feat: Implement get role mappings API endpoint

2024-03-14 15:46:08 +01:00
parent 29341f81e1
commit 64049bd546
7 changed files with 125 additions and 0 deletions
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
@@ -0,0 +1,14 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProvider = await SamlAuthProvider.query()
+    .findById(request.params.samlAuthProviderId)
+    .throwIfNotFound();
+
+  const roleMappings = await samlAuthProvider
+    .$relatedQuery('samlAuthProvidersRoleMappings')
+    .orderBy('remote_role_name', 'asc');
+
+  renderObject(response, roleMappings);
+};
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js
@@ -0,0 +1,51 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import { createRoleMapping } from '../../../../../../test/factories/role-mapping.js';
+import getRoleMappingsMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-providers/:samlAuthProviderId/role-mappings', () => {
+  let roleMappingOne, roleMappingTwo, samlAuthProvider, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    samlAuthProvider = await createSamlAuthProvider();
+
+    roleMappingOne = await createRoleMapping({
+      samlAuthProviderId: samlAuthProvider.id,
+      remoteRoleName: 'Admin',
+    });
+
+    roleMappingTwo = await createRoleMapping({
+      samlAuthProviderId: samlAuthProvider.id,
+      remoteRoleName: 'User',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return role mappings', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(
+        `/api/v1/admin/saml-auth-providers/${samlAuthProvider.id}/role-mappings`
+      )
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRoleMappingsMock([
+      roleMappingOne,
+      roleMappingTwo,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});
--- a/packages/backend/src/routes/api/v1/admin/saml-auth-providers.ee.js
+++ b/packages/backend/src/routes/api/v1/admin/saml-auth-providers.ee.js
@@ -5,6 +5,7 @@ import { authorizeAdmin } from '../../../../helpers/authorization.js';
 import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js';
 import getSamlAuthProvidersAction from '../../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
 import getSamlAuthProviderAction from '../../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
+import getRoleMappingsAction from '../../../../controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js';

 const router = Router();

@@ -24,4 +25,12 @@ router.get(
  asyncHandler(getSamlAuthProviderAction)
 );

+router.get(
+  '/:samlAuthProviderId/role-mappings',
+  authenticateUser,
+  authorizeAdmin,
+  checkIsEnterprise,
+  asyncHandler(getRoleMappingsAction)
+);
+
 export default router;
--- a/packages/backend/src/serializers/index.js
+++ b/packages/backend/src/serializers/index.js
@@ -3,6 +3,7 @@ import roleSerializer from './role.js';
 import permissionSerializer from './permission.js';
 import adminSamlAuthProviderSerializer from './admin-saml-auth-provider.ee.js';
 import samlAuthProviderSerializer from './saml-auth-provider.ee.js';
+import samlAuthProviderRoleMappingSerializer from './role-mapping.ee.js';
 import appAuthClientSerializer from './app-auth-client.js';
 import appConfigSerializer from './app-config.js';
 import flowSerializer from './flow.js';
@@ -22,6 +23,7 @@ const serializers = {
  Permission: permissionSerializer,
  AdminSamlAuthProvider: adminSamlAuthProviderSerializer,
  SamlAuthProvider: samlAuthProviderSerializer,
+  SamlAuthProvidersRoleMapping: samlAuthProviderRoleMappingSerializer,
  AppAuthClient: appAuthClientSerializer,
  AppConfig: appConfigSerializer,
  Flow: flowSerializer,
--- a/packages/backend/src/serializers/role-mapping.ee.js
+++ b/packages/backend/src/serializers/role-mapping.ee.js
@@ -0,0 +1,10 @@
+const roleMappingSerializer = (roleMapping) => {
+  return {
+    id: roleMapping.id,
+    samlAuthProviderId: roleMapping.samlAuthProviderId,
+    roleId: roleMapping.roleId,
+    remoteRoleName: roleMapping.remoteRoleName,
+  };
+};
+
+export default roleMappingSerializer;
--- a/packages/backend/test/factories/role-mapping.js
+++ b/packages/backend/test/factories/role-mapping.js
@@ -0,0 +1,16 @@
+import { createRole } from './role.js';
+import { createSamlAuthProvider } from './saml-auth-provider.ee.js';
+import SamlAuthProviderRoleMapping from '../../src/models/saml-auth-providers-role-mapping.ee.js';
+
+export const createRoleMapping = async (params = {}) => {
+  params.roleId = params?.roleId || (await createRole()).id;
+  params.samlAuthProviderId =
+    params?.samlAuthProviderId || (await createSamlAuthProvider()).id;
+
+  params.remoteRoleName = params?.remoteRoleName || 'User';
+
+  const samlAuthProviderRoleMapping =
+    await SamlAuthProviderRoleMapping.query().insertAndFetch(params);
+
+  return samlAuthProviderRoleMapping;
+};
--- a/packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
+++ b/packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
@@ -0,0 +1,23 @@
+const getRoleMappingsMock = async (roleMappings) => {
+  const data = roleMappings.map((roleMapping) => {
+    return {
+      id: roleMapping.id,
+      samlAuthProviderId: roleMapping.samlAuthProviderId,
+      roleId: roleMapping.roleId,
+      remoteRoleName: roleMapping.remoteRoleName,
+    };
+  });
+
+  return {
+    data: data,
+    meta: {
+      count: data.length,
+      currentPage: null,
+      isArray: true,
+      totalPages: null,
+      type: 'SamlAuthProvidersRoleMapping',
+    },
+  };
+};
+
+export default getRoleMappingsMock;