feat: Add createSamlAuthProvider graphQL mutation

2023-08-07 15:02:25 +02:00
parent b4cda90338
commit 8101c9f0bc
6 changed files with 135 additions and 19 deletions
--- a/packages/backend/src/models/saml-auth-provider.ee.ts
+++ b/packages/backend/src/models/saml-auth-provider.ee.ts
@@ -8,7 +8,7 @@ class SamlAuthProvider extends Base {
  id!: string;
  name: string;
  certificate: string;
-  signatureAlgorithm: SamlConfig["signatureAlgorithm"];
+  signatureAlgorithm: SamlConfig['signatureAlgorithm'];
  issuer: string;
  entryPoint: string;
  firstnameAttributeName: string;
@@ -39,7 +39,10 @@ class SamlAuthProvider extends Base {
      id: { type: 'string', format: 'uuid' },
      name: { type: 'string', minLength: 1 },
      certificate: { type: 'string', minLength: 1 },
-      signatureAlgorithm: { type: 'string', enum: ['sha1', 'sha256', 'sha512'] },
+      signatureAlgorithm: {
+        type: 'string',
+        enum: ['sha1', 'sha256', 'sha512'],
+      },
      issuer: { type: 'string', minLength: 1 },
      entryPoint: { type: 'string', minLength: 1 },
      firstnameAttributeName: { type: 'string', minLength: 1 },
@@ -74,7 +77,7 @@ class SamlAuthProvider extends Base {
      entryPoint: this.entryPoint,
      issuer: this.issuer,
      signatureAlgorithm: this.signatureAlgorithm,
-    }
+    };
  }
 }

--- a/packages/backend/src/models/user.ts
+++ b/packages/backend/src/models/user.ts
@@ -1,10 +1,7 @@
 import bcrypt from 'bcrypt';
 import { DateTime } from 'luxon';
 import crypto from 'node:crypto';
-import {
-  ModelOptions,
-  QueryContext
-} from 'objection';
+import { ModelOptions, QueryContext } from 'objection';

 import appConfig from '../config/app';
 import checkLicense from '../helpers/check-license.ee';
@@ -164,8 +161,8 @@ class User extends Base {
      join: {
        from: 'identities.user_id',
        to: 'users.id',
-      }
-    }
+      },
+    },
  });

  login(password: string) {
@@ -299,8 +296,10 @@ class User extends Base {
    if (Array.isArray(this.permissions)) {
      this.permissions = this.permissions.filter((permission) => {
        const isRolePermission = permission.subject === 'Role';
+        const isSamlAuthProviderPermission =
+          permission.subject === 'SamlAuthProvider';

-        return !isRolePermission;
+        return !isRolePermission && !isSamlAuthProviderPermission;
      });
    }

@@ -318,11 +317,10 @@ class User extends Base {

    const relevantRule = this.ability.relevantRuleFor(action, subject);

-    const conditions = relevantRule?.conditions as string[] || [];
-    const conditionMap: Record<string, true> = Object
-      .fromEntries(
-        conditions.map((condition) => [condition, true])
-      )
+    const conditions = (relevantRule?.conditions as string[]) || [];
+    const conditionMap: Record<string, true> = Object.fromEntries(
+      conditions.map((condition) => [condition, true])
+    );

    return conditionMap;
  }