Giraffeql frontend boilerplate updates

cubing · Oct 11, 2021 · c13f25f · c13f25f
1 parent e6f34e2
commit c13f25f
Show file tree

Hide file tree

Showing 28 changed files with 1,755 additions and 897 deletions.
diff --git a/backend/functions/src/schema/helpers/permissions.ts b/backend/functions/src/schema/helpers/permissions.ts
@@ -1,3 +1,6 @@
+import { StringKeyObject } from "giraffeql";
+import { AccessControlFunction } from "../../types";
+import { NormalService } from "../core/services";
 import { userRoleKenum, userPermissionEnum } from "../enums";
 
 export const userRoleToPermissionsMap = {
@@ -14,3 +17,56 @@ export const userRoleToPermissionsMap = {
     userPermissionEnum.userUserFollowLink_get,
   ],
 };
+export function generateItemCreatedByUserGuard(
+  service: NormalService
+): AccessControlFunction {
+  return async function ({ req, args, fieldPath }) {
+    // args should be validated already
+    const validatedArgs = <StringKeyObject>args;
+    //check if logged in
+    if (!req.user) return false;
+
+    try {
+      const itemRecord = await service.lookupRecord(
+        ["createdBy"],
+        validatedArgs.item ?? validatedArgs,
+        fieldPath
+      );
+
+      return itemRecord?.createdBy === req.user.id;
+    } catch (err) {
+      return false;
+    }
+  };
+}
+
+export function generateUserAdminGuard(): AccessControlFunction {
+  return generateUserRoleGuard([userRoleKenum.ADMIN]);
+}
+
+export function generateUserRoleGuard(
+  allowedRoles: userRoleKenum[]
+): AccessControlFunction {
+  return async function ({ req }) {
+    //check if logged in
+    if (!req.user) return false;
+
+    try {
+      // role is loaded in helpers/auth on token decode
+      /*
+      const userRecords = await sqlHelper.fetchTableRows({
+        select: [{ field: "role" }],
+        from: User.typename,
+        where: {
+          fields: [{ field: "id", value: req.user.id }],
+        },
+      });
+      */
+
+      if (!req.user.role) return false;
+      return allowedRoles.includes(req.user.role);
+    } catch (err) {
+      return false;
+    }
+  };
+}
diff --git a/backend/functions/src/schema/links/userUserFollowLink/service.ts b/backend/functions/src/schema/links/userUserFollowLink/service.ts
@@ -1,9 +1,5 @@
 import { LinkService } from "../../core/services";
-import {
-  generateUserRoleGuard,
-  permissionsCheck,
-} from "../../core/helpers/permissions";
-import { userRoleKenum } from "../../enums";
+import { permissionsCheck } from "../../core/helpers/permissions";
 import { ServiceFunctionInputs, AccessControlMap } from "../../../types";
 import * as Resolver from "../../core/helpers/resolver";
 import { User } from "../../services";
@@ -40,11 +36,7 @@ export class UserUserFollowLinkService extends LinkService {
 
       // target must be public user
       const targetUser = await User.lookupRecord(
-        [
-          {
-            field: "isPublic",
-          },
-        ],
+        ["isPublic"],
         args.target,
         fieldPath
       );
@@ -58,15 +50,7 @@ export class UserUserFollowLinkService extends LinkService {
       if (!req.user) return false;
 
       // "user" field on the link must be current user, else deny
-      const record = await this.lookupRecord(
-        [
-          {
-            field: "user.id",
-          },
-        ],
-        args,
-        fieldPath
-      );
+      const record = await this.lookupRecord(["user.id"], args, fieldPath);
 
       if (record["user.id"] !== req.user.id) return false;
 

diff --git a/backend/functions/src/schema/models/apiKey/service.ts b/backend/functions/src/schema/models/apiKey/service.ts
@@ -32,15 +32,7 @@ export class ApiKeyService extends PaginatedService {
       if (!req.user) return false;
 
       // "user" field on the link must be current user, else deny
-      const record = await this.lookupRecord(
-        [
-          {
-            field: "user.id",
-          },
-        ],
-        args,
-        fieldPath
-      );
+      const record = await this.lookupRecord(["user.id"], args, fieldPath);
 
       if (record["user.id"] !== req.user.id) return false;
 
@@ -69,15 +61,7 @@ export class ApiKeyService extends PaginatedService {
       if (!req.user) return false;
 
       // "user" field on the link must be current user, else deny
-      const record = await this.lookupRecord(
-        [
-          {
-            field: "user.id",
-          },
-        ],
-        args.item,
-        fieldPath
-      );
+      const record = await this.lookupRecord(["user.id"], args.item, fieldPath);
 
       if (record["user.id"] !== req.user.id) return false;
 
@@ -90,15 +74,7 @@ export class ApiKeyService extends PaginatedService {
       if (!req.user) return false;
 
       // "user" field on the link must be current user, else deny
-      const record = await this.lookupRecord(
-        [
-          {
-            field: "user.id",
-          },
-        ],
-        args,
-        fieldPath
-      );
+      const record = await this.lookupRecord(["user.id"], args, fieldPath);
 
       if (record["user.id"] !== req.user.id) return false;
 

diff --git a/backend/functions/src/schema/models/personalBest/service.ts b/backend/functions/src/schema/models/personalBest/service.ts
@@ -49,11 +49,7 @@ export class PersonalBestService extends PaginatedService {
     get: async ({ args, fieldPath }) => {
       // check the createdBy.isPublic to see if true
       const result = await this.lookupRecord(
-        [
-          {
-            field: "createdBy.isPublic",
-          },
-        ],
+        ["createdBy.isPublic"],
         args,
         fieldPath
       );
@@ -99,11 +95,7 @@ export class PersonalBestService extends PaginatedService {
 
       // must be creator of the PB to update it
       const result = await this.lookupRecord(
-        [
-          {
-            field: "createdBy.id",
-          },
-        ],
+        ["createdBy.id"],
         args.item,
         fieldPath
       );
@@ -112,15 +104,7 @@ export class PersonalBestService extends PaginatedService {
 
     delete: async ({ req, args, fieldPath }) => {
       // must be creator of the PB to delete it
-      const result = await this.lookupRecord(
-        [
-          {
-            field: "createdBy.id",
-          },
-        ],
-        args,
-        fieldPath
-      );
+      const result = await this.lookupRecord(["createdBy.id"], args, fieldPath);
       return req.user?.id === result["createdBy.id"];
     },
   };
@@ -502,11 +486,7 @@ export class PersonalBestService extends PaginatedService {
     // args should be validated already
     const validatedArgs = <any>args;
 
-    const item = await this.lookupRecord(
-      [{ field: "id" }],
-      validatedArgs.item,
-      fieldPath
-    );
+    const item = await this.lookupRecord(["id"], validatedArgs.item, fieldPath);
 
     // convert any lookup/joined fields into IDs
     await this.handleLookupArgs(validatedArgs.fields, fieldPath);
@@ -547,15 +527,7 @@ export class PersonalBestService extends PaginatedService {
     const validatedArgs = <any>args;
     // confirm existence of item and get ID
     const item = await this.lookupRecord(
-      [
-        { field: "id" },
-        { field: "event" },
-        { field: "pbClass" },
-        { field: "setSize" },
-        { field: "createdBy" },
-        { field: "isCurrent" },
-        { field: "happenedOn" },
-      ],
+      ["id", "pbClass", "setSize", "createdBy", "isCurrent", "happenedOn"],
       validatedArgs,
       fieldPath
     );

diff --git a/backend/functions/src/schema/models/user/service.ts b/backend/functions/src/schema/models/user/service.ts
@@ -1,8 +1,7 @@
 import { AccessControlMap } from "../../../types";
 import { PaginatedService } from "../../core/services";
 import { userRoleKenum } from "../../enums";
-
-import { generateItemCreatedByUserGuard } from "../../core/helpers/permissions";
+import { generateItemCreatedByUserGuard } from "../../helpers/permissions";
 
 export class UserService extends PaginatedService {
   defaultTypename = "user";
@@ -74,14 +73,7 @@ export class UserService extends PaginatedService {
       }
       // check the user to see if is_public === true
       const result = await this.lookupRecord(
-        [
-          {
-            field: "createdBy",
-          },
-          {
-            field: "isPublic",
-          },
-        ],
+        ["createdBy", "isPublic"],
         args,
         fieldPath
       );

diff --git a/backend/functions/src/schema/services.ts b/backend/functions/src/schema/services.ts
@@ -23,8 +23,12 @@ export const Github = new GithubService();
 
 export const UserUserFollowLink = new UserUserFollowLinkService(
   {
-    user: User,
-    target: User,
+    user: {
+      service: User,
+    },
+    target: {
+      service: User,
+    },
   },
   {
     user: "target",

diff --git a/frontend/components/common/circularLoader.vue b/frontend/components/common/circularLoader.vue
@@ -0,0 +1,5 @@
+<template>
+  <v-container fill-height justify-center>
+    <v-progress-circular indeterminate></v-progress-circular>
+  </v-container>
+</template>