From 37762c13752c78e55b47ee606ac46922b6dc6d35 Mon Sep 17 00:00:00 2001 From: syedfkabir Date: Mon, 31 Oct 2022 12:02:17 -0400 Subject: [PATCH 1/5] add the privilege entry --- src/project/controller/person-collection.ts | 9 ++++++++- src/project/service.ts | 11 +++++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/project/controller/person-collection.ts b/src/project/controller/person-collection.ts index 3a66365..0a4ba10 100644 --- a/src/project/controller/person-collection.ts +++ b/src/project/controller/person-collection.ts @@ -1,6 +1,7 @@ import { PersonProjectForm } from '@badgateway/tt-types'; import Controller from '@curveball/controller'; import { Context } from '@curveball/core'; +import { addUserPrivilege } from '../../a12n'; import * as projectService from '../service'; @@ -18,7 +19,13 @@ class ProjectPersonCollection extends Controller { href: ctx.request.body.href }; - await projectService.addPersonToProject(params); + const person = await projectService.addPersonToProject(params); + + await addUserPrivilege( + ctx.state.oauth2._links['authenticated-as'].href, + params.role, + new URL(person.href, ctx.request.origin), + ); ctx.status = 201; diff --git a/src/project/service.ts b/src/project/service.ts index b26d848..614f840 100644 --- a/src/project/service.ts +++ b/src/project/service.ts @@ -1,4 +1,4 @@ -import { Client, Project, NewProject } from '../types'; +import { Client, Project, NewProject, Person } from '../types'; import { PersonProjectForm } from '@badgateway/tt-types'; import { NotFound } from '@curveball/http-errors'; import knex from '../db'; @@ -79,12 +79,13 @@ function mapRecord(input: ProjectsRecord, client: Client): Project { } -export async function addPersonToProject(params: PersonProjectForm): Promise { +export async function addPersonToProject(params: PersonProjectForm): Promise { const principalUri = await findOrCreatePrincipal(params.href, params.name); + let person : Person; try { - await personService.findByPrincipalUrl(principalUri); + person = await personService.findByPrincipalUrl(principalUri); } catch(error) { if(!(error instanceof NotFound)){ @@ -92,11 +93,13 @@ export async function addPersonToProject(params: PersonProjectForm): Promise Date: Mon, 31 Oct 2022 12:06:47 -0400 Subject: [PATCH 2/5] add the privilege entry --- src/project/controller/person-collection.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/project/controller/person-collection.ts b/src/project/controller/person-collection.ts index 0a4ba10..cc42308 100644 --- a/src/project/controller/person-collection.ts +++ b/src/project/controller/person-collection.ts @@ -22,7 +22,7 @@ class ProjectPersonCollection extends Controller { const person = await projectService.addPersonToProject(params); await addUserPrivilege( - ctx.state.oauth2._links['authenticated-as'].href, + person.principalUri, params.role, new URL(person.href, ctx.request.origin), ); From 0b8bed6c9bfb2dcceeb1f21de8281d3d24771379 Mon Sep 17 00:00:00 2001 From: syedfkabir Date: Mon, 31 Oct 2022 12:20:15 -0400 Subject: [PATCH 3/5] add the privilege entry --- src/project/controller/person-collection.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/project/controller/person-collection.ts b/src/project/controller/person-collection.ts index cc42308..9f2d476 100644 --- a/src/project/controller/person-collection.ts +++ b/src/project/controller/person-collection.ts @@ -20,11 +20,13 @@ class ProjectPersonCollection extends Controller { }; const person = await projectService.addPersonToProject(params); + const projectId = +ctx.params.projectId; + const project = await projectService.findById(projectId); await addUserPrivilege( person.principalUri, params.role, - new URL(person.href, ctx.request.origin), + new URL(project.href, ctx.request.origin), ); ctx.status = 201; From 533ed2e98ff854a171fa212226ef230b42771236 Mon Sep 17 00:00:00 2001 From: syedfkabir Date: Mon, 31 Oct 2022 12:23:22 -0400 Subject: [PATCH 4/5] add the privilege entry --- src/project/controller/person-collection.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/project/controller/person-collection.ts b/src/project/controller/person-collection.ts index 9f2d476..aeb15ca 100644 --- a/src/project/controller/person-collection.ts +++ b/src/project/controller/person-collection.ts @@ -2,6 +2,7 @@ import { PersonProjectForm } from '@badgateway/tt-types'; import Controller from '@curveball/controller'; import { Context } from '@curveball/core'; import { addUserPrivilege } from '../../a12n'; +import { NotFound } from '@curveball/http-errors'; import * as projectService from '../service'; @@ -23,6 +24,10 @@ class ProjectPersonCollection extends Controller { const projectId = +ctx.params.projectId; const project = await projectService.findById(projectId); + if(!person.principalUri){ + throw new NotFound(`The principal_uri is missing on Person: ${person.id}.`); + } + await addUserPrivilege( person.principalUri, params.role, From eccd9de2b6aae780397d06f470ba9c5d04666640 Mon Sep 17 00:00:00 2001 From: syedfkabir Date: Mon, 31 Oct 2022 12:42:34 -0400 Subject: [PATCH 5/5] add the privilege entry --- src/project/controller/person-collection.ts | 18 +++------------- src/project/service.ts | 24 +++++++++++++++------ 2 files changed, 20 insertions(+), 22 deletions(-) diff --git a/src/project/controller/person-collection.ts b/src/project/controller/person-collection.ts index aeb15ca..ad51f22 100644 --- a/src/project/controller/person-collection.ts +++ b/src/project/controller/person-collection.ts @@ -1,8 +1,6 @@ import { PersonProjectForm } from '@badgateway/tt-types'; import Controller from '@curveball/controller'; import { Context } from '@curveball/core'; -import { addUserPrivilege } from '../../a12n'; -import { NotFound } from '@curveball/http-errors'; import * as projectService from '../service'; @@ -17,22 +15,12 @@ class ProjectPersonCollection extends Controller { const params = { role: ctx.request.body.role, name: ctx.request.body.name, - href: ctx.request.body.href + href: ctx.request.body.href, }; - - const person = await projectService.addPersonToProject(params); const projectId = +ctx.params.projectId; - const project = await projectService.findById(projectId); - - if(!person.principalUri){ - throw new NotFound(`The principal_uri is missing on Person: ${person.id}.`); - } + const origin = ctx.request.origin; - await addUserPrivilege( - person.principalUri, - params.role, - new URL(project.href, ctx.request.origin), - ); + await projectService.addPersonToProject(params, projectId, origin); ctx.status = 201; diff --git a/src/project/service.ts b/src/project/service.ts index 614f840..69b6606 100644 --- a/src/project/service.ts +++ b/src/project/service.ts @@ -1,4 +1,4 @@ -import { Client, Project, NewProject, Person } from '../types'; +import { Client, Project, NewProject } from '../types'; import { PersonProjectForm } from '@badgateway/tt-types'; import { NotFound } from '@curveball/http-errors'; import knex from '../db'; @@ -6,6 +6,7 @@ import * as clientService from '../client/service'; import * as personService from '../person/service'; import { ProjectsRecord } from 'knex/types/tables'; import ketting from '../ketting'; +import { addUserPrivilege } from '../a12n'; export async function findAll(): Promise { @@ -79,13 +80,14 @@ function mapRecord(input: ProjectsRecord, client: Client): Project { } -export async function addPersonToProject(params: PersonProjectForm): Promise { +export async function addPersonToProject(params: PersonProjectForm, projectId: number, origin: string): Promise { const principalUri = await findOrCreatePrincipal(params.href, params.name); - let person : Person; + let project : Project; try { - person = await personService.findByPrincipalUrl(principalUri); + await personService.findByPrincipalUrl(principalUri); + project = await findById(projectId); } catch(error) { if(!(error instanceof NotFound)){ @@ -93,13 +95,21 @@ export async function addPersonToProject(params: PersonProjectForm): Promise