fix(permission): refetch permission if collection name doesn't exist (#680)

Author: nicolasalexandre9

app/services/forest_liana/ability/permission.rb

@@ -16,7 +16,8 @@ def is_crud_authorized?(action, user, collection)
         collection_name = ForestLiana.name_for(collection)
 
         begin
-          is_allowed = collections_data[collection_name][action].include? user_data['roleId']
+          is_allowed = (collections_data.key?(collection_name) && collections_data[collection_name][action].include?(user_data['roleId']))
+
           # re-fetch if user permission is not allowed (may have been changed)
           unless is_allowed
             collections_data = get_collections_permissions_data(true)
@@ -25,7 +26,7 @@ def is_crud_authorized?(action, user, collection)
 
           is_allowed
         rescue
-          raise ForestLiana::Errors::ExpectedError.new(409, :conflict, "The collection #{collection} doesn't exist", 'collection not found')
+          raise ForestLiana::Errors::ExpectedError.new(409, :conflict, "The collection #{collection_name} doesn't exist", 'collection not found')
         end
       end
 

spec/services/forest_liana/ability/permission_spec.rb

@@ -79,6 +79,7 @@ module Ability
           end
         end
 
+
         it 'should throw an exception when the collection doesn\'t exist' do
             expect {dummy_class.is_crud_authorized?('browse', user, String)}.to raise_error(ForestLiana::Errors::ExpectedError, 'The collection String doesn\'t exist')
         end
@@ -163,6 +164,53 @@ module Ability
           expect(dummy_class.is_crud_authorized?('browse', user, Island)).to equal true
         end
 
+        it 'should re-fetch the permission once when collection_name doesn\'t exist' do
+          Rails.cache.write(
+            'forest.collections',
+            {
+              "collections" => {
+                "Fake_collection_name" => {
+                  "collection" => {
+                    "browseEnabled" => { "roles" => [1] },
+                    "readEnabled" => { "roles" => [1] },
+                    "editEnabled" => { "roles" => [1] },
+                    "addEnabled" => { "roles" => [1] },
+                    "deleteEnabled" => { "roles" => [1] },
+                    "exportEnabled" => { "roles" => [1] }
+                  },
+                  "actions" => {
+
+                  }
+                }
+              }
+            }
+          )
+
+          allow_any_instance_of(ForestLiana::Ability::Fetch)
+            .to receive(:get_permissions)
+              .and_return(
+                {
+                  "collections" => {
+                    "Island" => {
+                      "collection" => {
+                        "browseEnabled" => { "roles" => [1] },
+                        "readEnabled" => { "roles" => [1] },
+                        "editEnabled" => { "roles" => [1] },
+                        "addEnabled" => { "roles" => [1] },
+                        "deleteEnabled" => { "roles" => [1] },
+                        "exportEnabled" => { "roles" => [1] }
+                      },
+                      "actions" => {
+
+                      }
+                    }
+                  }
+                }
+              )
+
+          expect(dummy_class.is_crud_authorized?('browse', user, Island)).to equal true
+        end
+
         it 'should return false when user permission is not allowed' do
           Rails.cache.delete('forest.users')