Skip to content

Commit

Permalink
Revert "refactor: use a prefix matching for the claim in subscriptions (
Browse files Browse the repository at this point in the history
#10199)" (#10264)

This reverts commit 22386de.
  • Loading branch information
danielleadams authored Apr 22, 2022
1 parent a59b89e commit eff77da
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 22 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -93,13 +93,13 @@ test('owner field with subscriptions', () => {

// expect logic in the resolvers to check for postOwner args as an allowed owner
expect(out.resolvers['Subscription.onCreatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner, null) )',
);
expect(out.resolvers['Subscription.onUpdatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner, null) )',
);
expect(out.resolvers['Subscription.onDeletePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.postOwner, null) )',
);
});

Expand Down Expand Up @@ -137,24 +137,24 @@ test('multiple owner rules with subscriptions', () => {

// expect logic in the resolvers to check for owner args as an allowedOwner
expect(out.resolvers['Subscription.onCreatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner, null) )',
);
expect(out.resolvers['Subscription.onUpdatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner, null) )',
);
expect(out.resolvers['Subscription.onDeletePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner.split(":")[0], null) )',
'#set( $ownerEntity0 = $util.defaultIfNull($ctx.args.owner, null) )',
);

// expect logic in the resolvers to check for editor args as an allowedOwner
expect(out.resolvers['Subscription.onCreatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor.split(":")[0], null) )',
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor, null) )',
);
expect(out.resolvers['Subscription.onUpdatePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor.split(":")[0], null) )',
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor, null) )',
);
expect(out.resolvers['Subscription.onDeletePost.auth.1.req.vtl']).toContain(
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor.split(":")[0], null) )',
'#set( $ownerEntity1 = $util.defaultIfNull($ctx.args.editor, null) )',
);
});

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,19 +35,16 @@ const dynamicRoleExpression = (roles: Array<RoleDefinition>): Array<Expression>
// we only check against owner rules which are not list fields
roles.forEach((role, idx) => {
if (role.strategy === 'owner') {
const roleClaims = role.claim!.split(':');
ownerExpression.push(set(ref(`ownerEntity${idx}`), methodCall(ref('util.defaultIfNull'), ref(`ctx.args.${role.entity!}.split(":")[0]`), nul())));
roleClaims.forEach((claim, secIdx) => {
ownerExpression.push(
iff(
not(ref(IS_AUTHORIZED_FLAG)),
compoundExpression([
set(ref(`ownerClaim${idx}_${secIdx}`), getOwnerClaim(claim)),
iff(equals(ref(`ownerEntity${idx}`), ref(`ownerClaim${idx}_${secIdx}`)), set(ref(IS_AUTHORIZED_FLAG), bool(true))),
]),
),
);
});
ownerExpression.push(
iff(
not(ref(IS_AUTHORIZED_FLAG)),
compoundExpression([
set(ref(`ownerEntity${idx}`), methodCall(ref('util.defaultIfNull'), ref(`ctx.args.${role.entity!}`), nul())),
set(ref(`ownerClaim${idx}`), getOwnerClaim(role.claim!)),
iff(equals(ref(`ownerEntity${idx}`), ref(`ownerClaim${idx}`)), set(ref(IS_AUTHORIZED_FLAG), bool(true))),
]),
),
);
}
});

Expand Down

0 comments on commit eff77da

Please sign in to comment.