fix: Fix duplicate entity policy name on route analysis (#990)

plumier · Jun 28, 2021 · 6a18218 · 6a18218
1 parent 116228e
commit 6a18218
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 1 deletion.
diff --git a/packages/core/src/authorization-analyzer.ts b/packages/core/src/authorization-analyzer.ts
@@ -178,7 +178,8 @@ function checkMissingEntityProviderOnModel(route: RouteInfo, policies: AuthPolic
 
 function missingEntityPolicyErrorMessage(policies: PolicyInfo[], provider: Class, location?: string): RouteAnalyzerIssue {
     const loc = location ? ` on ${location}` : ""
-    return { type: "error", message: `Entity policy ${policies.map(x => x.name).join(", ")} for entity ${provider.name} ${policies.length === 1 ? "is" : "are"} not found${loc}` }
+    const names = Array.from(new Set(policies.map(x => x.name)))
+    return { type: "error", message: `Entity policy ${names.join(", ")} for entity ${provider.name} ${names.length === 1 ? "is" : "are"} not found${loc}` }
 }
 
 function checkMissingEntityPolicyOnRoute(route: RouteInfo, policies: AuthPolicy[], globalAuthorize?: string | string[]): RouteAnalyzerIssue[] {

diff --git a/tests/behavior/authorization/__snapshots__/jwt-auth.spec.ts.snap b/tests/behavior/authorization/__snapshots__/jwt-auth.spec.ts.snap
@@ -312,6 +312,20 @@ Array [
 ]
 `;
 
+exports[`JwtAuth Analyzer Message Should not showing duplicate policy name when the exact entity policy are not found 1`] = `
+Array [
+  Array [],
+  Array [
+    "Route Analysis Report",
+  ],
+  Array [
+    "1. UsersController.save(id, data) -> ResourceOwner PUT /users/:id
+ - error Entity policy ResourceOwner for entity Other is not found",
+  ],
+  Array [],
+]
+`;
+
 exports[`JwtAuth Analyzer Message Should not showing readonly and writeonly error message 1`] = `
 Array [
   Array [],

diff --git a/tests/behavior/authorization/jwt-auth.spec.ts b/tests/behavior/authorization/jwt-auth.spec.ts
@@ -1060,6 +1060,33 @@ describe("JwtAuth", () => {
             console.mockClear()
         })
 
+        it("Should not showing duplicate policy name when the exact entity policy are not found", async () => {
+            class Other {}
+            class Item { }
+            class User {
+                @entity.primaryId()
+                id: number
+            }
+            class UsersController {
+                @authorize.route("ResourceOwner")
+                @route.put(":id")
+                @entityProvider(Other, "id")
+                save(id:number, data: User) { }
+            }
+            const authPolicies = [
+                entityPolicy(User).define("ResourceOwner", (ctx, x) => !!x.id),
+                entityPolicy(Item).define("ResourceOwner", (ctx, x) => !!x.id),
+            ]
+            const mock = console.mock()
+            await new Plumier()
+                .set(new WebApiFacility({ controller: [UsersController] }))
+                .set(new JwtAuthFacility({ secret: "secret", authPolicies }))
+                .set({ genericController: [DefaultControllerGeneric, DefaultNestedControllerGeneric] })
+                .initialize()
+            expect(cleanupConsole(mock.mock.calls)).toMatchSnapshot()
+            console.mockClear()
+        })
+
         it("Should detect when applied on non entity policy provider parameter", async () => {
             class User {
                 @entity.primaryId()