Skip to content

Commit 7a426dc

Browse files
jeanp413jeanp413
committed
More feedback
1 parent 87f1f36 commit 7a426dc

File tree

6 files changed

+92
-69
lines changed

6 files changed

+92
-69
lines changed

components/server/src/authorization/definitions.ts

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,15 @@ export type UserResourceType = "user";
3232

3333
export type UserRelation = "self" | "organization" | "installation";
3434

35-
export type UserPermission = "read_info" | "write_info" | "delete" | "make_admin" | "read_ssh" | "write_ssh";
35+
export type UserPermission =
36+
| "read_info"
37+
| "write_info"
38+
| "delete"
39+
| "make_admin"
40+
| "read_ssh"
41+
| "write_ssh"
42+
| "read_env_var"
43+
| "write_env_var";
3644

3745
export type InstallationResourceType = "installation";
3846

@@ -67,7 +75,7 @@ export type ProjectResourceType = "project";
6775

6876
export type ProjectRelation = "org" | "editor" | "viewer";
6977

70-
export type ProjectPermission = "read_info" | "write_info" | "delete";
78+
export type ProjectPermission = "read_info" | "write_info" | "delete" | "read_env_var" | "write_env_var";
7179

7280
export type WorkspaceResourceType = "workspace";
7381

components/server/src/prebuilds/prebuild-manager.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ export class PrebuildManager {
6666
@inject(UserAuthentication) protected readonly userService: UserAuthentication;
6767
@inject(TeamDB) protected readonly teamDB: TeamDB;
6868
@inject(EntitlementService) protected readonly entitlementService: EntitlementService;
69-
@inject(EnvVarService) protected readonly envVarService: EnvVarService;
69+
@inject(EnvVarService) private readonly envVarService: EnvVarService;
7070

7171
async abortPrebuildsForBranch(ctx: TraceContext, project: Project, user: User, branch: string): Promise<void> {
7272
const span = TraceContext.startSpan("abortPrebuildsForBranch", ctx);

components/server/src/user/env-var-service.spec.db.ts

Lines changed: 44 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -145,23 +145,23 @@ describe("EnvVarService", async () => {
145145
});
146146

147147
it("should add env variable", async () => {
148-
const resp1 = await es.getAllEnvVars(member.id, member.id, resourceAccessGuard);
148+
const resp1 = await es.getAllUserEnvVars(member.id, member.id, resourceAccessGuard);
149149
expect(resp1.length).to.equal(0);
150150

151-
await es.setEnvVar(
151+
await es.setUserEnvVar(
152152
member.id,
153153
member.id,
154154
{ name: "var1", value: "foo", repositoryPattern: "*/*" },
155155
resourceAccessGuard,
156156
);
157157

158-
const resp2 = await es.getAllEnvVars(member.id, member.id, resourceAccessGuard);
158+
const resp2 = await es.getAllUserEnvVars(member.id, member.id, resourceAccessGuard);
159159
expect(resp2.length).to.equal(1);
160160

161-
await expectError(ErrorCodes.NOT_FOUND, es.getAllEnvVars(stranger.id, member.id, resourceAccessGuard));
161+
await expectError(ErrorCodes.NOT_FOUND, es.getAllUserEnvVars(stranger.id, member.id, resourceAccessGuard));
162162
await expectError(
163163
ErrorCodes.NOT_FOUND,
164-
es.setEnvVar(
164+
es.setUserEnvVar(
165165
stranger.id,
166166
member.id,
167167
{ name: "var2", value: "bar", repositoryPattern: "*/*" },
@@ -171,52 +171,52 @@ describe("EnvVarService", async () => {
171171
});
172172

173173
it("should list all env vars", async () => {
174-
await es.setEnvVar(
174+
await es.setUserEnvVar(
175175
member.id,
176176
member.id,
177177
{ name: "var1", value: "foo", repositoryPattern: "*/*" },
178178
resourceAccessGuard,
179179
);
180-
await es.setEnvVar(
180+
await es.setUserEnvVar(
181181
member.id,
182182
member.id,
183183
{ name: "var2", value: "bar", repositoryPattern: "*/*" },
184184
resourceAccessGuard,
185185
);
186186

187-
const envVars = await es.getAllEnvVars(member.id, member.id, resourceAccessGuard);
187+
const envVars = await es.getAllUserEnvVars(member.id, member.id, resourceAccessGuard);
188188
expect(envVars.length).to.equal(2);
189189
expect(envVars.some((e) => e.name === "var1" && e.value === "foo")).to.be.true;
190190
expect(envVars.some((e) => e.name === "var2" && e.value === "bar")).to.be.true;
191191

192-
await expectError(ErrorCodes.NOT_FOUND, es.getAllEnvVars(stranger.id, member.id, resourceAccessGuard));
192+
await expectError(ErrorCodes.NOT_FOUND, es.getAllUserEnvVars(stranger.id, member.id, resourceAccessGuard));
193193
});
194194

195195
it("should delete env vars", async () => {
196-
await es.setEnvVar(
196+
await es.setUserEnvVar(
197197
member.id,
198198
member.id,
199199
{ name: "var1", value: "foo", repositoryPattern: "*/*" },
200200
resourceAccessGuard,
201201
);
202-
await es.setEnvVar(
202+
await es.setUserEnvVar(
203203
member.id,
204204
member.id,
205205
{ name: "var2", value: "bar", repositoryPattern: "*/*" },
206206
resourceAccessGuard,
207207
);
208208

209-
const envVars = await es.getAllEnvVars(member.id, member.id, resourceAccessGuard);
209+
const envVars = await es.getAllUserEnvVars(member.id, member.id, resourceAccessGuard);
210210
expect(envVars.length).to.equal(2);
211211

212-
await es.deleteEnvVar(member.id, member.id, envVars[0], resourceAccessGuard);
212+
await es.deleteUserEnvVar(member.id, member.id, envVars[0], resourceAccessGuard);
213213

214-
const envVars2 = await es.getAllEnvVars(member.id, member.id, resourceAccessGuard);
214+
const envVars2 = await es.getAllUserEnvVars(member.id, member.id, resourceAccessGuard);
215215
expect(envVars2.length).to.equal(1);
216216

217217
await expectError(
218218
ErrorCodes.NOT_FOUND,
219-
es.deleteEnvVar(stranger.id, member.id, envVars2[0], resourceAccessGuard),
219+
es.deleteUserEnvVar(stranger.id, member.id, envVars2[0], resourceAccessGuard),
220220
);
221221
});
222222

@@ -231,7 +231,7 @@ describe("EnvVarService", async () => {
231231

232232
await es.deleteProjectEnvironmentVariable(owner.id, envVars[0].id);
233233

234-
await expectError(ErrorCodes.NOT_FOUND, () => es.getProjectEnvironmentVariableById(owner.id, envVars[0].id));
234+
await expectError(ErrorCodes.NOT_FOUND, es.getProjectEnvironmentVariableById(owner.id, envVars[0].id));
235235

236236
const emptyEnvVars = await es.getProjectEnvironmentVariables(owner.id, project.id);
237237
expect(emptyEnvVars.length).to.equal(0);
@@ -246,11 +246,10 @@ describe("EnvVarService", async () => {
246246
const envVarById = await es.getProjectEnvironmentVariableById(member.id, envVars[0].id);
247247
expect(envVarById?.name).to.equal("FOO");
248248

249-
await expectError(ErrorCodes.PERMISSION_DENIED, () =>
250-
es.deleteProjectEnvironmentVariable(member.id, envVars[0].id),
251-
);
249+
await expectError(ErrorCodes.PERMISSION_DENIED, es.deleteProjectEnvironmentVariable(member.id, envVars[0].id));
252250

253-
await expectError(ErrorCodes.PERMISSION_DENIED, () =>
251+
await expectError(
252+
ErrorCodes.PERMISSION_DENIED,
254253
es.setProjectEnvironmentVariable(member.id, project.id, "FOO", "BAR", false),
255254
);
256255
});
@@ -262,19 +261,19 @@ describe("EnvVarService", async () => {
262261
expect(envVars[0].name).to.equal("FOO");
263262

264263
// let's try to get the env var as a stranger
265-
await expectError(ErrorCodes.NOT_FOUND, () => es.getProjectEnvironmentVariableById(stranger.id, envVars[0].id));
264+
await expectError(ErrorCodes.NOT_FOUND, es.getProjectEnvironmentVariableById(stranger.id, envVars[0].id));
266265

267266
// let's try to delete the env var as a stranger
268-
await expectError(ErrorCodes.NOT_FOUND, () => es.deleteProjectEnvironmentVariable(stranger.id, envVars[0].id));
267+
await expectError(ErrorCodes.NOT_FOUND, es.deleteProjectEnvironmentVariable(stranger.id, envVars[0].id));
269268

270269
// let's try to get the env vars as a stranger
271-
await expectError(ErrorCodes.NOT_FOUND, () => es.getProjectEnvironmentVariables(stranger.id, project.id));
270+
await expectError(ErrorCodes.NOT_FOUND, es.getProjectEnvironmentVariables(stranger.id, project.id));
272271
});
273272

274273
it("should resolve env variables 1 ", async () => {
275-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
276-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
277-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
274+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
275+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
276+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
278277

279278
await es.setProjectEnvironmentVariable(
280279
owner.id,
@@ -298,9 +297,9 @@ describe("EnvVarService", async () => {
298297
});
299298

300299
it("should resolve env variables prebuild", async () => {
301-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
302-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
303-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
300+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
301+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
302+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
304303

305304
await es.setProjectEnvironmentVariable(
306305
owner.id,
@@ -325,9 +324,9 @@ describe("EnvVarService", async () => {
325324
});
326325

327326
it("should resolve env variables regular projext", async () => {
328-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
329-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
330-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
327+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
328+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
329+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
331330

332331
await es.setProjectEnvironmentVariable(
333332
owner.id,
@@ -367,9 +366,9 @@ describe("EnvVarService", async () => {
367366
});
368367

369368
it("should resolve env variables prebuild with projext ", async () => {
370-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
371-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
372-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
369+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
370+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
371+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
373372

374373
await es.setProjectEnvironmentVariable(
375374
owner.id,
@@ -417,7 +416,7 @@ describe("EnvVarService", async () => {
417416
},
418417
];
419418

420-
await es.setEnvVar(member.id, member.id, userEnvVars[0], resourceAccessGuard);
419+
await es.setUserEnvVar(member.id, member.id, userEnvVars[0], resourceAccessGuard);
421420

422421
const envVars = await es.resolveEnvVariables(member.id, project.id, "prebuild", commitContext);
423422
expect(envVars).to.deep.equal({
@@ -427,9 +426,9 @@ describe("EnvVarService", async () => {
427426
});
428427

429428
it("should resolve env variables from context ", async () => {
430-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
431-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
432-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
429+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
430+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
431+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
433432

434433
await es.setProjectEnvironmentVariable(
435434
owner.id,
@@ -456,9 +455,9 @@ describe("EnvVarService", async () => {
456455
});
457456

458457
it("should resolve env variables from context with project ", async () => {
459-
await es.setEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
460-
await es.setEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
461-
await es.setEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
458+
await es.setUserEnvVar(member.id, member.id, fooAnyUserEnvVar, resourceAccessGuard);
459+
await es.setUserEnvVar(member.id, member.id, barUserCommitEnvVar, resourceAccessGuard);
460+
await es.setUserEnvVar(member.id, member.id, barUserAnotherCommitEnvVar, resourceAccessGuard);
462461

463462
await es.setProjectEnvironmentVariable(
464463
owner.id,
@@ -530,7 +529,7 @@ describe("EnvVarService", async () => {
530529
const expectedVars = [inputVars[0]];
531530

532531
for (let j = 0; j < inputVars.length; j++) {
533-
await es.setEnvVar(member.id, member.id, inputVars[j], resourceAccessGuard);
532+
await es.setUserEnvVar(member.id, member.id, inputVars[j], resourceAccessGuard);
534533
}
535534
expectedVars.forEach((e) => delete (e as any).id);
536535

@@ -541,7 +540,7 @@ describe("EnvVarService", async () => {
541540
workspace: expectedVars,
542541
});
543542

544-
await es.deleteEnvVar(member.id, member.id, expectedVars[0], resourceAccessGuard);
543+
await es.deleteUserEnvVar(member.id, member.id, expectedVars[0], resourceAccessGuard);
545544
}
546545
});
547546

@@ -594,7 +593,7 @@ describe("EnvVarService", async () => {
594593
];
595594

596595
for (let j = 0; j < userEnvVars.length; j++) {
597-
await es.setEnvVar(member.id, member.id, userEnvVars[j], resourceAccessGuard);
596+
await es.setUserEnvVar(member.id, member.id, userEnvVars[j], resourceAccessGuard);
598597
}
599598

600599
const envVars = await es.resolveEnvVariables(member.id, project.id, "regular", {

0 commit comments

Comments
 (0)