Skip to content

Commit 7303e40

Browse files
gmarav05sugat009
gmarav05
and
sugat009
authored
chore(#10551): add user role constants beyond ONLINE constant (#10747)
Signed-off-by: Aravind <gmarav005@gmail.com> Co-authored-by: Sugat Bajracharya <30311933+sugat009@users.noreply.github.com>
1 parent 393b9d6 commit 7303e40

File tree

25 files changed

+133
-108
lines changed

25 files changed

+133
-108
lines changed

admin/src/js/controllers/edit-user.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,14 @@ const moment = require('moment');
22
const passwordTester = require('simple-password-tester');
33
const phoneNumber = require('@medic/phone-number');
44
const CHT = require('@medic/cht-datasource');
5+
const constants = require('@medic/constants');
6+
const USER_ROLES = constants.USER_ROLES;
57
const PASSWORD_MINIMUM_LENGTH = 8;
68
const PASSWORD_MINIMUM_SCORE = 50;
79
const SHOW_PASSWORD_ICON = '/login/images/show-password.svg';
810
const HIDE_PASSWORD_ICON = '/login/images/hide-password.svg';
911
const USERNAME_ALLOWED_CHARS = /^[a-z0-9_-]+$/;
10-
const ADMIN_ROLE = '_admin';
12+
const ADMIN_ROLE = USER_ROLES.COUCHDB_ADMIN;
1113
const FIELDS_TO_IGNORE = [
1214
'currentPassword',
1315
'passwordConfirm',

admin/src/js/services/session.js

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
const _ = require('lodash/core');
22
const constants = require('@medic/constants');
3+
const USER_ROLES = constants.USER_ROLES;
34
const COOKIE_NAME = 'userCtx';
4-
const ONLINE_ROLE = constants.USER_ROLES.ONLINE;
5+
const ONLINE_ROLE = USER_ROLES.ONLINE;
56

67
(function () {
78

@@ -96,7 +97,7 @@ const ONLINE_ROLE = constants.USER_ROLES.ONLINE;
9697

9798
const isAdmin = function(userCtx) {
9899
userCtx = userCtx || getUserCtx();
99-
return hasRole(userCtx, '_admin');
100+
return hasRole(userCtx, USER_ROLES.COUCHDB_ADMIN);
100101
};
101102

102103
return {

admin/tests/unit/services/auth.spec.js

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
const { USER_ROLES: { COUCHDB_ADMIN } } = require('@medic/constants');
2+
13
describe('Auth service', function() {
24

35
'use strict';
@@ -58,7 +60,7 @@ describe('Auth service', function() {
5860
});
5961

6062
it('true when user is db admin', async () => {
61-
userCtx.returns({ roles: ['_admin'] });
63+
userCtx.returns({ roles: [COUCHDB_ADMIN] });
6264
Settings.resolves({ permissions: { can_edit: [ 'chw' ] } });
6365
const result = await service.has(['can_backup_facilities']);
6466
chai.expect(result).to.be.true;
@@ -176,7 +178,7 @@ describe('Auth service', function() {
176178
});
177179

178180
it('false when admin and !permission', async () => {
179-
userCtx.returns({ roles: ['_admin'] });
181+
userCtx.returns({ roles: [COUCHDB_ADMIN] });
180182
Settings.resolves({ permissions: {} });
181183
const result = await service.has(['!can_backup_facilities']);
182184
chai.expect(result).to.be.false;
@@ -246,21 +248,21 @@ describe('Auth service', function() {
246248
});
247249

248250
it('true when admin and no disallowed permissions', async () => {
249-
userCtx.returns({ roles: ['_admin'] });
251+
userCtx.returns({ roles: [COUCHDB_ADMIN] });
250252
Settings.resolves({ permissions: { can_edit: [ 'chw' ] } });
251253
const result = await service.any([['can_backup_facilities'], ['can_export_messages'], ['somepermission']]);
252254
chai.expect(result).to.be.true;
253255
});
254256

255257
it('true when admin and some disallowed permissions', async () => {
256-
userCtx.returns({ roles: ['_admin'] });
258+
userCtx.returns({ roles: [COUCHDB_ADMIN] });
257259
Settings.resolves({ permissions: { can_edit: [ 'chw' ] } });
258260
const result = await service.any([['!can_backup_facilities'], ['!can_export_messages'], ['somepermission']]);
259261
chai.expect(result).to.be.true;
260262
});
261263

262264
it('false when admin and all disallowed permissions', async () => {
263-
userCtx.returns({ roles: ['_admin'] });
265+
userCtx.returns({ roles: [COUCHDB_ADMIN] });
264266
Settings.resolves({ permissions: {} });
265267
const result = await service.any([['!can_backup_facilities'], ['!can_export_messages'], ['!somepermission']]);
266268
chai.expect(result).to.be.false;

admin/tests/unit/services/session.spec.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
describe('Session service', function() {
22

33
'use strict';
4+
const { USER_ROLES: { COUCHDB_ADMIN } } = require('@medic/constants');
45

56
let service;
67
let ipCookie;
@@ -149,7 +150,7 @@ describe('Session service', function() {
149150
});
150151

151152
it('returns true for _admin', function(done) {
152-
ipCookie.returns({ roles: [ '_admin' ] });
153+
ipCookie.returns({ roles: [COUCHDB_ADMIN] });
153154
const actual = service.isAdmin();
154155
chai.expect(actual).to.equal(true);
155156
done();

api/src/migrations/restrict-access-to-vault-db.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
11
const request = require('@medic/couch-request');
22
const url = require('url');
33
const environment = require('@medic/environment');
4+
const { USER_ROLES } = require('@medic/constants');
45

56
const addSecurityToDb = () => {
6-
const dbAdminRole = '_admin';
7+
const dbAdminRole = USER_ROLES.COUCHDB_ADMIN;
78
const securityObject = {
89
admins: { names: [], roles: [ dbAdminRole ] },
910
members: { names: [], roles: [ dbAdminRole ] }

api/tests/mocha/auth.spec.js

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ const auth = require('../../src/auth');
66
const config = require('../../src/config');
77
const environment = require('@medic/environment');
88
const { PermissionError } = require('../../src/errors');
9+
const { USER_ROLES: { COUCHDB_ADMIN } } = require('@medic/constants');
910

1011
let req;
1112

@@ -79,7 +80,7 @@ describe('Auth', () => {
7980
});
8081

8182
it('returns username for admin', () => {
82-
const userCtx = { userCtx: { name: 'steve', roles: [ '_admin' ] } };
83+
const userCtx = { userCtx: { name: 'steve', roles: [COUCHDB_ADMIN] } };
8384
const get = sinon.stub(request, 'get').resolves(userCtx);
8485
return auth.check({headers: []}, 'can_edit').then(ctx => {
8586
chai.expect(get.callCount).to.equal(1);
@@ -272,7 +273,7 @@ describe('Auth', () => {
272273
});
273274

274275
it('succeeds for admin user regardless of permissions', async () => {
275-
userCtx.roles.push('_admin');
276+
userCtx.roles.push(COUCHDB_ADMIN);
276277
config.get.returns({
277278
can_edit: ['other_role'],
278279
});

api/tests/mocha/controllers/login.spec.js

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ const fs = require('fs');
44
const chai = require('chai');
55
const sinon = require('sinon');
66
const request = require('@medic/couch-request');
7+
const { USER_ROLES: { COUCHDB_ADMIN } } = require('@medic/constants');
78

89
const environment = require('@medic/environment');
910
const auth = require('../../../src/auth');
@@ -1013,7 +1014,7 @@ describe('login controller', () => {
10131014
sinon.stub(res, 'send');
10141015
sinon.stub(res, 'status').returns(res);
10151016
sinon.stub(users, 'createAdmin').resolves();
1016-
const userCtx = { name: 'shazza', roles: [ '_admin' ] };
1017+
const userCtx = { name: 'shazza', roles: [COUCHDB_ADMIN] };
10171018
sinon.stub(users, 'getUserDoc').resolves({});
10181019
sinon.stub(auth, 'getUserCtx').resolves(userCtx);
10191020
roles.isOnlineOnly.returns(true);
@@ -1046,7 +1047,7 @@ describe('login controller', () => {
10461047
sinon.stub(res, 'status').returns(res);
10471048
sinon.stub(res, 'json').returns(res);
10481049
sinon.stub(users, 'createAdmin').resolves();
1049-
const userCtx = { name: 'shazza', roles: [ '_admin' ] };
1050+
const userCtx = { name: 'shazza', roles: [COUCHDB_ADMIN] };
10501051
sinon.stub(users, 'getUserDoc').resolves({ oidc_username: 'true' });
10511052
sinon.stub(auth, 'getUserCtx').resolves(userCtx);
10521053
roles.isOnlineOnly.returns(true);

api/tests/mocha/controllers/replication-limit-log.spec.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ const auth = require('../../../src/auth');
44
const serverUtils = require('../../../src/server-utils');
55
const replicationLimitLogController = require('../../../src/controllers/replication-limit-log');
66
const replicationLimitLogService = require('../../../src/services/replication-limit-log');
7+
const { USER_ROLES: { COUCHDB_ADMIN } } = require('@medic/constants');
78

89
describe('Replication Limit Log Controller', () => {
910
let req;
@@ -59,7 +60,7 @@ describe('Replication Limit Log Controller', () => {
5960
});
6061

6162
it('should respond with a log document', () => {
62-
auth.getUserCtx.resolves({ roles: ['_admin'] });
63+
auth.getUserCtx.resolves({ roles: [COUCHDB_ADMIN] });
6364
replicationLimitLogService.get.resolves({ some: 'logs' });
6465

6566
return replicationLimitLogController

api/tests/mocha/controllers/users.spec.js

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ const db = require('../../../src/db');
1010
const dataContext = require('../../../src/services/data-context');
1111
const { roles, users } = require('@medic/user-management')(config, db, dataContext);
1212
const replicationLimitLog = require('../../../src/services/replication-limit-log');
13+
const { USER_ROLES: { COUCHDB_ADMIN, ADMIN } } = require('@medic/constants');
1314

1415
let req;
1516
let userCtx;
@@ -194,7 +195,7 @@ describe('Users Controller', () => {
194195

195196
beforeEach(() => {
196197
userList = [
197-
{ id: 'org.couchdb.user:admin', roles: ['_admin'] },
198+
{ id: 'org.couchdb.user:admin', roles: [COUCHDB_ADMIN] },
198199
{
199200
id: 'org.couchdb.user:chw',
200201
roles: ['chw', 'district-admin'],
@@ -250,7 +251,7 @@ describe('Users Controller', () => {
250251
const result = res.json.args[0][0];
251252
chai.expect(result[0].id).to.equal('org.couchdb.user:admin');
252253
chai.expect(result[0].type).to.be.undefined;
253-
chai.expect(result[0].roles).to.deep.equal([ '_admin' ]);
254+
chai.expect(result[0].roles).to.deep.equal([COUCHDB_ADMIN]);
254255
chai.expect(result[1].id).to.equal('org.couchdb.user:chw');
255256
chai.expect(result[1].type).to.be.undefined;
256257
chai.expect(result[1].roles).to.deep.equal([ 'chw', 'district-admin' ]);
@@ -318,7 +319,7 @@ describe('Users Controller', () => {
318319

319320
describe('info', () => {
320321
beforeEach(() => {
321-
userCtx = { name: 'user', roles: ['admin'] };
322+
userCtx = { name: 'user', roles: [ADMIN] };
322323
req = { query: {}, userCtx };
323324
res = { json: sinon.stub() };
324325
});

shared-libs/cht-datasource/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
"license": "Apache-2.0",
1818
"dependencies": {
1919
"@medic/contact-types-utils": "file:../contact-types-utils",
20-
"@medic/logger": "file:../logger"
20+
"@medic/logger": "file:../logger",
21+
"@medic/constants": "file:../constants"
2122
}
2223
}

0 commit comments

Comments
 (0)