github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-25 03:06:31 -05:00
Code Issues Projects Releases Packages Wiki Activity

refactor(default-access-level): rename from default-access-permission

Browse source 
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2023-02-12 19:31:32 +01:00
parent 1d1c367309
commit cdc9ebd352
7 changed files with 100 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
backend/src/config/default-access-permission.enum.ts → backend/src/config/default-access-level.enum.ts
View file

@ -4,21 +4,21 @@
* SPDX-License-Identifier: AGPL-3.0-only * SPDX-License-Identifier: AGPL-3.0-only
*/ */
export enum DefaultAccessPermission { export enum DefaultAccessLevel {
NONE = 'none', NONE = 'none',
READ = 'read', READ = 'read',
WRITE = 'write', WRITE = 'write',
} }
export function getDefaultAccessPermissionOrdinal( export function getDefaultAccessLevelOrdinal(
permission: DefaultAccessPermission, permission: DefaultAccessLevel,
): number { ): number {
switch (permission) { switch (permission) {
case DefaultAccessPermission.NONE: case DefaultAccessLevel.NONE:
return 0; return 0;
case DefaultAccessPermission.READ: case DefaultAccessLevel.READ:
return 1; return 1;
case DefaultAccessPermission.WRITE: case DefaultAccessLevel.WRITE:
return 2; return 2;
default: default:
throw Error('Unknown permission'); throw Error('Unknown permission');

6
backend/src/config/mock/note.config.mock.ts
View file

@ -6,7 +6,7 @@
import { ConfigFactoryKeyHost, registerAs } from '@nestjs/config'; import { ConfigFactoryKeyHost, registerAs } from '@nestjs/config';
import { ConfigFactory } from '@nestjs/config/dist/interfaces'; import { ConfigFactory } from '@nestjs/config/dist/interfaces';
import { DefaultAccessPermission } from '../default-access-permission.enum'; import { DefaultAccessLevel } from '../default-access-level.enum';
import { GuestAccess } from '../guest_access.enum'; import { GuestAccess } from '../guest_access.enum';
import { NoteConfig } from '../note.config'; import { NoteConfig } from '../note.config';
@ -16,8 +16,8 @@ export function createDefaultMockNoteConfig(): NoteConfig {
forbiddenNoteIds: ['forbiddenNoteId'], forbiddenNoteIds: ['forbiddenNoteId'],
permissions: { permissions: {
default: { default: {
everyone: DefaultAccessPermission.READ, everyone: DefaultAccessLevel.READ,
loggedIn: DefaultAccessPermission.WRITE, loggedIn: DefaultAccessLevel.WRITE,
}, },
}, },
guestAccess: GuestAccess.CREATE, guestAccess: GuestAccess.CREATE,

98
backend/src/config/note.config.spec.ts
View file

@ -5,7 +5,7 @@
*/ */
import mockedEnv from 'mocked-env'; import mockedEnv from 'mocked-env';
import { DefaultAccessPermission } from './default-access-permission.enum'; import { DefaultAccessLevel } from './default-access-level.enum';
import { GuestAccess } from './guest_access.enum'; import { GuestAccess } from './guest_access.enum';
import noteConfig from './note.config'; import noteConfig from './note.config';
@ -27,8 +27,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -41,10 +41,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds); expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
restore(); restore();
@ -55,8 +55,8 @@ describe('noteConfig', () => {
{ {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -68,10 +68,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toHaveLength(0); expect(config.forbiddenNoteIds).toHaveLength(0);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
restore(); restore();
@ -83,8 +83,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteId, HD_FORBIDDEN_NOTE_IDS: forbiddenNoteId,
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -97,10 +97,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds[0]).toEqual(forbiddenNoteId); expect(config.forbiddenNoteIds[0]).toEqual(forbiddenNoteId);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
@ -112,8 +112,8 @@ describe('noteConfig', () => {
{ {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -126,10 +126,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds); expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds);
expect(config.maxDocumentLength).toEqual(100000); expect(config.maxDocumentLength).toEqual(100000);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
@ -142,7 +142,7 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -155,10 +155,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds); expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
@ -171,7 +171,7 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -184,10 +184,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds); expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.WRITE, DefaultAccessLevel.WRITE,
); );
expect(config.guestAccess).toEqual(guestAccess); expect(config.guestAccess).toEqual(guestAccess);
@ -200,7 +200,7 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
{ {
@ -212,10 +212,10 @@ describe('noteConfig', () => {
expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds); expect(config.forbiddenNoteIds).toEqual(forbiddenNoteIds);
expect(config.maxDocumentLength).toEqual(maxDocumentLength); expect(config.maxDocumentLength).toEqual(maxDocumentLength);
expect(config.permissions.default.everyone).toEqual( expect(config.permissions.default.everyone).toEqual(
DefaultAccessPermission.READ, DefaultAccessLevel.READ,
); );
expect(config.permissions.default.loggedIn).toEqual( expect(config.permissions.default.loggedIn).toEqual(
DefaultAccessPermission.WRITE, DefaultAccessLevel.WRITE,
); );
expect(config.guestAccess).toEqual(GuestAccess.WRITE); expect(config.guestAccess).toEqual(GuestAccess.WRITE);
@ -230,8 +230,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: invalidforbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: invalidforbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -251,8 +251,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: negativeMaxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: negativeMaxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -272,8 +272,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: floatMaxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: floatMaxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -293,8 +293,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: invalidMaxDocumentLength, HD_MAX_DOCUMENT_LENGTH: invalidMaxDocumentLength,
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -315,7 +315,7 @@ describe('noteConfig', () => {
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: wrongDefaultPermission, HD_PERMISSION_DEFAULT_EVERYONE: wrongDefaultPermission,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -335,7 +335,7 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: wrongDefaultPermission, HD_PERMISSION_DEFAULT_LOGGED_IN: wrongDefaultPermission,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
@ -356,8 +356,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: wrongDefaultPermission, HD_GUEST_ACCESS: wrongDefaultPermission,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -377,8 +377,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: 'deny', HD_GUEST_ACCESS: 'deny',
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -398,8 +398,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.WRITE, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.WRITE,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.READ,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -408,7 +408,7 @@ describe('noteConfig', () => {
}, },
); );
expect(() => noteConfig()).toThrow( expect(() => noteConfig()).toThrow(
`'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessPermission.WRITE}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessPermission.READ}'. This gives everyone greater permissions than logged-in users which is not allowed.`, `'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessLevel.WRITE}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessLevel.READ}'. This gives everyone greater permissions than logged-in users which is not allowed.`,
); );
restore(); restore();
}); });
@ -419,8 +419,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.WRITE, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.WRITE,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.NONE, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.NONE,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -429,7 +429,7 @@ describe('noteConfig', () => {
}, },
); );
expect(() => noteConfig()).toThrow( expect(() => noteConfig()).toThrow(
`'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessPermission.WRITE}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessPermission.NONE}'. This gives everyone greater permissions than logged-in users which is not allowed.`, `'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessLevel.WRITE}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessLevel.NONE}'. This gives everyone greater permissions than logged-in users which is not allowed.`,
); );
restore(); restore();
}); });
@ -440,8 +440,8 @@ describe('noteConfig', () => {
/* eslint-disable @typescript-eslint/naming-convention */ /* eslint-disable @typescript-eslint/naming-convention */
HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '), HD_FORBIDDEN_NOTE_IDS: forbiddenNoteIds.join(' , '),
HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(), HD_MAX_DOCUMENT_LENGTH: maxDocumentLength.toString(),
HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessPermission.READ, HD_PERMISSION_DEFAULT_EVERYONE: DefaultAccessLevel.READ,
HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessPermission.NONE, HD_PERMISSION_DEFAULT_LOGGED_IN: DefaultAccessLevel.NONE,
HD_GUEST_ACCESS: guestAccess, HD_GUEST_ACCESS: guestAccess,
/* eslint-enable @typescript-eslint/naming-convention */ /* eslint-enable @typescript-eslint/naming-convention */
}, },
@ -450,7 +450,7 @@ describe('noteConfig', () => {
}, },
); );
expect(() => noteConfig()).toThrow( expect(() => noteConfig()).toThrow(
`'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessPermission.READ}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessPermission.NONE}'. This gives everyone greater permissions than logged-in users which is not allowed.`, `'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${DefaultAccessLevel.READ}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${DefaultAccessLevel.NONE}'. This gives everyone greater permissions than logged-in users which is not allowed.`,
); );
restore(); restore();
}); });

22
backend/src/config/note.config.ts
View file

@ -7,9 +7,9 @@ import { registerAs } from '@nestjs/config';
import * as Joi from 'joi'; import * as Joi from 'joi';
import { import {
DefaultAccessPermission, DefaultAccessLevel,
getDefaultAccessPermissionOrdinal, getDefaultAccessLevelOrdinal,
} from './default-access-permission.enum'; } from './default-access-level.enum';
import { GuestAccess } from './guest_access.enum'; import { GuestAccess } from './guest_access.enum';
import { buildErrorMessage, parseOptionalNumber, toArrayConfig } from './utils'; import { buildErrorMessage, parseOptionalNumber, toArrayConfig } from './utils';
@ -19,8 +19,8 @@ export interface NoteConfig {
guestAccess: GuestAccess; guestAccess: GuestAccess;
permissions: { permissions: {
default: { default: {
everyone: DefaultAccessPermission; everyone: DefaultAccessLevel;
loggedIn: DefaultAccessPermission; loggedIn: DefaultAccessLevel;
}; };
}; };
} }
@ -45,14 +45,14 @@ const schema = Joi.object<NoteConfig>({
permissions: { permissions: {
default: { default: {
everyone: Joi.string() everyone: Joi.string()
.valid(...Object.values(DefaultAccessPermission)) .valid(...Object.values(DefaultAccessLevel))
.optional() .optional()
.default(DefaultAccessPermission.READ) .default(DefaultAccessLevel.READ)
.label('HD_PERMISSION_DEFAULT_EVERYONE'), .label('HD_PERMISSION_DEFAULT_EVERYONE'),
loggedIn: Joi.string() loggedIn: Joi.string()
.valid(...Object.values(DefaultAccessPermission)) .valid(...Object.values(DefaultAccessLevel))
.optional() .optional()
.default(DefaultAccessPermission.WRITE) .default(DefaultAccessLevel.WRITE)
.label('HD_PERMISSION_DEFAULT_LOGGED_IN'), .label('HD_PERMISSION_DEFAULT_LOGGED_IN'),
}, },
}, },
@ -74,8 +74,8 @@ function checkLoggedInUsersHaveHigherDefaultPermissionsThanGuests(
const everyone = config.permissions.default.everyone; const everyone = config.permissions.default.everyone;
const loggedIn = config.permissions.default.loggedIn; const loggedIn = config.permissions.default.loggedIn;
if ( if (
getDefaultAccessPermissionOrdinal(everyone) > getDefaultAccessLevelOrdinal(everyone) >
getDefaultAccessPermissionOrdinal(loggedIn) getDefaultAccessLevelOrdinal(loggedIn)
) { ) {
throw new Error( throw new Error(
`'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${everyone}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${loggedIn}'. This gives everyone greater permissions than logged-in users which is not allowed.`, `'HD_PERMISSION_DEFAULT_EVERYONE' is set to '${everyone}', but 'HD_PERMISSION_DEFAULT_LOGGED_IN' is set to '${loggedIn}'. This gives everyone greater permissions than logged-in users which is not allowed.`,

10
backend/src/frontend-config/frontend-config.service.spec.ts
View file

@ -10,7 +10,7 @@ import { URL } from 'url';
import { AppConfig } from '../config/app.config'; import { AppConfig } from '../config/app.config';
import { AuthConfig } from '../config/auth.config'; import { AuthConfig } from '../config/auth.config';
import { CustomizationConfig } from '../config/customization.config'; import { CustomizationConfig } from '../config/customization.config';
import { DefaultAccessPermission } from '../config/default-access-permission.enum'; import { DefaultAccessLevel } from '../config/default-access-level.enum';
import { ExternalServicesConfig } from '../config/external-services.config'; import { ExternalServicesConfig } from '../config/external-services.config';
import { GitlabScope, GitlabVersion } from '../config/gitlab.enum'; import { GitlabScope, GitlabVersion } from '../config/gitlab.enum';
import { GuestAccess } from '../config/guest_access.enum'; import { GuestAccess } from '../config/guest_access.enum';
@ -197,8 +197,8 @@ describe('FrontendConfigService', () => {
guestAccess: GuestAccess.CREATE, guestAccess: GuestAccess.CREATE,
permissions: { permissions: {
default: { default: {
everyone: DefaultAccessPermission.READ, everyone: DefaultAccessLevel.READ,
loggedIn: DefaultAccessPermission.WRITE, loggedIn: DefaultAccessLevel.WRITE,
}, },
}, },
} as NoteConfig; } as NoteConfig;
@ -360,8 +360,8 @@ describe('FrontendConfigService', () => {
guestAccess: GuestAccess.CREATE, guestAccess: GuestAccess.CREATE,
permissions: { permissions: {
default: { default: {
everyone: DefaultAccessPermission.READ, everyone: DefaultAccessLevel.READ,
loggedIn: DefaultAccessPermission.WRITE, loggedIn: DefaultAccessLevel.WRITE,
}, },
}, },
}; };

26
backend/src/notes/notes.service.spec.ts
View file

@ -16,7 +16,7 @@ import {
import { AuthToken } from '../auth/auth-token.entity'; import { AuthToken } from '../auth/auth-token.entity';
import { Author } from '../authors/author.entity'; import { Author } from '../authors/author.entity';
import { DefaultAccessPermission } from '../config/default-access-permission.enum'; import { DefaultAccessLevel } from '../config/default-access-level.enum';
import appConfigMock from '../config/mock/app.config.mock'; import appConfigMock from '../config/mock/app.config.mock';
import authConfigMock from '../config/mock/auth.config.mock'; import authConfigMock from '../config/mock/auth.config.mock';
import databaseConfigMock from '../config/mock/database.config.mock'; import databaseConfigMock from '../config/mock/database.config.mock';
@ -372,13 +372,13 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(2); expect(groupPermissions).toHaveLength(2);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
everyoneDefaultAccessPermission !== DefaultAccessPermission.WRITE, everyoneDefaultAccessPermission !== DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.EVERYONE, SpecialGroup.EVERYONE,
); );
expect(groupPermissions[1].canEdit).toEqual( expect(groupPermissions[1].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[1].group).name).toEqual( expect((await groupPermissions[1].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,
@ -398,13 +398,13 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(2); expect(groupPermissions).toHaveLength(2);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
everyoneDefaultAccessPermission === DefaultAccessPermission.WRITE, everyoneDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.EVERYONE, SpecialGroup.EVERYONE,
); );
expect(groupPermissions[1].canEdit).toEqual( expect(groupPermissions[1].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[1].group).name).toEqual( expect((await groupPermissions[1].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,
@ -423,13 +423,13 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(2); expect(groupPermissions).toHaveLength(2);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
everyoneDefaultAccessPermission !== DefaultAccessPermission.WRITE, everyoneDefaultAccessPermission !== DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.EVERYONE, SpecialGroup.EVERYONE,
); );
expect(groupPermissions[1].canEdit).toEqual( expect(groupPermissions[1].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[1].group).name).toEqual( expect((await groupPermissions[1].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,
@ -449,13 +449,13 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(2); expect(groupPermissions).toHaveLength(2);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
everyoneDefaultAccessPermission === DefaultAccessPermission.WRITE, everyoneDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.EVERYONE, SpecialGroup.EVERYONE,
); );
expect(groupPermissions[1].canEdit).toEqual( expect(groupPermissions[1].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[1].group).name).toEqual( expect((await groupPermissions[1].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,
@ -479,13 +479,13 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(2); expect(groupPermissions).toHaveLength(2);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
everyoneDefaultAccessPermission === DefaultAccessPermission.WRITE, everyoneDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.EVERYONE, SpecialGroup.EVERYONE,
); );
expect(groupPermissions[1].canEdit).toEqual( expect(groupPermissions[1].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[1].group).name).toEqual( expect((await groupPermissions[1].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,
@ -500,7 +500,7 @@ describe('NotesService', () => {
beforeEach( beforeEach(
() => () =>
(noteMockConfig.permissions.default.everyone = (noteMockConfig.permissions.default.everyone =
DefaultAccessPermission.NONE), DefaultAccessLevel.NONE),
); );
it('default permissions', async () => { it('default permissions', async () => {
mockGroupRepo(); mockGroupRepo();
@ -514,7 +514,7 @@ describe('NotesService', () => {
const groupPermissions = await newNote.groupPermissions; const groupPermissions = await newNote.groupPermissions;
expect(groupPermissions).toHaveLength(1); expect(groupPermissions).toHaveLength(1);
expect(groupPermissions[0].canEdit).toEqual( expect(groupPermissions[0].canEdit).toEqual(
loggedinDefaultAccessPermission === DefaultAccessPermission.WRITE, loggedinDefaultAccessPermission === DefaultAccessLevel.WRITE,
); );
expect((await groupPermissions[0].group).name).toEqual( expect((await groupPermissions[0].group).name).toEqual(
SpecialGroup.LOGGED_IN, SpecialGroup.LOGGED_IN,

36
backend/src/permissions/permissions.service.spec.ts
View file

@ -11,7 +11,7 @@ import { DataSource, EntityManager, Repository } from 'typeorm';
import { AuthToken } from '../auth/auth-token.entity'; import { AuthToken } from '../auth/auth-token.entity';
import { Author } from '../authors/author.entity'; import { Author } from '../authors/author.entity';
import { DefaultAccessPermission } from '../config/default-access-permission.enum'; import { DefaultAccessLevel } from '../config/default-access-level.enum';
import { GuestAccess } from '../config/guest_access.enum'; import { GuestAccess } from '../config/guest_access.enum';
import appConfigMock from '../config/mock/app.config.mock'; import appConfigMock from '../config/mock/app.config.mock';
import authConfigMock from '../config/mock/auth.config.mock'; import authConfigMock from '../config/mock/auth.config.mock';
@ -271,10 +271,8 @@ describe('PermissionsService', () => {
describe('guest permission', () => { describe('guest permission', () => {
beforeEach(() => { beforeEach(() => {
noteMockConfig.permissions.default.loggedIn = noteMockConfig.permissions.default.loggedIn = DefaultAccessLevel.WRITE;
DefaultAccessPermission.WRITE; noteMockConfig.permissions.default.everyone = DefaultAccessLevel.WRITE;
noteMockConfig.permissions.default.everyone =
DefaultAccessPermission.WRITE;
}); });
describe('with guest access deny', () => { describe('with guest access deny', () => {
beforeEach(() => { beforeEach(() => {
@ -353,10 +351,8 @@ describe('PermissionsService', () => {
}); });
describe('guest permission', () => { describe('guest permission', () => {
beforeEach(() => { beforeEach(() => {
noteMockConfig.permissions.default.loggedIn = noteMockConfig.permissions.default.loggedIn = DefaultAccessLevel.WRITE;
DefaultAccessPermission.WRITE; noteMockConfig.permissions.default.everyone = DefaultAccessLevel.WRITE;
noteMockConfig.permissions.default.everyone =
DefaultAccessPermission.WRITE;
}); });
describe('with guest access deny', () => { describe('with guest access deny', () => {
@ -558,7 +554,7 @@ describe('PermissionsService', () => {
* creates the matrix multiplication of group0 to group4 of createAllNoteGroupPermissions * creates the matrix multiplication of group0 to group4 of createAllNoteGroupPermissions
*/ */
function createNoteGroupPermissionsCombinations( function createNoteGroupPermissionsCombinations(
everyoneDefaultPermission: DefaultAccessPermission, everyoneDefaultPermission: DefaultAccessLevel,
): NoteGroupPermissionWithResultForUser[] { ): NoteGroupPermissionWithResultForUser[] {
// for logged in users // for logged in users
const noteGroupPermissions = createAllNoteGroupPermissions(); const noteGroupPermissions = createAllNoteGroupPermissions();
@ -584,13 +580,11 @@ describe('PermissionsService', () => {
} }
if (group2 !== null) { if (group2 !== null) {
if ( if (everyoneDefaultPermission === DefaultAccessLevel.WRITE) {
everyoneDefaultPermission === DefaultAccessPermission.WRITE
) {
writePermission = writePermission || group2.canEdit; writePermission = writePermission || group2.canEdit;
readPermission = true; readPermission = true;
} else if ( } else if (
everyoneDefaultPermission === DefaultAccessPermission.READ everyoneDefaultPermission === DefaultAccessLevel.READ
) { ) {
readPermission = true; readPermission = true;
} }
@ -666,7 +660,7 @@ describe('PermissionsService', () => {
describe('check if groups work with', () => { describe('check if groups work with', () => {
const rawPermissions = createNoteGroupPermissionsCombinations( const rawPermissions = createNoteGroupPermissionsCombinations(
DefaultAccessPermission.WRITE, DefaultAccessLevel.WRITE,
); );
const permissions = permuteNoteGroupPermissions(rawPermissions); const permissions = permuteNoteGroupPermissions(rawPermissions);
let i = 0; let i = 0;
@ -697,18 +691,14 @@ describe('PermissionsService', () => {
}); });
it('allows creation of notes for guests with permission', () => { it('allows creation of notes for guests with permission', () => {
noteMockConfig.guestAccess = GuestAccess.CREATE; noteMockConfig.guestAccess = GuestAccess.CREATE;
noteMockConfig.permissions.default.loggedIn = noteMockConfig.permissions.default.loggedIn = DefaultAccessLevel.WRITE;
DefaultAccessPermission.WRITE; noteMockConfig.permissions.default.everyone = DefaultAccessLevel.WRITE;
noteMockConfig.permissions.default.everyone =
DefaultAccessPermission.WRITE;
expect(service.mayCreate(null)).toBeTruthy(); expect(service.mayCreate(null)).toBeTruthy();
}); });
it('denies creation of notes for guests without permission', () => { it('denies creation of notes for guests without permission', () => {
noteMockConfig.guestAccess = GuestAccess.WRITE; noteMockConfig.guestAccess = GuestAccess.WRITE;
noteMockConfig.permissions.default.loggedIn = noteMockConfig.permissions.default.loggedIn = DefaultAccessLevel.WRITE;
DefaultAccessPermission.WRITE; noteMockConfig.permissions.default.everyone = DefaultAccessLevel.WRITE;
noteMockConfig.permissions.default.everyone =
DefaultAccessPermission.WRITE;
expect(service.mayCreate(null)).toBeFalsy(); expect(service.mayCreate(null)).toBeFalsy();
}); });
}); });