fLotte-meets-HWR-DB
/
apollo-server
mirror of https://github.com/fLotte-meets-HWR-DB/apollo-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

src/resolvers/*: check Permissions for each resolver

Browse Source
pull/14/head
leonnicolas 4 years ago
parent d473d745b0
commit 626f0dc563
No known key found for this signature in database
GPG Key ID: 088D0743E2B65C07
9 changed files with 214 additions and 227 deletions
Show Stats Download Patch File Download Diff File

78
src/datasources/db/contactinformationAPI.ts
Unescape Escape View File

@ -10,9 +10,6 @@ export class ContactInformationAPI extends DataSource {
this.connection = getConnection(); this.connection = getConnection();
} }
async contactPersonById (id: number) {
}
async numContactInformationById (id: number) { async numContactInformationById (id: number) {
return await this.connection.getRepository(ContactInformation) return await this.connection.getRepository(ContactInformation)
.createQueryBuilder('contactInformation') .createQueryBuilder('contactInformation')
@ -93,79 +90,4 @@ export class ContactInformationAPI extends DataSource {
.getMany(); .getMany();
return res; return res;
} }
async contactInformationByContactPersonId (id: number) {
/* return (await this.connection.getRepository(ContactPerson)
.createQueryBuilder('contactPerson')
.leftJoinAndSelect('contactPerson.contactInformation', 'contactInformation')
.where('"contactPerson".id = :id', { id: id })
.getOne())?.contactInformation || new GraphQLError('ContactPerson has no ContactInformtion');
*/
}
async createContactPerson (contactPerson: any) {
/*
if (await this.contactInformationById(contactPerson.contactInformationId)) {
let inserts: any;
try {
await this.connection.transaction(async entiyManager => {
inserts = await entiyManager.createQueryBuilder(ContactPerson, 'contactPerson')
.insert()
.values([contactPerson])
.returning('*')
.execute();
await entiyManager.createQueryBuilder()
.relation(ContactPerson, 'contactInformation')
.of(inserts.identifiers[0].id)
.set(contactPerson.contactInformationId);
});
} catch (e: any) {
return new GraphQLError('Transaction could not be completed');
}
return this.contactPersonById(inserts.identifiers[0].id);
} else {
return null;
}
*/
}
async updateContactPerson (contactPerson: any) {
/*
if (await this.contactPersonById(contactPerson.id)) {
const contactInformationId = contactPerson.contactInformationId;
delete contactPerson.contactInformationId;
if (contactInformationId) {
if (await this.contactInformationById(contactInformationId)) {
await this.connection.getRepository(ContactPerson)
.createQueryBuilder('contactPerson')
.update(ContactPerson)
.set({ ...contactPerson })
.where('id = :id', { id: contactPerson.id })
.execute();
await this.connection.getRepository(ContactPerson)
.createQueryBuilder('contactPerson')
.relation(ContactPerson, 'contactInformation')
.of(contactPerson.id)
.set(contactInformationId);
} else {
// supplied contactinformationId not found
return null;
}
return this.contactPersonById(contactPerson.id);
} else {
await this.connection.getRepository(ContactPerson)
.createQueryBuilder('contactPerson')
.update(ContactPerson)
.set({ ...contactPerson })
.where('id = :id', { id: contactPerson.id })
.execute();
return this.contactPersonById(contactPerson.id);
}
} else {
// updated bike not found
return null;
}
*/
}
} }

4
src/datasources/db/lendingstationAPI.ts
Unescape Escape View File

@ -14,7 +14,7 @@ export class LendingStationAPI extends DataSource {
this.connection = getConnection(); this.connection = getConnection();
} }
async getLendingStationById ({ id }: { id: any }) { async lendingStationById ({ id }: { id: any }) {
return await this.connection.manager return await this.connection.manager
.createQueryBuilder() .createQueryBuilder()
.select('lendingStation') .select('lendingStation')
@ -166,7 +166,7 @@ export class LendingStationAPI extends DataSource {
.set({ ...lendingStation }) .set({ ...lendingStation })
.where('id = :id', { id: lendingStation.id }) .where('id = :id', { id: lendingStation.id })
.execute(); .execute();
return this.getLendingStationById({ id: lendingStation.id }); return this.lendingStationById({ id: lendingStation.id });
} else { } else {
return new GraphQLError('ID not in database'); return new GraphQLError('ID not in database');
} }

141
src/resolvers/cargobikeResolver.ts
Unescape Escape View File

@ -15,115 +15,164 @@ export default {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.getCargoBikes(offset, limit); return dataSources.cargoBikeAPI.getCargoBikes(offset, limit);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
bikeEvents: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { bikeEvents: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.bikeEvents(offset, limit); return dataSources.cargoBikeAPI.bikeEvents(offset, limit);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
bikeEventById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { bikeEventById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.findBikeEventById(id); return dataSources.cargoBikeAPI.findBikeEventById(id);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
bikeEventTypeByd: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { bikeEventTypeByd: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.findBikeEventTypeById(id); return dataSources.cargoBikeAPI.findBikeEventTypeById(id);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
}
},
bikeEventTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.bikeEventTypes(offset, limit);
} else {
return new GraphQLError('Insufficient Permissions');
} }
}, },
equipment: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { equipment: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.getEquipment(offset, limit); return dataSources.cargoBikeAPI.getEquipment(offset, limit);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
equipmentById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { equipmentById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.equipmentById(id); return dataSources.cargoBikeAPI.equipmentById(id);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
equipmentTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { equipmentTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.equipmentTypes(offset, limit); return dataSources.cargoBikeAPI.equipmentTypes(offset, limit);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
equipmentTypeById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { equipmentTypeById: (_:any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.equipmentTypeById(id); return dataSources.cargoBikeAPI.equipmentTypeById(id);
} else { } else {
return new GraphQLError('Insufficiant Permissions'); return new GraphQLError('Insufficient Permissions');
}
},
bikeEventTypes: (_:any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.bikeEventTypes(offset, limit);
} else {
return new GraphQLError('Insufficiant Permissions');
} }
} }
}, },
CargoBike: { CargoBike: {
engagement (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { engagement (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.participantAPI.engagementByCargoBikeId(offset, limit, parent.id); if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementByCargoBikeId(offset, limit, parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
coordinator (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { coordinator (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { // TODO should be done with engagements
dataSources.participantAPI.participantByCargoBikeId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.participantAPI.participantByCargoBikeId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
equipment (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { equipment (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.equipmentByCargoBikeId(offset, limit, parent.id); if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.equipmentByCargoBikeId(offset, limit, parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.lendingStationByCargoBikeId(parent.id); if (req.permissions.includes(Permission.ReadLendingStation)) {
return dataSources.lendingStationAPI.lendingStationByCargoBikeId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
bikeEvents (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) { bikeEvents (parent: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.bikeEventsByCargoBikeId(parent.id, offset, limit); if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.bikeEventsByCargoBikeId(parent.id, offset, limit);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }), isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }),
lockedBy (): any {
return null;
},
timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.timeFramesByCargoBikeId(parent.id); if (req.permissions.includes(Permission.ReadTimeFrame)) {
return dataSources.lendingStationAPI.timeFramesByCargoBikeId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
equipmentType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { equipmentType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.equipmentTypeByCargoBikeId(parent.id); if (req.permissions.includes(Permission.ReadEquipment)) {
return dataSources.cargoBikeAPI.equipmentTypeByCargoBikeId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
provider (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { provider (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.providerAPI.providerByCargoBikeId(parent.id); if (req.permissions.includes(Permission.ReadProvider)) {
return dataSources.providerAPI.providerByCargoBikeId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
} }
}, },
Equipment: { Equipment: {
cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.cargoBikeByEquipmentId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.cargoBikeByEquipmentId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
BikeEvent: { BikeEvent: {
cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.cargoBikeByEventId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.cargoBikeByEventId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
bikeEventType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { bikeEventType (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.bikeEventTypeByBikeEventId(parent.id); if (req.permissions.includes(Permission.ReadBikeEvent)) {
return dataSources.cargoBikeAPI.bikeEventTypeByBikeEventId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
responsible (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { responsible (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.responsibleByBikeEventId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.cargoBikeAPI.responsibleByBikeEventId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
related (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { related (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.relatedByBikeEventId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.cargoBikeAPI.relatedByBikeEventId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
@ -160,49 +209,49 @@ export default {
} }
}, },
createBikeEvent: (_: any, { bikeEvent }: { bikeEvent: any }, { dataSources, req }: { dataSources: any, req: any }) => { createBikeEvent: (_: any, { bikeEvent }: { bikeEvent: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteBikeEvent)) {
return dataSources.cargoBikeAPI.createBikeEvent({ bikeEvent }); return dataSources.cargoBikeAPI.createBikeEvent({ bikeEvent });
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
lockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { lockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteBikeEvent)) {
return dataSources.cargoBikeAPI.lockBikeEvent(id, req.userId); return dataSources.cargoBikeAPI.lockBikeEvent(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
unlockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { unlockBikeEventById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteBikeEvent)) {
return dataSources.cargoBikeAPI.unlockBikeEvent(id, req.userId); return dataSources.cargoBikeAPI.unlockBikeEvent(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
createEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => { createEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEquipment)) {
return dataSources.cargoBikeAPI.createEquipment({ equipment }); return dataSources.cargoBikeAPI.createEquipment({ equipment });
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
lockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { lockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEquipment)) {
return dataSources.cargoBikeAPI.lockEquipment(id, req.userId); return dataSources.cargoBikeAPI.lockEquipment(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
unlockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { unlockEquipmentById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEquipment)) {
return dataSources.cargoBikeAPI.unlockEquipment(id, req.userId); return dataSources.cargoBikeAPI.unlockEquipment(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
updateEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => { updateEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEquipment)) {
return dataSources.cargoBikeAPI.updateEquipment(equipment, req.userId); return dataSources.cargoBikeAPI.updateEquipment(equipment, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

26
src/resolvers/contactinformationResolvers.ts
Unescape Escape View File

@ -34,16 +34,6 @@ export default {
} }
} }
}, },
ContactPerson: {
contactInformation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.contactInformationAPI.contactInformationByContactPersonId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
},
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
},
Person: { Person: {
contactInformation: (parent: Person, __: any, { dataSources, req }: { dataSources: any, req: any }) => { contactInformation: (parent: Person, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadPerson)) { if (req.permissions.includes(Permission.ReadPerson)) {
@ -65,22 +55,8 @@ export default {
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
Mutation: { Mutation: {
createContactPerson: (_: any, { contactPerson }: { contactPerson: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) {
return dataSources.contactInformationAPI.createContactPerson(contactPerson);
} else {
return new GraphQLError('Insufficient Permissions');
}
},
updateContactPerson: (_: any, { contactPerson }: { contactPerson: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) {
return dataSources.contactInformationAPI.updateContactPerson(contactPerson);
} else {
return new GraphQLError('Insufficient Permissions');
}
},
createContactInformation: (_: any, { contactInformation }: { contactInformation: any }, { dataSources, req }: { dataSources: any, req: any }) => { createContactInformation: (_: any, { contactInformation }: { contactInformation: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WritePerson)) {
return dataSources.contactInformationAPI.createContactInformation(contactInformation); return dataSources.contactInformationAPI.createContactInformation(contactInformation);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

56
src/resolvers/lendingstationResolvers.ts
Unescape Escape View File

@ -6,28 +6,28 @@ import { isLocked } from '../datasources/db/utils';
export default { export default {
Query: { Query: {
lendingStationById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => { lendingStationById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadLendingStation)) {
return dataSources.lendingStationAPI.getLendingStationById({ id }); return dataSources.lendingStationAPI.lendingStationById({ id });
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
lendingStations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { lendingStations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadLendingStation)) {
return dataSources.lendingStationAPI.lendingStations(offset, limit); return dataSources.lendingStationAPI.lendingStations(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
timeFrameById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { timeFrameById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadTimeFrame)) {
return dataSources.lendingStationAPI.timeFrameById(id); return dataSources.lendingStationAPI.timeFrameById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
timeframes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { timeframes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadTimeFrame)) {
return dataSources.lendingStationAPI.timeFrames(offset, limit); return dataSources.lendingStationAPI.timeFrames(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
@ -36,13 +36,25 @@ export default {
}, },
LendingStation: { LendingStation: {
timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { timeFrames (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.timeFramesByLendingStationId(parent.id); if (req.permissions.includes(Permission.ReadTimeFrame)) {
return dataSources.lendingStationAPI.timeFramesByLendingStationId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
numCargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { numCargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.numCargoBikesByLendingStationId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.lendingStationAPI.numCargoBikesByLendingStationId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
cargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { cargoBikes (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.cargoBikesByLendingStationId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.lendingStationAPI.cargoBikesByLendingStationId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
@ -60,47 +72,59 @@ export default {
return (str.length > 0) ? str : null; return (str.length > 0) ? str : null;
}, },
cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { cargoBike (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.cargoBikeByTimeFrameId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.cargoBikeByTimeFrameId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { lendingStation (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.lendingStationAPI.lendingStationByTimeFrameId(parent.id); if (req.permissions.includes(Permission.ReadLendingStation)) {
return dataSources.lendingStationAPI.lendingStationByTimeFrameId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
Mutation: { Mutation: {
createLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { createLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteLendingStation)) {
return dataSources.lendingStationAPI.createLendingStation(lendingStation); return dataSources.lendingStationAPI.createLendingStation(lendingStation);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
lockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { lockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteLendingStation)) {
return dataSources.lendingStationAPI.lockLendingStationById(id, req.userId); return dataSources.lendingStationAPI.lockLendingStationById(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
unlockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { unlockLendingStationById: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => {
return dataSources.lendingStationAPI.unlockLendingStationById(id, req.userId); if (req.permissions.includes(Permission.WriteLendingStation)) {
return dataSources.lendingStationAPI.unlockLendingStationById(id, req.userId);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
updateLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { updateLendingStation: (_: any, { lendingStation }:{ lendingStation: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteLendingStation)) {
return dataSources.lendingStationAPI.updateLendingStation({ lendingStation }); return dataSources.lendingStationAPI.updateLendingStation({ lendingStation });
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
createTimeFrame: (_: any, { timeFrame }:{ timeFrame: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => { createTimeFrame: (_: any, { timeFrame }:{ timeFrame: LendingStation }, { dataSources, req }:{dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteTimeFrame)) {
return dataSources.lendingStationAPI.createTimeFrame(timeFrame); return dataSources.lendingStationAPI.createTimeFrame(timeFrame);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
lockTimeFrame: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => { lockTimeFrame: (_: any, { id }:{ id: number }, { dataSources, req }:{dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteTimeFrame)) {
return dataSources.lendingStationAPI.lockTimeFrame(id, req.userId); return dataSources.lendingStationAPI.lockTimeFrame(id, req.userId);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

51
src/resolvers/participantResolvers.ts
Unescape Escape View File

@ -1,47 +1,46 @@
import { GraphQLError } from 'graphql'; import { GraphQLError } from 'graphql';
import { Permission } from '../datasources/userserver/permission'; import { Permission } from '../datasources/userserver/permission';
import { EngagementType } from '../model/EngagementType';
import { isLocked } from '../datasources/db/utils'; import { isLocked } from '../datasources/db/utils';
export default { export default {
Query: { Query: {
participantById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => { participantById: (_: any, { id }: { id: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.participantAPI.getParticipantById(id); return dataSources.participantAPI.getParticipantById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
participants: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { participants: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.participantAPI.getParticipants(offset, limit); return dataSources.participantAPI.getParticipants(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
engagementById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { engagementById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementById(id); return dataSources.participantAPI.engagementById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
engagements: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { engagements: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagements(offset, limit); return dataSources.participantAPI.engagements(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
engagementTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { engagementTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementTypeById(id); return dataSources.participantAPI.engagementTypeById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
engagementTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { engagementTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementTypes(offset, limit); return dataSources.participantAPI.engagementTypes(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
@ -50,22 +49,42 @@ export default {
}, },
Participant: { Participant: {
engagement (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { engagement (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.participantAPI.engagementByParticipantId(parent.id); if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementByParticipantId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
contactInformation (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { contactInformation (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) {
return (dataSources.participantAPI.contactInformationByParticipantId(parent.id)); if (req.permissions.includes(Permission.ReadPerson)) {
return (dataSources.participantAPI.contactInformationByParticipantId(parent.id));
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
Engagement: { Engagement: {
cargoBike (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { cargoBike (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.cargoBikeAPI.findCargoBikeByEngagementId(parent.id); if (req.permissions.includes(Permission.ReadBike)) {
return dataSources.cargoBikeAPI.findCargoBikeByEngagementId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
participant (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) { participant (parent: any, _: any, { dataSources, req }: { dataSources: any, req: any }) {
return dataSources.participantAPI.participantByEngagementId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.participantAPI.participantByEngagementId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
engagementType (parent: any, _: any, { dataSources, req }: { dataSources: any; req: any }): Promise<EngagementType> { engagementType (parent: any, _: any, { dataSources, req }: { dataSources: any; req: any }) {
return dataSources.participantAPI.engagementTypeByEngagementId(parent.id); if (req.permissions.includes(Permission.ReadEngagement)) {
return dataSources.participantAPI.engagementTypeByEngagementId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
from (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) { from (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) {
return (parent.dateRange as string).split(',')[0].replace('[', ''); return (parent.dateRange as string).split(',')[0].replace('[', '');
@ -78,21 +97,21 @@ export default {
}, },
Mutation: { Mutation: {
createParticipant: (_: any, { participant }: { participant: any }, { dataSources, req }: { dataSources: any, req: any }) => { createParticipant: (_: any, { participant }: { participant: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteParticipant)) {
return dataSources.participantAPI.createParticipant(participant); return dataSources.participantAPI.createParticipant(participant);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
createEngagement: (_: any, { engagement }: { engagement: any }, { dataSources, req }: { dataSources: any, req: any }) => { createEngagement: (_: any, { engagement }: { engagement: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEngagement)) {
return dataSources.participantAPI.createEngagement(engagement); return dataSources.participantAPI.createEngagement(engagement);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
createEngagementType: (_: any, { engagementType }: { engagementType: any }, { dataSources, req }: { dataSources: any, req: any }) => { createEngagementType: (_: any, { engagementType }: { engagementType: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteEngagementType)) {
return dataSources.participantAPI.createEngagementType(engagementType); return dataSources.participantAPI.createEngagementType(engagementType);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

36
src/resolvers/providerResolvers.ts
Unescape Escape View File

@ -5,28 +5,28 @@ import { isLocked } from '../datasources/db/utils';
export default { export default {
Query: { Query: {
providers: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { providers: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadProvider)) {
return dataSources.providerAPI.provider(offset, limit); return dataSources.providerAPI.provider(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
providerById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { providerById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadProvider)) {
return dataSources.providerAPI.providerById(id); return dataSources.providerAPI.providerById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
organisations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { organisations: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadOrganisation)) {
return dataSources.providerAPI.organisations(offset, limit); return dataSources.providerAPI.organisations(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
organisationById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { organisationById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadOrganisation)) {
return dataSources.providerAPI.organisationById(id); return dataSources.providerAPI.organisationById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
@ -42,32 +42,48 @@ export default {
} }
}, },
organisation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { organisation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.providerAPI.organisationByProviderId(parent.id); if (req.permissions.includes(Permission.ReadOrganisation)) {
return dataSources.providerAPI.organisationByProviderId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
privatePerson: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { privatePerson: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.providerAPI.privatePersonByProviderId(parent.id); if (req.permissions.includes(Permission.ReadPerson)) {
return dataSources.providerAPI.privatePersonByProviderId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
Organisation: { Organisation: {
provider: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { provider: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.providerAPI.providerByOrganisationId(parent.id); if (req.permissions.includes(Permission.ReadProvider)) {
return dataSources.providerAPI.providerByOrganisationId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
contactInformation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => { contactInformation: (parent: any, __: any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.providerAPI.contactInformationByOrganisationId(parent.id); if (req.permissions.includes(Permission.ReadPerson)) {
return dataSources.providerAPI.contactInformationByOrganisationId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
Mutation: { Mutation: {
createProvider: (_: any, { provider }: { provider: number }, { dataSources, req }: { dataSources: any, req: any }) => { createProvider: (_: any, { provider }: { provider: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteBike)) { if (req.permissions.includes(Permission.WriteProvider)) {
return dataSources.providerAPI.createProvider(provider); return dataSources.providerAPI.createProvider(provider);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
createOrganisation: (_: any, { organisation }: { organisation: any }, { dataSources, req }: { dataSources: any, req: any }) => { createOrganisation: (_: any, { organisation }: { organisation: any }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteProvider)) { if (req.permissions.includes(Permission.WriteOrganisation)) {
return dataSources.providerAPI.createOrganisation(organisation); return dataSources.providerAPI.createOrganisation(organisation);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

22
src/resolvers/workshopResolvers.ts
Unescape Escape View File

@ -5,28 +5,28 @@ import { isLocked } from '../datasources/db/utils';
export default { export default {
Query: { Query: {
workshopTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { workshopTypeById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadWorkshop)) {
return dataSources.workshopAPI.workshopTypeById(id); return dataSources.workshopAPI.workshopTypeById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
workshopTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { workshopTypes: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadWorkshop)) {
return dataSources.workshopAPI.workshopTypes(offset, limit); return dataSources.workshopAPI.workshopTypes(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
workshopById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => { workshopById: (_: any, { id }: { id: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadWorkshop)) {
return dataSources.workshopAPI.workshopById(id); return dataSources.workshopAPI.workshopById(id);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
} }
}, },
workshops: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => { workshops: (_: any, { offset, limit }: { offset: number, limit: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.ReadBike)) { if (req.permissions.includes(Permission.ReadWorkshop)) {
return dataSources.workshopAPI.workshops(offset, limit); return dataSources.workshopAPI.workshops(offset, limit);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');
@ -35,10 +35,18 @@ export default {
}, },
Workshop: { Workshop: {
trainer1: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => { trainer1: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.workshopAPI.trainer1ByWorkshopId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.workshopAPI.trainer1ByWorkshopId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
trainer2: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => { trainer2: (parent: any, __:any, { dataSources, req }: { dataSources: any, req: any }) => {
return dataSources.workshopAPI.trainer2ByWorkshopId(parent.id); if (req.permissions.includes(Permission.ReadParticipant)) {
return dataSources.workshopAPI.trainer2ByWorkshopId(parent.id);
} else {
return new GraphQLError('Insufficient Permissions');
}
}, },
isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req }) isLocked: (parent: any, __: any, { dataSources, req }: { dataSources: any; req: any }) => isLocked(parent, { dataSources, req })
}, },
@ -47,7 +55,7 @@ export default {
}, },
Mutation: { Mutation: {
createWorkshop: (_: any, { workshop }: { workshop: number }, { dataSources, req }: { dataSources: any, req: any }) => { createWorkshop: (_: any, { workshop }: { workshop: number }, { dataSources, req }: { dataSources: any, req: any }) => {
if (req.permissions.includes(Permission.WriteWorkshopType)) { if (req.permissions.includes(Permission.WriteWorkshop)) {
return dataSources.workshopAPI.createWorkshop(workshop); return dataSources.workshopAPI.createWorkshop(workshop);
} else { } else {
return new GraphQLError('Insufficient Permissions'); return new GraphQLError('Insufficient Permissions');

27
src/schema/type-defs.ts
Unescape Escape View File

@ -633,28 +633,6 @@ input ContactInformationUpdateInput {
note: String note: String
} }
"describes Relation of Contact to Provider"
type ContactPerson {
id: ID!
intern: Boolean!
contactInformation: ContactInformation!
isLocked: Boolean!
"null if not locked by other user"
lockedBy: ID
lockedUntil: Date
}
input ContactPersonCreateInput {
intern: Boolean!
contactInformationId: ID!
}
input ContactPersonUpdateInput {
id: ID!
intern: Boolean
contactInformationId: ID
}
type Organisation { type Organisation {
id: ID! id: ID!
name: String! name: String!
@ -904,13 +882,8 @@ type Mutation {
createEngagementType(engagementType: EngagementTypeCreateInput!): EngagementType! createEngagementType(engagementType: EngagementTypeCreateInput!): EngagementType!
"create Engagement" "create Engagement"
createEngagement(engagement: EngagementCreateInput): Engagement! createEngagement(engagement: EngagementCreateInput): Engagement!
"createContactPerson, return null if contactInformationId does not exist"
createContactPerson(contactPerson: ContactPersonCreateInput): ContactPerson
updateContactPerson(contactPerson: ContactPersonUpdateInput): ContactPerson
"create Provider, if cargoBikeIds or contactPersonIds are not valid, provider will still be created"
createProvider(provider: ProviderCreateInput!): Provider! createProvider(provider: ProviderCreateInput!): Provider!
createOrganisation(organisation: OrganisationCreateInput!): Organisation! createOrganisation(organisation: OrganisationCreateInput!): Organisation!
} }
`; `;

Write Preview
Loading…
Cancel
Save