feat: add index of projects

TruffeCendree · Nov 12, 2021 · 41b987e · 41b987e
1 parent 2fe69af
commit 41b987e
Show file tree

Hide file tree

Showing 11 changed files with 120 additions and 7 deletions.
diff --git a/src/lib/fastify.ts b/src/lib/fastify.ts
@@ -2,6 +2,7 @@ import fastify from 'fastify'
 import cookie, { FastifyCookieOptions } from 'fastify-cookie'
 import fastifySwagger from 'fastify-swagger'
 import { UnauthorizedError } from '../policies/policy'
+import { projectsRoutes } from '../routes/projects'
 import { sessionRoutes } from '../routes/sessions'
 import { userRoutes } from '../routes/users'
 import { COOKIE_SECRET, FASTIFY_LOGGING } from './dotenv'
@@ -15,6 +16,7 @@ export const server = fastify({ logger: FASTIFY_LOGGING })
   .register(fastifySwagger, swaggerConfig)
   .register(sessionRoutes, { prefix: '/sessions' })
   .register(userRoutes, { prefix: '/users' })
+  .register(projectsRoutes, { prefix: '/projects' })
   .setErrorHandler((error, request, reply) => {
     // based on https://github.com/fastify/fastify/blob/1e94070992d911a81a26597c25f2d35ae65f3d91/fastify.js#L74
     if (error instanceof UnauthorizedError) {

diff --git a/src/policies/policy.ts b/src/policies/policy.ts
@@ -4,10 +4,14 @@ export interface PolicyAction<Model> {
   (currentSession: Session | null | undefined, record: Model): Promise<boolean | UnauthorizedError>
 }
 
+export interface PolicyActionIndex {
+  (currentSession: Session | null | undefined): Promise<boolean | UnauthorizedError>
+}
+
 export class UnauthorizedError extends Error {}
 
 export async function authorizeOfFail<Model>(
-  policyAction: PolicyAction<Model>,
+  policyAction: PolicyAction<Model> | PolicyActionIndex,
   currentSession: Session | null | undefined,
   record: Model
 ) {

diff --git a/src/policies/projects-policy.ts b/src/policies/projects-policy.ts
@@ -0,0 +1,15 @@
+import { getConnection } from 'typeorm'
+import { Project } from '../entities/project'
+import { Session } from '../entities/session'
+import { PolicyActionIndex } from './policy'
+
+export const canIndexProject: PolicyActionIndex = async function canIndexProject(session) {
+  return !!session
+}
+
+export async function projectPolicyScope(session: Session) {
+  return getConnection()
+    .createQueryBuilder(Project, 'project')
+    .innerJoin('project.users', 'user')
+    .where('user.id = :userId', { userId: session.user.id })
+}
diff --git a/src/routes/projects.ts b/src/routes/projects.ts
@@ -0,0 +1,20 @@
+import { FastifyInstance } from 'fastify'
+import { authorizeOfFail } from '../policies/policy'
+import { canIndexProject, projectPolicyScope } from '../policies/projects-policy'
+import { ProjectsIndexResponse } from '../schemas/types/projects.index.response'
+import * as projectsIndexResponseSchema from '../schemas/json/projects.index.response.json'
+
+export async function projectsRoutes(fastify: FastifyInstance) {
+  fastify.get('/', {
+    schema: {
+      response: {
+        200: projectsIndexResponseSchema
+      }
+    },
+    handler: async function index(request): Promise<ProjectsIndexResponse> {
+      await authorizeOfFail(canIndexProject, request.session, null)
+      const projects = (await projectPolicyScope(request.session!)).getMany()
+      return projects
+    }
+  })
+}
diff --git a/src/routes/users.ts b/src/routes/users.ts
@@ -4,6 +4,7 @@ import { User } from '../entities/user'
 import { authorizeOfFail } from '../policies/policy'
 import { canShowUser } from '../policies/users-policy'
 import { UsersShowParams } from '../schemas/types/users.show.params'
+import { UsersShowResponse } from '../schemas/types/users.show.response'
 import * as usersShowParamsSchema from '../schemas/json/users.show.params.json'
 import * as usersShowResponseSchema from '../schemas/json/users.show.response.json'
 
@@ -13,7 +14,7 @@ export async function userRoutes(fastify: FastifyInstance) {
       params: usersShowParamsSchema,
       response: { 200: usersShowResponseSchema }
     },
-    handler: async function show(request) {
+    handler: async function show(request): Promise<UsersShowResponse> {
       const user =
         request.params.id === 'me'
           ? (request.session?.user as User)

diff --git a/src/schemas/json/projects.index.response.json b/src/schemas/json/projects.index.response.json
@@ -0,0 +1,14 @@
+{
+  "$schema": "http://json-schema.org/schema",
+  "type": "array",
+    "items": {
+    "type": "object",
+    "properties": {
+      "id": { "type": "number" },
+      "name": { "type": "string" },
+      "instructions": { "type": ["string", "null"] }
+    },
+    "additionalProperties": false,
+    "required": ["id", "name", "instructions"]
+  }
+}
diff --git a/src/schemas/json/users.show.response.json b/src/schemas/json/users.show.response.json
@@ -7,5 +7,6 @@
     "lastname": { "type": "string" },
     "email": { "type": "string" }
   },
-  "additionalProperties": false
+  "additionalProperties": false,
+  "required": ["id", "firstname", "lastname", "email"]
 }
diff --git a/src/schemas/types/projects.index.response.d.ts b/src/schemas/types/projects.index.response.d.ts
@@ -0,0 +1,12 @@
+/* tslint:disable */
+/**
+ * This file was automatically generated by json-schema-to-typescript.
+ * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file,
+ * and run json-schema-to-typescript to regenerate this file.
+ */
+
+export type ProjectsIndexResponse = {
+  id: number;
+  name: string;
+  instructions: string | null;
+}[];
diff --git a/src/schemas/types/users.show.response.d.ts b/src/schemas/types/users.show.response.d.ts
@@ -6,8 +6,8 @@
  */
 
 export interface UsersShowResponse {
-  id?: number;
-  firstname?: string;
-  lastname?: string;
-  email?: string;
+  id: number;
+  firstname: string;
+  lastname: string;
+  email: string;
 }
diff --git a/src/specs/fixtures/projects-fixtures.ts b/src/specs/fixtures/projects-fixtures.ts
@@ -0,0 +1,18 @@
+import { getConnection } from 'typeorm'
+import { Project } from '../../entities/project'
+import { User } from '../../entities/user'
+import * as faker from 'faker'
+
+type ProjectFixtureOptions = { users?: User[] }
+
+export function buildProjectFixture(opts: ProjectFixtureOptions = {}) {
+  const project = new Project()
+  project.name = faker.company.companyName()
+  project.instructions = faker.lorem.paragraphs(2)
+  if (opts.users) project.users = Promise.resolve(opts.users)
+  return project
+}
+
+export function createProjectFixture(opts: ProjectFixtureOptions = {}) {
+  return getConnection().getRepository(Project).save(buildProjectFixture(opts))
+}
diff --git a/src/specs/routes/projects.spec.ts b/src/specs/routes/projects.spec.ts
@@ -0,0 +1,26 @@
+import { expect } from 'chai'
+import { sign } from 'cookie-signature'
+import { COOKIE_NAME, COOKIE_SECRET } from '../../lib/dotenv'
+import { server } from '../../lib/fastify'
+import { ProjectsIndexResponse } from '../../schemas/types/projects.index.response'
+import { createProjectFixture } from '../fixtures/projects-fixtures'
+import { createSessionFixture } from '../fixtures/sessions-fixtures'
+
+describe('/projects', function () {
+  describe('#index', function () {
+    it('should return projects of the current user', async function () {
+      const session = await createSessionFixture()
+      const project1 = await createProjectFixture({ users: [session.user] })
+      const project2 = await createProjectFixture({ users: [session.user] })
+      const project3 = await createProjectFixture()
+
+      const cookies = { [COOKIE_NAME]: sign(session.id, COOKIE_SECRET) }
+      const response = await server.inject({ method: 'GET', url: '/projects', cookies })
+      expect(response.statusCode).to.eq(200)
+
+      const json = response.json<ProjectsIndexResponse>()
+      expect(json.map(_ => _.id)).to.have.members([project1.id, project2.id])
+      expect(json.map(_ => _.id)).to.not.include(project3.id)
+    })
+  })
+})