From 68cc919aaa2b1778b58092ea1834bbe36c674003 Mon Sep 17 00:00:00 2001 From: Jake Barnby Date: Sun, 14 Aug 2022 02:10:28 +1200 Subject: [PATCH] Test fixes --- app/controllers/api/account.php | 16 +-- app/controllers/api/databases.php | 11 +- app/controllers/api/projects.php | 6 -- app/controllers/api/storage.php | 6 +- app/controllers/api/teams.php | 2 - app/controllers/api/users.php | 1 - app/http.php | 1 - app/views/console/storage/bucket.phtml | 3 +- .../Permissions/PermissionsProcessor.php | 2 +- .../e2e/Services/Databases/DatabasesBase.php | 100 ++++++------------ .../Databases/DatabasesCustomClientTest.php | 1 - .../Databases/DatabasesCustomServerTest.php | 7 +- .../Realtime/RealtimeCustomClientTest.php | 11 +- tests/e2e/Services/Storage/StorageBase.php | 14 +-- .../Storage/StorageCustomClientTest.php | 2 - tests/e2e/Services/Webhooks/WebhooksBase.php | 12 +-- .../Webhooks/WebhooksCustomServerTest.php | 8 +- tests/unit/Messaging/MessagingTest.php | 12 +-- 18 files changed, 61 insertions(+), 154 deletions(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 1466835d26..19a66ecb24 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -98,7 +98,6 @@ App::post('/v1/account') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], @@ -204,7 +203,6 @@ App::post('/v1/account/sessions/email') $session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [ "read(user:{$profile->getId()})", - "create(user:{$profile->getId()})", "update(user:{$profile->getId()})", "delete(user:{$profile->getId()})", ])); @@ -487,7 +485,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], @@ -555,7 +552,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') $session = $dbForProject->createDocument('sessions', $session->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -659,7 +655,6 @@ App::post('/v1/account/sessions/magic-url') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], @@ -698,7 +693,6 @@ App::post('/v1/account/sessions/magic-url') $token = $dbForProject->createDocument('tokens', $token ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -807,7 +801,6 @@ App::put('/v1/account/sessions/magic-url') $session = $dbForProject->createDocument('sessions', $session ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -912,7 +905,6 @@ App::post('/v1/account/sessions/phone') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], @@ -953,7 +945,6 @@ App::post('/v1/account/sessions/phone') $token = $dbForProject->createDocument('tokens', $token ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -1049,7 +1040,6 @@ App::put('/v1/account/sessions/phone') $session = $dbForProject->createDocument('sessions', $session ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -1152,7 +1142,6 @@ App::post('/v1/account/sessions/anonymous') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], @@ -1198,7 +1187,7 @@ App::post('/v1/account/sessions/anonymous') $session = $dbForProject->createDocument('sessions', $session-> setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", + "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -2026,7 +2015,6 @@ App::post('/v1/account/recovery') $recovery = $dbForProject->createDocument('tokens', $recovery ->setAttribute('$permissions', [ "read(user:{$profile->getId()})", - "create(user:{$profile->getId()})", "update(user:{$profile->getId()})", "delete(user:{$profile->getId()})", ])); @@ -2191,7 +2179,6 @@ App::post('/v1/account/verification') $verification = $dbForProject->createDocument('tokens', $verification ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); @@ -2350,7 +2337,6 @@ App::post('/v1/account/verification/phone') $verification = $dbForProject->createDocument('tokens', $verification ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index 0541eea7de..52eef57c24 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -1865,10 +1865,8 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents') } } - $documentSecurity = $collection->getAttribute('documentSecurity', false); $validator = new Authorization('create'); - $valid = $validator->isValid($collection->getCreate()); - if (!$valid && !$documentSecurity) { + if (!$validator->isValid($collection->getCreate())) { throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED); } @@ -1882,13 +1880,6 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents') ); $permissions = PermissionsProcessor::handleAggregates($permissions); - if ($documentSecurity) { - $valid |= $validator->isValid((new Document(['$permissions' => $permissions]))->getCreate()); - } - if (!$valid) { - throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED); - } - if (!PermissionsProcessor::allowedForUserType($permissions)) { throw new Exception('Permissions must be one of: (' . \implode(', ', Authorization::getRoles()) . ')', 400, Exception::USER_UNAUTHORIZED); } diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index fdb18ca261..168255eaa4 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -87,8 +87,6 @@ App::post('/v1/projects') '$id' => $projectId, '$permissions' => [ "read(team:{$teamId})", - "create(team:{$teamId}/owner)", - "create(team:{$teamId}/developer)", "update(team:{$teamId}/owner)", "update(team:{$teamId}/developer)", "delete(team:{$teamId}/owner)", @@ -598,7 +596,6 @@ App::post('/v1/projects/:projectId/webhooks') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -846,7 +843,6 @@ App::post('/v1/projects/:projectId/keys') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -1046,7 +1042,6 @@ App::post('/v1/projects/:projectId/platforms') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -1262,7 +1257,6 @@ App::post('/v1/projects/:projectId/domains') '$id' => $dbForConsole->getId(), '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], diff --git a/app/controllers/api/storage.php b/app/controllers/api/storage.php index fe392a350d..d0f36b8cba 100644 --- a/app/controllers/api/storage.php +++ b/app/controllers/api/storage.php @@ -368,11 +368,7 @@ App::post('/v1/storage/buckets/:bucketId/files') $permissions = PermissionsProcessor::handleAggregates($permissions); $validator = new Authorization('create'); - $valid = $validator->isValid($bucket->getCreate()); - if ($bucket->getAttribute('fileSecurity', false)) { - $valid |= $validator->isValid($permissions); - } - if (!$valid) { + if (!$validator->isValid($bucket->getCreate())) { throw new Exception('Unauthorized permissions', 401, Exception::USER_UNAUTHORIZED); } diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index b46c536b96..0798849651 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -61,7 +61,6 @@ App::post('/v1/teams') '$id' => $teamId , '$permissions' => [ 'read(team:' . $teamId . ')', - 'create(team:' . $teamId . '/owner)', 'update(team:' . $teamId . '/owner)', 'delete(team:' . $teamId . '/owner)', ], @@ -737,7 +736,6 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status') $session = $dbForProject->createDocument('sessions', $session ->setAttribute('$permissions', [ "read(user:{$user->getId()})", - "create(user:{$user->getId()})", "update(user:{$user->getId()})", "delete(user:{$user->getId()})", ])); diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index 349f3fc98c..8b5e4009ca 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -59,7 +59,6 @@ App::post('/v1/users') '$id' => $userId, '$permissions' => [ 'read(any)', - 'create(user:' . $userId . ')', 'update(user:' . $userId . ')', 'delete(user:' . $userId . ')', ], diff --git a/app/http.php b/app/http.php index 35bc3fc4de..a1988b8ffe 100644 --- a/app/http.php +++ b/app/http.php @@ -170,7 +170,6 @@ $http->on('start', function (Server $http) use ($payloadSize, $register) { 'antivirus' => true, '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], diff --git a/app/views/console/storage/bucket.phtml b/app/views/console/storage/bucket.phtml index ed5c80a6be..99ed1d7f43 100644 --- a/app/views/console/storage/bucket.phtml +++ b/app/views/console/storage/bucket.phtml @@ -145,8 +145,7 @@ $fileUpdatePermissions = $this->getParam('fileUpdatePermissions', null);

Permissions

- setParam('method', 'storage.getFile')->render(); - ?> + render(); ?> diff --git a/src/Appwrite/Permissions/PermissionsProcessor.php b/src/Appwrite/Permissions/PermissionsProcessor.php index 0a9b3c2678..8c24fc8cd7 100644 --- a/src/Appwrite/Permissions/PermissionsProcessor.php +++ b/src/Appwrite/Permissions/PermissionsProcessor.php @@ -42,7 +42,7 @@ class PermissionsProcessor $permissions = []; if (!empty($userId)) { foreach ($allowedPermissions as $permission) { - $permissions[] = $permission . '(' . $userId . ')'; + $permissions[] = $permission . '(user:' . $userId . ')'; } } return $permissions; diff --git a/tests/e2e/Services/Databases/DatabasesBase.php b/tests/e2e/Services/Databases/DatabasesBase.php index bd9197a37d..02c7f8efb3 100644 --- a/tests/e2e/Services/Databases/DatabasesBase.php +++ b/tests/e2e/Services/Databases/DatabasesBase.php @@ -44,7 +44,12 @@ trait DatabasesBase ]), [ 'collectionId' => 'unique()', 'name' => 'Movies', - 'permissions' => [], + 'permissions' => [ + 'read(any)', + 'create(any)', + 'update(any)', + 'delete(any)', + ], 'documentSecurity' => true, ]); @@ -87,7 +92,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ], @@ -789,7 +793,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -811,7 +814,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -833,7 +835,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -849,7 +850,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -859,7 +859,7 @@ trait DatabasesBase $this->assertEquals($document1['body']['title'], 'Captain America'); $this->assertEquals($document1['body']['releaseYear'], 1944); $this->assertIsArray($document1['body']['$permissions']); - $this->assertCount(4, $document1['body']['$permissions']); + $this->assertCount(3, $document1['body']['$permissions']); $this->assertCount(2, $document1['body']['actors']); $this->assertEquals($document1['body']['actors'][0], 'Chris Evans'); $this->assertEquals($document1['body']['actors'][1], 'Samuel Jackson'); @@ -869,7 +869,7 @@ trait DatabasesBase $this->assertEquals($document2['body']['releaseYear'], 2019); $this->assertEquals($document2['body']['duration'], null); $this->assertIsArray($document2['body']['$permissions']); - $this->assertCount(4, $document2['body']['$permissions']); + $this->assertCount(3, $document2['body']['$permissions']); $this->assertCount(3, $document2['body']['actors']); $this->assertEquals($document2['body']['actors'][0], 'Tom Holland'); $this->assertEquals($document2['body']['actors'][1], 'Zendaya Maree Stoermer'); @@ -880,7 +880,7 @@ trait DatabasesBase $this->assertEquals($document3['body']['releaseYear'], 2017); $this->assertEquals($document3['body']['duration'], 0); $this->assertIsArray($document3['body']['$permissions']); - $this->assertCount(4, $document3['body']['$permissions']); + $this->assertCount(3, $document3['body']['$permissions']); $this->assertCount(2, $document3['body']['actors']); $this->assertEquals($document3['body']['actors'][0], 'Tom Holland'); $this->assertEquals($document3['body']['actors'][1], 'Zendaya Maree Stoermer'); @@ -965,7 +965,7 @@ trait DatabasesBase ]); $this->assertEquals(201, $movies['headers']['status-code']); - $this->assertEquals($movies['body']['name'], 'Movies'); + $this->assertEquals('Movies', $movies['body']['name']); return ['moviesId' => $movies['body']['$id']]; } @@ -985,7 +985,7 @@ trait DatabasesBase ], $this->getHeaders())); $this->assertEquals(200, $documents['headers']['status-code']); - $this->assertEquals($documents['body']['total'], 0); + $this->assertEquals(0, $documents['body']['total']); return []; } @@ -1351,7 +1351,7 @@ trait DatabasesBase 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ - 'queries' => ['$createdAt.greater("1976-06-12")'], + 'queries' => ['$createdAt.greater(132)'], ]); $this->assertCount(3, $documents['body']['documents']); @@ -1360,7 +1360,7 @@ trait DatabasesBase 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ - 'queries' => ['$createdAt.lesser("1976-06-12")'], + 'queries' => ['$createdAt.lesser(132)'], ]); $this->assertCount(0, $documents['body']['documents']); @@ -1429,7 +1429,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ], @@ -1442,7 +1441,6 @@ trait DatabasesBase $this->assertEquals($document['body']['releaseYear'], 2017); $this->assertNotEquals($document['body']['$createdAt'], 5); $this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); - $this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); $this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); $this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); @@ -1455,9 +1453,8 @@ trait DatabasesBase ], 'permissions' => [ 'read(users)', - 'create(users)', - 'update(users)', - 'delete(users)', + 'update(users)', + 'delete(users)', ], ]); @@ -1467,7 +1464,6 @@ trait DatabasesBase $this->assertEquals($document['body']['title'], 'Thor: Ragnarok'); $this->assertEquals($document['body']['releaseYear'], 2017); $this->assertContains('read(users)', $document['body']['$permissions']); - $this->assertContains('create(users)', $document['body']['$permissions']); $this->assertContains('update(users)', $document['body']['$permissions']); $this->assertContains('delete(users)', $document['body']['$permissions']); @@ -1503,7 +1499,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1558,7 +1553,10 @@ trait DatabasesBase ]), [ 'collectionId' => 'unique()', 'name' => 'invalidDocumentStructure', - 'permissions' => [], + 'permissions' => [ + 'create(any)', + 'read(any)', + ], 'documentSecurity' => true, ]); @@ -1756,7 +1754,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1772,7 +1769,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1788,7 +1784,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1804,7 +1799,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1820,7 +1814,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1836,7 +1829,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1852,7 +1844,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1868,7 +1859,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1884,7 +1874,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1914,7 +1903,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1930,7 +1918,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1946,7 +1933,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1962,7 +1948,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1978,7 +1963,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -1994,7 +1978,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2010,7 +1993,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2026,7 +2008,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2042,7 +2023,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2094,9 +2074,8 @@ trait DatabasesBase $this->assertIsArray($document['body']['$permissions']); if ($this->getSide() == 'client') { - $this->assertCount(4, $document['body']['$permissions']); + $this->assertCount(3, $document['body']['$permissions']); $this->assertContains('read(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); - $this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); $this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); $this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); } @@ -2161,17 +2140,11 @@ trait DatabasesBase 'permissions' => [], ]); - if ($this->getSide() == 'client') { - $this->assertEquals(401, $document['headers']['status-code']); - } - - if ($this->getSide() == 'server') { - $this->assertEquals(200, $document['headers']['status-code']); - $this->assertEquals($document['body']['title'], 'Captain America 3'); - $this->assertEquals($document['body']['releaseYear'], 1946); - $this->assertCount(0, $document['body']['$permissions']); - $this->assertEquals([], $document['body']['$permissions']); - } + $this->assertEquals(200, $document['headers']['status-code']); + $this->assertEquals($document['body']['title'], 'Captain America 3'); + $this->assertEquals($document['body']['releaseYear'], 1946); + $this->assertCount(0, $document['body']['$permissions']); + $this->assertEquals([], $document['body']['$permissions']); return $data; } @@ -2257,7 +2230,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(' . $user . ')', - 'create(' . $user . ')', 'update(' . $user . ')', 'delete(' . $user . ')', ] @@ -2274,7 +2246,6 @@ trait DatabasesBase 'attribute' => 'one', ], 'permissions' => [ - 'create(' . $user . ')', 'update(' . $user . ')', 'delete(' . $user . ')', ] @@ -2293,7 +2264,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:other)', - 'create(user:other)', 'update(user:other)', ], ]); @@ -2411,7 +2381,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2435,7 +2404,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2459,7 +2427,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -2554,7 +2521,12 @@ trait DatabasesBase ]), [ 'collectionId' => 'unique()', 'name' => 'Movies', - 'permissions' => [], + 'permissions' => [ + 'create(user:' . $this->getUser()['$id'] . ')', + 'read(user:' . $this->getUser()['$id'] . ')', + 'update(user:' . $this->getUser()['$id'] . ')', + 'delete(user:' . $this->getUser()['$id'] . ')', + ], 'documentSecurity' => true, ]); @@ -2590,7 +2562,6 @@ trait DatabasesBase ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -2599,9 +2570,8 @@ trait DatabasesBase $id = $document['body']['$id']; $this->assertEquals(201, $document['headers']['status-code']); - $this->assertCount(4, $document['body']['$permissions']); + $this->assertCount(3, $document['body']['$permissions']); $this->assertContains('read(any)', $document['body']['$permissions']); - $this->assertContains('create(any)', $document['body']['$permissions']); $this->assertContains('update(any)', $document['body']['$permissions']); $this->assertContains('delete(any)', $document['body']['$permissions']); @@ -2618,13 +2588,12 @@ trait DatabasesBase $this->assertEquals(200, $document['headers']['status-code']); $this->assertCount(1, $document['body']['$permissions']); - // send only mutation permissions + // Send only mutation permissions $document = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents/' . $id, array_merge([ 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ 'permissions' => [ - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ], @@ -2632,8 +2601,7 @@ trait DatabasesBase if ($this->getSide() == 'server') { $this->assertEquals(200, $document['headers']['status-code']); - $this->assertCount(3, $document['body']['$permissions']); - $this->assertContains('create(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); + $this->assertCount(2, $document['body']['$permissions']); $this->assertContains('update(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); $this->assertContains('delete(user:' . $this->getUser()['$id'] . ')', $document['body']['$permissions']); } diff --git a/tests/e2e/Services/Databases/DatabasesCustomClientTest.php b/tests/e2e/Services/Databases/DatabasesCustomClientTest.php index 70c0398cd8..dadaa65448 100644 --- a/tests/e2e/Services/Databases/DatabasesCustomClientTest.php +++ b/tests/e2e/Services/Databases/DatabasesCustomClientTest.php @@ -80,7 +80,6 @@ class DatabasesCustomClientTest extends Scope 'permissions' => [ "read(user:user2)", "read(user:{$userId})", - "create(user:{$userId})", "update(user:{$userId})", "delete(user:{$userId})", ], diff --git a/tests/e2e/Services/Databases/DatabasesCustomServerTest.php b/tests/e2e/Services/Databases/DatabasesCustomServerTest.php index 004dc6ecde..774be14568 100644 --- a/tests/e2e/Services/Databases/DatabasesCustomServerTest.php +++ b/tests/e2e/Services/Databases/DatabasesCustomServerTest.php @@ -507,7 +507,6 @@ class DatabasesCustomServerTest extends Scope ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -857,7 +856,6 @@ class DatabasesCustomServerTest extends Scope ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ], @@ -874,7 +872,6 @@ class DatabasesCustomServerTest extends Scope ], 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ], @@ -882,13 +879,13 @@ class DatabasesCustomServerTest extends Scope $this->assertEquals(201, $document1['headers']['status-code']); $this->assertIsArray($document1['body']['$permissions']); - $this->assertCount(4, $document1['body']['$permissions']); + $this->assertCount(3, $document1['body']['$permissions']); $this->assertEquals($document1['body']['firstName'], 'Tom'); $this->assertEquals($document1['body']['lastName'], 'Holland'); $this->assertEquals(201, $document2['headers']['status-code']); $this->assertIsArray($document2['body']['$permissions']); - $this->assertCount(4, $document2['body']['$permissions']); + $this->assertCount(3, $document2['body']['$permissions']); $this->assertEquals($document2['body']['firstName'], 'Samuel'); $this->assertEquals($document2['body']['lastName'], 'Jackson'); diff --git a/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php b/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php index 37c816b09a..a5779e882c 100644 --- a/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php +++ b/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php @@ -644,7 +644,12 @@ class RealtimeCustomClientTest extends Scope ]), [ 'collectionId' => 'unique()', 'name' => 'Actors', - 'permissions' => [], + 'permissions' => [ + 'read(users)', + 'create(users)', + 'update(users)', + 'delete(users)', + ], 'documentSecurity' => true, ]); @@ -681,7 +686,6 @@ class RealtimeCustomClientTest extends Scope ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -728,7 +732,6 @@ class RealtimeCustomClientTest extends Scope ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -774,7 +777,6 @@ class RealtimeCustomClientTest extends Scope ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -1079,7 +1081,6 @@ class RealtimeCustomClientTest extends Scope 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], diff --git a/tests/e2e/Services/Storage/StorageBase.php b/tests/e2e/Services/Storage/StorageBase.php index dc0e49825a..4350288df0 100644 --- a/tests/e2e/Services/Storage/StorageBase.php +++ b/tests/e2e/Services/Storage/StorageBase.php @@ -42,7 +42,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -106,7 +105,6 @@ trait StorageBase 'file' => $curlFile, 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -148,7 +146,6 @@ trait StorageBase 'file' => $curlFile, 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -170,7 +167,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -189,7 +185,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-1.png'), 'image/png', 'kitten-1.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -210,7 +205,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-a/kitten-3.gif'), 'image/gif', 'kitten-3.gif'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -295,7 +289,7 @@ trait StorageBase $this->assertEquals('image/png', $file1['body']['mimeType']); $this->assertEquals(47218, $file1['body']['sizeOriginal']); $this->assertIsArray($file1['body']['$permissions']); - $this->assertCount(4, $file1['body']['$permissions']); + $this->assertCount(3, $file1['body']['$permissions']); $file2 = $this->client->call(Client::METHOD_GET, '/storage/buckets/' . $bucketId . '/files/' . $data['fileId'] . '/preview', array_merge([ 'content-type' => 'application/json', @@ -486,7 +480,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -533,7 +526,6 @@ trait StorageBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-b/kitten-2.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -580,7 +572,6 @@ trait StorageBase ], $this->getHeaders()), [ 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] @@ -599,7 +590,7 @@ trait StorageBase //$this->assertNotEmpty($file['body']['fileOpenSSLTag']); //$this->assertNotEmpty($file['body']['fileOpenSSLIV']); $this->assertIsArray($file['body']['$permissions']); - $this->assertCount(4, $file['body']['$permissions']); + $this->assertCount(3, $file['body']['$permissions']); /** * Test for FAILURE unknown Bucket @@ -611,7 +602,6 @@ trait StorageBase ], $this->getHeaders()), [ 'permissions' => [ 'read(user:' . $this->getUser()['$id'] . ')', - 'create(user:' . $this->getUser()['$id'] . ')', 'update(user:' . $this->getUser()['$id'] . ')', 'delete(user:' . $this->getUser()['$id'] . ')', ] diff --git a/tests/e2e/Services/Storage/StorageCustomClientTest.php b/tests/e2e/Services/Storage/StorageCustomClientTest.php index 8bc0aac96f..aec8064950 100644 --- a/tests/e2e/Services/Storage/StorageCustomClientTest.php +++ b/tests/e2e/Services/Storage/StorageCustomClientTest.php @@ -188,7 +188,6 @@ class StorageCustomClientTest extends Scope 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'permissions.png'), 'folderId' => 'xyz', 'permissions' => [ - 'create(user:notme)', 'update(user:notme)', 'delete(user:notme)', ] @@ -250,7 +249,6 @@ class StorageCustomClientTest extends Scope 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ 'permissions' => [ - 'create(user:notme)', 'update(user:notme)', 'delete(user:notme)', ] diff --git a/tests/e2e/Services/Webhooks/WebhooksBase.php b/tests/e2e/Services/Webhooks/WebhooksBase.php index 6cd931f7c4..68498a8709 100644 --- a/tests/e2e/Services/Webhooks/WebhooksBase.php +++ b/tests/e2e/Services/Webhooks/WebhooksBase.php @@ -72,7 +72,7 @@ trait WebhooksBase $this->assertNotEmpty($webhook['data']['$id']); $this->assertEquals($webhook['data']['name'], 'Actors'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(4, $webhook['data']['$permissions']); return array_merge(['actorsId' => $actorsId, 'databaseId' => $databaseId]); } @@ -196,7 +196,6 @@ trait WebhooksBase ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -231,7 +230,7 @@ trait WebhooksBase $this->assertEquals($webhook['data']['firstName'], 'Chris'); $this->assertEquals($webhook['data']['lastName'], 'Evans'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(3, $webhook['data']['$permissions']); $data['documentId'] = $document['body']['$id']; @@ -259,7 +258,6 @@ trait WebhooksBase ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -294,7 +292,7 @@ trait WebhooksBase $this->assertEquals($webhook['data']['firstName'], 'Chris1'); $this->assertEquals($webhook['data']['lastName'], 'Evans2'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(3, $webhook['data']['$permissions']); return $data; } @@ -322,7 +320,6 @@ trait WebhooksBase ], 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -364,7 +361,7 @@ trait WebhooksBase $this->assertEquals($webhook['data']['firstName'], 'Bradly'); $this->assertEquals($webhook['data']['lastName'], 'Cooper'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(3, $webhook['data']['$permissions']); return $data; } @@ -492,7 +489,6 @@ trait WebhooksBase 'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'), 'permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], diff --git a/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php b/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php index c87b62136b..b79385bffc 100644 --- a/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php +++ b/tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php @@ -55,7 +55,7 @@ class WebhooksCustomServerTest extends Scope $this->assertNotEmpty($webhook['data']['$id']); $this->assertEquals($webhook['data']['name'], 'Actors1'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(4, $webhook['data']['$permissions']); return array_merge(['actorsId' => $actors['body']['$id']]); } @@ -196,7 +196,7 @@ class WebhooksCustomServerTest extends Scope $this->assertNotEmpty($webhook['data']['$id']); $this->assertEquals($webhook['data']['name'], 'Demo'); $this->assertIsArray($webhook['data']['$permissions']); - $this->assertCount(2, $webhook['data']['$permissions']); + $this->assertCount(4, $webhook['data']['$permissions']); return []; } @@ -394,7 +394,7 @@ class WebhooksCustomServerTest extends Scope ], $this->getHeaders()), [ 'functionId' => 'unique()', 'name' => 'Test', - 'execute' => ['create(any)'], + 'execute' => ['any'], 'runtime' => 'php-8.0', 'timeout' => 10, ]); @@ -443,7 +443,7 @@ class WebhooksCustomServerTest extends Scope ], $this->getHeaders()), [ 'name' => 'Test', 'runtime' => 'php-8.0', - 'execute' => ['create(any)'], + 'execute' => ['any'], 'vars' => [ 'key1' => 'value1', ] diff --git a/tests/unit/Messaging/MessagingTest.php b/tests/unit/Messaging/MessagingTest.php index 134bff9319..f9665f7d4c 100644 --- a/tests/unit/Messaging/MessagingTest.php +++ b/tests/unit/Messaging/MessagingTest.php @@ -208,7 +208,7 @@ class MessagingTest extends TestCase '$collection' => 'collection', '$permissions' => [ 'read(admin)', - 'create(admin)', + 'update(admin)', 'delete(admin)', ], @@ -217,7 +217,6 @@ class MessagingTest extends TestCase '$id' => 'collection', '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -240,7 +239,6 @@ class MessagingTest extends TestCase '$collection' => 'collection', '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -249,7 +247,7 @@ class MessagingTest extends TestCase '$id' => 'collection', '$permissions' => [ 'read(admin)', - 'create(admin)', + 'update(admin)', 'delete(admin)', ], @@ -276,7 +274,7 @@ class MessagingTest extends TestCase '$collection' => 'bucket', '$permissions' => [ 'read(admin)', - 'create(admin)', + 'update(admin)', 'delete(admin)', ], @@ -285,7 +283,6 @@ class MessagingTest extends TestCase '$id' => 'bucket', '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -305,7 +302,6 @@ class MessagingTest extends TestCase '$collection' => 'bucket', '$permissions' => [ 'read(any)', - 'create(any)', 'update(any)', 'delete(any)', ], @@ -314,7 +310,7 @@ class MessagingTest extends TestCase '$id' => 'bucket', '$permissions' => [ 'read(admin)', - 'create(admin)', + 'update(admin)', 'delete(admin)', ],