fix: internal indices for classes _Idempotency and _Role are not protected in defined schema (#8121)
This commit is contained in:
Antoine Cormouls
GitHub
@@ -432,6 +432,42 @@ describe('DefinedSchemas', () => {
|
|||||||
expect(testSchema.indexes).toBeUndefined();
|
expect(testSchema.indexes).toBeUndefined();
|
||||||
expect(userSchema.indexes).toEqual(expectedIndexes);
|
expect(userSchema.indexes).toEqual(expectedIndexes);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should detect protected indexes for _User class', () => {
|
||||||
|
const definedSchema = new DefinedSchemas({}, {});
|
||||||
|
const protectedUserIndexes = ['_id_', 'case_insensitive_email', 'username_1', 'email_1'];
|
||||||
|
protectedUserIndexes.forEach(field => {
|
||||||
|
expect(definedSchema.isProtectedIndex('_User', field)).toEqual(true);
|
||||||
|
});
|
||||||
|
expect(definedSchema.isProtectedIndex('_User', 'test')).toEqual(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should detect protected indexes for _Role class', () => {
|
||||||
|
const definedSchema = new DefinedSchemas({}, {});
|
||||||
|
expect(definedSchema.isProtectedIndex('_Role', 'name_1')).toEqual(true);
|
||||||
|
expect(definedSchema.isProtectedIndex('_Role', 'test')).toEqual(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should detect protected indexes for _Idempotency class', () => {
|
||||||
|
const definedSchema = new DefinedSchemas({}, {});
|
||||||
|
expect(definedSchema.isProtectedIndex('_Idempotency', 'reqId_1')).toEqual(true);
|
||||||
|
expect(definedSchema.isProtectedIndex('_Idempotency', 'test')).toEqual(false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should not detect protected indexes on user defined class', () => {
|
||||||
|
const definedSchema = new DefinedSchemas({}, {});
|
||||||
|
const protectedIndexes = [
|
||||||
|
'case_insensitive_email',
|
||||||
|
'username_1',
|
||||||
|
'email_1',
|
||||||
|
'reqId_1',
|
||||||
|
'name_1',
|
||||||
|
];
|
||||||
|
protectedIndexes.forEach(field => {
|
||||||
|
expect(definedSchema.isProtectedIndex('ExampleClass', field)).toEqual(false);
|
||||||
|
});
|
||||||
|
expect(definedSchema.isProtectedIndex('ExampleClass', '_id_')).toEqual(true);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('ClassLevelPermissions', () => {
|
describe('ClassLevelPermissions', () => {
|
||||||
|
|||||||
@@ -399,15 +399,23 @@ export class DefinedSchemas {
|
|||||||
}
|
}
|
||||||
|
|
||||||
isProtectedIndex(className: string, indexName: string) {
|
isProtectedIndex(className: string, indexName: string) {
|
||||||
let indexes = ['_id_'];
|
const indexes = ['_id_'];
|
||||||
if (className === '_User') {
|
switch (className) {
|
||||||
indexes = [
|
case '_User':
|
||||||
...indexes,
|
indexes.push(
|
||||||
'case_insensitive_username',
|
'case_insensitive_username',
|
||||||
'case_insensitive_email',
|
'case_insensitive_email',
|
||||||
'username_1',
|
'username_1',
|
||||||
'email_1',
|
'email_1'
|
||||||
];
|
);
|
||||||
|
break;
|
||||||
|
case '_Role':
|
||||||
|
indexes.push('name_1');
|
||||||
|
break;
|
||||||
|
|
||||||
|
case '_Idempotency':
|
||||||
|
indexes.push('reqId_1');
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return indexes.indexOf(indexName) !== -1;
|
return indexes.indexOf(indexName) !== -1;
|
||||||
|
|||||||
Reference in New Issue
Block a user