From 017216b1395e79ca2a9579dbf2bc37bfc5736eee Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 26 Jan 2024 00:06:09 +0000 Subject: [PATCH 1/2] fix: upgrade @sentry/browser from 7.91.0 to 7.92.0 Snyk has created this PR to upgrade @sentry/browser from 7.91.0 to 7.92.0. See this package in npm: https://www.npmjs.com/package/@sentry/browser See this project in Snyk: https://app.snyk.io/org/aam-digital-ci/project/a4b5c50c-28f4-4e30-af2d-840962b9beaf?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 82 +++++++++++++++++++++++------------------------ package.json | 2 +- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/package-lock.json b/package-lock.json index 842945fe0f..67478a193a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31,7 +31,7 @@ "@fortawesome/free-regular-svg-icons": "^6.5.1", "@fortawesome/free-solid-svg-icons": "^6.5.1", "@ngneat/until-destroy": "^10.0.0", - "@sentry/browser": "^7.91.0", + "@sentry/browser": "^7.92.0", "angulartics2": "^12.2.1", "assert": "^2.1.0", "crypto-es": "^2.1.0", @@ -6932,87 +6932,87 @@ } }, "node_modules/@sentry-internal/feedback": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.91.0.tgz", - "integrity": "sha512-SJKTSaz68F5YIwF79EttBm915M2LnacgZMYRnRumyTmMKnebGhYQLwWbZdpaDvOa1U18dgRajDX8Qed/8A3tXw==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.92.0.tgz", + "integrity": "sha512-/jEALRtVqboxB9kcK2tag8QCO6XANTlGBb9RV3oeGXJe0DDNJXRq6wVZbfgztXJRrfgx4XVDcNt1pRVoGGG++g==", "dependencies": { - "@sentry/core": "7.91.0", - "@sentry/types": "7.91.0", - "@sentry/utils": "7.91.0" + "@sentry/core": "7.92.0", + "@sentry/types": "7.92.0", + "@sentry/utils": "7.92.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry-internal/tracing": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.91.0.tgz", - "integrity": "sha512-JH5y6gs6BS0its7WF2DhySu7nkhPDfZcdpAXldxzIlJpqFkuwQKLU5nkYJpiIyZz1NHYYtW5aum2bV2oCOdDRA==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.92.0.tgz", + "integrity": "sha512-ur55vPcUUUWFUX4eVLNP71ohswK7ZZpleNZw9Y1GfLqyI+0ILQUwjtzqItJrdClvVsdRZJMRmDV40Hp9Lbb9mA==", "dependencies": { - "@sentry/core": "7.91.0", - "@sentry/types": "7.91.0", - "@sentry/utils": "7.91.0" + "@sentry/core": "7.92.0", + "@sentry/types": "7.92.0", + "@sentry/utils": "7.92.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/browser": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.91.0.tgz", - "integrity": "sha512-lJv3x/xekzC/biiyAsVCioq2XnKNOZhI6jY3ZzLJZClYV8eKRi7D3KCsHRvMiCdGak1d/6sVp8F4NYY+YiWy1Q==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.92.0.tgz", + "integrity": "sha512-loMr02/zQ38u8aQhYLtIBg0i5n3ps2e3GUXrt3CdsJQdkRYfa62gcrE7SzvoEpMVHTk7VOI4fWGht8cWw/1k3A==", "dependencies": { - "@sentry-internal/feedback": "7.91.0", - "@sentry-internal/tracing": "7.91.0", - "@sentry/core": "7.91.0", - "@sentry/replay": "7.91.0", - "@sentry/types": "7.91.0", - "@sentry/utils": "7.91.0" + "@sentry-internal/feedback": "7.92.0", + "@sentry-internal/tracing": "7.92.0", + "@sentry/core": "7.92.0", + "@sentry/replay": "7.92.0", + "@sentry/types": "7.92.0", + "@sentry/utils": "7.92.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/core": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.91.0.tgz", - "integrity": "sha512-tu+gYq4JrTdrR+YSh5IVHF0fJi/Pi9y0HZ5H9HnYy+UMcXIotxf6hIEaC6ZKGeLWkGXffz2gKpQLe/g6vy/lPA==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.92.0.tgz", + "integrity": "sha512-1Tly7YB2I1byI5xb0Cwrxs56Rhww+6mQ7m9P7rTmdC3/ijOzbEoohtYIUPwcooCEarpbEJe/tAayRx6BrH2UbQ==", "dependencies": { - "@sentry/types": "7.91.0", - "@sentry/utils": "7.91.0" + "@sentry/types": "7.92.0", + "@sentry/utils": "7.92.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/replay": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.91.0.tgz", - "integrity": "sha512-XwbesnLLNtaVXKtDoyBB96GxJuhGi9zy3a662Ba/McmumCnkXrMQYpQPh08U7MgkTyDRgjDwm7PXDhiKpcb03g==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.92.0.tgz", + "integrity": "sha512-G1t9Uvc9cR8VpNkElwvHIMGzykjIKikb10n0tfVd3e+rBPMCCjCPWOduwG6jZYxcvCjTpqmJh6NSLXxL/Mt4JA==", "dependencies": { - "@sentry-internal/tracing": "7.91.0", - "@sentry/core": "7.91.0", - "@sentry/types": "7.91.0", - "@sentry/utils": "7.91.0" + "@sentry-internal/tracing": "7.92.0", + "@sentry/core": "7.92.0", + "@sentry/types": "7.92.0", + "@sentry/utils": "7.92.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry/types": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.91.0.tgz", - "integrity": "sha512-bcQnb7J3P3equbCUc+sPuHog2Y47yGD2sCkzmnZBjvBT0Z1B4f36fI/5WjyZhTjLSiOdg3F2otwvikbMjmBDew==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.92.0.tgz", + "integrity": "sha512-APmSOuZuoRGpbPpPeYIbMSplPjiWNLZRQa73QiXuTflW4Tu/ItDlU8hOa2+A6JKVkJCuD2EN6yUrxDGSMyNXeg==", "engines": { "node": ">=8" } }, "node_modules/@sentry/utils": { - "version": "7.91.0", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.91.0.tgz", - "integrity": "sha512-fvxjrEbk6T6Otu++Ax9ntlQ0sGRiwSC179w68aC3u26Wr30FAIRKqHTCCdc2jyWk7Gd9uWRT/cq+g8NG/8BfSg==", + "version": "7.92.0", + "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.92.0.tgz", + "integrity": "sha512-3nEfrQ1z28b/2zgFGANPh5yMVtgwXmrasZxTvKbrAj+KWJpjrJHrIR84r9W277J44NMeZ5RhRW2uoDmuBslPnA==", "dependencies": { - "@sentry/types": "7.91.0" + "@sentry/types": "7.92.0" }, "engines": { "node": ">=8" diff --git a/package.json b/package.json index 795686022b..bab0be7e3a 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "@fortawesome/free-regular-svg-icons": "^6.5.1", "@fortawesome/free-solid-svg-icons": "^6.5.1", "@ngneat/until-destroy": "^10.0.0", - "@sentry/browser": "^7.91.0", + "@sentry/browser": "^7.92.0", "angulartics2": "^12.2.1", "assert": "^2.1.0", "crypto-es": "^2.1.0", From 8fd0a477f1c2a3a8fae0f3a6ad7636026ca820c3 Mon Sep 17 00:00:00 2001 From: Tom Winter Date: Mon, 29 Jan 2024 14:10:16 +0100 Subject: [PATCH 2/2] fix: use create permissions when read public form fields (#2203) closes #2202 --- .../entity-form/entity-form.component.spec.ts | 23 ++++++++++++++++++- .../entity-form/entity-form.component.ts | 4 +++- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/src/app/core/common-components/entity-form/entity-form/entity-form.component.spec.ts b/src/app/core/common-components/entity-form/entity-form/entity-form.component.spec.ts index b340b42772..4a31a33462 100644 --- a/src/app/core/common-components/entity-form/entity-form/entity-form.component.spec.ts +++ b/src/app/core/common-components/entity-form/entity-form/entity-form.component.spec.ts @@ -56,7 +56,7 @@ describe("EntityFormComponent", () => { expect(component).toBeTruthy(); }); - it("should remove fields without read permissions", async () => { + it("should remove fields without read permissions when entity is not new", async () => { component.fieldGroups = [ { fields: ["foo", "bar"] }, { fields: ["name"] }, @@ -67,6 +67,27 @@ describe("EntityFormComponent", () => { { subject: "Child", action: "read", fields: ["foo", "name"] }, ]); + component.entity._rev = "foo"; + + component.ngOnChanges({ entity: true, form: true } as any); + + expect(component.fieldGroups).toEqual([ + { fields: ["foo"] }, + { fields: ["name"] }, + ]); + }); + + it("should remove fields without create permissions when entity is new", async () => { + component.fieldGroups = [ + { fields: ["foo", "bar"] }, + { fields: ["name"] }, + { fields: ["birthday"] }, + ]; + + TestBed.inject(EntityAbility).update([ + { subject: "Child", action: "create", fields: ["foo", "name"] }, + ]); + component.ngOnChanges({ entity: true, form: true } as any); expect(component.fieldGroups).toEqual([ diff --git a/src/app/core/common-components/entity-form/entity-form/entity-form.component.ts b/src/app/core/common-components/entity-form/entity-form/entity-form.component.ts index 81ab7eb210..67776168ad 100644 --- a/src/app/core/common-components/entity-form/entity-form/entity-form.component.ts +++ b/src/app/core/common-components/entity-form/entity-form/entity-form.component.ts @@ -139,11 +139,13 @@ export class EntityFormComponent fieldGroups: FieldGroup[], entity: Entity, ): FieldGroup[] { + const action = entity.isNew ? "create" : "read"; + return fieldGroups .map((group) => { group.fields = group.fields.filter((field) => this.ability.can( - "read", + action, entity, typeof field === "string" ? field : field.id, ),