feat: adding permissions checks to apollo (#307)

Author: manas-vessel

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vesselapi/integrations",
-  "version": "1.0.73",
+  "version": "1.0.74",
   "description": "Vessel integrations",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

src/platforms/apollo/client.ts

@@ -58,6 +58,17 @@ const request = makeRequestFactory(async (auth, options) => {
 });
 
 export const client = {
+  auth: {
+    health: request(() => ({
+      url: `/auth/health`,
+      method: 'GET',
+      schema: z
+        .object({
+          is_logged_in: z.boolean().nullable(),
+        })
+        .partial(),
+    })),
+  },
   users: {
     search: request(
       ({

src/platforms/apollo/index.ts

@@ -42,6 +42,7 @@ import searchUsers from './actions/users/search';
 import searchLabels from './actions/labels/search';
 
 import searchPeople from './actions/people/search';
+import { permissions } from './permissions';
 
 export * as types from './schemas';
 export default platform('apollo', {
@@ -68,6 +69,7 @@ export default platform('apollo', {
   },
   constants,
   client,
+  permissions,
   actions: {
     createAccount,
     searchAccounts,

src/platforms/apollo/permissions.ts

@@ -0,0 +1,30 @@
+import { tryit } from 'radash';
+import { PlatformPermissions } from '../../sdk';
+import { client } from './client';
+
+// NOTE: These will be used in the UI, so they should be user-friendly.
+const INVALID_API_TOKEN_MESSAGE = 'Invalid API Token';
+
+export const makePermissions = (): PlatformPermissions => {
+  return {
+    validate: async ({ auth }) => {
+      const [err, result] = await tryit(client.auth.health)(auth, {});
+      if (err || !result.data.is_logged_in) {
+        console.warn({
+          message: 'Failed to validate permissions for Apollo',
+          metadata: { error: err, result },
+        });
+        return {
+          valid: false,
+          errorMessage: INVALID_API_TOKEN_MESSAGE,
+        };
+      }
+      return {
+        valid: true,
+        errorMessage: null,
+      };
+    },
+  };
+};
+
+export const permissions = makePermissions();