#431 - Added env to graphQL permission resolver

src/client/permission-resolvers.js

@@ -5,7 +5,9 @@ import { getGroupConfigs } from '../services/group-config';
 import { permissionCache } from '../helpers/cache';
 
 export async function resolvePermission(args, admin) {
-    const cacheKey = permissionCache.permissionKey(admin._id, args.domain, args.parent, args.actions, args.router);
+    const cacheKey = permissionCache.permissionKey(admin._id, args.domain, args.parent, 
+        args.actions, args.router, args.environment);
+
     if (permissionCache.has(cacheKey)) {
         return permissionCache.get(cacheKey);
     }
@@ -22,7 +24,7 @@ export async function resolvePermission(args, admin) {
 
         for (const action_perm of args.actions) {
             try {
-                await verifyOwnership(admin, element, args.domain, action_perm, args.router);
+                await verifyOwnership(admin, element, args.domain, action_perm, args.router, false, args.environment);
                 result[result.length - 1].permissions.push({ action: action_perm.toString(), result: 'ok' });
             } catch (e) {
                 result[result.length - 1].permissions.push({ action: action_perm.toString(), result: 'nok' });

src/client/schema.js

@@ -101,6 +101,9 @@ const queryType = new GraphQLObjectType({
                 },
                 router: {
                     type: GraphQLString
+                },
+                environment: {
+                    type: GraphQLString
                 }
             },
             resolve: async (_source, args, context) => {

tests/client-api.test.js

@@ -928,36 +928,6 @@ describe('Testing domain [Adm-GraphQL] ', () => {
         expect(JSON.parse(req.text)).toMatchObject(JSON.parse(graphqlUtils.expected111));
     });
 
-    test('CLIENT_SUITE - Should NOT return domain structure for an excluded team member', async () => {
-        //given
-        const admin = await Admin.findById(adminAccountId).exec();
-        admin.teams = [];
-        await admin.save();
-
-        const req = await request(app)
-            .post('/adm-graphql')
-            .set('Authorization', `Bearer ${adminAccountToken}`)
-            .send(graphqlUtils.domainQuery([['_id', domainId], ['environment', EnvType.DEFAULT]]));
-
-        const expected = '{"data":{"domain":null}}';
-        expect(req.statusCode).toBe(200);
-        expect(JSON.parse(req.text)).toMatchObject(JSON.parse(expected));
-    });
-
-    test('CLIENT_SUITE - Should NOT return domain Flat-structure for am excluded team member', async () => {
-        const req = await request(app)
-            .post('/adm-graphql')
-            .set('Authorization', `Bearer ${adminAccountToken}`)
-            .send(graphqlUtils.configurationQuery([
-                ['domain', domainId], 
-                ['key', keyConfig], 
-                ['environment', EnvType.DEFAULT]]));
-
-        const expected = '{"data":{"configuration":{"domain":null,"group":null,"config":null,"strategies":null}}}';
-        expect(req.statusCode).toBe(200);
-        expect(JSON.parse(req.text)).toMatchObject(JSON.parse(expected));
-    });
-
     test('CLIENT_SUITE - Should return list of Groups permissions', async () => {
         const req = await request(app)
             .post('/adm-graphql')
@@ -995,6 +965,19 @@ describe('Testing domain [Adm-GraphQL] ', () => {
         expect(JSON.parse(req.text).data.permission[0].permissions).toMatchObject(JSON.parse(exptected));
     });
 
+    test('CLIENT_SUITE - Should return list of Groups permissions - by environment', async () => {
+        const req = await request(app)
+            .post('/adm-graphql')
+            .set('Authorization', `Bearer ${adminAccountToken}`)
+            .send(graphqlUtils.permissionsQuery(domainId, undefined, `"CREATE"`, RouterTypes.GROUP, EnvType.DEFAULT));
+
+        const exptected = '[{"action":"CREATE","result":"ok"}]';
+        expect(req.statusCode).toBe(200);
+        expect(JSON.parse(req.text)).not.toBe(null);
+        expect(JSON.parse(req.text).data.permission[0].name).toBe("Group Test");
+        expect(JSON.parse(req.text).data.permission[0].permissions).toMatchObject(JSON.parse(exptected));
+    });
+
     test('CLIENT_SUITE - Should return list of Groups permissions - Unauthorized access', async () => {
         const req = await request(app)
             .post('/adm-graphql')
@@ -1048,4 +1031,40 @@ describe('Testing domain [Adm-GraphQL] ', () => {
         expect(JSON.parse(req.text)).not.toBe(null);
         expect(JSON.parse(req.text).data.permission).toStrictEqual([]);
     });
+});
+
+describe('Testing domain/configuration [Adm-GraphQL] - Excluded team member ', () => {
+
+    afterAll(setupDatabase);
+
+    test('CLIENT_SUITE - Should NOT return domain structure for an excluded team member', async () => {
+        //given
+        const admin = await Admin.findById(adminAccountId).exec();
+        admin.teams = [];
+        await admin.save();
+
+        const req = await request(app)
+            .post('/adm-graphql')
+            .set('Authorization', `Bearer ${adminAccountToken}`)
+            .send(graphqlUtils.domainQuery([['_id', domainId], ['environment', EnvType.DEFAULT]]));
+
+        const expected = '{"data":{"domain":null}}';
+        expect(req.statusCode).toBe(200);
+        expect(JSON.parse(req.text)).toMatchObject(JSON.parse(expected));
+    });
+
+    test('CLIENT_SUITE - Should NOT return domain Flat-structure for am excluded team member', async () => {
+        const req = await request(app)
+            .post('/adm-graphql')
+            .set('Authorization', `Bearer ${adminAccountToken}`)
+            .send(graphqlUtils.configurationQuery([
+                ['domain', domainId], 
+                ['key', keyConfig], 
+                ['environment', EnvType.DEFAULT]]));
+
+        const expected = '{"data":{"configuration":{"domain":null,"group":null,"config":null,"strategies":null}}}';
+        expect(req.statusCode).toBe(200);
+        expect(JSON.parse(req.text)).toMatchObject(JSON.parse(expected));
+    });
+
 });

tests/fixtures/db_client.js

@@ -37,7 +37,7 @@ export const adminAccount = {
     active: true
 };
 
-export let apiKey = undefined;
+export let apiKey;
 export const domainId = new mongoose.Types.ObjectId();
 export const domainDocument = {
     _id: domainId,
@@ -172,13 +172,22 @@ export const permissionConfigs = {
     router: RouterTypes.CONFIG
 };
 
+export const permissionConfigs2Id = new mongoose.Types.ObjectId();
+export const permissionConfigs2 = {
+    _id: permissionConfigs2Id,
+    action: ActionTypes.CREATE,
+    active: true,
+    router: RouterTypes.GROUP,
+    environments: [EnvType.DEFAULT]
+};
+
 export const teamId = new mongoose.Types.ObjectId();
 export const team = {
     _id: teamId,
     domain: domainId,
     name: 'Team Dev',
     active: true,
-    permissions: [permissionConfigsId]
+    permissions: [permissionConfigsId, permissionConfigs2Id]
 };
 
 export const slack = {
@@ -218,6 +227,7 @@ export const setupDatabase = async () => {
     await new Slack(slack).save();
     await new Team(team).save();
     await new Permission(permissionConfigs).save();
+    await new Permission(permissionConfigs2).save();
 
     await new GroupConfig(groupConfigDocument).save();
     await new Config(configDocument).save();

tests/graphql-utils/index.js

@@ -63,15 +63,16 @@ export const  buildEntries = (entries) => {
     return `${entries.map(createStrategyInput)}`;
 };
 
-export const permissionsQuery = (domainId, parentId, actions, router) => {
+export const permissionsQuery = (domainId, parentId, actions, router, environment) => {
     return { 
         query: `
             {
                 permission(
                     domain: "${domainId}",
                     parent: "${parentId}",
                     actions: [${actions}],
-                    router: "${router}"
+                    router: "${router}",
+                    environment: "${environment}"
                 ) {
                     id,
                     name,