fix: internal indices for classes _Idempotency and _Role are not protected in defined schema (#8121)

2022-08-05 11:25:02 +02:00
parent 3351ca7cec
commit c16f529f74
2 changed files with 53 additions and 9 deletions
--- a/spec/DefinedSchemas.spec.js
+++ b/spec/DefinedSchemas.spec.js
@@ -432,6 +432,42 @@ describe('DefinedSchemas', () => {
      expect(testSchema.indexes).toBeUndefined();
      expect(userSchema.indexes).toEqual(expectedIndexes);
    });
+
+    it('should detect protected indexes for _User class', () => {
+      const definedSchema = new DefinedSchemas({}, {});
+      const protectedUserIndexes = ['_id_', 'case_insensitive_email', 'username_1', 'email_1'];
+      protectedUserIndexes.forEach(field => {
+        expect(definedSchema.isProtectedIndex('_User', field)).toEqual(true);
+      });
+      expect(definedSchema.isProtectedIndex('_User', 'test')).toEqual(false);
+    });
+
+    it('should detect protected indexes for _Role class', () => {
+      const definedSchema = new DefinedSchemas({}, {});
+      expect(definedSchema.isProtectedIndex('_Role', 'name_1')).toEqual(true);
+      expect(definedSchema.isProtectedIndex('_Role', 'test')).toEqual(false);
+    });
+
+    it('should detect protected indexes for _Idempotency class', () => {
+      const definedSchema = new DefinedSchemas({}, {});
+      expect(definedSchema.isProtectedIndex('_Idempotency', 'reqId_1')).toEqual(true);
+      expect(definedSchema.isProtectedIndex('_Idempotency', 'test')).toEqual(false);
+    });
+
+    it('should not detect protected indexes on user defined class', () => {
+      const definedSchema = new DefinedSchemas({}, {});
+      const protectedIndexes = [
+        'case_insensitive_email',
+        'username_1',
+        'email_1',
+        'reqId_1',
+        'name_1',
+      ];
+      protectedIndexes.forEach(field => {
+        expect(definedSchema.isProtectedIndex('ExampleClass', field)).toEqual(false);
+      });
+      expect(definedSchema.isProtectedIndex('ExampleClass', '_id_')).toEqual(true);
+    });
  });

  describe('ClassLevelPermissions', () => {
--- a/src/SchemaMigrations/DefinedSchemas.js
+++ b/src/SchemaMigrations/DefinedSchemas.js
@@ -399,15 +399,23 @@ export class DefinedSchemas {
  }

  isProtectedIndex(className: string, indexName: string) {
-    let indexes = ['_id_'];
-    if (className === '_User') {
-      indexes = [
-        ...indexes,
-        'case_insensitive_username',
-        'case_insensitive_email',
-        'username_1',
-        'email_1',
-      ];
+    const indexes = ['_id_'];
+    switch (className) {
+      case '_User':
+        indexes.push(
+          'case_insensitive_username',
+          'case_insensitive_email',
+          'username_1',
+          'email_1'
+        );
+        break;
+      case '_Role':
+        indexes.push('name_1');
+        break;
+
+      case '_Idempotency':
+        indexes.push('reqId_1');
+        break;
    }

    return indexes.indexOf(indexName) !== -1;