Fix subscription permission handling

chriskalmar · May 14, 2020 · 384167c · 384167c
1 parent e0f1fc8
commit 384167c
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 22 deletions.
diff --git a/src/engine/action/Action.ts b/src/engine/action/Action.ts
@@ -56,7 +56,7 @@ export class Action {
   private _output: any;
   resolve: Function;
   type: string;
-  permissions: Function | Permission | Permission[];
+  permissions: Permission | Permission[];
   private _permissions: Function | Permission | Permission[];
   private _defaultPermissions: Permission | Permission[];
   descriptionPermissions: string | boolean;
@@ -252,7 +252,7 @@ export class Action {
     this._defaultPermissions = defaultPermissions;
   }
 
-  getPermissions(): Function | Permission | Permission[] {
+  getPermissions(): Permission | Permission[] {
     if ((!this._permissions && !this._defaultPermissions) || this.permissions) {
       return this.permissions;
     }

diff --git a/src/graphqlProtocol/resolver.ts b/src/graphqlProtocol/resolver.ts
@@ -43,7 +43,10 @@ import {
   serializeValues,
 } from '../engine/helpers';
 import { validateMutationPayload } from '../engine/validation';
-import { buildActionPermissionFilter } from '../engine/permission/Permission';
+import {
+  buildActionPermissionFilter,
+  Permission,
+} from '../engine/permission/Permission';
 
 const AccessDeniedError = new CustomError(
   'Access denied',
@@ -473,28 +476,26 @@ export const handleSubscriptionPermission = async (
   entitySubscription: Subscription,
   input: any,
 ) => {
-  const permission = entity.getPermissions();
-
-  console.log('handleSubscriptionPermission', { permission });
-
-  if (!permission) {
+  const permissionsMap = entity.getPermissions();
+  if (
+    !permissionsMap ||
+    !permissionsMap.subscriptions ||
+    !Object.keys(permissionsMap.subscriptions).length
+  ) {
     return null;
   }
 
-  const subPermission = permission.subscriptions;
-  if (!subPermission) {
-    return null;
-  }
+  const subPermissions = ([] as Permission[]).concat(
+    ...Object.values(permissionsMap.subscriptions as Permission | Permission[]),
+  );
 
   const { userId, userRoles } = context;
 
-  console.log('handleSubscriptionPermission', { subPermission });
-
   const {
     where: permissionWhere,
     lookupPermissionEntity,
   } = await buildActionPermissionFilter(
-    subPermission,
+    subPermissions,
     userId,
     userRoles,
     entitySubscription,
@@ -506,10 +507,10 @@ export const handleSubscriptionPermission = async (
     throw AccessDeniedError;
   }
 
-  console.log('handleSubscriptionPermission', {
-    permissionWhere,
-    lookupPermissionEntity,
-  });
+  // console.log('handleSubscriptionPermission', {
+  //   permissionWhere,
+  //   lookupPermissionEntity,
+  // });
 
   // only if non-empty where clause
   if (Object.keys(permissionWhere).length > 0) {
@@ -541,7 +542,6 @@ export const getSubscriptionResolver = (
   idResolver: Function,
 ) => {
   const storageType = entity.storageType;
-  // const protocolConfiguration = ProtocolGraphQL.getProtocolConfiguration() as ProtocolGraphQLConfiguration;
 
   const nestedPayloadResolver = getNestedPayloadResolver(
     entity,
@@ -688,8 +688,6 @@ export const getSubscriptionPayloadResolver = (
       ret[typeName] = result;
     }
 
-    // console.log('getSubscriptionPayloadResolver', JSON.stringify(ret, null, 2));
-
     return ret;
   };
 };