.ts
@@ -0,0 +1,23 @@
+import Context from '../../types/express/context';
+import Role from '../../models/role';
+
+type Params = {
+  id: string
+};
+
+const getRole = async (_parent: unknown, params: Params, context: Context) => {
+  context.currentUser.can('read', 'Role');
+
+  return await Role
+    .query()
+    .leftJoinRelated({
+      permissions: true
+    })
+    .withGraphFetched({
+      permissions: true
+    })
+    .findById(params.id)
+    .throwIfNotFound();
+};
+
+export default getRole;
--- a/packages/backend/src/graphql/queries/get-roles.ee.ts
+++ b/packages/backend/src/graphql/queries/get-roles.ee.ts
@@ -0,0 +1,10 @@
+import Context from '../../types/express/context';
+import Role from '../../models/role';
+
+const getRoles = async (_parent: unknown, params: unknown, context: Context) => {
+  context.currentUser.can('read', 'Role');
+
+  return await Role.query().orderBy('name');
+};
+
+export default getRoles;
--- a/packages/backend/src/graphql/queries/get-saml-auth-providers.ee.ts
+++ b/packages/backend/src/graphql/queries/get-saml-auth-providers.ee.ts
@@ -1,7 +1,7 @@
 import SamlAuthProvider from '../../models/saml-auth-provider.ee';

 const getSamlAuthProviders = async () => {
-  const providers = await SamlAuthProvider.query();
+  const providers = await SamlAuthProvider.query().where({ active: true });

  return providers;
 };
--- a/packages/backend/src/graphql/queries/get-step-with-test-executions.ts
+++ b/packages/backend/src/graphql/queries/get-step-with-test-executions.ts
@@ -1,6 +1,7 @@
-import Context from '../../types/express/context';
-import ExecutionStep from '../../models/execution-step';
 import { ref } from 'objection';
+import ExecutionStep from '../../models/execution-step';
+import Step from '../../models/step';
+import Context from '../../types/express/context';

 type Params = {
  stepId: string;
@@ -11,15 +12,16 @@ const getStepWithTestExecutions = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('update', 'Flow');
+  const conditions = context.currentUser.can('update', 'Flow');
+  const userSteps = context.currentUser.$relatedQuery('steps');
+  const allSteps = Step.query();
+  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;

-  const step = await context.currentUser
-    .$relatedQuery('steps')
+  const step = await stepBaseQuery
    .findOne({ 'steps.id': params.stepId })
    .throwIfNotFound();

-  const previousStepsWithCurrentStep = await context.currentUser
-    .$relatedQuery('steps')
+  const previousStepsWithCurrentStep = await stepBaseQuery
    .withGraphJoined('executionSteps')
    .where('flow_id', '=', step.flowId)
    .andWhere('position', '<', step.position)
--- a/packages/backend/src/graphql/queries/get-user.ts
+++ b/packages/backend/src/graphql/queries/get-user.ts
@@ -0,0 +1,23 @@
+import Context from '../../types/express/context';
+import User from '../../models/user';
+
+type Params = {
+  id: string
+};
+
+const getUser = async (_parent: unknown, params: Params, context: Context) => {
+  context.currentUser.can('read', 'User');
+
+  return await User
+    .query()
+    .leftJoinRelated({
+      role: true
+    })
+    .withGraphFetched({
+      role: true
+    })
+    .findById(params.id)
+    .throwIfNotFound();
+};
+
+export default getUser;
--- a/packages/backend/src/graphql/queries/get-users.ts
+++ b/packages/backend/src/graphql/queries/get-users.ts
@@ -0,0 +1,26 @@
+import Context from '../../types/express/context';
+import paginate from '../../helpers/pagination';
+import User from '../../models/user';
+
+type Params = {
+  limit: number;
+  offset: number;
+};
+
+const getUsers = async (_parent: unknown, params: Params, context: Context) => {
+  context.currentUser.can('read', 'User');
+
+  const usersQuery = User
+    .query()
+    .leftJoinRelated({
+      role: true
+    })
+    .withGraphFetched({
+      role: true
+    })
+    .orderBy('full_name', 'desc');
+
+  return paginate(usersQuery, params.limit, params.offset);
+};
+
+export default getUsers;
--- a/packages/backend/src/graphql/queries/test-connection.ts
+++ b/packages/backend/src/graphql/queries/test-connection.ts
@@ -1,5 +1,6 @@
 import Context from '../../types/express/context';
 import App from '../../models/app';
+import Connection from '../../models/connection';
 import globalVariable from '../../helpers/global-variable';

 type Params = {
@@ -12,10 +13,12 @@ const testConnection = async (
  params: Params,
  context: Context
 ) => {
-  context.currentUser.can('update', 'Connection');
+  const conditions = context.currentUser.can('update', 'Connection');
+  const userConnections = context.currentUser.$relatedQuery('connections');
+  const allConnections = Connection.query();
+  const connectionBaseQuery = conditions.isCreator ? userConnections : allConnections;

-  let connection = await context.currentUser
-    .$relatedQuery('connections')
+  let connection = await connectionBaseQuery
    .findOne({
      id: params.id,
    })