feat: add role mappings for SAML configuration (#1210)

2023-08-11 19:07:39 +02:00
parent c7e1d30553
commit a6a124d2e6
8 changed files with 190 additions and 25 deletions
--- a/packages/backend/src/graphql/mutations/upsert-saml-auth-provider.ee.ts
+++ b/packages/backend/src/graphql/mutations/upsert-saml-auth-provider.ee.ts
@@ -33,17 +33,15 @@ const upsertSamlAuthProvider = async (
    .limit(1)
    .first();

-  let samlAuthProvider: SamlAuthProvider;
-
  if (!existingSamlAuthProvider) {
-    samlAuthProvider = await SamlAuthProvider.query().insert(
+    const samlAuthProvider = await SamlAuthProvider.query().insert(
      samlAuthProviderPayload
    );

    return samlAuthProvider;
  }

-  samlAuthProvider = await SamlAuthProvider.query().patchAndFetchById(
+  const samlAuthProvider = await SamlAuthProvider.query().patchAndFetchById(
    existingSamlAuthProvider.id,
    samlAuthProviderPayload
  );
--- a/packages/backend/src/graphql/mutations/upsert-saml-auth-providers-role-mappings.ee.ts
+++ b/packages/backend/src/graphql/mutations/upsert-saml-auth-providers-role-mappings.ee.ts
@@ -0,0 +1,54 @@
+import SamlAuthProvider from '../../models/saml-auth-provider.ee';
+import SamlAuthProvidersRoleMapping from '../../models/saml-auth-providers-role-mapping.ee';
+import Context from '../../types/express/context';
+
+type Params = {
+  input: {
+    samlAuthProviderId: string;
+    samlAuthProvidersRoleMappings: [
+      {
+        roleId: string;
+        remoteRoleName: string;
+      }
+    ];
+  };
+};
+
+const upsertSamlAuthProvidersRoleMappings = async (
+  _parent: unknown,
+  params: Params,
+  context: Context
+) => {
+  context.currentUser.can('update', 'SamlAuthProvider');
+
+  const samlAuthProviderId = params.input.samlAuthProviderId;
+
+  const samlAuthProvider = await SamlAuthProvider.query()
+    .findById(samlAuthProviderId)
+    .throwIfNotFound();
+
+  await samlAuthProvider
+    .$relatedQuery('samlAuthProvidersRoleMappings')
+    .delete();
+
+  if (!params.input.samlAuthProvidersRoleMappings) {
+    return [];
+  }
+
+  const samlAuthProvidersRoleMappingsData =
+    params.input.samlAuthProvidersRoleMappings.map(
+      (samlAuthProvidersRoleMapping) => ({
+        ...samlAuthProvidersRoleMapping,
+        samlAuthProviderId: samlAuthProvider.id,
+      })
+    );
+
+  const samlAuthProvidersRoleMappings =
+    await SamlAuthProvidersRoleMapping.query().insert(
+      samlAuthProvidersRoleMappingsData
+    );
+
+  return samlAuthProvidersRoleMappings;
+};
+
+export default upsertSamlAuthProvidersRoleMappings;