Skip to content

Commit

Permalink
api: add document checks before sharing
Browse files Browse the repository at this point in the history
- before sharing a document it should be checked if document exists and if it is a document stored in the storage service
  • Loading branch information
Moldovan, Georgia committed Mar 23, 2022
1 parent 1011208 commit fa3b4df
Show file tree
Hide file tree
Showing 3 changed files with 55 additions and 6 deletions.
17 changes: 17 additions & 0 deletions api/src/service/document_share.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import * as Cache from "./cache2";
import { ConnToken } from "./conn";
import { sourceSecrets } from "./domain/document/document_eventsourcing";
import * as DocumentShare from "./domain/document/document_share";
import * as DocumentGet from "./domain/document/document_get";
import * as SecretGet from "./domain/document/secret_get";
import { ServiceUser } from "./domain/organization/service_user";
import * as PublicKeyGet from "./public_key_get";
Expand Down Expand Up @@ -54,6 +55,22 @@ export async function documentShare(
getWorkflowitem: async (projectId, subprojectId, workflowitemId) => {
return cache.getWorkflowitem(projectId, subprojectId, workflowitemId);
},
getDocumentInfo: async (docId) => {
return DocumentGet.getDocumentInfo(ctx, docId, {
getDocumentsEvents: async () => {
return cache.getDocumentUploadedEvents();
},
getAllProjects: async () => {
return cache.getProjects();
},
getAllSubprojects: async (projectId) => {
return cache.getSubprojects(projectId);
},
getAllWorkflowitems: async (projectId, subprojectId) => {
return cache.getWorkflowitems(projectId, subprojectId);
},
});
},
});
});

Expand Down
27 changes: 21 additions & 6 deletions api/src/service/domain/document/document_share.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import * as Workflowitem from "../workflow/workflowitem";
import { NotAuthorized } from "../errors/not_authorized";
import { PreconditionError } from "../errors/precondition_error";
import logger from "lib/logger";
import * as DocumentUploaded from "../document/document_uploaded";

type Base64String = string;

Expand All @@ -32,6 +33,7 @@ interface Repository {
subprojectId: string,
workflowitemId: string,
): Promise<Result.Type<Workflowitem.Workflowitem>>;
getDocumentInfo(docId: string): Promise<Result.Type<DocumentUploaded.Document | undefined>>;
}

export async function shareDocument(
Expand All @@ -48,6 +50,25 @@ export async function shareDocument(
// if secret is already published for this document and organization no event is created
const alreadyPublished = await repository.secretAlreadyExists(docId, organization);
if (alreadyPublished) {
logger.debug(
{ docId, publisherOrganization },
"Secret is already shared with this organization",
);
return undefined;
}

const workflowitem = await repository.getWorkflowitem(projectId, subprojectId, workflowitemId);
if (Result.isErr(workflowitem)) {
return new VError(" Error while fetching workflowitem!");
}

const { documents } = workflowitem;
if (!documents.some((doc) => doc.id === docId)) {
return new VError(`No documents with id ${docId} found in workflowitem ${workflowitemId}`);
}
const documentInfo = await repository.getDocumentInfo(docId);
if (!documentInfo) {
logger.debug({ docId, workflowitemId }, "No such document attached to this workflowitem");
return undefined;
}

Expand Down Expand Up @@ -114,12 +135,6 @@ export async function shareDocument(
);
}

const workflowitem = await repository.getWorkflowitem(projectId, subprojectId, workflowitemId);

if (Result.isErr(workflowitem)) {
return new VError(" Error while fetching workflowitem!");
}

const intent = "workflowitem.intent.grantPermission";

logger.trace(
Expand Down
17 changes: 17 additions & 0 deletions api/src/service/workflowitem_permission_grant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import * as Result from "../result";
import * as Cache from "./cache2";
import { ConnToken } from "./conn";
import * as DocumentShare from "./domain/document/document_share";
import * as DocumentGet from "./domain/document/document_get";
import * as SecretGet from "./domain/document/secret_get";
import { Identity } from "./domain/organization/identity";
import { ServiceUser } from "./domain/organization/service_user";
Expand Down Expand Up @@ -92,6 +93,22 @@ export async function grantWorkflowitemPermission(
getWorkflowitem: async (projectId, subprojectId, workflowitemId) => {
return cache.getWorkflowitem(projectId, subprojectId, workflowitemId);
},
getDocumentInfo: async (docId) => {
return DocumentGet.getDocumentInfo(ctx, docId, {
getDocumentsEvents: async () => {
return cache.getDocumentUploadedEvents();
},
getAllProjects: async () => {
return cache.getProjects();
},
getAllSubprojects: async (projectId) => {
return cache.getSubprojects(projectId);
},
getAllWorkflowitems: async (projectId, subprojectId) => {
return cache.getWorkflowitems(projectId, subprojectId);
},
});
},
},
),
groupExists: async (group) => GroupQuery.groupExists(conn, ctx, serviceUser, group),
Expand Down

0 comments on commit fa3b4df

Please sign in to comment.