Skip to content

Commit

Permalink
Merge branch 'BC-5629-batch-deletion-mechanism' of https://github.com…
Browse files Browse the repository at this point in the history
…/hpi-schul-cloud/schulcloud-server into BC-5629-batch-deletion-mechanism
  • Loading branch information
bn-pass committed Nov 8, 2023
2 parents abc6656 + 8706f50 commit e057fe0
Show file tree
Hide file tree
Showing 9 changed files with 83 additions and 44 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,7 @@ describe('Login Controller (api)', () => {
expect(decodedToken).toHaveProperty('accountId');
expect(decodedToken).toHaveProperty('schoolId');
expect(decodedToken).toHaveProperty('roles');
expect(decodedToken).toHaveProperty('isExternalUser');
expect(decodedToken).not.toHaveProperty('externalIdToken');
});
});
Expand Down Expand Up @@ -287,7 +288,7 @@ describe('Login Controller (api)', () => {
roles: [studentRole.id],
schoolId: school.id,
accountId: account.id,
isExternalUser: false,
isExternalUser: true,
});
expect(decodedToken).not.toHaveProperty('externalIdToken');
});
Expand Down
1 change: 1 addition & 0 deletions apps/server/src/modules/authentication/interface/index.ts
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
export * from './user';
export * from './oauth-current-user';
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
import { ICurrentUser } from './user';

export interface OauthCurrentUser extends ICurrentUser {
/** Contains the idToken of the external idp. Will be set during oAuth2 login and used for rp initiated logout */
externalIdToken?: string;
}
7 changes: 1 addition & 6 deletions apps/server/src/modules/authentication/interface/user.ts
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,6 @@ export interface ICurrentUser {
/** True if a support member impersonates the user */
impersonated?: boolean;

/** True if the user is an external user e.g. an oauth user */
/** True if the user is an external user e.g. an oauth user or ldap user */
isExternalUser: boolean;
}

export interface OauthCurrentUser extends ICurrentUser {
/** Contains the idToken of the external idp. Will be set during oAuth2 login and used for rp initiated logout */
externalIdToken?: string;
}
Original file line number Diff line number Diff line change
Expand Up @@ -15,42 +15,78 @@ describe('CurrentUserMapper', () => {

describe('userToICurrentUser', () => {
describe('when mapping from a user entity to the current user object', () => {
it('should map with roles', () => {
const teacherRole = roleFactory.buildWithId({ name: RoleName.TEACHER, permissions: [Permission.STUDENT_EDIT] });
const user = userFactory.buildWithId({
roles: [teacherRole],
});
const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user);
expect(currentUser).toMatchObject({
accountId,
systemId: undefined,
roles: [teacherRole.id],
schoolId: null,
describe('when user has roles', () => {
const setup = () => {
const teacherRole = roleFactory.buildWithId({
name: RoleName.TEACHER,
permissions: [Permission.STUDENT_EDIT],
});
const user = userFactory.buildWithId({
roles: [teacherRole],
});

return {
teacherRole,
user,
};
};

it('should map with roles', () => {
const { teacherRole, user } = setup();

const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user, false);

expect(currentUser).toMatchObject({
accountId,
systemId: undefined,
roles: [teacherRole.id],
schoolId: null,
isExternalUser: false,
});
});
});

it('should map without roles', () => {
const user = userFactory.buildWithId();
const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user);
expect(currentUser).toMatchObject({
accountId,
systemId: undefined,
roles: [],
schoolId: null,
describe('when user has no roles', () => {
it('should map without roles', () => {
const user = userFactory.buildWithId();

const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user, true);

expect(currentUser).toMatchObject({
accountId,
systemId: undefined,
roles: [],
schoolId: null,
isExternalUser: true,
});
});
});

it('should map system and school', () => {
const user = userFactory.buildWithId({
school: schoolFactory.buildWithId(),
});
const systemId = 'mockSystemId';
const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user, systemId);
expect(currentUser).toMatchObject({
accountId,
systemId,
roles: [],
schoolId: user.school.id,
describe('when systemId is provided', () => {
const setup = () => {
const user = userFactory.buildWithId({
school: schoolFactory.buildWithId(),
});
const systemId = 'mockSystemId';

return {
user,
systemId,
};
};

it('should map system and school', () => {
const { user, systemId } = setup();

const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(accountId, user, false, systemId);

expect(currentUser).toMatchObject({
accountId,
systemId,
roles: [],
schoolId: user.school.id,
isExternalUser: false,
});
});
});
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,14 @@ import { ICurrentUser, OauthCurrentUser } from '../interface';
import { CreateJwtPayload, JwtPayload } from '../interface/jwt-payload';

export class CurrentUserMapper {
static userToICurrentUser(accountId: string, user: User, systemId?: string): ICurrentUser {
static userToICurrentUser(accountId: string, user: User, isExternalUser: boolean, systemId?: string): ICurrentUser {
return {
accountId,
systemId,
roles: user.roles.getItems().map((role: Role) => role.id),
schoolId: user.school.id,
userId: user.id,
isExternalUser: false,
isExternalUser,
};
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -436,7 +436,7 @@ describe('LdapStrategy', () => {
schoolId: school.id,
systemId: system.id,
accountId: account.id,
isExternalUser: false,
isExternalUser: true,
});
});
});
Expand Down Expand Up @@ -501,7 +501,7 @@ describe('LdapStrategy', () => {
schoolId: school.id,
systemId: system.id,
accountId: account.id,
isExternalUser: false,
isExternalUser: true,
});
});
});
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
import { AccountDto } from '@modules/account/services/dto';
import { Injectable, UnauthorizedException } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { LegacySchoolDo, SystemEntity, User } from '@shared/domain';
import { LegacySchoolRepo, SystemRepo, UserRepo } from '@shared/repo';
import { ErrorLoggable } from '@src/core/error/loggable/error.loggable';
import { Logger } from '@src/core/logger';
import { AccountDto } from '@modules/account/services/dto';
import { Strategy } from 'passport-custom';
import { LdapAuthorizationBodyParams } from '../controllers/dto';
import { ICurrentUser } from '../interface';
Expand Down Expand Up @@ -48,7 +48,7 @@ export class LdapStrategy extends PassportStrategy(Strategy, 'ldap') {

await this.checkCredentials(account, system, ldapDn, password);

const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(account.id, user, systemId);
const currentUser: ICurrentUser = CurrentUserMapper.userToICurrentUser(account.id, user, true, systemId);

return currentUser;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ export class LocalStrategy extends PassportStrategy(Strategy) {
new Error(`login failing, because account ${account.id} has no userId`)
);
const user = await this.userRepo.findById(accountUserId, true);
const currentUser = CurrentUserMapper.userToICurrentUser(account.id, user);
const currentUser = CurrentUserMapper.userToICurrentUser(account.id, user, false);
return currentUser;
}

Expand Down

0 comments on commit e057fe0

Please sign in to comment.