Skip to content

Commit e67e564

Browse files
CarsonFCarsonF
committed
Drop Privileges.for(session)
1 parent 2899c03 commit e67e564

File tree

43 files changed

+142
-180
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

43 files changed

+142
-180
lines changed

src/components/authentication/extra-info.resolver.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ function AuthExtraInfoResolver(concreteClass: AbstractClassType<any>) {
1717

1818
@ResolveField(() => BetaFeatures)
1919
betaFeatures(@AnonSession() session: Session): BetaFeatures {
20-
const privileges = this.privileges.for(session, BetaFeatures);
20+
const privileges = this.privileges.for(BetaFeatures);
2121
const { props } = EnhancedResource.of(BetaFeatures);
2222
return mapValues.fromList([...props], (prop) =>
2323
privileges.can('edit', prop),

src/components/authorization/policy/executor/privileges.ts

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ import {
55
EnhancedResource,
66
type ResourceShape,
77
type SecuredPropsPlusExtraKey,
8-
type Session,
98
} from '~/common';
109
import { SessionHost } from '../../../authentication/session.host';
1110
import type { Power } from '../../dto';
@@ -79,22 +78,10 @@ export class Privileges {
7978
for<TResourceStatic extends ResourceShape<any>>(
8079
resource: TResourceStatic | EnhancedResource<TResourceStatic>,
8180
object?: NoInfer<ResourceObjectContext<TResourceStatic>>,
82-
): ResourcePrivileges<TResourceStatic>;
83-
/** @deprecated */
84-
for<TResourceStatic extends ResourceShape<any>>(
85-
_: Session,
86-
resource: TResourceStatic | EnhancedResource<TResourceStatic>,
87-
object?: NoInfer<ResourceObjectContext<TResourceStatic>>,
88-
): ResourcePrivileges<TResourceStatic>;
89-
for<TResourceStatic extends ResourceShape<any>>(
90-
sessionOrRes: any,
91-
resOrCtx: any,
92-
ctx?: any,
9381
) {
94-
const hasSession = sessionOrRes.token && sessionOrRes.anonymous != null;
9582
return new ResourcePrivileges<TResourceStatic>(
96-
hasSession ? resOrCtx : sessionOrRes,
97-
hasSession ? ctx : resOrCtx,
83+
resource,
84+
object,
9885
this.policyExecutor,
9986
);
10087
}

src/components/budget/budget.service.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,7 @@ export class BudgetService {
143143

144144
const result = await this.budgetRepo.readOne(id, session, view);
145145

146-
const privs = this.privileges.for(session, Budget, result);
146+
const privs = this.privileges.for(Budget, result);
147147

148148
let records = null;
149149
if (privs.can('read', 'records')) {
@@ -197,14 +197,14 @@ export class BudgetService {
197197

198198
const result = await this.budgetRecordsRepo.readOne(id, { session, view });
199199

200-
return this.privileges.for(session, BudgetRecord).secure(result);
200+
return this.privileges.for(BudgetRecord).secure(result);
201201
}
202202

203203
async update(input: UpdateBudget, session: Session): Promise<Budget> {
204204
const budget = await this.readOne(input.id, session);
205205

206206
const changes = this.budgetRepo.getActualChanges(budget, input);
207-
this.privileges.for(session, Budget, budget).verifyChanges(changes);
207+
this.privileges.for(Budget, budget).verifyChanges(changes);
208208
const { universalTemplateFile, ...simpleChanges } = changes;
209209
await this.files.updateDefinedFile(
210210
budget.universalTemplateFile,
@@ -228,7 +228,7 @@ export class BudgetService {
228228
viewOfChangeset(changeset),
229229
);
230230
const changes = this.budgetRecordsRepo.getActualChanges(br, input);
231-
this.privileges.for(session, BudgetRecord, br).verifyChanges(changes);
231+
this.privileges.for(BudgetRecord, br).verifyChanges(changes);
232232

233233
try {
234234
const result = await this.budgetRecordsRepo.update(

src/components/ceremony/ceremony.service.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -47,13 +47,13 @@ export class CeremonyService {
4747
}
4848

4949
secure(dto: UnsecuredDto<Ceremony>, session: Session) {
50-
return this.privileges.for(session, Ceremony).secure(dto);
50+
return this.privileges.for(Ceremony).secure(dto);
5151
}
5252

5353
async update(input: UpdateCeremony, session: Session): Promise<Ceremony> {
5454
const object = await this.repo.readOne(input.id, session);
5555
const changes = this.repo.getActualChanges(object, input);
56-
this.privileges.for(session, Ceremony, object).verifyChanges(changes);
56+
this.privileges.for(Ceremony, object).verifyChanges(changes);
5757
const updated = await this.repo.update(
5858
{
5959
id: input.id,
@@ -68,7 +68,7 @@ export class CeremonyService {
6868
const object = await this.repo.readOne(id, session);
6969

7070
// Only called internally, not exposed directly to users
71-
// this.privileges.for(session, Ceremony, object).verifyCan('delete');
71+
// this.privileges.for( Ceremony, object).verifyCan('delete');
7272

7373
try {
7474
await this.repo.deleteNode(object);

src/components/comments/comment.service.ts

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -82,9 +82,7 @@ export class CommentService {
8282
// I'd like to type this prop as this but somehow blows everything up.
8383
parent.__typename as 'Commentable',
8484
);
85-
return this.privileges
86-
.for(session, parentType, parent)
87-
.forEdge('commentThreads');
85+
return this.privileges.for(parentType, parent).forEdge('commentThreads');
8886
}
8987

9088
async verifyCanView(resource: CommentableRef, session: Session) {
@@ -134,14 +132,14 @@ export class CommentService {
134132
}
135133

136134
secureComment(dto: UnsecuredDto<Comment>, session: Session): Comment {
137-
return this.privileges.for(session, Comment).secure(dto);
135+
return this.privileges.for(Comment).secure(dto);
138136
}
139137

140138
async update(input: UpdateCommentInput, session: Session): Promise<Comment> {
141139
const object = await this.repo.readOne(input.id);
142140

143141
const changes = this.repo.getActualChanges(object, input);
144-
this.privileges.for(session, Comment, object).verifyChanges(changes);
142+
this.privileges.for(Comment, object).verifyChanges(changes);
145143
await this.repo.update(object, changes);
146144

147145
const updated = await this.repo.readOne(object.id);
@@ -156,7 +154,7 @@ export class CommentService {
156154

157155
async delete(id: ID, session: Session): Promise<void> {
158156
const object = await this.repo.readOne(id);
159-
this.privileges.for(session, Comment, object).verifyCan('delete');
157+
this.privileges.for(Comment, object).verifyCan('delete');
160158

161159
const thread = await this.repo.threads.readOne(object.thread);
162160
if (object.id === thread.firstComment.id) {

src/components/engagement/engagement.repository.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -549,7 +549,7 @@ export class EngagementRepository extends CommonRepository {
549549
.with('*') // needed between call & where
550550
.apply(engagementFilters(input.filter))
551551
.apply(
552-
this.privileges.for(session, IEngagement).filterToReadable({
552+
this.privileges.for(IEngagement).filterToReadable({
553553
wrapContext: oncePerProject,
554554
}),
555555
)

src/components/engagement/engagement.service.ts

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -118,7 +118,7 @@ export class EngagementService {
118118
const project = await projects.load(projectKey);
119119
projects.clear(projectKey);
120120

121-
const projectPrivileges = this.privileges.for(session, IProject, {
121+
const projectPrivileges = this.privileges.for(IProject, {
122122
...project,
123123
project,
124124
} as any);
@@ -155,7 +155,7 @@ export class EngagementService {
155155
session: Session,
156156
): E {
157157
const res = resolveEngagementType(dto) as unknown as ResourceShape<E>;
158-
return this.privileges.for(session, res).secure(dto);
158+
return this.privileges.for(res).secure(dto);
159159
}
160160

161161
async updateLanguageEngagement(
@@ -182,9 +182,7 @@ export class EngagementService {
182182
changeset,
183183
);
184184
}
185-
this.privileges
186-
.for(session, LanguageEngagement, object)
187-
.verifyChanges(changes);
185+
this.privileges.for(LanguageEngagement, object).verifyChanges(changes);
188186
EngagementDateRangeException.throwIfInvalid(previous, changes);
189187

190188
const updated = await this.repo.updateLanguage(
@@ -242,7 +240,7 @@ export class EngagementService {
242240
);
243241
}
244242
this.privileges
245-
.for(session, InternshipEngagement, object)
243+
.for(InternshipEngagement, object)
246244
.verifyChanges(changes, { pathPrefix: 'engagement' });
247245
EngagementDateRangeException.throwIfInvalid(previous, changes);
248246

@@ -284,7 +282,7 @@ export class EngagementService {
284282
const object = await this.readOne(id, session);
285283

286284
this.privileges
287-
.for(session, resolveEngagementType(object), object)
285+
.for(resolveEngagementType(object), object)
288286
.verifyCan('delete');
289287

290288
await this.eventBus.publish(new EngagementWillDeleteEvent(object, session));
@@ -316,7 +314,7 @@ export class EngagementService {
316314
session: Session,
317315
): Promise<SecuredProductList> {
318316
const privs = this.privileges
319-
.for(session, LanguageEngagement, engagement)
317+
.for(LanguageEngagement, engagement)
320318
.forEdge('product');
321319

322320
if (!privs.can('read')) {

src/components/ethno-art/ethno-art.service.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ export class EthnoArtService {
2828

2929
async create(input: CreateEthnoArt, session: Session): Promise<EthnoArt> {
3030
const dto = await this.repo.create(input, session);
31-
this.privileges.for(session, EthnoArt, dto).verifyCan('create');
31+
this.privileges.for(EthnoArt, dto).verifyCan('create');
3232
return this.secure(dto, session);
3333
}
3434

@@ -48,7 +48,7 @@ export class EthnoArtService {
4848
}
4949

5050
private secure(dto: UnsecuredDto<EthnoArt>, session: Session): EthnoArt {
51-
return this.privileges.for(session, EthnoArt).secure(dto);
51+
return this.privileges.for(EthnoArt).secure(dto);
5252
}
5353

5454
async update(input: UpdateEthnoArt, session: Session): Promise<EthnoArt> {
@@ -60,7 +60,7 @@ export class EthnoArtService {
6060
ethnoArt.scriptureReferences,
6161
),
6262
};
63-
this.privileges.for(session, EthnoArt, ethnoArt).verifyChanges(changes);
63+
this.privileges.for(EthnoArt, ethnoArt).verifyChanges(changes);
6464

6565
const updated = await this.repo.update({ id: input.id, ...changes });
6666
return this.secure(updated, session);
@@ -69,7 +69,7 @@ export class EthnoArtService {
6969
async delete(id: ID, session: Session): Promise<void> {
7070
const ethnoArt = await this.repo.readOne(id);
7171

72-
this.privileges.for(session, EthnoArt, ethnoArt).verifyCan('delete');
72+
this.privileges.for(EthnoArt, ethnoArt).verifyCan('delete');
7373

7474
try {
7575
await this.repo.deleteNode(ethnoArt);

src/components/field-region/field-region.service.ts

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ export class FieldRegionService {
2929
input: CreateFieldRegion,
3030
session: Session,
3131
): Promise<FieldRegion> {
32-
this.privileges.for(session, FieldRegion).verifyCan('create');
32+
this.privileges.for(FieldRegion).verifyCan('create');
3333
const dto = await this.repo.create(input);
3434
return this.secure(dto, session);
3535
}
@@ -55,7 +55,7 @@ export class FieldRegionService {
5555
}
5656

5757
private secure(dto: UnsecuredDto<FieldRegion>, session: Session) {
58-
return this.privileges.for(session, FieldRegion).secure(dto);
58+
return this.privileges.for(FieldRegion).secure(dto);
5959
}
6060

6161
async update(
@@ -65,9 +65,7 @@ export class FieldRegionService {
6565
const fieldRegion = await this.repo.readOne(input.id);
6666

6767
const changes = this.repo.getActualChanges(fieldRegion, input);
68-
this.privileges
69-
.for(session, FieldRegion, fieldRegion)
70-
.verifyChanges(changes);
68+
this.privileges.for(FieldRegion, fieldRegion).verifyChanges(changes);
7169

7270
const updated = await this.repo.update({ id: input.id, ...changes });
7371
return this.secure(updated, session);
@@ -76,7 +74,7 @@ export class FieldRegionService {
7674
async delete(id: ID, session: Session): Promise<void> {
7775
const object = await this.readOne(id, session);
7876

79-
this.privileges.for(session, FieldRegion, object).verifyCan('delete');
77+
this.privileges.for(FieldRegion, object).verifyCan('delete');
8078

8179
try {
8280
await this.repo.deleteNode(object);

src/components/field-zone/field-zone.service.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ export class FieldZoneService {
2626
) {}
2727

2828
async create(input: CreateFieldZone, session: Session): Promise<FieldZone> {
29-
this.privileges.for(session, FieldZone).verifyCan('create');
29+
this.privileges.for(FieldZone).verifyCan('create');
3030
const dto = await this.repo.create(input);
3131
return this.secure(dto, session);
3232
}
@@ -52,14 +52,14 @@ export class FieldZoneService {
5252
}
5353

5454
private secure(dto: UnsecuredDto<FieldZone>, session: Session) {
55-
return this.privileges.for(session, FieldZone).secure(dto);
55+
return this.privileges.for(FieldZone).secure(dto);
5656
}
5757

5858
async update(input: UpdateFieldZone, session: Session): Promise<FieldZone> {
5959
const fieldZone = await this.repo.readOne(input.id);
6060

6161
const changes = this.repo.getActualChanges(fieldZone, input);
62-
this.privileges.for(session, FieldZone, fieldZone).verifyChanges(changes);
62+
this.privileges.for(FieldZone, fieldZone).verifyChanges(changes);
6363

6464
const updated = await this.repo.update({ id: input.id, ...changes });
6565
return this.secure(updated, session);
@@ -68,7 +68,7 @@ export class FieldZoneService {
6868
async delete(id: ID, session: Session): Promise<void> {
6969
const object = await this.readOne(id, session);
7070

71-
this.privileges.for(session, FieldZone, object).verifyCan('delete');
71+
this.privileges.for(FieldZone, object).verifyCan('delete');
7272

7373
try {
7474
await this.repo.deleteNode(object);

0 commit comments

Comments
 (0)