Skip to content

Commit

Permalink
fallout: open_form.* -> form.*_open name change, and remove redundanc…
Browse files Browse the repository at this point in the history 
…y since now we have formalized verb implication of (read, list) -> (read_open, list_open)
  • Loading branch information
@brontolosone
brontolosone committed Oct 2, 2024
1 parent ddf623c commit b1a0f60
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 11 deletions.
4 changes: 0 additions & 4 deletions lib/model/query/auth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,6 @@ limit 1`)
const canAssignRole = (actor, role, actee) => ({ Auth }) =>
Auth.verbsOn(actor.id, actee).then((hasArray) => {
const has = new Set(hasArray);
// `open_form` is subset of `form` so if someone has grant access on `form`
// they should be able do it on `open_form` as well
if (has.has('form.list')) has.add('open_form.list');
if (has.has('form.read')) has.add('open_form.read');
for (const required of role.verbs) if (!has.has(required)) return false;
return true;
});
Expand Down
4 changes: 2 additions & 2 deletions lib/model/query/forms.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -535,7 +535,7 @@ inner join
inner join projects on projects.id=forms."projectId"
inner join
(select "acteeId" from assignments
inner join (select id from roles where verbs ? 'form.read' or verbs ? 'open_form.read') as role
inner join (select id from roles where verbs ? 'form.read_open') as role
on role.id=assignments."roleId"
where "actorId"=${auth.actor.map((actor) => actor.id).orElse(-1)}) as assignment
on assignment."acteeId" in ('*', 'form', projects."acteeId", forms."acteeId")
Expand Down Expand Up @@ -623,7 +623,7 @@ inner join
(select id, max(assignment."showDraft") as "showDraft", max(assignment."showNonOpen") as "showNonOpen" from projects
inner join
(select "acteeId", 0 as "showDraft", case when verbs ? 'form.read' then 1 else 0 end as "showNonOpen" from assignments
inner join (select id, verbs from roles where verbs ? 'form.read' or verbs ? 'open_form.read') as role
inner join (select id, verbs from roles where verbs ? 'form.read_open') as role
on role.id=assignments."roleId"
where "actorId"=${actorId}
union all
Expand Down
2 changes: 1 addition & 1 deletion lib/model/query/projects.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ inner join
where "actorId"=${actorId}) as assignment
on assignment."acteeId" in ('*', 'project', projects."acteeId")
group by id
having array_agg(distinct verb) @> array['project.read', 'form.list'] or array_agg(distinct verb) @> array['project.read', 'open_form.list']
having array_agg(distinct verb) @> array['project.read', 'form.list_open']
) as filtered
on filtered.id=projects.id
`}
Expand Down
6 changes: 2 additions & 4 deletions lib/resources/forms.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,7 @@ const excelMimeTypes = {
xlsx: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'
};

const canReadForm = (auth, form) => (form.state === 'closed'
? auth.canOrReject('form.read', form)
: auth.canOrReject(['open_form.read', 'form.read'], form));
const canReadForm = (auth, form) => auth.canOrReject((form.state === 'closed' ? 'form.read' : 'form.read_open'), form);

const streamAttachment = async (container, attachment, response) => {
const { s3, Blobs, Datasets, Entities } = container;
Expand Down Expand Up @@ -64,7 +62,7 @@ module.exports = (service, endpoint) => {
service.get('/projects/:projectId/forms', endpoint(({ Forms, Projects }, { auth, params, query, queryOptions }) =>
Projects.getById(params.projectId)
.then(getOrNotFound)
.then((project) => auth.canOrReject(['form.list', 'open_form.list'], project))
.then((project) => auth.canOrReject(['form.list', 'form.list_open'], project))
.then((project) => Forms.getByProjectId(auth, project.id, false, undefined, queryOptions, isTrue(query.deleted)))));

// non-REST openrosa endpoint for project-specialized formlist.
Expand Down

0 comments on commit b1a0f60

Please sign in to comment.