wip

2024-11-14 08:34:07 -08:00 · 2024-10-24 18:28:26 +01:00 · 2024-10-24 18:28:26 +01:00 · 7fef507da1
parent 909508000f
commit 7fef507da1
2 changed files with 28 additions and 12 deletions
--- a/packages/cli/src/environments/variables/variables.controller.ee.ts
+++ b/packages/cli/src/environments/variables/variables.controller.ee.ts
@ -24,14 +24,12 @@ export class VariablesController {
 	constructor(private readonly variablesService: VariablesService) {}

 	@Get('/')
-	@GlobalScope('variable:list')
-	async getVariables() {
-		return await this.variablesService.getAllCached();
+	async getVariables(req: AuthenticatedRequest) {
+		return await this.variablesService.getAllForUser(req.user);
 	}

 	@Post('/')
 	@Licensed('feat:variables')
-	@GlobalScope('variable:create')
 	async createVariable(
 		req: AuthenticatedRequest,
 		_res: Response,
@ -56,7 +54,7 @@ export class VariablesController {
 		_res: Response,
 		@Param('variableId') variableId: string,
 	) {
-		const variable = await this.variablesService.getCached(variableId);
+		const variable = await this.variablesService.getForUser(variableId, req.user);
 		if (variable === null) {
 			throw new NotFoundError(`Variable with id ${variableId} not found`);
 		}
@ -65,7 +63,6 @@ export class VariablesController {

 	@Patch('/:variableId')
 	@Licensed('feat:variables')
-	@GlobalScope('variable:update')
 	async updateVariable(
 		req: AuthenticatedRequest,
 		_res: Response,
@ -88,7 +85,7 @@ export class VariablesController {
 	@GlobalScope('variable:delete')
 	async deleteVariable(req: VariablesRequest.Delete) {
 		const id = req.params.id;
-		await this.variablesService.delete(id);
+		await this.variablesService.delete(id, req.user);

 		return true;
 	}
--- a/packages/cli/src/environments/variables/variables.service.ee.ts
+++ b/packages/cli/src/environments/variables/variables.service.ee.ts
@ -33,7 +33,7 @@ export class VariablesService {
 		return (variables as Array<Partial<Variables>>).map((v) => this.variablesRepository.create(v));
 	}

-	async getAllForUser(id: string, user: User): Promise<Variables[]> {
+	async getAllForUser(user: User): Promise<Variables[]> {
 		const projects = await this.projectService.getAccessibleProjects(user);
 		const projectIds = projects.map((p) => p.id);

@ -41,9 +41,7 @@ export class VariablesService {
 		const canReadGlobalVariables = user.hasGlobalScope('globalVariable:read');

 		const foundVariables = unfilteredVariables.filter((variable) => {
-			if (variable.id !== id) {
-				return false;
-			} else if (!variable.projectId && canReadGlobalVariables) {
+			if (!variable.projectId && canReadGlobalVariables) {
 				return true;
 			} else if (variable.projectId && projectIds.includes(variable.projectId)) {
 				return true;
@ -93,7 +91,28 @@ export class VariablesService {
 		return this.variablesRepository.create(foundVariable as Partial<Variables>);
 	}

-	async delete(id: string): Promise<void> {
+	async delete(id: string, user: User): Promise<void> {
+		const originalVariable = await this.variablesRepository.findOneOrFail({
+			where: {
+				id,
+			},
+		});
+
+		// Updating a global variable
+		if (!originalVariable.projectId && !user.hasGlobalScope('globalVariable:delete')) {
+			throw new MissingScopeError();
+		}
+
+		// Updating a project variable
+		if (
+			originalVariable.projectId &&
+			!(await this.projectService.getProjectWithScope(user, originalVariable.projectId, [
+				'variable:delete',
+			]))
+		) {
+			throw new MissingScopeError();
+		}
+
 		await this.variablesRepository.delete(id);
 		await this.updateCache();
 	}