From 2cf16881f16243095a2460b89224c11f6d71bd78 Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Fri, 11 Jun 2021 21:23:16 +0300 Subject: [PATCH 1/3] Replaced * with role:all --- app/config/collections.php | 40 +++++++++---------- app/controllers/api/account.php | 6 +-- app/controllers/api/teams.php | 4 +- app/controllers/api/users.php | 8 ++-- app/http.php | 4 +- app/views/console/settings/index.phtml | 2 +- app/views/console/storage/index.phtml | 2 +- composer.json | 2 +- composer.lock | 28 +++++++------ docs/sdks/dart/EXAMPLES.md | 2 +- docs/sdks/flutter-dev/EXAMPLES.md | 2 +- docs/sdks/flutter/EXAMPLES.md | 2 +- src/Appwrite/Auth/Auth.php | 2 +- .../Database/Validator/Authorization.php | 2 +- src/Appwrite/Utopia/Response/Model/File.php | 2 +- tests/e2e/Services/Database/DatabaseBase.php | 14 +++---- .../Database/DatabaseCustomServerTest.php | 2 +- .../Functions/FunctionsCustomClientTest.php | 2 +- tests/e2e/Services/Storage/StorageBase.php | 8 ++-- tests/e2e/Services/Webhooks/WebhooksBase.php | 24 +++++------ .../Webhooks/WebhooksCustomServerTest.php | 12 +++--- .../Database/Validator/AuthorizationTest.php | 4 +- tests/unit/Utopia/Filters/V06Test.php | 12 +++--- 23 files changed, 94 insertions(+), 92 deletions(-) diff --git a/app/config/collections.php b/app/config/collections.php index 6789237c9c..cf803ed837 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -11,7 +11,7 @@ $collections = [ 'console' => [ '$id' => 'console', '$collection' => 'projects', - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Appwrite', 'description' => 'Appwrite core engine', 'logo' => '', @@ -51,7 +51,7 @@ $collections = [ Database::SYSTEM_COLLECTION_COLLECTIONS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_COLLECTIONS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Collections', 'structure' => true, 'rules' => [ @@ -106,7 +106,7 @@ $collections = [ Database::SYSTEM_COLLECTION_RULES => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_RULES, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Collections Rule', 'structure' => true, 'rules' => [ @@ -186,7 +186,7 @@ $collections = [ Database::SYSTEM_COLLECTION_USERS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_USERS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'User', 'structure' => true, 'rules' => [ @@ -307,7 +307,7 @@ $collections = [ Database::SYSTEM_COLLECTION_SESSIONS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_SESSIONS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Session', 'structure' => true, 'rules' => [ @@ -505,7 +505,7 @@ $collections = [ Database::SYSTEM_COLLECTION_TOKENS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_TOKENS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Token', 'structure' => true, 'rules' => [ @@ -568,7 +568,7 @@ $collections = [ Database::SYSTEM_COLLECTION_MEMBERSHIPS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_MEMBERSHIPS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Membership', 'structure' => true, 'rules' => [ @@ -640,7 +640,7 @@ $collections = [ Database::SYSTEM_COLLECTION_TEAMS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_TEAMS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Team', 'structure' => true, 'rules' => [ @@ -676,7 +676,7 @@ $collections = [ Database::SYSTEM_COLLECTION_PROJECTS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_PROJECTS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Project', 'structure' => true, 'rules' => [ @@ -834,7 +834,7 @@ $collections = [ Database::SYSTEM_COLLECTION_WEBHOOKS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_WEBHOOKS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Webhook', 'structure' => true, 'rules' => [ @@ -898,7 +898,7 @@ $collections = [ Database::SYSTEM_COLLECTION_KEYS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_KEYS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Key', 'structure' => true, 'rules' => [ @@ -934,7 +934,7 @@ $collections = [ Database::SYSTEM_COLLECTION_TASKS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_TASKS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Task', 'structure' => true, 'rules' => [ @@ -1088,7 +1088,7 @@ $collections = [ Database::SYSTEM_COLLECTION_PLATFORMS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_PLATFORMS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Platform', 'structure' => true, 'rules' => [ @@ -1160,7 +1160,7 @@ $collections = [ Database::SYSTEM_COLLECTION_DOMAINS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_DOMAINS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Domains', 'structure' => true, 'rules' => [ @@ -1223,7 +1223,7 @@ $collections = [ Database::SYSTEM_COLLECTION_CERTIFICATES => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_CERTIFICATES, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Certificates', 'structure' => true, 'rules' => [ @@ -1295,7 +1295,7 @@ $collections = [ Database::SYSTEM_COLLECTION_FILES => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_FILES, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'File', 'structure' => true, 'rules' => [ @@ -1439,7 +1439,7 @@ $collections = [ Database::SYSTEM_COLLECTION_FUNCTIONS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_FUNCTIONS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Functions', 'structure' => true, 'rules' => [ @@ -1557,7 +1557,7 @@ $collections = [ Database::SYSTEM_COLLECTION_TAGS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_TAGS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Tags', 'structure' => true, 'rules' => [ @@ -1611,7 +1611,7 @@ $collections = [ Database::SYSTEM_COLLECTION_EXECUTIONS => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_EXECUTIONS, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Executions', 'structure' => true, 'rules' => [ @@ -1701,7 +1701,7 @@ $collections = [ Database::SYSTEM_COLLECTION_RESERVED => [ '$collection' => Database::SYSTEM_COLLECTION_COLLECTIONS, '$id' => Database::SYSTEM_COLLECTION_RESERVED, - '$permissions' => ['read' => ['*']], + '$permissions' => ['read' => ['role:all']], 'name' => 'Reserved', 'structure' => true, ], diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index a10c940357..6a3799416c 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -88,7 +88,7 @@ App::post('/v1/account') $userId = $dbForInternal->getId(); $user = $dbForInternal->createDocument('users', new Document([ '$id' => $userId, - '$read' => ['*'], + '$read' => ['role:all'], '$write' => ['user:'.$userId], 'email' => $email, 'emailVerification' => false, @@ -464,7 +464,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') $userId = $dbForInternal->getId(); $user = $dbForInternal->createDocument('users', new Document([ '$id' => $userId, - '$read' => ['*'], + '$read' => ['role:all'], '$write' => ['user:'.$userId], 'email' => $email, 'emailVerification' => true, @@ -621,7 +621,7 @@ App::post('/v1/account/sessions/anonymous') $userId = $dbForInternal->getId(); $user = $dbForInternal->createDocument('users', new Document([ '$id' => $userId, - '$read' => ['*'], + '$read' => ['role:all'], '$write' => ['user:'.$userId], 'email' => null, 'emailVerification' => false, diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index 682bbd642e..588651f705 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -286,7 +286,7 @@ App::post('/v1/teams/:teamId/memberships') $userId = $dbForInternal->getId(); $invitee = $dbForInternal->createDocument('users', new Document([ '$id' => $userId, - '$read' => ['user:'.$userId, '*'], + '$read' => ['user:'.$userId, 'role:all'], '$write' => ['user:'.$userId], 'email' => $email, 'emailVerification' => false, @@ -323,7 +323,7 @@ App::post('/v1/teams/:teamId/memberships') $membership = new Document([ '$id' => $dbForInternal->getId(), - '$read' => ['*'], + '$read' => ['role:all'], '$write' => ['user:'.$invitee->getId(), 'team:'.$team->getId().'/owner'], 'userId' => $invitee->getId(), 'teamId' => $team->getId(), diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index fcd6aaee79..b1fb0aaf5a 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -46,7 +46,7 @@ App::post('/v1/users') $userId = $dbForInternal->getId(); $user = $dbForInternal->createDocument('users', new Document([ '$id' => $userId, - '$read' => ['*'], + '$read' => ['role:all'], '$write' => ['user:'.$userId], 'email' => $email, 'emailVerification' => false, @@ -361,8 +361,8 @@ App::patch('/v1/users/:userId/verification') ->param('userId', '', new UID(), 'User unique ID.') ->param('emailVerification', false, new Boolean(), 'User Email Verification Status.') ->inject('response') - ->inject('projectDB') - ->action(function ($userId, $emailVerification, $response, $projectDB) { + ->inject('dbForInternal') + ->action(function ($userId, $emailVerification, $response, $dbForInternal) { /** @var Appwrite\Utopia\Response $response */ /** @var Utopia\Database\Database $dbForInternal */ @@ -527,7 +527,7 @@ App::delete('/v1/users/:userId') // $dbForInternal->createDocument('users', new Document([ // '$id' => $userId, - // '$read' => ['*'], + // '$read' => ['role:all'], // ])); $deletes diff --git a/app/http.php b/app/http.php index 0856a69f9a..246896477b 100644 --- a/app/http.php +++ b/app/http.php @@ -131,10 +131,10 @@ $http->on('request', function (SwooleRequest $swooleRequest, SwooleResponse $swo try { Authorization::cleanRoles(); - Authorization::setRole('*'); + Authorization::setRole('role:all'); Authorization2::cleanRoles(); - Authorization2::setRole('*'); + Authorization2::setRole('role:all'); $app->run($request, $response); } catch (\Throwable $th) { diff --git a/app/views/console/settings/index.phtml b/app/views/console/settings/index.phtml index 8af3d6e53f..66c3e3dc56 100644 --- a/app/views/console/settings/index.phtml +++ b/app/views/console/settings/index.phtml @@ -58,7 +58,7 @@ $smtpEnabled = $this->getParam('smtpEnabled', false);
- +
diff --git a/app/views/console/storage/index.phtml b/app/views/console/storage/index.phtml index 95ae7c925e..7eba230608 100644 --- a/app/views/console/storage/index.phtml +++ b/app/views/console/storage/index.phtml @@ -243,7 +243,7 @@ $fileLimitHuman = $this->getParam('fileLimitHuman', 0);
(Max file size allowed: )
- +
Add * for wildcard access
diff --git a/composer.json b/composer.json index bffcaa533c..bbfb4af082 100644 --- a/composer.json +++ b/composer.json @@ -45,7 +45,7 @@ "utopia-php/cache": "0.4.*", "utopia-php/cli": "0.11.*", "utopia-php/config": "0.2.*", - "utopia-php/database": "0.2.*", + "utopia-php/database": "0.3.*", "utopia-php/locale": "0.3.*", "utopia-php/registry": "0.4.*", "utopia-php/preloader": "0.2.*", diff --git a/composer.lock b/composer.lock index 6249f773bf..1075866385 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "271f550b529e2380be5501863def0560", + "content-hash": "0456f223731164e0d43456a74949d8bf", "packages": [ { "name": "adhocore/jwt", @@ -1919,16 +1919,16 @@ }, { "name": "utopia-php/database", - "version": "0.2.0", + "version": "0.3.1", "source": { "type": "git", "url": "https://github.com/utopia-php/database.git", - "reference": "b5dd144d582f3355c13f5430b1b3d7eb850bc5cd" + "reference": "6f8b7184ae4971672188607ea311a22a50da6767" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/database/zipball/b5dd144d582f3355c13f5430b1b3d7eb850bc5cd", - "reference": "b5dd144d582f3355c13f5430b1b3d7eb850bc5cd", + "url": "https://api.github.com/repos/utopia-php/database/zipball/6f8b7184ae4971672188607ea311a22a50da6767", + "reference": "6f8b7184ae4971672188607ea311a22a50da6767", "shasum": "" }, "require": { @@ -1941,7 +1941,9 @@ "utopia-php/framework": "0.*.*" }, "require-dev": { + "fakerphp/faker": "^1.14", "phpunit/phpunit": "^9.4", + "utopia-php/cli": "^0.11.0", "vimeo/psalm": "4.0.1" }, "type": "library", @@ -1974,9 +1976,9 @@ ], "support": { "issues": "https://github.com/utopia-php/database/issues", - "source": "https://github.com/utopia-php/database/tree/0.2.0" + "source": "https://github.com/utopia-php/database/tree/0.3.1" }, - "time": "2021-05-26T18:41:44+00:00" + "time": "2021-06-11T15:02:46+00:00" }, { "name": "utopia-php/domains", @@ -4740,16 +4742,16 @@ }, { "name": "sebastian/global-state", - "version": "5.0.2", + "version": "5.0.3", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/global-state.git", - "reference": "a90ccbddffa067b51f574dea6eb25d5680839455" + "reference": "23bd5951f7ff26f12d4e3242864df3e08dec4e49" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/a90ccbddffa067b51f574dea6eb25d5680839455", - "reference": "a90ccbddffa067b51f574dea6eb25d5680839455", + "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/23bd5951f7ff26f12d4e3242864df3e08dec4e49", + "reference": "23bd5951f7ff26f12d4e3242864df3e08dec4e49", "shasum": "" }, "require": { @@ -4792,7 +4794,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/global-state/issues", - "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.2" + "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.3" }, "funding": [ { @@ -4800,7 +4802,7 @@ "type": "github" } ], - "time": "2020-10-26T15:55:19+00:00" + "time": "2021-06-11T13:31:12+00:00" }, { "name": "sebastian/lines-of-code", diff --git a/docs/sdks/dart/EXAMPLES.md b/docs/sdks/dart/EXAMPLES.md index 26930c3352..c99d3ad617 100644 --- a/docs/sdks/dart/EXAMPLES.md +++ b/docs/sdks/dart/EXAMPLES.md @@ -44,7 +44,7 @@ MultipartFile file = MultipartFile.fromFile('./path-to-file/image.jpg', filename storage.createFile( file: file, - read: ['*'], + read: ['role:all'], write: [] ) .then((response) { diff --git a/docs/sdks/flutter-dev/EXAMPLES.md b/docs/sdks/flutter-dev/EXAMPLES.md index f6768a5f85..ea92ec6e8e 100644 --- a/docs/sdks/flutter-dev/EXAMPLES.md +++ b/docs/sdks/flutter-dev/EXAMPLES.md @@ -41,7 +41,7 @@ MultipartFile file = MultipartFile.fromFile('./path-to-file/image.jpg', filename storage.createFile( file: file, - read: ['*'], + read: ['role:all'], write: [] ) .then((response) { diff --git a/docs/sdks/flutter/EXAMPLES.md b/docs/sdks/flutter/EXAMPLES.md index f6768a5f85..ea92ec6e8e 100644 --- a/docs/sdks/flutter/EXAMPLES.md +++ b/docs/sdks/flutter/EXAMPLES.md @@ -41,7 +41,7 @@ MultipartFile file = MultipartFile.fromFile('./path-to-file/image.jpg', filename storage.createFile( file: file, - read: ['*'], + read: ['role:all'], write: [] ) .then((response) { diff --git a/src/Appwrite/Auth/Auth.php b/src/Appwrite/Auth/Auth.php index 9fa181486e..b25cfcdadf 100644 --- a/src/Appwrite/Auth/Auth.php +++ b/src/Appwrite/Auth/Auth.php @@ -16,6 +16,7 @@ class Auth /** * User Roles. */ + const USER_ROLE_ALL = 'all'; const USER_ROLE_GUEST = 'guest'; const USER_ROLE_MEMBER = 'member'; const USER_ROLE_ADMIN = 'admin'; @@ -23,7 +24,6 @@ class Auth const USER_ROLE_OWNER = 'owner'; const USER_ROLE_APP = 'app'; const USER_ROLE_SYSTEM = 'system'; - const USER_ROLE_ALL = '*'; /** * Token Types. diff --git a/src/Appwrite/Database/Validator/Authorization.php b/src/Appwrite/Database/Validator/Authorization.php index 1ae2554001..7e4a8e93fc 100644 --- a/src/Appwrite/Database/Validator/Authorization.php +++ b/src/Appwrite/Database/Validator/Authorization.php @@ -10,7 +10,7 @@ class Authorization extends Validator /** * @var array */ - static $roles = ['*' => true]; + static $roles = ['role:all' => true]; /** * @var Document diff --git a/src/Appwrite/Utopia/Response/Model/File.php b/src/Appwrite/Utopia/Response/Model/File.php index 15b1124dd6..65ac050781 100644 --- a/src/Appwrite/Utopia/Response/Model/File.php +++ b/src/Appwrite/Utopia/Response/Model/File.php @@ -20,7 +20,7 @@ class File extends Model 'type' => self::TYPE_STRING, 'description' => 'File read permissions.', 'default' => [], - 'example' => ['*'], + 'example' => ['role:all'], 'array' => true, ]) ->addRule('$write', [ diff --git a/tests/e2e/Services/Database/DatabaseBase.php b/tests/e2e/Services/Database/DatabaseBase.php index 6627018307..d018f29a8d 100644 --- a/tests/e2e/Services/Database/DatabaseBase.php +++ b/tests/e2e/Services/Database/DatabaseBase.php @@ -17,7 +17,7 @@ trait DatabaseBase 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Actors', - 'read' => ['*'], + 'read' => ['role:all'], 'write' => ['role:member', 'role:admin'], 'rules' => [ [ @@ -53,7 +53,7 @@ trait DatabaseBase 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Movies', - 'read' => ['*'], + 'read' => ['role:all'], 'write' => ['role:member', 'role:admin'], 'rules' => [ [ @@ -553,7 +553,7 @@ trait DatabaseBase 'releaseYear' => 1945, 'actors' => [], ], - 'read' => ['*'], + 'read' => ['role:all'], ]); $this->assertEquals($document['headers']['status-code'], 200); @@ -563,14 +563,14 @@ trait DatabaseBase if($this->getSide() == 'client') { $this->assertCount(1, $document['body']['$permissions']['read']); $this->assertCount(1, $document['body']['$permissions']['write']); - $this->assertEquals(['*'], $document['body']['$permissions']['read']); + $this->assertEquals(['role:all'], $document['body']['$permissions']['read']); $this->assertEquals(['user:'.$this->getUser()['$id']], $document['body']['$permissions']['write']); } if($this->getSide() == 'server') { $this->assertCount(1, $document['body']['$permissions']['read']); $this->assertCount(0, $document['body']['$permissions']['write']); - $this->assertEquals(['*'], $document['body']['$permissions']['read']); + $this->assertEquals(['role:all'], $document['body']['$permissions']['read']); $this->assertEquals([], $document['body']['$permissions']['write']); } @@ -586,14 +586,14 @@ trait DatabaseBase if($this->getSide() == 'client') { $this->assertCount(1, $document['body']['$permissions']['read']); $this->assertCount(1, $document['body']['$permissions']['write']); - $this->assertEquals(['*'], $document['body']['$permissions']['read']); + $this->assertEquals(['role:all'], $document['body']['$permissions']['read']); $this->assertEquals(['user:'.$this->getUser()['$id']], $document['body']['$permissions']['write']); } if($this->getSide() == 'server') { $this->assertCount(1, $document['body']['$permissions']['read']); $this->assertCount(0, $document['body']['$permissions']['write']); - $this->assertEquals(['*'], $document['body']['$permissions']['read']); + $this->assertEquals(['role:all'], $document['body']['$permissions']['read']); $this->assertEquals([], $document['body']['$permissions']['write']); } diff --git a/tests/e2e/Services/Database/DatabaseCustomServerTest.php b/tests/e2e/Services/Database/DatabaseCustomServerTest.php index 5590728756..5fdc876891 100644 --- a/tests/e2e/Services/Database/DatabaseCustomServerTest.php +++ b/tests/e2e/Services/Database/DatabaseCustomServerTest.php @@ -26,7 +26,7 @@ class DatabaseCustomServerTest extends Scope 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Actors', - 'read' => ['*'], + 'read' => ['role:all'], 'write' => ['role:member', 'role:admin'], 'rules' => [ [ diff --git a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php index 12a9edf245..b6abc58bb7 100644 --- a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php +++ b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php @@ -139,7 +139,7 @@ class FunctionsCustomClientTest extends Scope 'x-appwrite-key' => $apikey, ], [ 'name' => 'Test', - 'execute' => ['*'], + 'execute' => ['role:all'], 'env' => 'php-8.0', 'vars' => [ 'funcKey1' => 'funcValue1', diff --git a/tests/e2e/Services/Storage/StorageBase.php b/tests/e2e/Services/Storage/StorageBase.php index 09ec60724d..508866b6a1 100644 --- a/tests/e2e/Services/Storage/StorageBase.php +++ b/tests/e2e/Services/Storage/StorageBase.php @@ -18,8 +18,8 @@ trait StorageBase 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals($file['headers']['status-code'], 201); @@ -185,8 +185,8 @@ trait StorageBase 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals(200, $file['headers']['status-code']); diff --git a/tests/e2e/Services/Webhooks/WebhooksBase.php b/tests/e2e/Services/Webhooks/WebhooksBase.php index ac14514d3d..dfbdc524c7 100644 --- a/tests/e2e/Services/Webhooks/WebhooksBase.php +++ b/tests/e2e/Services/Webhooks/WebhooksBase.php @@ -18,8 +18,8 @@ trait WebhooksBase 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Actors', - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], 'rules' => [ [ 'label' => 'First Name', @@ -79,8 +79,8 @@ trait WebhooksBase 'lastName' => 'Evans', ], - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals($document['headers']['status-code'], 201); @@ -122,8 +122,8 @@ trait WebhooksBase 'firstName' => 'Chris1', 'lastName' => 'Evans2', ], - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals($document['headers']['status-code'], 200); @@ -164,8 +164,8 @@ trait WebhooksBase 'lastName' => 'Cooper', ], - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals($document['headers']['status-code'], 201); @@ -209,8 +209,8 @@ trait WebhooksBase 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], 'folderId' => 'xyz', ]); @@ -254,8 +254,8 @@ trait WebhooksBase 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], ]); $this->assertEquals($file['headers']['status-code'], 200); diff --git a/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php b/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php index 0ef01ec850..adf2858c97 100644 --- a/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php +++ b/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php @@ -28,8 +28,8 @@ class WebhooksCustomServerTest extends Scope 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Actors1', - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], 'rules' => [ [ 'label' => 'First Name', @@ -86,8 +86,8 @@ class WebhooksCustomServerTest extends Scope 'x-appwrite-key' => $this->getProject()['apiKey'] ]), [ 'name' => 'Demo', - 'read' => ['*'], - 'write' => ['*'], + 'read' => ['role:all'], + 'write' => ['role:all'], 'rules' => [ [ 'label' => 'First Name', @@ -307,7 +307,7 @@ class WebhooksCustomServerTest extends Scope ], $this->getHeaders()), [ 'name' => 'Test', 'env' => 'php-8.0', - 'execute' => ['*'], + 'execute' => ['role:all'], 'timeout' => 10, ]); @@ -349,7 +349,7 @@ class WebhooksCustomServerTest extends Scope ], $this->getHeaders()), [ 'name' => 'Test', 'env' => 'php-8.0', - 'execute' => ['*'], + 'execute' => ['role:all'], 'vars' => [ 'key1' => 'value1', ] diff --git a/tests/unit/Database/Validator/AuthorizationTest.php b/tests/unit/Database/Validator/AuthorizationTest.php index d46fec3bc6..87aa6da873 100644 --- a/tests/unit/Database/Validator/AuthorizationTest.php +++ b/tests/unit/Database/Validator/AuthorizationTest.php @@ -25,7 +25,7 @@ class AuthorizationTest extends TestCase '$collection' => uniqid(), '$permissions' => [ 'read' => ['user:123', 'team:123'], - 'write' => ['*'], + 'write' => ['role:all'], ], ]); $this->object = new Authorization($this->document, 'read'); @@ -45,7 +45,7 @@ class AuthorizationTest extends TestCase $this->assertEquals(Authorization::isRole('user:456'), true); $this->assertEquals(Authorization::isRole('user:457'), false); $this->assertEquals(Authorization::isRole(''), false); - $this->assertEquals(Authorization::isRole('*'), true); + $this->assertEquals(Authorization::isRole('role:all'), true); $this->assertEquals($this->object->isValid($this->document->getPermissions()), true); diff --git a/tests/unit/Utopia/Filters/V06Test.php b/tests/unit/Utopia/Filters/V06Test.php index 6bc98e0137..28891f32c1 100644 --- a/tests/unit/Utopia/Filters/V06Test.php +++ b/tests/unit/Utopia/Filters/V06Test.php @@ -432,7 +432,7 @@ class V06Test extends TestCase { $content = [ '$id' => '5e5ea5c16897e', - '$permissions' => ['read' => ['*'], 'write' => ['*']], + '$permissions' => ['read' => ['role:all'], 'write' => ['role:all']], 'name' => 'Pink.png', 'dateCreated' => 1592981250, 'signature' => '5d529fd02b544198ae075bd57c1762bb', @@ -444,7 +444,7 @@ class V06Test extends TestCase $parsedResponse = $this->filter->parse($content, $model); $this->assertEquals($parsedResponse['$id'], '5e5ea5c16897e'); - $this->assertEquals($parsedResponse['$permissions'], ['read' => ['*'], 'write' => ['*']]); + $this->assertEquals($parsedResponse['$permissions'], ['read' => ['role:all'], 'write' => ['role:all']]); $this->assertEquals($parsedResponse['name'], 'Pink.png'); $this->assertEquals($parsedResponse['dateCreated'], 1592981250); $this->assertEquals($parsedResponse['signature'], '5d529fd02b544198ae075bd57c1762bb'); @@ -467,7 +467,7 @@ class V06Test extends TestCase { $content = [ '$id' => '5e5ea5c16897e', - '$permissions' => ['read' => ['*'], 'write' => ['*']], + '$permissions' => ['read' => ['role:all'], 'write' => ['role:all']], 'name' => 'Movies', 'dateCreated' => 1592981250, 'dateUpdated' => '5d529fd02b544198ae075bd57c1762bb', @@ -478,7 +478,7 @@ class V06Test extends TestCase $parsedResponse = $this->filter->parse($content, $model); $this->assertEquals($parsedResponse['$id'], '5e5ea5c16897e'); - $this->assertEquals($parsedResponse['$permissions'], ['read' => ['*'], 'write' => ['*']]); + $this->assertEquals($parsedResponse['$permissions'], ['read' => ['role:all'], 'write' => ['role:all']]); $this->assertEquals($parsedResponse['name'], 'Movies'); $this->assertEquals($parsedResponse['dateCreated'], 1592981250); $this->assertEquals($parsedResponse['dateUpdated'], '5d529fd02b544198ae075bd57c1762bb'); @@ -495,7 +495,7 @@ class V06Test extends TestCase 'collections' => [ 0 => [ '$id' => '5e5ea5c16897e', - '$permissions' => ['read' => ['*'], 'write' => ['*']], + '$permissions' => ['read' => ['role:all'], 'write' => ['role:all']], 'name' => 'Movies', 'dateCreated' => 1592981250, 'dateUpdated' => '5d529fd02b544198ae075bd57c1762bb', @@ -509,7 +509,7 @@ class V06Test extends TestCase $this->assertEquals($parsedResponse['sum'], 1); $this->assertEquals($parsedResponse['collections'][0]['$id'], '5e5ea5c16897e'); - $this->assertEquals($parsedResponse['collections'][0]['$permissions'], ['read' => ['*'], 'write' => ['*']]); + $this->assertEquals($parsedResponse['collections'][0]['$permissions'], ['read' => ['role:all'], 'write' => ['role:all']]); $this->assertEquals($parsedResponse['collections'][0]['name'], 'Movies'); $this->assertEquals($parsedResponse['collections'][0]['dateCreated'], 1592981250); $this->assertEquals($parsedResponse['collections'][0]['dateUpdated'], '5d529fd02b544198ae075bd57c1762bb'); From b929084b8bbe589afb612c22510a2dd9199fa50d Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Fri, 11 Jun 2021 21:23:31 +0300 Subject: [PATCH 2/3] Updated var name --- app/controllers/api/storage.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/storage.php b/app/controllers/api/storage.php index 246209f9a5..d4d63ecf47 100644 --- a/app/controllers/api/storage.php +++ b/app/controllers/api/storage.php @@ -436,11 +436,11 @@ App::get('/v1/storage/files/:fileId/view') ->param('fileId', '', new UID(), 'File unique ID.') ->inject('response') ->inject('dbForInternal') - ->action(function ($fileId, $response, $projectDB) { + ->action(function ($fileId, $response, $dbForInternal) { /** @var Appwrite\Utopia\Response $response */ /** @var Utopia\Database\Database $dbForInternal */ - $file = $projectDB->getDocument('files', $fileId); + $file = $dbForInternal->getDocument('files', $fileId); $mimes = Config::getParam('storage-mimes'); if (empty($file->getId())) { From 2028d334a25da2e986688fbd0bdf635ef2798c35 Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Fri, 11 Jun 2021 21:23:41 +0300 Subject: [PATCH 3/3] Fixed old DB --- app/controllers/api/projects.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index c754c4a2d0..ea14607674 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -46,11 +46,13 @@ App::post('/v1/projects') ->inject('dbForConsole') ->inject('dbForInternal') ->inject('dbForExternal') - ->action(function ($name, $teamId, $description, $logo, $url, $legalName, $legalCountry, $legalState, $legalCity, $legalAddress, $legalTaxId, $response, $dbForConsole, $dbForInternal, $dbForExternal) { + ->inject('consoleDB') + ->action(function ($name, $teamId, $description, $logo, $url, $legalName, $legalCountry, $legalState, $legalCity, $legalAddress, $legalTaxId, $response, $dbForConsole, $dbForInternal, $dbForExternal, $consoleDB) { /** @var Appwrite\Utopia\Response $response */ /** @var Utopia\Database\Database $dbForConsole */ /** @var Utopia\Database\Database $dbForInternal */ /** @var Utopia\Database\Database $dbForExternal */ + /** @var Appwrite\Database\Database $consoleDB */ $team = $dbForConsole->getDocument('teams', $teamId); @@ -120,6 +122,8 @@ App::post('/v1/projects') } } + $consoleDB->createNamespace($project->getId()); + $response->setStatusCode(Response::STATUS_CODE_CREATED); $response->dynamic2($project, Response::MODEL_PROJECT); });