From 626f0dc563324be4dee42fe7062df5f2f2de4902 Mon Sep 17 00:00:00 2001 From: leonnicolas Date: Wed, 14 Oct 2020 22:29:31 +0200 Subject: [PATCH] src/resolvers/*: check Permissions for each resolver --- src/datasources/db/contactinformationAPI.ts | 78 ---------- src/datasources/db/lendingstationAPI.ts | 4 +- src/resolvers/cargobikeResolver.ts | 141 +++++++++++++------ src/resolvers/contactinformationResolvers.ts | 26 +--- src/resolvers/lendingstationResolvers.ts | 56 +++++--- src/resolvers/participantResolvers.ts | 51 ++++--- src/resolvers/providerResolvers.ts | 36 +++-- src/resolvers/workshopResolvers.ts | 22 ++- src/schema/type-defs.ts | 27 ---- 9 files changed, 214 insertions(+), 227 deletions(-) diff --git a/src/datasources/db/contactinformationAPI.ts b/src/datasources/db/contactinformationAPI.ts index 93d8f92..3a62d2c 100644 --- a/src/datasources/db/contactinformationAPI.ts +++ b/src/datasources/db/contactinformationAPI.ts @@ -10,9 +10,6 @@ export class ContactInformationAPI extends DataSource { this.connection = getConnection(); } - async contactPersonById (id: number) { - } - async numContactInformationById (id: number) { return await this.connection.getRepository(ContactInformation) .createQueryBuilder('contactInformation') @@ -93,79 +90,4 @@ export class ContactInformationAPI extends DataSource { .getMany(); return res; } - - async contactInformationByContactPersonId (id: number) { - /* return (await this.connection.getRepository(ContactPerson) - .createQueryBuilder('contactPerson') - .leftJoinAndSelect('contactPerson.contactInformation', 'contactInformation') - .where('"contactPerson".id = :id', { id: id }) - .getOne())?.contactInformation || new GraphQLError('ContactPerson has no ContactInformtion'); - */ - } - - async createContactPerson (contactPerson: any) { - /* - if (await this.contactInformationById(contactPerson.contactInformationId)) { - let inserts: any; - try { - await this.connection.transaction(async entiyManager => { - inserts = await entiyManager.createQueryBuilder(ContactPerson, 'contactPerson') - .insert() - .values([contactPerson]) - .returning('*') - .execute(); - await entiyManager.createQueryBuilder() - .relation(ContactPerson, 'contactInformation') - .of(inserts.identifiers[0].id) - .set(contactPerson.contactInformationId); - }); - } catch (e: any) { - return new GraphQLError('Transaction could not be completed'); - } - return this.contactPersonById(inserts.identifiers[0].id); - } else { - return null; - } - */ - } - - async updateContactPerson (contactPerson: any) { - /* - if (await this.contactPersonById(contactPerson.id)) { - const contactInformationId = contactPerson.contactInformationId; - delete contactPerson.contactInformationId; - if (contactInformationId) { - if (await this.contactInformationById(contactInformationId)) { - await this.connection.getRepository(ContactPerson) - .createQueryBuilder('contactPerson') - .update(ContactPerson) - .set({ ...contactPerson }) - .where('id = :id', { id: contactPerson.id }) - .execute(); - await this.connection.getRepository(ContactPerson) - .createQueryBuilder('contactPerson') - .relation(ContactPerson, 'contactInformation') - .of(contactPerson.id) - .set(contactInformationId); - } else { - // supplied contactinformationId not found - return null; - } - return this.contactPersonById(contactPerson.id); - } else { - await this.connection.getRepository(ContactPerson) - .createQueryBuilder('contactPerson') - .update(ContactPerson) - .set({ ...contactPerson }) - .where('id = :id', { id: contactPerson.id }) - .execute(); - return this.contactPersonById(contactPerson.id); - } - } else { - // updated bike not found - return null; - } - - */ - } } diff --git a/src/datasources/db/lendingstationAPI.ts b/src/datasources/db/lendingstationAPI.ts index 887d241..ffaff79 100644 --- a/src/datasources/db/lendingstationAPI.ts +++ b/src/datasources/db/lendingstationAPI.ts @@ -14,7 +14,7 @@ export class LendingStationAPI extends DataSource { this.connection = getConnection(); } - async getLendingStationById ({ id }: { id: any }) { + async lendingStationById ({ id }: { id: any }) { return await this.connection.manager .createQueryBuilder() .select('lendingStation') @@ -166,7 +166,7 @@ export class LendingStationAPI extends DataSource { .set({ ...lendingStation }) .where('id = :id', { id: lendingStation.id }) .execute(); - return this.getLendingStationById({ id: lendingStation.id }); + return this.lendingStationById({ id: lendingStation.id }); } else { return new GraphQLError('ID not in database'); } diff --git a/src/resolvers/cargobikeResolver.ts b/src/resolvers/cargobikeResolver.ts index d612401..b1023f0 100644 --- a/src/resolvers/cargobikeResolver.ts +++ b/src/resolvers/cargobikeResolver.ts @@ -15,115 +15,164 @@ export default { if (req.permissions.includes(Permission.ReadBike)) { return dataSources.cargoBikeAPI.getCargoBikes(offset, limit); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, bikeEvents: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadBikeEvent)) { return dataSources.cargoBikeAPI.bikeEvents(offset, limit); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, bikeEventById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadBikeEvent)) { return dataSources.cargoBikeAPI.findBikeEventById(id); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, bikeEventTypeByd: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadBikeEvent)) { return dataSources.cargoBikeAPI.findBikeEventTypeById(id); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); + } + }, + bikeEventTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { + if (req.permissions.includes(Permission.ReadBikeEvent)) { + return dataSources.cargoBikeAPI.bikeEventTypes(offset, limit); + } else { + return new GraphQLError('Insufficient Permissions'); } }, equipment: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEquipment)) { return dataSources.cargoBikeAPI.getEquipment(offset, limit); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, equipmentById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEquipment)) { return dataSources.cargoBikeAPI.equipmentById(id); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, equipmentTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEquipment)) { return dataSources.cargoBikeAPI.equipmentTypes(offset, limit); } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } }, equipmentTypeById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEquipment)) { return dataSources.cargoBikeAPI.equipmentTypeById(id); } else { - return new GraphQLError('Insufficiant Permissions'); - } - }, - bikeEventTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { - return dataSources.cargoBikeAPI.bikeEventTypes(offset, limit); - } else { - return new GraphQLError('Insufficiant Permissions'); + return new GraphQLError('Insufficient Permissions'); } } }, CargoBike: { engagement (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.participantAPI.engagementByCargoBikeId(offset, limit, parent.id); + if (req.permissions.includes(Permission.ReadEngagement)) { + return dataSources.participantAPI.engagementByCargoBikeId(offset, limit, parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, - coordinator (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { - dataSources.participantAPI.participantByCargoBikeId(parent.id); + coordinator (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { // TODO should be done with engagements + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.participantAPI.participantByCargoBikeId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, equipment (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.equipmentByCargoBikeId(offset, limit, parent.id); + if (req.permissions.includes(Permission.ReadEquipment)) { + return dataSources.cargoBikeAPI.equipmentByCargoBikeId(offset, limit, parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.lendingStationByCargoBikeId(parent.id); + if (req.permissions.includes(Permission.ReadLendingStation)) { + return dataSources.lendingStationAPI.lendingStationByCargoBikeId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, bikeEvents (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.bikeEventsByCargoBikeId(parent.id, offset, limit); + if (req.permissions.includes(Permission.ReadBikeEvent)) { + return dataSources.cargoBikeAPI.bikeEventsByCargoBikeId(parent.id, offset, limit); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }), - lockedBy (): any { - return null; - }, timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.timeFramesByCargoBikeId(parent.id); + if (req.permissions.includes(Permission.ReadTimeFrame)) { + return dataSources.lendingStationAPI.timeFramesByCargoBikeId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, equipmentType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.equipmentTypeByCargoBikeId(parent.id); + if (req.permissions.includes(Permission.ReadEquipment)) { + return dataSources.cargoBikeAPI.equipmentTypeByCargoBikeId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, provider (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.providerAPI.providerByCargoBikeId(parent.id); + if (req.permissions.includes(Permission.ReadProvider)) { + return dataSources.providerAPI.providerByCargoBikeId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } } }, Equipment: { cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.cargoBikeByEquipmentId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.cargoBikeAPI.cargoBikeByEquipmentId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, BikeEvent: { cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.cargoBikeByEventId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.cargoBikeAPI.cargoBikeByEventId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, bikeEventType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.bikeEventTypeByBikeEventId(parent.id); + if (req.permissions.includes(Permission.ReadBikeEvent)) { + return dataSources.cargoBikeAPI.bikeEventTypeByBikeEventId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, responsible (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.responsibleByBikeEventId(parent.id); + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.cargoBikeAPI.responsibleByBikeEventId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, related (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.relatedByBikeEventId(parent.id); + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.cargoBikeAPI.relatedByBikeEventId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, @@ -160,49 +209,49 @@ export default { } }, createBikeEvent: (_: any, { bikeEvent }: { bikeEvent: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteBikeEvent)) { return dataSources.cargoBikeAPI.createBikeEvent({ bikeEvent }); } else { return new GraphQLError('Insufficient Permissions'); } }, lockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteBikeEvent)) { return dataSources.cargoBikeAPI.lockBikeEvent(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); } }, unlockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteBikeEvent)) { return dataSources.cargoBikeAPI.unlockBikeEvent(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); } }, createEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEquipment)) { return dataSources.cargoBikeAPI.createEquipment({ equipment }); } else { return new GraphQLError('Insufficient Permissions'); } }, lockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEquipment)) { return dataSources.cargoBikeAPI.lockEquipment(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); } }, unlockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEquipment)) { return dataSources.cargoBikeAPI.unlockEquipment(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); } }, updateEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEquipment)) { return dataSources.cargoBikeAPI.updateEquipment(equipment, req.userId); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/resolvers/contactinformationResolvers.ts b/src/resolvers/contactinformationResolvers.ts index 87eb098..c9b8851 100644 --- a/src/resolvers/contactinformationResolvers.ts +++ b/src/resolvers/contactinformationResolvers.ts @@ -34,16 +34,6 @@ export default { } } }, - ContactPerson: { - contactInformation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { - return dataSources.contactInformationAPI.contactInformationByContactPersonId(parent.id); - } else { - return new GraphQLError('Insufficient Permissions'); - } - }, - isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) - }, Person: { contactInformation: (parent: Person, __: any, { dataSources, req }: { dataSources: any, req: any }) => { if (req.permissions.includes(Permission.ReadPerson)) { @@ -65,22 +55,8 @@ export default { isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, Mutation: { - createContactPerson: (_: any, { contactPerson }: { contactPerson: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { - return dataSources.contactInformationAPI.createContactPerson(contactPerson); - } else { - return new GraphQLError('Insufficient Permissions'); - } - }, - updateContactPerson: (_: any, { contactPerson }: { contactPerson: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { - return dataSources.contactInformationAPI.updateContactPerson(contactPerson); - } else { - return new GraphQLError('Insufficient Permissions'); - } - }, createContactInformation: (_: any, { contactInformation }: { contactInformation: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WritePerson)) { return dataSources.contactInformationAPI.createContactInformation(contactInformation); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/resolvers/lendingstationResolvers.ts b/src/resolvers/lendingstationResolvers.ts index 1391b70..6fa4668 100644 --- a/src/resolvers/lendingstationResolvers.ts +++ b/src/resolvers/lendingstationResolvers.ts @@ -6,28 +6,28 @@ import { isLocked } from '../datasources/db/utils'; export default { Query: { lendingStationById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { - return dataSources.lendingStationAPI.getLendingStationById({ id }); + if (req.permissions.includes(Permission.ReadLendingStation)) { + return dataSources.lendingStationAPI.lendingStationById({ id }); } else { return new GraphQLError('Insufficient Permissions'); } }, lendingStations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadLendingStation)) { return dataSources.lendingStationAPI.lendingStations(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, timeFrameById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadTimeFrame)) { return dataSources.lendingStationAPI.timeFrameById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, timeframes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadTimeFrame)) { return dataSources.lendingStationAPI.timeFrames(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); @@ -36,13 +36,25 @@ export default { }, LendingStation: { timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.timeFramesByLendingStationId(parent.id); + if (req.permissions.includes(Permission.ReadTimeFrame)) { + return dataSources.lendingStationAPI.timeFramesByLendingStationId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, numCargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.numCargoBikesByLendingStationId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.lendingStationAPI.numCargoBikesByLendingStationId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, cargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.cargoBikesByLendingStationId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.lendingStationAPI.cargoBikesByLendingStationId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, @@ -60,47 +72,59 @@ export default { return (str.length > 0) ? str : null; }, cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.cargoBikeByTimeFrameId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.cargoBikeAPI.cargoBikeByTimeFrameId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.lendingStationAPI.lendingStationByTimeFrameId(parent.id); + if (req.permissions.includes(Permission.ReadLendingStation)) { + return dataSources.lendingStationAPI.lendingStationByTimeFrameId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, Mutation: { createLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteLendingStation)) { return dataSources.lendingStationAPI.createLendingStation(lendingStation); } else { return new GraphQLError('Insufficient Permissions'); } }, lockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteLendingStation)) { return dataSources.lendingStationAPI.lockLendingStationById(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); } }, unlockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { - return dataSources.lendingStationAPI.unlockLendingStationById(id, req.userId); + if (req.permissions.includes(Permission.WriteLendingStation)) { + return dataSources.lendingStationAPI.unlockLendingStationById(id, req.userId); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, updateLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteLendingStation)) { return dataSources.lendingStationAPI.updateLendingStation({ lendingStation }); } else { return new GraphQLError('Insufficient Permissions'); } }, createTimeFrame: (_: any, { timeFrame }:{ timeFrame: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteTimeFrame)) { return dataSources.lendingStationAPI.createTimeFrame(timeFrame); } else { return new GraphQLError('Insufficient Permissions'); } }, lockTimeFrame: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteTimeFrame)) { return dataSources.lendingStationAPI.lockTimeFrame(id, req.userId); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/resolvers/participantResolvers.ts b/src/resolvers/participantResolvers.ts index a5b9129..25c00d7 100644 --- a/src/resolvers/participantResolvers.ts +++ b/src/resolvers/participantResolvers.ts @@ -1,47 +1,46 @@ import { GraphQLError } from 'graphql'; import { Permission } from '../datasources/userserver/permission'; -import { EngagementType } from '../model/EngagementType'; import { isLocked } from '../datasources/db/utils'; export default { Query: { participantById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadParticipant)) { return dataSources.participantAPI.getParticipantById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, participants: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadParticipant)) { return dataSources.participantAPI.getParticipants(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, engagementById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEngagement)) { return dataSources.participantAPI.engagementById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, engagements: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEngagement)) { return dataSources.participantAPI.engagements(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, engagementTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEngagement)) { return dataSources.participantAPI.engagementTypeById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, engagementTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadEngagement)) { return dataSources.participantAPI.engagementTypes(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); @@ -50,22 +49,42 @@ export default { }, Participant: { engagement (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.participantAPI.engagementByParticipantId(parent.id); + if (req.permissions.includes(Permission.ReadEngagement)) { + return dataSources.participantAPI.engagementByParticipantId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, contactInformation (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { - return (dataSources.participantAPI.contactInformationByParticipantId(parent.id)); + if (req.permissions.includes(Permission.ReadPerson)) { + return (dataSources.participantAPI.contactInformationByParticipantId(parent.id)); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, Engagement: { cargoBike (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.cargoBikeAPI.findCargoBikeByEngagementId(parent.id); + if (req.permissions.includes(Permission.ReadBike)) { + return dataSources.cargoBikeAPI.findCargoBikeByEngagementId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, participant (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { - return dataSources.participantAPI.participantByEngagementId(parent.id); + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.participantAPI.participantByEngagementId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, - engagementType (parent: any, _: any, { dataSources, req }: { dataSources: any; req: any }): Promise { - return dataSources.participantAPI.engagementTypeByEngagementId(parent.id); + engagementType (parent: any, _: any, { dataSources, req }: { dataSources: any; req: any }) { + if (req.permissions.includes(Permission.ReadEngagement)) { + return dataSources.participantAPI.engagementTypeByEngagementId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, from (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { return (parent.dateRange as string).split(',')[0].replace('[', ''); @@ -78,21 +97,21 @@ export default { }, Mutation: { createParticipant: (_: any, { participant }: { participant: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteParticipant)) { return dataSources.participantAPI.createParticipant(participant); } else { return new GraphQLError('Insufficient Permissions'); } }, createEngagement: (_: any, { engagement }: { engagement: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEngagement)) { return dataSources.participantAPI.createEngagement(engagement); } else { return new GraphQLError('Insufficient Permissions'); } }, createEngagementType: (_: any, { engagementType }: { engagementType: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteEngagementType)) { return dataSources.participantAPI.createEngagementType(engagementType); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/resolvers/providerResolvers.ts b/src/resolvers/providerResolvers.ts index d0b7099..3d660b1 100644 --- a/src/resolvers/providerResolvers.ts +++ b/src/resolvers/providerResolvers.ts @@ -5,28 +5,28 @@ import { isLocked } from '../datasources/db/utils'; export default { Query: { providers: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadProvider)) { return dataSources.providerAPI.provider(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, providerById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadProvider)) { return dataSources.providerAPI.providerById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, organisations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadOrganisation)) { return dataSources.providerAPI.organisations(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, organisationById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadOrganisation)) { return dataSources.providerAPI.organisationById(id); } else { return new GraphQLError('Insufficient Permissions'); @@ -42,32 +42,48 @@ export default { } }, organisation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.providerAPI.organisationByProviderId(parent.id); + if (req.permissions.includes(Permission.ReadOrganisation)) { + return dataSources.providerAPI.organisationByProviderId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, privatePerson: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.providerAPI.privatePersonByProviderId(parent.id); + if (req.permissions.includes(Permission.ReadPerson)) { + return dataSources.providerAPI.privatePersonByProviderId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, Organisation: { provider: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.providerAPI.providerByOrganisationId(parent.id); + if (req.permissions.includes(Permission.ReadProvider)) { + return dataSources.providerAPI.providerByOrganisationId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, contactInformation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.providerAPI.contactInformationByOrganisationId(parent.id); + if (req.permissions.includes(Permission.ReadPerson)) { + return dataSources.providerAPI.contactInformationByOrganisationId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, Mutation: { createProvider: (_: any, { provider }: { provider: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteBike)) { + if (req.permissions.includes(Permission.WriteProvider)) { return dataSources.providerAPI.createProvider(provider); } else { return new GraphQLError('Insufficient Permissions'); } }, createOrganisation: (_: any, { organisation }: { organisation: any }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteProvider)) { + if (req.permissions.includes(Permission.WriteOrganisation)) { return dataSources.providerAPI.createOrganisation(organisation); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/resolvers/workshopResolvers.ts b/src/resolvers/workshopResolvers.ts index 89527d6..8f3a910 100644 --- a/src/resolvers/workshopResolvers.ts +++ b/src/resolvers/workshopResolvers.ts @@ -5,28 +5,28 @@ import { isLocked } from '../datasources/db/utils'; export default { Query: { workshopTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadWorkshop)) { return dataSources.workshopAPI.workshopTypeById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, workshopTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadWorkshop)) { return dataSources.workshopAPI.workshopTypes(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); } }, workshopById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadWorkshop)) { return dataSources.workshopAPI.workshopById(id); } else { return new GraphQLError('Insufficient Permissions'); } }, workshops: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.ReadBike)) { + if (req.permissions.includes(Permission.ReadWorkshop)) { return dataSources.workshopAPI.workshops(offset, limit); } else { return new GraphQLError('Insufficient Permissions'); @@ -35,10 +35,18 @@ export default { }, Workshop: { trainer1: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.workshopAPI.trainer1ByWorkshopId(parent.id); + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.workshopAPI.trainer1ByWorkshopId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, trainer2: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => { - return dataSources.workshopAPI.trainer2ByWorkshopId(parent.id); + if (req.permissions.includes(Permission.ReadParticipant)) { + return dataSources.workshopAPI.trainer2ByWorkshopId(parent.id); + } else { + return new GraphQLError('Insufficient Permissions'); + } }, isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) }, @@ -47,7 +55,7 @@ export default { }, Mutation: { createWorkshop: (_: any, { workshop }: { workshop: number }, { dataSources, req }: { dataSources: any, req: any }) => { - if (req.permissions.includes(Permission.WriteWorkshopType)) { + if (req.permissions.includes(Permission.WriteWorkshop)) { return dataSources.workshopAPI.createWorkshop(workshop); } else { return new GraphQLError('Insufficient Permissions'); diff --git a/src/schema/type-defs.ts b/src/schema/type-defs.ts index ea3968e..a586fb4 100644 --- a/src/schema/type-defs.ts +++ b/src/schema/type-defs.ts @@ -633,28 +633,6 @@ input ContactInformationUpdateInput { note: String } -"describes Relation of Contact to Provider" -type ContactPerson { - id: ID! - intern: Boolean! - contactInformation: ContactInformation! - isLocked: Boolean! - "null if not locked by other user" - lockedBy: ID - lockedUntil: Date -} - -input ContactPersonCreateInput { - intern: Boolean! - contactInformationId: ID! -} - -input ContactPersonUpdateInput { - id: ID! - intern: Boolean - contactInformationId: ID -} - type Organisation { id: ID! name: String! @@ -904,13 +882,8 @@ type Mutation { createEngagementType(engagementType: EngagementTypeCreateInput!): EngagementType! "create Engagement" createEngagement(engagement: EngagementCreateInput): Engagement! - "createContactPerson, return null if contactInformationId does not exist" - createContactPerson(contactPerson: ContactPersonCreateInput): ContactPerson - updateContactPerson(contactPerson: ContactPersonUpdateInput): ContactPerson - "create Provider, if cargoBikeIds or contactPersonIds are not valid, provider will still be created" createProvider(provider: ProviderCreateInput!): Provider! createOrganisation(organisation: OrganisationCreateInput!): Organisation! - } `;