chore: save current progress

This commit is contained in:
Zack Fu Zi Xiang 2024-03-03 19:06:24 +08:00
parent bc3fccfcea
commit 439a59ed2d
No known key found for this signature in database
9 changed files with 49 additions and 28 deletions

View File

@ -15,9 +15,9 @@ use collab_entity::CollabType;
use collab_folder::Folder; use collab_folder::Folder;
use database_entity::dto::{ use database_entity::dto::{
AFAccessLevel, AFRole, AFSnapshotMeta, AFSnapshotMetas, AFUserWorkspaceInfo, AFWorkspace, AFAccessLevel, AFRole, AFSnapshotMeta, AFSnapshotMetas, AFUserWorkspaceInfo, AFWorkspace,
AFWorkspaceMember, BatchQueryCollabResult, CollabParams, CreateCollabParams, AFWorkspaceInvitationStatus, AFWorkspaceMember, BatchQueryCollabResult, CollabParams,
InsertCollabMemberParams, QueryCollab, QueryCollabParams, QuerySnapshotParams, SnapshotData, CreateCollabParams, InsertCollabMemberParams, QueryCollab, QueryCollabParams,
UpdateCollabMemberParams, QuerySnapshotParams, SnapshotData, UpdateCollabMemberParams,
}; };
use mime::Mime; use mime::Mime;
use serde_json::Value; use serde_json::Value;
@ -121,7 +121,7 @@ impl TestClient {
role: AFRole, role: AFRole,
) { ) {
self self
.try_add_workspace_member(workspace_id, other_client, role) .invite_and_accepted_workspace_member(workspace_id, other_client, role)
.await .await
.unwrap(); .unwrap();
} }
@ -174,13 +174,19 @@ impl TestClient {
.await .await
} }
pub async fn try_add_workspace_member( pub async fn invite_and_accepted_workspace_member(
&self, &self,
workspace_id: &str, workspace_id: &str,
other_client: &TestClient, other_client: &TestClient,
role: AFRole, role: AFRole,
) -> Result<(), AppResponseError> { ) -> Result<(), AppResponseError> {
let email = other_client.email().await; let email = other_client.email().await;
// self
// .api_client
// .add_workspace_members(workspace_id, vec![CreateWorkspaceMember { email, role }])
// .await
self self
.api_client .api_client
.invite_workspace_members( .invite_workspace_members(
@ -189,17 +195,21 @@ impl TestClient {
) )
.await?; .await?;
todo!() let invitations = other_client
// let invis = other_client.api_client.list_workspace_invitations().await?; .api_client
// let invis = invis .list_workspace_invitations(Some(AFWorkspaceInvitationStatus::Pending))
// .iter() .await
// .filter(|inv| inv.email == email) .unwrap();
// .collect::<Vec<_>>();
// self let target_invitation = invitations
// .api_client .iter()
// .add_workspace_members(workspace_id, vec![CreateWorkspaceMember { email, role }]) .find(|inv| inv.workspace_id.to_string().as_str() == workspace_id)
// .await .unwrap();
other_client
.api_client
.accept_workspace_invitation(&target_invitation.invite_id.to_string().as_str())
.await
} }
pub async fn try_remove_workspace_member( pub async fn try_remove_workspace_member(

View File

@ -271,12 +271,9 @@ pub async fn insert_workspace_invitation(
pub async fn update_workspace_invitation_set_invited( pub async fn update_workspace_invitation_set_invited(
txn: &mut Transaction<'_, sqlx::Postgres>, txn: &mut Transaction<'_, sqlx::Postgres>,
user_uuid: &Uuid, invitee_uuid: &Uuid,
invite_id: &Uuid, invite_id: &Uuid,
) -> Result<(), AppError> { ) -> Result<(), AppError> {
println!("--------- user_uuid: {:?}", user_uuid);
println!("--------- invite_id: {:?}", invite_id);
let res = sqlx::query_scalar!( let res = sqlx::query_scalar!(
r#" r#"
UPDATE public.af_workspace_invitation UPDATE public.af_workspace_invitation
@ -284,7 +281,7 @@ pub async fn update_workspace_invitation_set_invited(
WHERE invitee = (SELECT uid FROM public.af_user WHERE uuid = $1) WHERE invitee = (SELECT uid FROM public.af_user WHERE uuid = $1)
AND id = $2 AND id = $2
"#, "#,
user_uuid, invitee_uuid,
invite_id, invite_id,
) )
.execute(txn.deref_mut()) .execute(txn.deref_mut())

View File

@ -34,9 +34,23 @@ CREATE OR REPLACE FUNCTION add_to_af_workspace_member()
RETURNS TRIGGER AS $$ RETURNS TRIGGER AS $$
BEGIN BEGIN
IF NEW.status = 1 THEN IF NEW.status = 1 THEN
-- workspace permission
INSERT INTO af_workspace_member (workspace_id, uid, role_id) INSERT INTO af_workspace_member (workspace_id, uid, role_id)
VALUES (NEW.workspace_id, NEW.invitee, NEW.role_id) VALUES (NEW.workspace_id, NEW.invitee, NEW.role_id)
ON CONFLICT (workspace_id, uid) DO NOTHING; ON CONFLICT (workspace_id, uid) DO NOTHING;
-- collab permission
INSERT INTO af_collab_member (uid, oid, permission_id)
VALUES (
NEW.invitee,
NEW.workspace_id,
(SELECT permission_id
FROM public.af_role_permissions
WHERE public.af_role_permissions.role_id = NEW.role_id)
)
ON CONFLICT (uid, oid)
DO UPDATE
SET permission_id = excluded.permission_id;
END IF; END IF;
RETURN NEW; RETURN NEW;
END; END;

View File

@ -72,7 +72,7 @@ pub fn workspace_scope() -> Scope {
.service( .service(
web::resource("/{workspace_id}/member") web::resource("/{workspace_id}/member")
.route(web::get().to(get_workspace_members_handler)) .route(web::get().to(get_workspace_members_handler))
.route(web::post().to(create_workspace_members_handler)) // deprecated .route(web::post().to(create_workspace_members_handler)) // deprecated, use invite flow instead
.route(web::put().to(update_workspace_member_handler)) .route(web::put().to(update_workspace_member_handler))
.route(web::delete().to(remove_workspace_member_handler)), .route(web::delete().to(remove_workspace_member_handler)),
) )

View File

@ -120,8 +120,10 @@ where
) -> Result<(), AppError> { ) -> Result<(), AppError> {
if self.should_skip(&method, path) { if self.should_skip(&method, path) {
trace!("Skip access control for the request"); trace!("Skip access control for the request");
println!("------- Skip access control for the request");
return Ok(()); return Ok(());
} }
println!("----- Check access control for the request");
// For some specific resources, we require a specific role to access them instead of the action. // For some specific resources, we require a specific role to access them instead of the action.
// For example, Both AFRole::Owner and AFRole::Member have the write permission to the workspace, // For example, Both AFRole::Owner and AFRole::Member have the write permission to the workspace,
@ -147,6 +149,8 @@ where
if result { if result {
Ok(()) Ok(())
} else { } else {
println!("------------------------------ Not enough permissions");
Err(AppError::NotEnoughPermissions { Err(AppError::NotEnoughPermissions {
user: uid.to_string(), user: uid.to_string(),
action: format!( action: format!(

View File

@ -202,11 +202,6 @@ pub async fn list_workspace_invitations_for_user(
/// - Determines the access level based on the member's role. /// - Determines the access level based on the member's role.
/// - If the member exists (based on their email), inserts them into the workspace and updates their collaboration access level. /// - If the member exists (based on their email), inserts them into the workspace and updates their collaboration access level.
/// 3. Commits the database transaction. /// 3. Commits the database transaction.
///
/// # Returns
/// - A `Result` containing a `HashMap` where the key is the user ID (`uid`) and the value is the role (`AFRole`) assigned to the user in the workspace.
/// If there's an error during the operation, an `AppError` is returned.
///
#[instrument(level = "debug", skip_all, err)] #[instrument(level = "debug", skip_all, err)]
pub async fn add_workspace_members( pub async fn add_workspace_members(
pg_pool: &PgPool, pg_pool: &PgPool,

View File

@ -168,6 +168,7 @@ where
Box::pin(async move { Box::pin(async move {
// If the workspace_id or collab_object_id is not present, skip the access control // If the workspace_id or collab_object_id is not present, skip the access control
if workspace_id.is_none() && object_id.is_none() { if workspace_id.is_none() && object_id.is_none() {
println!("-------- Skip access control for the request");
return fut.await; return fut.await;
} }

View File

@ -4,7 +4,7 @@ use shared_entity::dto::workspace_dto::WorkspaceMemberInvitation;
#[tokio::test] #[tokio::test]
async fn invite_workspace_crud() { async fn invite_workspace_crud() {
let (alice_client, alice) = generate_unique_registered_user_client().await; let (alice_client, _alice) = generate_unique_registered_user_client().await;
let alice_workspace_id = alice_client let alice_workspace_id = alice_client
.get_workspaces() .get_workspaces()
.await .await

View File

@ -49,7 +49,7 @@ async fn add_workspace_members_not_enough_permission() {
// client 2 add client 3 to client 1's workspace but permission denied // client 2 add client 3 to client 1's workspace but permission denied
let error = member_1 let error = member_1
.try_add_workspace_member(&workspace_id, &member_2, AFRole::Member) .invite_and_accepted_workspace_member(&workspace_id, &member_2, AFRole::Member)
.await .await
.unwrap_err(); .unwrap_err();
assert_eq!(error.code, ErrorCode::NotEnoughPermissions); assert_eq!(error.code, ErrorCode::NotEnoughPermissions);