Skip to content

Commit ee8c63c

Browse files
CarsonFCarsonF
authored
Migrate to new delete permission check (#2976)
1 parent f1dcad7 commit ee8c63c

25 files changed

+60
-270
lines changed

src/components/budget/budget.service.ts

Lines changed: 2 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,6 @@ import {
1010
Order,
1111
ServerException,
1212
Session,
13-
UnauthorizedException,
1413
viewOfChangeset,
1514
} from '../../common';
1615
import { HandleIdLookup, ILogger, Logger, ResourceResolver } from '../../core';
@@ -288,15 +287,7 @@ export class BudgetService {
288287
async delete(id: ID, session: Session): Promise<void> {
289288
const budget = await this.readOne(id, session);
290289

291-
if (!budget) {
292-
throw new NotFoundException('Could not find Budget');
293-
}
294-
295-
const canDelete = await this.budgetRepo.checkDeletePermission(id, session);
296-
if (!canDelete)
297-
throw new UnauthorizedException(
298-
'You do not have the permission to delete this Budget',
299-
);
290+
this.privileges.for(session, Budget, budget).verifyCan('delete');
300291

301292
// cascade delete each budget record in this budget
302293
await Promise.all(
@@ -320,19 +311,7 @@ export class BudgetService {
320311
viewOfChangeset(changeset),
321312
);
322313

323-
if (!br) {
324-
throw new NotFoundException('Could not find Budget Record');
325-
}
326-
327-
const canDelete = await this.budgetRecordsRepo.checkDeletePermission(
328-
id,
329-
session,
330-
);
331-
332-
if (!canDelete)
333-
throw new UnauthorizedException(
334-
'You do not have the permission to delete this Budget Record',
335-
);
314+
this.privileges.for(session, BudgetRecord, br).verifyCan('delete');
336315

337316
try {
338317
await this.budgetRecordsRepo.deleteNode(br, changeset);

src/components/ceremony/ceremony.service.ts

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,9 @@ import { Injectable } from '@nestjs/common';
22
import {
33
ID,
44
InputException,
5-
NotFoundException,
65
ObjectView,
76
ServerException,
87
Session,
9-
UnauthorizedException,
108
UnsecuredDto,
119
} from '../../common';
1210
import { HandleIdLookup, ILogger, Logger } from '../../core';
@@ -83,19 +81,8 @@ export class CeremonyService {
8381
async delete(id: ID, session: Session): Promise<void> {
8482
const object = await this.readOne(id, session);
8583

86-
if (!object) {
87-
throw new NotFoundException('Could not find ceremony', 'ceremony.id');
88-
}
89-
90-
const canDelete = await this.ceremonyRepo.checkDeletePermission(
91-
id,
92-
session,
93-
);
94-
95-
if (!canDelete)
96-
throw new UnauthorizedException(
97-
'You do not have the permission to delete this Ceremony',
98-
);
84+
// Only called internally, not exposed directly to users
85+
// this.privileges.for(session, Ceremony, object).verifyCan('delete');
9986

10087
try {
10188
await this.ceremonyRepo.deleteNode(object);

src/components/engagement/engagement.service.ts

Lines changed: 3 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@ import {
88
SecuredList,
99
ServerException,
1010
Session,
11-
UnauthorizedException,
1211
UnsecuredDto,
1312
viewOfChangeset,
1413
} from '../../common';
@@ -365,14 +364,9 @@ export class EngagementService {
365364
async delete(id: ID, session: Session, changeset?: ID): Promise<void> {
366365
const object = await this.readOne(id, session);
367366

368-
if (!object) {
369-
throw new NotFoundException('Could not find engagement', 'engagement.id');
370-
}
371-
372-
if (!object.canDelete)
373-
throw new UnauthorizedException(
374-
'You do not have the permission to delete this Engagement',
375-
);
367+
this.privileges
368+
.for(session, resolveEngagementType(object), object)
369+
.verifyCan('delete');
376370

377371
await this.verifyProjectStatus(object.project, session, changeset);
378372

src/components/ethno-art/ethno-art.service.ts

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,9 @@ import { Injectable } from '@nestjs/common';
22
import {
33
DuplicateException,
44
ID,
5-
NotFoundException,
65
ObjectView,
76
ServerException,
87
Session,
9-
UnauthorizedException,
108
} from '../../common';
119
import { DbTypeOf, HandleIdLookup, ILogger, Logger } from '../../core';
1210
import { ifDiff } from '../../core/database/changes';
@@ -114,16 +112,7 @@ export class EthnoArtService {
114112
async delete(id: ID, session: Session): Promise<void> {
115113
const ethnoArt = await this.readOne(id, session);
116114

117-
if (!ethnoArt) {
118-
throw new NotFoundException('Could not find Ethno Art');
119-
}
120-
121-
const canDelete = await this.repo.checkDeletePermission(id, session);
122-
if (!canDelete) {
123-
throw new UnauthorizedException(
124-
'You do not have permissions to delete this Ethno Art',
125-
);
126-
}
115+
this.privileges.for(session, EthnoArt, ethnoArt).verifyCan('delete');
127116

128117
try {
129118
await this.repo.deleteNode(ethnoArt);

src/components/field-region/field-region.service.ts

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,10 @@ import { Injectable } from '@nestjs/common';
22
import {
33
DuplicateException,
44
ID,
5-
NotFoundException,
65
ObjectView,
76
SecuredList,
87
ServerException,
98
Session,
10-
UnauthorizedException,
119
UnsecuredDto,
1210
} from '../../common';
1311
import { HandleIdLookup, ILogger, Logger } from '../../core';
@@ -99,16 +97,7 @@ export class FieldRegionService {
9997
async delete(id: ID, session: Session): Promise<void> {
10098
const object = await this.readOne(id, session);
10199

102-
if (!object) {
103-
throw new NotFoundException('Could not find Field Region');
104-
}
105-
106-
const canDelete = await this.repo.checkDeletePermission(id, session);
107-
108-
if (!canDelete)
109-
throw new UnauthorizedException(
110-
'You do not have the permission to delete this Field Region',
111-
);
100+
this.privileges.for(session, FieldRegion, object).verifyCan('delete');
112101

113102
try {
114103
await this.repo.deleteNode(object);

src/components/field-zone/field-zone.service.ts

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,10 @@ import { Injectable } from '@nestjs/common';
22
import {
33
DuplicateException,
44
ID,
5-
NotFoundException,
65
ObjectView,
76
SecuredList,
87
ServerException,
98
Session,
10-
UnauthorizedException,
119
UnsecuredDto,
1210
} from '../../common';
1311
import { HandleIdLookup, ILogger, Logger } from '../../core';
@@ -91,16 +89,7 @@ export class FieldZoneService {
9189
async delete(id: ID, session: Session): Promise<void> {
9290
const object = await this.readOne(id, session);
9391

94-
if (!object) {
95-
throw new NotFoundException('Could not find Field Zone');
96-
}
97-
98-
const canDelete = await this.repo.checkDeletePermission(id, session);
99-
100-
if (!canDelete)
101-
throw new UnauthorizedException(
102-
'You do not have the permission to delete this Field Zone',
103-
);
92+
this.privileges.for(session, FieldZone, object).verifyCan('delete');
10493

10594
try {
10695
await this.repo.deleteNode(object);

src/components/file/file.repository.ts

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -13,13 +13,7 @@ import {
1313
import { Direction } from 'cypher-query-builder/dist/typings/clauses/order-by';
1414
import { AnyConditions } from 'cypher-query-builder/dist/typings/clauses/where-utils';
1515
import { DateTime } from 'luxon';
16-
import {
17-
ID,
18-
NotFoundException,
19-
ServerException,
20-
Session,
21-
UnauthorizedException,
22-
} from '../../common';
16+
import { ID, NotFoundException, ServerException, Session } from '../../common';
2317
import {
2418
CommonRepository,
2519
ILogger,
@@ -572,14 +566,7 @@ export class FileRepository extends CommonRepository {
572566
}
573567
}
574568

575-
async delete(fileNode: FileNode, session: Session): Promise<void> {
576-
const canDelete = await this.db.checkDeletePermission(fileNode.id, session);
577-
578-
if (!canDelete)
579-
throw new UnauthorizedException(
580-
'You do not have the permission to delete this File item',
581-
);
582-
569+
async delete(fileNode: FileNode, _session: Session): Promise<void> {
583570
try {
584571
await this.db.deleteNode(fileNode);
585572
} catch (exception) {

src/components/film/film.service.ts

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,10 @@ import { Injectable } from '@nestjs/common';
22
import {
33
DuplicateException,
44
ID,
5-
NotFoundException,
65
ObjectView,
76
SecuredList,
87
ServerException,
98
Session,
10-
UnauthorizedException,
119
} from '../../common';
1210
import { DbTypeOf, HandleIdLookup, ILogger, Logger } from '../../core';
1311
import { ifDiff } from '../../core/database/changes';
@@ -114,16 +112,7 @@ export class FilmService {
114112
async delete(id: ID, session: Session): Promise<void> {
115113
const film = await this.readOne(id, session);
116114

117-
if (!film) {
118-
throw new NotFoundException('Could not find Film');
119-
}
120-
121-
const canDelete = await this.repo.checkDeletePermission(id, session);
122-
123-
if (!canDelete)
124-
throw new UnauthorizedException(
125-
'You do not have the permission to delete this Film',
126-
);
115+
this.privileges.for(session, Film, film).verifyCan('delete');
127116

128117
try {
129118
await this.repo.deleteNode(film);

src/components/funding-account/funding-account.service.ts

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@ import {
77
SecuredList,
88
ServerException,
99
Session,
10-
UnauthorizedException,
1110
UnsecuredDto,
1211
} from '../../common';
1312
import { HandleIdLookup, ILogger, Logger } from '../../core';
@@ -107,16 +106,7 @@ export class FundingAccountService {
107106
async delete(id: ID, session: Session): Promise<void> {
108107
const object = await this.readOne(id, session);
109108

110-
if (!object) {
111-
throw new NotFoundException('Could not find Funding Account');
112-
}
113-
114-
const canDelete = await this.repo.checkDeletePermission(id, session);
115-
116-
if (!canDelete)
117-
throw new UnauthorizedException(
118-
'You do not have the permission to delete this Funding Account',
119-
);
109+
this.privileges.for(session, FundingAccount, object).verifyCan('delete');
120110

121111
try {
122112
await this.repo.deleteNode(object);

src/components/language/language.service.ts

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,10 @@ import {
55
DuplicateException,
66
ID,
77
InputException,
8-
NotFoundException,
98
ObjectView,
109
SecuredDate,
1110
ServerException,
1211
Session,
13-
UnauthorizedException,
1412
UnsecuredDto,
1513
} from '../../common';
1614
import { HandleIdLookup, ILogger, Logger, UniquenessError } from '../../core';
@@ -157,16 +155,7 @@ export class LanguageService {
157155
async delete(id: ID, session: Session): Promise<void> {
158156
const object = await this.readOne(id, session);
159157

160-
if (!object) {
161-
throw new NotFoundException('Could not find language', 'language.id');
162-
}
163-
164-
const canDelete = await this.repo.checkDeletePermission(id, session);
165-
166-
if (!canDelete)
167-
throw new UnauthorizedException(
168-
'You do not have the permission to delete this Language',
169-
);
158+
this.privileges.for(session, Language, object).verifyCan('delete');
170159

171160
try {
172161
await this.repo.deleteNode(object);

0 commit comments

Comments
 (0)