rest authorization

rwieruch · Apr 16, 2020 · 38d1c0c · 38d1c0c
1 parent 1551580
commit 38d1c0c
Show file tree

Hide file tree

Showing 16 changed files with 124 additions and 140 deletions.
diff --git a/src/api/authorization/index.ts b/src/api/authorization/index.ts
diff --git a/src/api/authorization/isAdmin.ts b/src/api/authorization/isAdmin.ts
diff --git a/src/api/authorization/isAuthenticated.ts b/src/api/authorization/isAuthenticated.ts
diff --git a/src/api/authorization/isFreeCourse.ts b/src/api/authorization/isFreeCourse.ts
diff --git a/src/api/authorization/isPartner.ts b/src/api/authorization/isPartner.ts
diff --git a/src/api/middleware/resolver/isFreeCourse.ts b/src/api/middleware/resolver/isFreeCourse.ts
@@ -0,0 +1,20 @@
+import { MiddlewareFn } from 'type-graphql';
+
+import { ResolverContext } from '@typeDefs/resolver';
+import storefront from '@data/course-storefront';
+import { COURSE } from '@data/course-keys-types';
+import { BUNDLE } from '@data/bundle-keys-types';
+
+export const isFreeCourse: MiddlewareFn<ResolverContext> = async (
+  { args },
+  next
+) => {
+  const course = storefront[args.courseId as COURSE];
+  const bundle = course.bundles[args.bundleId as BUNDLE];
+
+  if (bundle.price !== 0) {
+    throw new Error('This course is not for free.');
+  }
+
+  return next();
+};
diff --git a/src/api/middleware/resolver/isPartner.ts b/src/api/middleware/resolver/isPartner.ts
@@ -0,0 +1,20 @@
+import { MiddlewareFn } from 'type-graphql';
+import { ForbiddenError } from 'apollo-server';
+
+import { ResolverContext } from '@typeDefs/resolver';
+import { hasPartnerRole } from '@validation/partner';
+
+export const isPartner: MiddlewareFn<ResolverContext> = async (
+  { context },
+  next
+) => {
+  if (!context.me) {
+    throw new ForbiddenError('Not authenticated as user.');
+  }
+
+  if (!hasPartnerRole(context.me)) {
+    throw new Error('No partner user.');
+  }
+
+  return next();
+};
diff --git a/src/api/resolvers/book/index.ts b/src/api/resolvers/book/index.ts
@@ -6,7 +6,9 @@ import {
   Arg,
   Resolver,
   Query,
+  UseMiddleware,
 } from 'type-graphql';
+import { isAuthenticated } from '@api/middleware/resolver/isAuthenticated';
 
 @ObjectType()
 class File {
@@ -29,35 +31,45 @@ class Markdown {
 @Resolver()
 export default class BookResolver {
   @Query(() => File)
+  @UseMiddleware(isAuthenticated)
   async book(
     @Arg('path') path: string,
     @Arg('fileName') fileName: string
-  ) {
-    const data = await s3
+  ): Promise<File> {
+    const { ContentType, Body } = await s3
       .getObject({
         Bucket: bucket,
         Key: path,
       })
       .promise();
 
+    if (!ContentType || !Body) {
+      throw new Error("Book couldn't get downloaded.");
+    }
+
     return {
       fileName,
-      contentType: data.ContentType,
-      body: data?.Body?.toString('base64'),
+      contentType: ContentType,
+      body: Body.toString('base64'),
     };
   }
 
   @Query(() => Markdown)
-  async onlineChapter(@Arg('path') path: string) {
-    const data = await s3
+  @UseMiddleware(isAuthenticated)
+  async onlineChapter(@Arg('path') path: string): Promise<Markdown> {
+    const { Body } = await s3
       .getObject({
         Bucket: bucket,
         Key: path,
       })
       .promise();
 
+    if (!Body) {
+      throw new Error("Chapter couldn't get downloaded.");
+    }
+
     return {
-      body: data?.Body?.toString('base64'),
+      body: Body.toString('base64'),
     };
   }
 }
diff --git a/src/api/resolvers/community/index.ts b/src/api/resolvers/community/index.ts
@@ -1,6 +1,7 @@
-import { Arg, Resolver, Mutation } from 'type-graphql';
+import { Arg, Resolver, Mutation, UseMiddleware } from 'type-graphql';
 
 import { inviteToSlack } from '@services/slack';
+import { isAuthenticated } from '@api/middleware/resolver/isAuthenticated';
 
 // https://api.slack.com/methods/admin.users.invite
 const SLACK_ERRORS: { [key: string]: string } = {
@@ -61,19 +62,20 @@ const SLACK_ERRORS: { [key: string]: string } = {
 @Resolver()
 export default class CommunityResolver {
   @Mutation(() => Boolean)
-  async communityJoin(@Arg('email') email: string) {
+  @UseMiddleware(isAuthenticated)
+  async communityJoin(@Arg('email') email: string): Promise<Boolean> {
     try {
       const result = await inviteToSlack(email);
 
       if (!result) {
-        return new Error('Something went wrong.');
+        throw new Error('Something went wrong.');
       }
 
       if (!result.data.ok) {
-        return new Error(SLACK_ERRORS[result.data.error]);
+        throw new Error(SLACK_ERRORS[result.data.error]);
       }
     } catch (error) {
-      return new Error(error);
+      throw new Error(error);
     }
 
     return true;

diff --git a/src/api/resolvers/course/index.ts b/src/api/resolvers/course/index.ts
@@ -6,6 +6,7 @@ import {
   Resolver,
   Query,
   Mutation,
+  UseMiddleware,
 } from 'type-graphql';
 
 import { StorefrontCourse } from '@api/resolvers/storefront';
@@ -14,6 +15,9 @@ import { createCourse } from '@services/firebase/course';
 import { mergeCourses } from '@services/course';
 import { COURSE } from '@data/course-keys-types';
 import { BUNDLE } from '@data/bundle-keys-types';
+import { isAuthenticated } from '@api/middleware/resolver/isAuthenticated';
+import { isFreeCourse } from '@api/middleware/resolver/isFreeCourse';
+import { isAdmin } from '@api/middleware/resolver/isAdmin';
 
 @ObjectType()
 class CurriculumItem {
@@ -229,17 +233,14 @@ export default class CourseResolver {
     }));
   }
 
-  @Query(() => UnlockedCourse, { nullable: true })
+  @Query(() => UnlockedCourse)
+  @UseMiddleware(isAuthenticated)
   async unlockedCourse(
     @Arg('courseId') courseId: string,
     @Ctx() ctx: ResolverContext
-  ): Promise<UnlockedCourse | null> {
-    if (!ctx.me) {
-      return null;
-    }
-
+  ): Promise<UnlockedCourse> {
     const courses = await ctx.courseConnector.getCoursesByUserIdAndCourseId(
-      ctx.me.uid,
+      ctx.me!.uid,
       courseId as COURSE
     );
 
@@ -253,6 +254,7 @@ export default class CourseResolver {
   }
 
   @Mutation(() => Boolean)
+  @UseMiddleware(isAuthenticated, isFreeCourse)
   async createFreeCourse(
     @Arg('courseId') courseId: string,
     @Arg('bundleId') bundleId: string,
@@ -287,6 +289,7 @@ export default class CourseResolver {
   }
 
   @Mutation(() => Boolean)
+  @UseMiddleware(isAuthenticated, isAdmin)
   async createAdminCourse(
     @Arg('courseId') courseId: string,
     @Arg('bundleId') bundleId: string,

diff --git a/src/api/resolvers/migration/index.ts b/src/api/resolvers/migration/index.ts
@@ -1,9 +1,14 @@
-import { Arg, Resolver, Mutation } from 'type-graphql';
+import { Arg, Resolver, Mutation, UseMiddleware } from 'type-graphql';
+import { isAuthenticated } from '@api/middleware/resolver/isAuthenticated';
+import { isAdmin } from '@api/middleware/resolver/isAdmin';
 
 @Resolver()
 export default class MigrationResolver {
   @Mutation(() => Boolean)
-  async migrate(@Arg('migrationType') migrationType: string) {
+  @UseMiddleware(isAuthenticated, isAdmin)
+  async migrate(
+    @Arg('migrationType') migrationType: string
+  ): Promise<Boolean> {
     switch (migrationType) {
       case 'FOO':
         return true;