Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Page role authentication does not work when using roles instead of role #4275

Closed
wants to merge 10 commits into from

Conversation

cmoileo
Copy link

@cmoileo cmoileo commented Jan 13, 2024

What are the changes and their implications?

I have changed the User model to make it able to have several roles instead of a single role.

@cmoileo cmoileo requested a review from flybayer as a code owner January 13, 2024 13:00
Copy link

changeset-bot bot commented Jan 13, 2024

🦋 Changeset detected

Latest commit: 1b64da9

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 8 packages
Name Type
@blitzjs/auth Patch
next-blitz-auth Patch
@blitzjs/rpc Patch
@blitzjs/next Patch
@blitzjs/codemod Patch
@blitzjs/config Patch
@blitzjs/generator Patch
blitz Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

Copy link
Member

@siddhsuresh siddhsuresh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @cmoileo thanks for the PR and interest to contribute to fix this issue!

There are a few issues with the current state of this implementation, I see that you are updating all the usages of publicData.role into publicData.roles which would break all apps that depend on this.

For the completion of this particular issue, we need to implement new handling to authorise correctly either when the user creates the session using role or roles

The only file that would need an implementation change would be packages/blitz-auth/src/client/index.tsx, please clean the PR from these changes, so that there is no possibility of regressions.

I have provided my suggestions. Please feel free to tag me for any confusions and request a re-review when the code is updated.

packages/blitz-auth/src/client/index.tsx Outdated Show resolved Hide resolved
if (role.includes(currentRole)) {
return true
}
const authorizeRole = (roles?: string | Array<string>, currentRoles?: string[]) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔨 I have not tested it myself, but the api would need to look like this, to handle a case were a single currentRole exists or an array

const authorizeRole = (role?: string | Array<string>, currentRole?: string | Array<string>) => {
  if (role && currentRole) {
    if (Array.isArray(role) && role.some((r) => currentRole.includes(r))) {
      return true
    } else {
      if (currentRole === role) {
        return true
      }
    }
  }
  return false
}

packages/blitz-auth/src/client/index.tsx Outdated Show resolved Hide resolved
@@ -184,7 +185,7 @@ export const useSession = (options: UseSessionOptions = {}): ClientSession => {
return session
}

export const useAuthorizeIf = (condition?: boolean, role?: string | Array<string>) => {
export const useAuthorizeIf = (condition?: boolean, roles?: string | Array<string>) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔨 no changes needed for this function, please revert

packages/blitz-auth/src/client/index.tsx Outdated Show resolved Hide resolved
@@ -426,7 +427,7 @@ test("supports reset via resetKeys right after error is triggered on component m
test("should support not only function as FallbackComponent", () => {
const consoleError = console.error as MockedFunction<(args: unknown[]) => void>

const FancyFallback = forwardRef(({error}: ErrorFallbackProps) => (
const FancyFallback = React.forwardRef(({error}: ErrorFallbackProps) => (
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why these changes?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had problem passing these tests, forwardRef was not defined. Adding the React indicator fixed that problème.

@@ -98,7 +98,7 @@ describe("publicDataStore", () => {
ret = data
})
getPublicDataStore().clear()
expect(ret).toEqual({userId: null, role: null})
expect(ret).toEqual({userId: null, roles: ["user"]})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔨 do not change existing tests.

.changeset/great-emus-confess.md Outdated Show resolved Hide resolved
"@blitzjs/recipe-vanilla-extract": major
---

I have changed User model in all of Prisma's schemas. I've changed the role key, changing it from a single string to an array of string called "roles". Then, I've changed all of functions where user is created to grant him a default roles array ["user"] instead of a single string "user". I've also changed all of types that where related to User's role and I've changed line 351 of file "blitz/packages/blitz-auth/src/client/index.tsx", to make the condition accept an array of string for roles.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔨 this is a user facing changeset that will be present in the github release, so the text here should be on the user facing changes implemented here

@siddhsuresh siddhsuresh changed the title Link issue via "Closes #[4256] Page role authentication does not work when using roles instead of role Jan 13, 2024
cmoileo and others added 7 commits January 14, 2024 17:46
Co-authored-by: Siddharth Suresh <siddh.suresh@gmail.com>
Co-authored-by: Siddharth Suresh <siddh.suresh@gmail.com>
Co-authored-by: Siddharth Suresh <siddh.suresh@gmail.com>
Co-authored-by: Siddharth Suresh <siddh.suresh@gmail.com>
where it didn't need to be changed
@cmoileo
Copy link
Author

cmoileo commented Jan 14, 2024

Hello @siddhsuresh, thank's for your review ! :)

I've removed every changes that are outside the packages/blitz-auth/src/client/index.tsx file, and I've pushed the changes. Don't we need to changes the User model aswell ?I juste reset as it where before.

@siddhsuresh
Copy link
Member

Don't we need to changes the User model aswell ?I juste reset as it where before.

@cmoileo no we do not need to change the User model, the role and roles are used for a given session's publicData which is user defined and configurable, with a few preset attributes like role and roles.

These are configurable in the types.ts file and the blitz-(server|client).ts files.

On a basic relook, the build will fail with the current changes, please address it when you can. Thanks!

@flybayer
Copy link
Member

flybayer commented Feb 6, 2024

Hey, going to close this for now. Feel free to open a new PR once everything is fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

4 participants