Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Feat subscribe permission #7580

Merged
merged 2 commits into from
Feb 15, 2024
Merged

Feat subscribe permission #7580

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1f470ae
Add subscribe permission to topics
abnegate Feb 13, 2024
b2f1198
Add test
abnegate Feb 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions app/config/collections.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1891,6 +1891,17 @@
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('subscribe'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => 128,
'signed' => true,
'required' => false,
'default' => null,
'array' => true,
'filters' => [],
],
[
'$id' => ID::custom('total'),
'type' => Database::VAR_INTEGER,
Expand Down
21 changes: 14 additions & 7 deletions app/controllers/api/messaging.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
use Utopia\Database\Validator\Queries;
use Utopia\Database\Validator\Query\Limit;
use Utopia\Database\Validator\Query\Offset;
use Utopia\Database\Validator\Roles;
use Utopia\Database\Validator\UID;
use Utopia\Locale\Locale;
use Utopia\Validator\ArrayList;
Expand Down Expand Up @@ -1917,15 +1918,17 @@
->label('sdk.response.model', Response::MODEL_TOPIC)
->param('topicId', '', new CustomId(), 'Topic ID. Choose a custom Topic ID or a new Topic ID.')
->param('name', '', new Text(128), 'Topic Name.')
->param('subscribe', [Role::users()], new Roles(APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of role strings with subscribe permission. By default all users are granted with any subscribe permission. [learn more about roles](https://appwrite.io/docs/permissions#permission-roles). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 64 characters long.', true)
->inject('queueForEvents')
->inject('dbForProject')
->inject('response')
->action(function (string $topicId, string $name, Event $queueForEvents, Database $dbForProject, Response $response) {
->action(function (string $topicId, string $name, array $subscribe, Event $queueForEvents, Database $dbForProject, Response $response) {
$topicId = $topicId == 'unique()' ? ID::unique() : $topicId;

$topic = new Document([
'$id' => $topicId,
'name' => $name,
'subscribe' => $subscribe,
]);

try {
Expand Down Expand Up @@ -2217,6 +2220,12 @@
throw new Exception(Exception::TOPIC_NOT_FOUND);
}

$validator = new Authorization('subscribe');

if (!$validator->isValid($topic->getAttribute('subscribe'))) {
throw new Exception(Exception::USER_UNAUTHORIZED, $validator->getDescription());
}

$target = Authorization::skip(fn () => $dbForProject->getDocument('targets', $targetId));

if ($target->isEmpty()) {
Expand All @@ -2225,25 +2234,23 @@

$user = Authorization::skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));

$userId = $user->getId();

$subscriber = new Document([
'$id' => $subscriberId,
'$permissions' => [
Permission::read(Role::user($userId)),
Permission::delete(Role::user($userId)),
Permission::read(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
],
'topicId' => $topicId,
'topicInternalId' => $topic->getInternalId(),
'targetId' => $targetId,
'targetInternalId' => $target->getInternalId(),
'userId' => $userId,
'userId' => $user->getId(),
'userInternalId' => $user->getInternalId(),
'providerType' => $target->getAttribute('providerType'),
'search' => implode(' ', [
$subscriberId,
$targetId,
$userId,
$user->getId(),
$target->getAttribute('providerType'),
]),
]);
Expand Down
7 changes: 7 additions & 0 deletions src/Appwrite/Utopia/Response/Model/Topic.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,13 @@ public function __construct()
'description' => 'Total count of subscribers subscribed to topic.',
'default' => 0,
'example' => 100,
])
->addRule('subscribe', [
'type' => self::TYPE_STRING,
'description' => 'Subscribe permissions.',
'default' => ['users'],
'example' => 'users',
'array' => true,
]);
}

Expand Down
52 changes: 42 additions & 10 deletions tests/e2e/Services/Messaging/MessagingBase.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use Utopia\App;
use Utopia\Database\Document;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Query;
use Utopia\DSN\DSN;

Expand Down Expand Up @@ -283,26 +284,42 @@ public function testDeleteProvider(array $providers)

public function testCreateTopic(): array
{
$response = $this->client->call(Client::METHOD_POST, '/messaging/topics', [
$response1 = $this->client->call(Client::METHOD_POST, '/messaging/topics', [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey'],
], [
'topicId' => ID::unique(),
'name' => 'my-app',
]);
$this->assertEquals(201, $response['headers']['status-code']);
$this->assertEquals('my-app', $response['body']['name']);
$this->assertEquals(201, $response1['headers']['status-code']);
$this->assertEquals('my-app', $response1['body']['name']);

$response2 = $this->client->call(Client::METHOD_POST, '/messaging/topics', [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey'],
], [
'topicId' => ID::unique(),
'name' => 'my-app2',
'subscribe' => [Role::user('invalid')->toString()],
]);
$this->assertEquals(201, $response2['headers']['status-code']);
$this->assertEquals('my-app2', $response2['body']['name']);
$this->assertEquals(1, \count($response2['body']['subscribe']));

return $response['body'];
return [
'public' => $response1['body'],
'private' => $response2['body'],
];
}

/**
* @depends testCreateTopic
*/
public function testUpdateTopic(array $topic): string
public function testUpdateTopic(array $topics): string
{
$response = $this->client->call(Client::METHOD_PATCH, '/messaging/topics/' . $topic['$id'], [
$response = $this->client->call(Client::METHOD_PATCH, '/messaging/topics/' . $topics['public']['$id'], [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey'],
Expand All @@ -311,6 +328,7 @@ public function testUpdateTopic(array $topic): string
]);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals('android-app', $response['body']['name']);

return $response['body']['$id'];
}

Expand All @@ -330,7 +348,7 @@ public function testListTopic(string $topicId)
]);

$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals(1, \count($response['body']['topics']));
$this->assertEquals(2, \count($response['body']['topics']));

$response = $this->client->call(Client::METHOD_GET, '/messaging/topics', [
'content-type' => 'application/json',
Expand Down Expand Up @@ -366,7 +384,7 @@ public function testGetTopic(string $topicId)
/**
* @depends testCreateTopic
*/
public function testCreateSubscriber(array $topic)
public function testCreateSubscriber(array $topics)
{
$userId = $this->getUser()['$id'];

Expand Down Expand Up @@ -396,7 +414,7 @@ public function testCreateSubscriber(array $topic)

$this->assertEquals(201, $target['headers']['status-code']);

$response = $this->client->call(Client::METHOD_POST, '/messaging/topics/' . $topic['$id'] . '/subscribers', \array_merge([
$response = $this->client->call(Client::METHOD_POST, '/messaging/topics/' . $topics['public']['$id'] . '/subscribers', \array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
Expand All @@ -408,7 +426,7 @@ public function testCreateSubscriber(array $topic)
$this->assertEquals($target['body']['userId'], $response['body']['target']['userId']);
$this->assertEquals($target['body']['providerType'], $response['body']['target']['providerType']);

$topic = $this->client->call(Client::METHOD_GET, '/messaging/topics/' . $topic['$id'], [
$topic = $this->client->call(Client::METHOD_GET, '/messaging/topics/' . $topics['public']['$id'], [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey'],
Expand All @@ -418,6 +436,20 @@ public function testCreateSubscriber(array $topic)
$this->assertEquals('android-app', $topic['body']['name']);
$this->assertEquals(1, $topic['body']['total']);

$response2 = $this->client->call(Client::METHOD_POST, '/messaging/topics/' . $topics['private']['$id'] . '/subscribers', \array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'subscriberId' => ID::unique(),
'targetId' => $target['body']['$id'],
]);

if ($this->getSide() === 'client') {
$this->assertEquals(401, $response2['headers']['status-code']);
} else {
$this->assertEquals(201, $response2['headers']['status-code']);
}

return [
'topicId' => $topic['body']['$id'],
'targetId' => $target['body']['$id'],
Expand Down
Loading