Merge branch 'feature/acl-datasource-crud-policies' into 'feature/acl-spring-object'

Bug Fix : 1. user permissions during create/update of actions and datasources would now be set. 2. During update, policies are set to null in the update object to ensure that the policies are not overwritten to empty set.

See merge request theappsmith/internal-tools-server!373

app/server/appsmith-server/src/main/java/com/appsmith/server/repositories/AppsmithRepository.java

@@ -1,6 +1,7 @@
 package com.appsmith.server.repositories;
 
 import com.appsmith.server.acl.AclPermission;
+import com.appsmith.server.domains.User;
 import org.springframework.data.domain.Sort;
 import org.springframework.data.mongodb.core.query.Criteria;
 import reactor.core.publisher.Flux;
@@ -17,4 +18,6 @@ public interface AppsmithRepository<T> {
     Flux<T> queryAll(List<Criteria> criterias, AclPermission permission);
 
     Flux<T> queryAll(List<Criteria> criterias, AclPermission permission, Sort sort);
+
+    T setUserPermissionsInObject(T obj, User user);
 }

app/server/appsmith-server/src/main/java/com/appsmith/server/services/ActionCollectionServiceImpl.java

@@ -87,6 +87,10 @@ public class ActionCollectionServiceImpl implements ActionCollectionService {
 
     @Override
     public Mono<Action> updateAction(String id, Action action) {
+
+        // Since the policies are server only concept, we should first set this to null.
+        action.setPolicies(null);
+
         //The change was not in CollectionId, just go ahead and update normally
         if (action.getCollectionId() == null) {
             return layoutActionService.updateAction(id, action);

app/server/appsmith-server/src/main/java/com/appsmith/server/services/DatasourceServiceImpl.java

@@ -10,6 +10,7 @@ import com.appsmith.server.constants.AnalyticsEvents;
 import com.appsmith.server.constants.FieldName;
 import com.appsmith.server.domains.Datasource;
 import com.appsmith.server.domains.Organization;
+import com.appsmith.server.domains.User;
 import com.appsmith.server.exceptions.AppsmithError;
 import com.appsmith.server.exceptions.AppsmithException;
 import com.appsmith.server.helpers.PluginExecutorHelper;
@@ -93,8 +94,6 @@ public class DatasourceServiceImpl extends BaseService<DatasourceRepository, Dat
                     });
         }
 
-
-
         return datasourceMono
                 .flatMap(datasource1 ->
                         sessionUserService.getCurrentUser()
@@ -130,6 +129,10 @@ public class DatasourceServiceImpl extends BaseService<DatasourceRepository, Dat
         if (id == null) {
             return Mono.error(new AppsmithException(AppsmithError.INVALID_PARAMETER, FieldName.ID));
         }
+
+        // Since policies are a server only concept, first set the empty set (set by constructor) to null
+        datasource.setPolicies(null);
+
         Mono<Datasource> datasourceMono = repository.findById(id)
                 .switchIfEmpty(Mono.error(new AppsmithException(AppsmithError.NO_RESOURCE_FOUND, FieldName.DATASOURCE, id)));
 
@@ -184,9 +187,18 @@ public class DatasourceServiceImpl extends BaseService<DatasourceRepository, Dat
     }
 
     private Mono<Datasource> validateAndSaveDatasourceToRepository(Datasource datasource) {
+
+        Mono<User> currentUserMono = sessionUserService.getCurrentUser();
+
         return Mono.just(datasource)
                 .flatMap(this::validateDatasource)
-                .flatMap(repository::save);
+                .zipWith(currentUserMono)
+                .flatMap(tuple -> {
+                    Datasource savedDatasource = tuple.getT1();
+                    User user = tuple.getT2();
+                    Datasource userPermissionsInDatasource = repository.setUserPermissionsInObject(savedDatasource, user);
+                    return repository.save(userPermissionsInDatasource);
+                });
     }
 
     @Override