Permalink
Browse files

fix(): fixed access guard

  • Loading branch information...
Izak88 committed Sep 5, 2017
1 parent 60d0eec commit ec4019ff797c3cdf2051bf5dd11203a9ced77912
@@ -1,4 +1,4 @@
import { Build, BuildRun, Job } from './model';
import { Build, BuildRun, Job, JobRun } from './model';
import { getLastRun } from './job';

export function getBuilds(
@@ -15,12 +15,11 @@ export function getBuilds(
.innerJoin('permissions', 'permissions.repositories_id', 'repositories.id')
.where('permissions.users_id', userId)
.andWhere(function() {
this.where('permissions.permission', true).orWhere('repositories.private', false);
this.where('permissions.permission', true).orWhere('repositories.public', true);
});
} else {
q.innerJoin('repositories', 'repositories.id', 'builds.repositories_id')
.where('repositories.private', false)
.andWhere('repositories.public', true);
.where('repositories.public', true);
}

if (filter === 'pr') {
@@ -54,7 +53,8 @@ export function getBuilds(

userId = parseInt(<any>userId, 10);
if (build.repository.permissions && build.repository.permissions.length) {
if (build.repository.permissions.findIndex(p => p.users_id === userId) !== -1) {
let index = build.repository.permissions.findIndex(p => p.users_id === userId);
if (index !== -1 && build.repository.permissions[index].permission) {
build.hasPermission = true;
} else {
build.hasPermission = false;
@@ -79,7 +79,7 @@ export function getBuild(id: number, userId?: number): Promise<any> {
if (userId) {
query.where('permissions.users_id', userId)
.andWhere('permissions.permission', true)
.orWhere('private', false);
.orWhere('public', true);
}
}
},
@@ -124,7 +124,8 @@ export function getBuild(id: number, userId?: number): Promise<any> {

userId = parseInt(<any>userId, 10);
if (build.repository.permissions && build.repository.permissions.length) {
if (build.repository.permissions.findIndex(p => p.users_id === userId) !== -1) {
let index = build.repository.permissions.findIndex(p => p.users_id === userId);
if (index !== -1 && build.repository.permissions[index].permission) {
build.hasPermission = true;
} else {
build.hasPermission = false;
@@ -168,7 +169,7 @@ export function getLastBuild(userId?: number): Promise<any> {
if (userId) {
query.where('permissions.users_id', userId)
.andWhere('permissions.permission', true)
.orWhere('private', false);
.orWhere('public', true);
}
}
},
@@ -191,7 +192,8 @@ export function getLastBuild(userId?: number): Promise<any> {

userId = parseInt(<any>userId, 10);
if (build.repository.permissions && build.repository.permissions.length) {
if (build.repository.permissions.findIndex(p => p.users_id === userId) !== -1) {
let index = build.repository.permissions.findIndex(p => p.users_id === userId);
if (index !== -1 && build.repository.permissions[index].permission) {
build.hasPermission = true;
} else {
build.hasPermission = false;
@@ -9,7 +9,7 @@ export function getJob(jobId: number, userId?: number): Promise<any> {
if (userId) {
query.where('permissions.users_id', userId)
.andWhere('permissions.permission', true)
.orWhere('private', false);
.orWhere('public', true);
}
}},
'runs']})
@@ -18,14 +18,21 @@ export function getJob(jobId: number, userId?: number): Promise<any> {
reject();
}
job = job.toJSON();
job.hasPermission = false;

userId = parseInt(<any>userId, 10);
if (job.build
&& job.build.reposiotory
&& job.build.repository
&& job.build.repository.permissions
&& job.build.repository.permissions[0].permission) {
job.hasPermission = true;
&& job.build.repository.permissions.length) {
let index = job.build.repository.permissions.findIndex(p => p.users_id === userId);
if (index !== -1 && job.build.repository.permissions[index].permission) {
job.hasPermission = true;
} else {
job.hasPermission = false;
}
} else {
job.hasPermission = false;
}
job.hasPermission = true;

return job;
})
@@ -1,4 +1,4 @@
import { Permission } from './model';
import { Permission, Repository } from './model';
import { getUsers } from './user';
import { getRepositories } from './repository';
import { getBuildRepositoryId } from './build';
@@ -18,33 +18,54 @@ export function getRepositoryPermissions(repoId: number): Promise<any> {
});
}

export function getUserRepositoryPermissions(userId: number, repoId: number): Promise<any> {
export function getUserRepositoryPermissions(repoId: number, userId?: number): Promise<any> {
return new Promise((resolve, reject) => {
new Permission({ repositories_id: repoId, users_id: userId })
if (userId) {
new Permission({ repositories_id: repoId, users_id: userId })
.fetch({ withRelated: ['repository'] })
.then(permission => {
if (permission) {
permission = permission.toJSON();
permission.repository.private ? resolve(permission.permission) : resolve(true);
permission.repository.public ? resolve(true) : resolve(permission.permission);
}

reject(permission);
});
} else {
new Repository({ id: repoId }).fetch().then(repo => {
if (!repo) {
reject(repo);
}

repo = repo.toJSON();
resolve(repo.public);
});
}
});
}

export function getUserBuildPermissions(userId: number, buildId: number): Promise<any> {
export function getUserBuildPermissions(buildId: number, userId?: number): Promise<any> {
return new Promise((resolve, reject) => {
getBuildRepositoryId(buildId)
.then(repoId => resolve(getUserRepositoryPermissions(userId, repoId)))
.then(repoId => {
if (userId) {
resolve(getUserRepositoryPermissions(repoId, userId));
}
resolve(getUserRepositoryPermissions(repoId));
})
.catch(() => resolve(false));
});
}

export function getUserJobPermissions(userId: number, jobId: number): Promise<any> {
export function getUserJobPermissions(jobId: number, userId?: number): Promise<any> {
return new Promise((resolve, reject) => {
getJobRepositoryId(jobId)
.then(repoId => resolve(getUserRepositoryPermissions(userId, repoId)))
.then(repoId => {
if (userId) {
resolve(getUserRepositoryPermissions(repoId, userId));
}
resolve(getUserRepositoryPermissions(repoId));
})
.catch(() => resolve(false));
});
}
@@ -2,11 +2,30 @@ import { Repository, Build } from './model';
import { getHttpJsonResponse } from '../utils';
import { addRepositoryPermissionToEveryone } from './permission';

export function getRepository(id: number): Promise<any> {
export function getRepository(id: number, userId?: string): Promise<any> {
return new Promise((resolve, reject) => {
new Repository({ id: id })
.fetch({ withRelated: ['access_token', 'variables'] })
.then(repo => !repo ? reject(repo) : resolve(repo.toJSON()))
.fetch({ withRelated: [ 'access_token', 'variables', 'permissions' ] })
.then(repo => {
if (!repo) {
reject(repo);
}

repo = repo.toJSON();
let id = parseInt(<any>userId, 10);
if (repo.permissions && repo.permissions.length) {
let index = repo.permissions.findIndex(p => p.users_id === id);
if (index !== -1 && repo.permissions[index].permission) {
repo.hasPermission = true;
} else {
repo.hasPermission = false;
}
} else {
repo.hasPermission = false;
}

resolve(repo);
})
.catch(err => reject(err));
});
}
@@ -121,25 +140,32 @@ export function getRepositoryByBuildId(buildId: number): Promise<any> {

export function getRepositories(keyword: string, userId?: string): Promise<any[]> {
return new Promise((resolve, reject) => {
new Repository().query(qb => {
new Repository().query(q => {
if (keyword !== '') {
qb.where('full_name', 'like', `%${keyword}%`).orWhere('clone_url', 'like', `%${keyword}%`);
q.where('full_name', 'like', `%${keyword}%`).orWhere('clone_url', 'like', `%${keyword}%`);
}

if (userId) {
q.innerJoin('permissions', 'permissions.repositories_id', 'repositories.id')
.where('permissions.users_id', userId)
.andWhere(function() {
this.where('permissions.permission', true).orWhere('public', true);
});
} else {
q.where('repositories.public', true);
}
}).fetchAll({ withRelated: [{'permissions': (query) => {
if (userId) {
query.where('users_id', userId);
query.where('permissions.users_id', userId);
} else {
query.where('private', false).andWhere('public', true);
return false;
}
}}] })
.then(repos => {
if (!repos) {
reject();
}
repos = repos.toJSON();
repos = repos.filter(r => {
return !r.private || (r.permissions && r.permissions.length > 0);
});

resolve(repos);
});
@@ -244,10 +244,16 @@ export function repositoryRoutes(): express.Router {
}
});

router.get('/id/:id', (req: express.Request, res: express.Response) => {
getRepository(req.params.id).then(repo => {
return res.status(200).json({ data: repo });
}).catch(err => res.status(200).json({ status: false }));
router.get('/id/:id/:userid?', (req: express.Request, res: express.Response) => {
if (req.params.userid) {
getRepository(req.params.id, req.params.userid).then(repo => {
return res.status(200).json({ data: repo });
}).catch(err => res.status(200).json({ status: false }));
} else {
getRepository(req.params.id).then(repo => {
return res.status(200).json({ data: repo });
}).catch(err => res.status(200).json({ status: false }));
}
});

router.get('/:id/builds/:limit/:offset', (req: express.Request, res: express.Response) => {
@@ -382,22 +388,39 @@ export function setupRoutes(): express.Router {
export function permissionRoutes(): express.Router {
const router = express.Router();

router.get('/repository/:repoId/user/:userId', (req: express.Request, res: express.Response) => {
getUserRepositoryPermissions(req.params.userId, req.params.repoId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
router.get('/repository/:repoId/user/:userId?', (req: express.Request, res: express.Response) => {
if (req.params.userId) {
getUserRepositoryPermissions(req.params.repoId, req.params.userId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
} else {
getUserRepositoryPermissions(req.params.repoId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
}
});

router.get('/build/:buildId/user/:userId', (req: express.Request, res: express.Response) => {
getUserBuildPermissions(req.params.userId, req.params.buildId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
router.get('/build/:buildId/user/:userId?', (req: express.Request, res: express.Response) => {
if (req.params.userId) {
getUserBuildPermissions(req.params.buildId, req.params.userId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
} else {
getUserBuildPermissions(req.params.buildId).then(perm => res.status(200).json({ data: perm }))
.catch(err => res.status(200).json({ status: false }));
}
});

router.get('/job/:jobId/user/:userId', (req: express.Request, res: express.Response) => {
getUserJobPermissions(req.params.userId, req.params.jobId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
router.get('/job/:jobId/user/:userId?', (req: express.Request, res: express.Response) => {
if (req.params.userId) {
getUserJobPermissions(req.params.jobId, req.params.userId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
} else {
getUserJobPermissions(req.params.jobId).then(perm => {
return res.status(200).json({ data: perm });
}).catch(err => res.status(200).json({ status: false }));
}
});

return router;
@@ -9,6 +9,7 @@ import { ConfigServiceProvider } from './services/config.service';
import { ApiServiceProvider } from './services/api.service';
import { SocketServiceProvider } from './services/socket.service';
import { AuthGuardProvider, AuthGuard } from './services/auth-guard.service';
import { AccessGuardProvider, AccessGuard } from './services/access-guard.service';
import { AuthServiceProvider } from './services/auth.service';
import { EqualValidator } from './directives/equal-validator.directive';
import { SafeHtmlPipe } from './pipes/safe-html.pipe';
@@ -68,12 +69,12 @@ import { AppTeamComponent } from './components/app-team';
{
path: 'build/:id',
component: AppBuildDetailsComponent,
canActivate: [AuthGuard]
canActivate: [AuthGuard, AccessGuard]
},
{
path: 'job/:id',
component: AppJobComponent,
canActivate: [AuthGuard]
canActivate: [AuthGuard, AccessGuard]
},
{
path: 'repositories',
@@ -83,7 +84,7 @@ import { AppTeamComponent } from './components/app-team';
{
path: 'repo/:id',
component: AppRepositoryComponent,
canActivate: [AuthGuard]
canActivate: [AuthGuard, AccessGuard]
},
{
path: 'settings',
@@ -115,7 +116,8 @@ import { AppTeamComponent } from './components/app-team';
ApiServiceProvider,
SocketServiceProvider,
AuthServiceProvider,
AuthGuardProvider
AuthGuardProvider,
AccessGuardProvider
],
bootstrap: [ AppComponent ]
})
@@ -69,7 +69,7 @@ <h1 class="mr15">{{ repo?.full_name }}</h1>
</div>
</div>

<div class="column is-12" *ngIf="tab === 'settings'">
<div class="column is-12" *ngIf="tab === 'settings' && repo.hasPermission">
<div class="columns">
<div class="column is-12">
<div class="settings-container">
@@ -92,7 +92,7 @@ <h2>Settings</h2>
</div>
</div>

<div class="column is-12" *ngIf="tab === 'settings'">
<div class="column is-12" *ngIf="tab === 'settings' && repo.hasPermission">
<div class="columns">
<div class="column is-12">
<div class="settings-container">
@@ -131,7 +131,7 @@ export class AppRepositoryComponent implements OnInit, OnDestroy {
}

fetch(): void {
this.api.getRepository(this.id).subscribe(event => {
this.api.getRepository(this.id, this.userId).subscribe(event => {
this.repo = event;
this.form = { id: parseInt(this.id, 10), access_tokens_id: event.access_tokens_id };
this.loading = false;
Oops, something went wrong.

0 comments on commit ec4019f

Please sign in to comment.