feat: new permission for moving project

Unleash · Jan 11, 2022 · e8db1da · e8db1da
1 parent 64f9d51
commit e8db1da
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 7 deletions.
diff --git a/src/lib/services/project-service.ts b/src/lib/services/project-service.ts
@@ -28,7 +28,11 @@ import { IProjectQuery, IProjectStore } from '../types/stores/project-store';
 import { IRoleDescriptor } from '../types/stores/access-store';
 import { IEventStore } from '../types/stores/event-store';
 import FeatureToggleService from './feature-toggle-service';
-import { CREATE_FEATURE, UPDATE_FEATURE } from '../types/permissions';
+import {
+    CREATE_FEATURE,
+    MOVE_FEATURE_TOGGLE,
+    UPDATE_FEATURE,
+} from '../types/permissions';
 import NoAccessError from '../error/no-access-error';
 import IncompatibleProjectError from '../error/incompatible-project-error';
 import { DEFAULT_PROJECT } from '../types/project';
@@ -187,7 +191,7 @@ export default class ProjectService {
         const feature = await this.featureToggleStore.get(featureName);
 
         if (feature.project !== currentProjectId) {
-            throw new NoAccessError(UPDATE_FEATURE);
+            throw new NoAccessError(MOVE_FEATURE_TOGGLE);
         }
         const project = await this.getProject(newProjectId);
 
@@ -197,12 +201,12 @@ export default class ProjectService {
 
         const authorized = await this.accessService.hasPermission(
             user,
-            CREATE_FEATURE,
+            MOVE_FEATURE_TOGGLE,
             newProjectId,
         );
 
         if (!authorized) {
-            throw new NoAccessError(CREATE_FEATURE);
+            throw new NoAccessError(MOVE_FEATURE_TOGGLE);
         }
 
         const isCompatibleWithTargetProject =

diff --git a/src/lib/types/permissions.ts b/src/lib/types/permissions.ts
@@ -31,3 +31,4 @@ export const DELETE_API_TOKEN = 'DELETE_API_TOKEN';
 export const UPDATE_TAG_TYPE = 'UPDATE_TAG_TYPE';
 export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';
 export const UPDATE_FEATURE_VARIANTS = 'UPDATE_FEATURE_VARIANTS';
+export const MOVE_FEATURE_TOGGLE = 'MOVE_FEATURE_TOGGLE';
diff --git a/src/migrations/20220111115613-move-feature-toggle-permission.js b/src/migrations/20220111115613-move-feature-toggle-permission.js
@@ -0,0 +1,35 @@
+exports.up = function (db, cb) {
+    db.runSql(
+        `
+        INSERT INTO permissions (permission, display_name, type) VALUES ('MOVE_FEATURE_TOGGLE', 'Change feature toggle project', 'project');
+        INSERT INTO role_permission (role_id, permission_id, environment)
+        SELECT
+            (SELECT id as role_id from roles WHERE name = 'Editor' LIMIT 1),
+            p.id as permission_id,
+            '*' as environment
+        FROM permissions p
+        WHERE p.permission IN
+            ('MOVE_FEATURE_TOGGLE');
+
+
+        INSERT INTO role_permission (role_id, permission_id, environment)
+        SELECT
+            (SELECT id as role_id from roles WHERE name = 'Owner' LIMIT 1),
+            p.id as permission_id,
+            '*' as environment
+        FROM permissions p
+        WHERE p.permission IN
+            ('MOVE_FEATURE_TOGGLE');
+        `,
+        cb,
+    );
+};
+
+exports.down = function (db, cb) {
+    db.runSql(
+        `
+        DELETE FROM permissions WHERE permission = 'MOVE_FEATURE_TOGGLE';
+  `,
+        cb,
+    );
+};
diff --git a/src/test/e2e/services/project-service.e2e.test.ts b/src/test/e2e/services/project-service.e2e.test.ts
@@ -3,7 +3,7 @@ import getLogger from '../../fixtures/no-logger';
 import FeatureToggleService from '../../../lib/services/feature-toggle-service';
 import ProjectService from '../../../lib/services/project-service';
 import { AccessService } from '../../../lib/services/access-service';
-import { CREATE_FEATURE, UPDATE_FEATURE } from '../../../lib/types/permissions';
+import { MOVE_FEATURE_TOGGLE } from '../../../lib/types/permissions';
 import { createTestConfig } from '../../config/test-config';
 import { RoleName } from '../../../lib/types/model';
 
@@ -377,7 +377,7 @@ test('should not change project if feature toggle project does not match current
         );
     } catch (err) {
         expect(err.message).toBe(
-            `You need permission=${UPDATE_FEATURE} to perform this action`,
+            `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
         );
     }
 });
@@ -438,7 +438,7 @@ test('should fail if user is not authorized', async () => {
         );
     } catch (err) {
         expect(err.message).toBe(
-            `You need permission=${CREATE_FEATURE} to perform this action`,
+            `You need permission=${MOVE_FEATURE_TOGGLE} to perform this action`,
         );
     }
 });