diff --git a/packages/backend/src/graphql/mutations/delete-step.ts b/packages/backend/src/graphql/mutations/delete-step.ts index 1cdc490a..387ed1ab 100644 --- a/packages/backend/src/graphql/mutations/delete-step.ts +++ b/packages/backend/src/graphql/mutations/delete-step.ts @@ -10,8 +10,8 @@ const deleteStepResolver = async ( params: Params, req: RequestWithCurrentUser ) => { - // TODO: This logic should be revised by using current user - await Step.query() + await req.currentUser + .$relatedQuery('steps') .delete() .findOne({ id: params.id, diff --git a/packages/backend/src/graphql/mutations/execute-step.ts b/packages/backend/src/graphql/mutations/execute-step.ts index f47913be..2c5ac446 100644 --- a/packages/backend/src/graphql/mutations/execute-step.ts +++ b/packages/backend/src/graphql/mutations/execute-step.ts @@ -1,27 +1,25 @@ import { GraphQLString, GraphQLNonNull } from 'graphql'; -import Connection from '../../models/connection'; -import Step from '../../models/step'; import stepType from '../types/step'; +import RequestWithCurrentUser from '../../types/express/request-with-current-user'; type Params = { id: string; data: Record; }; -const executeStepResolver = async (params: Params): Promise => { - const step = await Step.query() +const executeStepResolver = async ( + params: Params, + req: RequestWithCurrentUser +): Promise => { + const step = await req.currentUser + .$relatedQuery('steps') + .withGraphFetched('connection') .findOne({ - id: params.id, - }) - .throwIfNotFound(); - - const connection = await Connection.query() - .findOne({ - id: step.connectionId, + 'steps.id': params.id, }) .throwIfNotFound(); const appClass = (await import(`../../apps/${step.appKey}`)).default; - const appInstance = new appClass(connection.data); + const appInstance = new appClass(step.connection.data); await appInstance.triggers[step.key].run(); return step; @@ -32,7 +30,8 @@ const executeStep = { args: { id: { type: GraphQLNonNull(GraphQLString) }, }, - resolve: (_: any, params: Params) => executeStepResolver(params), + resolve: (_: any, params: Params, req: RequestWithCurrentUser) => + executeStepResolver(params, req), }; export default executeStep; diff --git a/packages/backend/src/graphql/mutations/update-step.ts b/packages/backend/src/graphql/mutations/update-step.ts index 8c0732cf..5d0b6cba 100644 --- a/packages/backend/src/graphql/mutations/update-step.ts +++ b/packages/backend/src/graphql/mutations/update-step.ts @@ -23,17 +23,11 @@ const updateStepResolver = async ( ) => { const { input } = params; - const flow = await req.currentUser - .$relatedQuery('flows') - .findOne({ - id: input.flow.id, - }) - .throwIfNotFound(); - - let step = await flow + let step = await req.currentUser .$relatedQuery('steps') .findOne({ - id: input.id, + 'steps.id': input.id, + flow_id: input.flow.id, }) .throwIfNotFound(); diff --git a/packages/backend/src/models/step.ts b/packages/backend/src/models/step.ts index d637c616..43073fb8 100644 --- a/packages/backend/src/models/step.ts +++ b/packages/backend/src/models/step.ts @@ -16,6 +16,7 @@ class Step extends Base { connectionId: number; position: number; parameters: string; + connection?: Connection; static tableName = 'steps'; diff --git a/packages/backend/src/models/user.ts b/packages/backend/src/models/user.ts index c78f450a..0cfefe9b 100644 --- a/packages/backend/src/models/user.ts +++ b/packages/backend/src/models/user.ts @@ -2,6 +2,7 @@ import { QueryContext, ModelOptions } from 'objection'; import Base from './base'; import Connection from './connection'; import Flow from './flow'; +import Step from './step'; import bcrypt from 'bcrypt'; class User extends Base { @@ -10,6 +11,7 @@ class User extends Base { password!: string; connections?: [Connection]; flows?: [Flow]; + steps?: [Step]; static tableName = 'users'; @@ -41,6 +43,18 @@ class User extends Base { to: 'flows.user_id', }, }, + steps: { + relation: Base.ManyToManyRelation, + modelClass: Step, + join: { + from: 'users.id', + through: { + from: 'flows.user_id', + to: 'flows.id', + }, + to: 'steps.flow_id', + }, + }, }); login(password: string) {