chore: enable collab ac (#333)

This commit is contained in:
Nathan.fooo 2024-02-20 11:59:44 +08:00 committed by GitHub
parent 558fafc589
commit 119d6abe53
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 31 additions and 26 deletions

View File

@ -46,8 +46,8 @@ impl RealtimeMetrics {
} }
pub fn record_mem_cache_usage(&self, size_in_bytes: usize) { pub fn record_mem_cache_usage(&self, size_in_bytes: usize) {
let size_in_mb = size_in_bytes / (1024 * 1024); let size_in_mb = size_in_bytes / 1024;
trace!("[metrics]: mem_cache_usage: {} MB", size_in_mb); trace!("[metrics]: mem_cache_usage: {} KB", size_in_mb);
self.mem_cache_usage.set(size_in_mb as i64); self.mem_cache_usage.set(size_in_mb as i64);
} }

View File

@ -80,19 +80,17 @@ impl CollabAccessControl for CollabAccessControlImpl {
.await .await
} }
async fn can_send_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> { async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
Ok(true) self
// self .access_control
// .access_control .enforce(uid, &ObjectType::Collab(oid), Action::Write)
// .enforce(uid, &ObjectType::Collab(oid), Action::Write) .await
// .await
} }
async fn can_receive_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> { async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
Ok(true) self
// self .access_control
// .access_control .enforce(uid, &ObjectType::Collab(oid), Action::Read)
// .enforce(uid, &ObjectType::Collab(oid), Action::Read) .await
// .await
} }
} }

View File

@ -123,7 +123,9 @@ async fn test_collab_access_control_when_obj_not_exist(pool: PgPool) -> anyhow::
let user = create_user(&pool).await?; let user = create_user(&pool).await?;
for method in [Method::GET, Method::POST, Method::PUT, Method::DELETE] { for method in [Method::GET, Method::POST, Method::PUT, Method::DELETE] {
assert_can_access_http_method(&collab_access_control, &user.uid, "fake_id", method, true).await; assert_can_access_http_method(&collab_access_control, &user.uid, "fake_id", method, true)
.await
.unwrap();
} }
Ok(()) Ok(())
@ -155,7 +157,8 @@ async fn test_collab_access_control_access_http_method(pool: PgPool) -> anyhow::
}], }],
) )
.await .await
.context("adding users to workspace")?; .context("adding users to workspace")
.unwrap();
for method in [Method::GET, Method::POST, Method::PUT, Method::DELETE] { for method in [Method::GET, Method::POST, Method::PUT, Method::DELETE] {
assert_can_access_http_method( assert_can_access_http_method(
@ -165,7 +168,8 @@ async fn test_collab_access_control_access_http_method(pool: PgPool) -> anyhow::
method, method,
true, true,
) )
.await; .await
.unwrap();
} }
assert!( assert!(
@ -183,7 +187,8 @@ async fn test_collab_access_control_access_http_method(pool: PgPool) -> anyhow::
Method::GET, Method::GET,
true, true,
) )
.await; .await
.unwrap();
// guest should not have write access // guest should not have write access
assert_can_access_http_method( assert_can_access_http_method(
@ -193,7 +198,8 @@ async fn test_collab_access_control_access_http_method(pool: PgPool) -> anyhow::
Method::POST, Method::POST,
false, false,
) )
.await; .await
.unwrap();
assert!( assert!(
!collab_access_control !collab_access_control
@ -249,7 +255,6 @@ async fn test_collab_access_control_send_receive_collab_update(pool: PgPool) ->
.context("adding users to workspace")?; .context("adding users to workspace")?;
// Need to wait for the listener(spawn_listen_on_workspace_member_change) to receive the event // Need to wait for the listener(spawn_listen_on_workspace_member_change) to receive the event
//
sleep(Duration::from_secs(2)).await; sleep(Duration::from_secs(2)).await;
assert!( assert!(

View File

@ -1,5 +1,5 @@
use actix_http::Method; use actix_http::Method;
use anyhow::Context; use anyhow::{Context, Error};
use app_error::ErrorCode; use app_error::ErrorCode;
use appflowy_cloud::biz::casbin::{CollabAccessControlImpl, WorkspaceAccessControlImpl}; use appflowy_cloud::biz::casbin::{CollabAccessControlImpl, WorkspaceAccessControlImpl};
use appflowy_cloud::biz::workspace::access_control::WorkspaceAccessControl; use appflowy_cloud::biz::workspace::access_control::WorkspaceAccessControl;
@ -273,7 +273,7 @@ pub async fn assert_can_access_http_method(
object_id: &str, object_id: &str,
method: Method, method: Method,
expected: bool, expected: bool,
) { ) -> Result<(), Error> {
let timeout_duration = Duration::from_secs(10); let timeout_duration = Duration::from_secs(10);
let retry_interval = Duration::from_millis(300); let retry_interval = Duration::from_millis(300);
let mut retries = 0usize; let mut retries = 0usize;
@ -304,7 +304,6 @@ pub async fn assert_can_access_http_method(
} }
}; };
timeout(timeout_duration, operation) timeout(timeout_duration, operation).await?;
.await Ok(())
.expect("Operation timed out");
} }

View File

@ -434,6 +434,9 @@ async fn multiple_user_with_read_and_write_permission_edit_same_collab_test() {
expected_json.insert(index.to_string(), s); expected_json.insert(index.to_string(), s);
} }
// wait 5 seconds to make sure all the server broadcast the updates to all the clients
sleep(Duration::from_secs(5)).await;
// all the clients should have the same collab object // all the clients should have the same collab object
assert_json_include!( assert_json_include!(
actual: json!(expected_json), actual: json!(expected_json),

View File

@ -467,7 +467,7 @@ async fn post_realtime_message_test() {
let task = tokio::spawn(async move { let task = tokio::spawn(async move {
let mut new_user = TestClient::new_user().await; let mut new_user = TestClient::new_user().await;
// sleep 2 secs to make sure it do not trigger register user too fast in gotrue // sleep 2 secs to make sure it do not trigger register user too fast in gotrue
sleep(Duration::from_secs(i % 3)).await; sleep(Duration::from_secs(i % 5)).await;
let object_id = Uuid::new_v4().to_string(); let object_id = Uuid::new_v4().to_string();
let workspace_id = new_user.workspace_id().await; let workspace_id = new_user.workspace_id().await;