fix(server): add update roles env validation

2022-01-22 11:29:03 +05:30
parent 003d88fb6c
commit 0511e737ae
5 changed files with 21 additions and 179 deletions
--- a/server/resolvers/env.go
+++ b/server/resolvers/env.go
@@ -27,9 +27,6 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	// get clone of store
 	store := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
 	adminSecret := store.StringEnv[constants.EnvKeyAdminSecret]
-	databaseType := store.StringEnv[constants.EnvKeyDatabaseType]
-	databaseURL := store.StringEnv[constants.EnvKeyDatabaseURL]
-	databaseName := store.StringEnv[constants.EnvKeyDatabaseName]
 	smtpHost := store.StringEnv[constants.EnvKeySmtpHost]
 	smtpPort := store.StringEnv[constants.EnvKeySmtpPort]
 	smtpUsername := store.StringEnv[constants.EnvKeySmtpUsername]
@@ -62,9 +59,6 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {

 	res = &model.Env{
 		AdminSecret:                &adminSecret,
-		DatabaseType:               &databaseType,
-		DatabaseURL:                &databaseURL,
-		DatabaseName:               &databaseName,
 		SMTPHost:                   &smtpHost,
 		SMTPPort:                   &smtpPort,
 		SMTPPassword:               &smtpPassword,
--- a/server/resolvers/update_env.go
+++ b/server/resolvers/update_env.go
@@ -74,6 +74,27 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
 			updatedData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true
 		}
 	}
+
+	// check the roles change
+	if len(params.Roles) > 0 {
+		if len(params.DefaultRoles) > 0 {
+			// should be subset of roles
+			for _, role := range params.DefaultRoles {
+				if !utils.StringSliceContains(params.Roles, role) {
+					return res, fmt.Errorf("default role %s is not in roles", role)
+				}
+			}
+		}
+	}
+
+	if len(params.ProtectedRoles) > 0 {
+		for _, role := range params.ProtectedRoles {
+			if utils.StringSliceContains(params.Roles, role) || utils.StringSliceContains(params.DefaultRoles, role) {
+				return res, fmt.Errorf("protected role %s found roles or default roles", role)
+			}
+		}
+	}
+
 	// Update local store
 	envstore.EnvInMemoryStoreObj.UpdateEnvStore(updatedData)

@@ -88,11 +109,6 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
 		return res, err
 	}

-	// in case of db change re-initialize db
-	if params.DatabaseType != nil || params.DatabaseURL != nil || params.DatabaseName != nil {
-		db.InitDB()
-	}
-
 	// in case of admin secret change update the cookie with new hash
 	if params.AdminSecret != nil {
 		if params.OldAdminSecret == nil {