Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(rbac): backend part - store role description to the database #1178

Merged
merged 7 commits into from
Feb 20, 2024
Merged

feat(rbac): backend part - store role description to the database #1178

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
dbe0220
fix(rbac): store role description to the database
AndrienkoAleksandr Feb 14, 2024
680bf43
fix(rbac): fix update description when role is without changes
AndrienkoAleksandr Feb 15, 2024
a5b711d
fix(rbac): add more unit tests
AndrienkoAleksandr Feb 19, 2024
78e0df1
fix(rbac): fix and optimize old migration scripts
AndrienkoAleksandr Feb 19, 2024
96d74d7
fix(rbac): fix unit tests and migration scripts
AndrienkoAleksandr Feb 19, 2024
17ac1ae
fix(rbac): fix compilation after rebase to main branch
AndrienkoAleksandr Feb 20, 2024
55661fe
fix(rbac): fix migration scripts for sqlite
AndrienkoAleksandr Feb 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 27 additions & 20 deletions plugins/rbac-backend/migrations/20231212224526_migrations.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
*/
exports.up = async function up(knex) {
const casbinDoesExist = await knex.schema.hasTable('casbin_rule');
const policyMetadataDoesExist = await knex.schema.hasTable('policy-metadata');
let policies = [];
let groupPolicies = [];

Expand Down Expand Up @@ -34,26 +35,32 @@ exports.up = async function up(knex) {
});
}

await knex.schema
.createTable('policy-metadata', table => {
table.increments('id').primary();
table.string('policy').primary();
table.string('source');
})
.then(async () => {
for (const policy of policies) {
await knex
.table('policy-metadata')
.insert({ source: 'legacy', policy: policy });
}
})
.then(async () => {
for (const groupPolicy of groupPolicies) {
await knex
.table('policy-metadata')
.insert({ source: 'legacy', policy: groupPolicy });
}
});
if (!policyMetadataDoesExist) {
await knex.schema
.createTable('policy-metadata', table => {
table.increments('id').primary();
table.string('policy').primary();
table.string('source');
})
.then(async () => {
const metadata = [];
for (const policy of policies) {
metadata.push({ source: 'legacy', policy: policy });
}
if (metadata.length > 0) {
await knex.table('policy-metadata').insert(metadata);
}
})
.then(async () => {
const metadata = [];
for (const groupPolicy of groupPolicies) {
metadata.push({ source: 'legacy', policy: groupPolicy });
}
if (metadata.length > 0) {
await knex.table('policy-metadata').insert(metadata);
}
});
}
};

/**
Expand Down
47 changes: 21 additions & 26 deletions plugins/rbac-backend/migrations/20231221113214_migrations.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,44 +4,39 @@
*/
exports.up = async function up(knex) {
const casbinDoesExist = await knex.schema.hasTable('casbin_rule');
let groupPolicies = [];
const roleMetadataDoesExist = await knex.schema.hasTable('role-metadata');
const groupPolicies = new Set();

if (casbinDoesExist) {
groupPolicies = await knex
await knex
.select('*')
.from('casbin_rule')
.where('ptype', 'g')
.then(listGroupPolicies => {
const allGroupPolicies = [];
let rbacFlag = false;
for (const groupPolicy of listGroupPolicies) {
const { v1 } = groupPolicy;
if (v1 === 'role:default/rbac_admin') {
rbacFlag = true;
continue;
}
allGroupPolicies.push(v1);
groupPolicies.add(v1);
}
if (rbacFlag) {
allGroupPolicies.push('role:default/rbac_admin');
}
return allGroupPolicies;
});
}

await knex.schema
.createTable('role-metadata', table => {
table.increments('id').primary();
table.string('roleEntityRef').primary();
table.string('source');
})
.then(async () => {
for (const groupPolicy of groupPolicies) {
await knex
.table('role-metadata')
.insert({ source: 'legacy', roleEntityRef: groupPolicy });
}
});
if (!roleMetadataDoesExist) {
await knex.schema
.createTable('role-metadata', table => {
table.increments('id').primary();
table.string('roleEntityRef').primary();
table.string('source');
})
.then(async () => {
const metadata = [];
for (const groupPolicy of groupPolicies) {
metadata.push({ source: 'legacy', roleEntityRef: groupPolicy });
}
if (metadata.length > 0) {
await knex.table('role-metadata').insert(metadata);
}
});
}
};

/**
Expand Down
25 changes: 25 additions & 0 deletions plugins/rbac-backend/migrations/20240201144429_migrations.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
/**
* @param { import("knex").Knex } knex
* @returns { Promise<void> }
*/
exports.up = async function up(knex) {
const isRoleMetaDataExist = await knex.schema.hasTable('role-metadata');
if (isRoleMetaDataExist) {
await knex.schema.alterTable('role-metadata', table => {
table.string('description');
});
}
};

/**
* @param { import("knex").Knex } knex
* @returns { Promise<void> }
*/
exports.down = async function down(knex) {
const isRoleMetaDataExist = await knex.schema.hasTable('role-metadata');
if (isRoleMetaDataExist) {
await knex.schema.alterTable('role-metadata', table => {
table.dropColumn('description');
});
}
};
11 changes: 11 additions & 0 deletions plugins/rbac-backend/src/database/policy-metadata-storage.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,17 @@ describe('policy-metadata-db-table', () => {
}),
migrations: { skip: false },
};
await knex.schema.createTable('casbin_rule', table => {
table.increments('id').primary();
table.string('ptype');
table.string('v0');
table.string('v1');
table.string('v2');
table.string('v3');
table.string('v4');
table.string('v5');
table.string('v6');
});
await migrate(databaseManagerMock);
return {
knex,
Expand Down
56 changes: 43 additions & 13 deletions plugins/rbac-backend/src/database/role-metadata.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,17 @@ describe('role-metadata-db-table', () => {
}),
migrations: { skip: false },
};
await knex.schema.createTable('casbin_rule', table => {
table.increments('id').primary();
table.string('ptype');
table.string('v0');
table.string('v1');
table.string('v2');
table.string('v3');
table.string('v4');
table.string('v5');
table.string('v6');
});
await migrate(databaseManagerMock);
return {
knex,
Expand Down Expand Up @@ -69,7 +80,12 @@ describe('role-metadata-db-table', () => {
trx,
);
await trx.commit();
expect(roleMetadata).toEqual({ source: 'rest' });
expect(roleMetadata).toEqual({
description: null,
id: 1,
roleEntityRef: 'role:default/some-super-important-role',
source: 'rest',
});
} catch (err) {
await trx.rollback();
throw err;
Expand All @@ -88,8 +104,10 @@ describe('role-metadata-db-table', () => {
let id;
try {
id = await db.createRoleMetadata(
{ source: 'configuration' },
'role:default/some-super-important-role',
{
source: 'configuration',
roleEntityRef: 'role:default/some-super-important-role',
},
trx,
);
await trx.commit();
Expand All @@ -105,6 +123,7 @@ describe('role-metadata-db-table', () => {
expect(metadata.length).toEqual(1);
expect(metadata[0]).toEqual({
roleEntityRef: 'role:default/some-super-important-role',
description: null,
id: 1,
source: 'configuration',
});
Expand All @@ -125,8 +144,11 @@ describe('role-metadata-db-table', () => {
await expect(async () => {
try {
await db.createRoleMetadata(
{ source: 'configuration' },
'role:default/some-super-important-role',
{
source: 'configuration',
roleEntityRef: 'role:default/some-super-important-role',
},

trx,
);
await trx.commit();
Expand All @@ -151,12 +173,14 @@ describe('role-metadata-db-table', () => {

await expect(
db.createRoleMetadata(
{ source: 'configuration' },
'role:default/some-super-important-role',
{
source: 'configuration',
roleEntityRef: 'role:default/some-super-important-role',
},
trx,
),
).rejects.toThrow(
`Failed to create the role metadata: '{"roleEntityRef":"role:default/some-super-important-role","source":"configuration"}'.`,
`Failed to create the role metadata: '{"source":"configuration","roleEntityRef":"role:default/some-super-important-role"}'.`,
);
});

Expand All @@ -172,8 +196,10 @@ describe('role-metadata-db-table', () => {
const trx = await knex.transaction();
try {
await db.createRoleMetadata(
{ source: 'configuration' },
'role:default/some-super-important-role',
{
source: 'configuration',
roleEntityRef: 'role:default/some-super-important-role',
},
trx,
);
await trx.commit();
Expand All @@ -182,7 +208,7 @@ describe('role-metadata-db-table', () => {
throw err;
}
}).rejects.toThrow(
`Failed to create the role metadata: '{"roleEntityRef":"role:default/some-super-important-role","source":"configuration"}'.`,
`Failed to create the role metadata: '{"source":"configuration","roleEntityRef":"role:default/some-super-important-role"}'.`,
);
});

Expand All @@ -200,8 +226,10 @@ describe('role-metadata-db-table', () => {
const trx = await knex.transaction();
try {
await db.createRoleMetadata(
{ source: 'configuration' },
'role:default/some-super-important-role',
{
source: 'configuration',
roleEntityRef: 'role:default/some-super-important-role',
},
trx,
);
await trx.commit();
Expand Down Expand Up @@ -246,6 +274,7 @@ describe('role-metadata-db-table', () => {
);
expect(metadata.length).toEqual(1);
expect(metadata[0]).toEqual({
description: null,
source: 'rest',
roleEntityRef: 'role:default/some-super-important-role',
id: 1,
Expand Down Expand Up @@ -315,6 +344,7 @@ describe('role-metadata-db-table', () => {
);
expect(metadata.length).toEqual(1);
expect(metadata[0]).toEqual({
description: null,
source: 'configuration',
roleEntityRef: 'role:default/important-role',
id: 1,
Expand Down
Loading
Loading