From 3ce5a7a7cfb51a5d3da7cda9a77e1d60d117b894 Mon Sep 17 00:00:00 2001 From: Nilesh Sarupriya Date: Fri, 17 Mar 2023 14:29:23 +0530 Subject: [PATCH] chore: add utility to check if a permission is for an entity (#21514) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Description > add utility to check if a permission is for an entity Fixes # (issue) > if no issue exists, please create an issue and ask the maintainers about this first Media > A video or a GIF is preferred. when using Loom, don’t embed because it looks like it’s a GIF. instead, just link to the video ## Type of change - Chore (housekeeping or task changes that don't impact user perception) ## How Has This Been Tested? > `testIsPermissionForEntity` ### Test Plan > Add Testsmith test cases links that relate to this PR ### Issues raised during DP testing > Link issues raised during DP testing for better visiblity and tracking (copy link from comments dropped on this PR) ## Checklist: ### Dev activity - [x] My code follows the style guidelines of this project - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [x] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes - [ ] PR is being merged under a feature flag ### QA activity: - [ ] Test plan has been approved by relevant developers - [ ] Test plan has been peer reviewed by QA - [ ] Cypress test cases have been added and approved by either SDET or manual QA - [ ] Organized project review call with relevant stakeholders after Round 1/2 of QA - [ ] Added Test Plan Approved label after reveiwing all Cypress test --------- Co-authored-by: Nilesh Sarupriya <20905988+nsarupr@users.noreply.github.com> --- .../appsmith/server/acl/AclPermission.java | 20 +++++++++++ .../server/acl/AclPermissionTest.java | 34 +++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 app/server/appsmith-server/src/test/java/com/appsmith/server/acl/AclPermissionTest.java diff --git a/app/server/appsmith-server/src/main/java/com/appsmith/server/acl/AclPermission.java b/app/server/appsmith-server/src/main/java/com/appsmith/server/acl/AclPermission.java index 611efb1e7a..371e24b12a 100644 --- a/app/server/appsmith-server/src/main/java/com/appsmith/server/acl/AclPermission.java +++ b/app/server/appsmith-server/src/main/java/com/appsmith/server/acl/AclPermission.java @@ -3,8 +3,11 @@ package com.appsmith.server.acl; import com.appsmith.external.models.BaseDomain; import com.appsmith.external.models.Datasource; import com.appsmith.server.domains.Action; +import com.appsmith.server.domains.ActionCollection; import com.appsmith.server.domains.Application; import com.appsmith.server.domains.Config; +import com.appsmith.server.domains.NewAction; +import com.appsmith.server.domains.NewPage; import com.appsmith.server.domains.Page; import com.appsmith.server.domains.PermissionGroup; import com.appsmith.server.domains.Tenant; @@ -134,4 +137,21 @@ public enum AclPermission { } return null; } + + public static boolean isPermissionForEntity(AclPermission aclPermission, Class clazz) { + Class entityClass = clazz; + /* + * Action class has been deprecated, and we have started using NewAction class instead. + * Page class has been deprecated, and we have started using NewPage class instead. + * NewAction and ActionCollection are similar entities w.r.t. AclPermissions. + * Hence, whenever we want to check for any Permission w.r.t. NewAction or Action Collection, we use Action, and + * whenever we want to check for any Permission w.r.t. NewPage, we use Page. + */ + if (entityClass.equals(NewAction.class) || entityClass.equals(ActionCollection.class)) { + entityClass = Action.class; + } else if (entityClass.equals(NewPage.class)) { + entityClass = Page.class; + } + return aclPermission.getEntity().equals(entityClass); + } } diff --git a/app/server/appsmith-server/src/test/java/com/appsmith/server/acl/AclPermissionTest.java b/app/server/appsmith-server/src/test/java/com/appsmith/server/acl/AclPermissionTest.java new file mode 100644 index 0000000000..7e44b54384 --- /dev/null +++ b/app/server/appsmith-server/src/test/java/com/appsmith/server/acl/AclPermissionTest.java @@ -0,0 +1,34 @@ +package com.appsmith.server.acl; + +import com.appsmith.server.domains.Action; +import com.appsmith.server.domains.ActionCollection; +import com.appsmith.server.domains.Application; +import com.appsmith.server.domains.NewAction; +import com.appsmith.server.domains.NewPage; +import com.appsmith.server.domains.Page; +import com.appsmith.server.domains.Theme; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.springframework.test.context.junit.jupiter.SpringExtension; + +import static org.assertj.core.api.Assertions.assertThat; + +@ExtendWith(SpringExtension.class) +class AclPermissionTest { + + @Test + void testIsPermissionForEntity() { + assertThat(AclPermission.isPermissionForEntity(AclPermission.READ_APPLICATIONS, Application.class)).isTrue(); + assertThat(AclPermission.isPermissionForEntity(AclPermission.READ_APPLICATIONS, Theme.class)).isFalse(); + + + // Assert that Action related Permission should return True, when checked against Action, NewAction and Action Collection. + assertThat(AclPermission.isPermissionForEntity(AclPermission.MANAGE_ACTIONS, Action.class)).isTrue(); + assertThat(AclPermission.isPermissionForEntity(AclPermission.MANAGE_ACTIONS, NewAction.class)).isTrue(); + assertThat(AclPermission.isPermissionForEntity(AclPermission.MANAGE_ACTIONS, ActionCollection.class)).isTrue(); + + // Assert that Page related Permission should return True, when checked against Page and NewPage. + assertThat(AclPermission.isPermissionForEntity(AclPermission.MANAGE_PAGES, Page.class)).isTrue(); + assertThat(AclPermission.isPermissionForEntity(AclPermission.MANAGE_PAGES, NewPage.class)).isTrue(); + } +} \ No newline at end of file