diff --git a/src/Database/Validator/Roles.php b/src/Database/Validator/Roles.php index 0306118e7..1482c5c28 100644 --- a/src/Database/Validator/Roles.php +++ b/src/Database/Validator/Roles.php @@ -237,8 +237,9 @@ protected function isValidRole( string $identifier, string $dimension ): bool { - $key = new Key(); - $label = new Label(); + $identifierValidator = new Key(); + $labelValidator = new Label(); + $dimensionValidator = new Key(maxLength: 60); $config = self::CONFIG[$role] ?? null; @@ -265,11 +266,11 @@ protected function isValidRole( // Allowed and has an invalid identifier if ($allowed && !empty($identifier)) { - if ($role === self::ROLE_LABEL && !$label->isValid($identifier)) { - $this->message = 'Role "' . $role . '"' . ' identifier value is invalid: ' . $label->getDescription(); + if ($role === self::ROLE_LABEL && !$labelValidator->isValid($identifier)) { + $this->message = 'Role "' . $role . '"' . ' identifier value is invalid: ' . $labelValidator->getDescription(); return false; - } elseif ($role !== self::ROLE_LABEL && !$key->isValid($identifier)) { - $this->message = 'Role "' . $role . '"' . ' identifier value is invalid: ' . $key->getDescription(); + } elseif ($role !== self::ROLE_LABEL && !$identifierValidator->isValid($identifier)) { + $this->message = 'Role "' . $role . '"' . ' identifier value is invalid: ' . $identifierValidator->getDescription(); return false; } } @@ -300,8 +301,8 @@ protected function isValidRole( return false; } // Allowed and dimension is not a valid key - if (!$key->isValid($dimension)) { - $this->message = 'Role "' . $role . '"' . ' dimension value is invalid: ' . $key->getDescription(); + if (!$dimensionValidator->isValid($dimension)) { + $this->message = 'Role "' . $role . '"' . ' dimension value is invalid: ' . $dimensionValidator->getDescription(); return false; } } diff --git a/tests/unit/RoleTest.php b/tests/unit/RoleTest.php index c16bbf5a7..2c1cbee27 100644 --- a/tests/unit/RoleTest.php +++ b/tests/unit/RoleTest.php @@ -40,6 +40,16 @@ public function testOutputFromString(): void $this->assertEquals('123', $role->getIdentifier()); $this->assertEquals('456', $role->getDimension()); + $role = Role::parse('team:123/project-456-owner'); + $this->assertEquals('team', $role->getRole()); + $this->assertEquals('123', $role->getIdentifier()); + $this->assertEquals('project-456-owner', $role->getDimension()); + + $role = Role::parse('team:123/project-456'); + $this->assertEquals('team', $role->getRole()); + $this->assertEquals('123', $role->getIdentifier()); + $this->assertEquals('project-456', $role->getDimension()); + $role = Role::parse('user:123/verified'); $this->assertEquals('user', $role->getRole()); $this->assertEquals('123', $role->getIdentifier()); @@ -76,6 +86,12 @@ public function testInputFromParameters(): void $role = new Role('team', '123', '456'); $this->assertEquals('team:123/456', $role->toString()); + $role = new Role('team', '123', 'project-456-owner'); + $this->assertEquals('team:123/project-456-owner', $role->toString()); + + $role = new Role('team', '123', 'project-456'); + $this->assertEquals('team:123/project-456', $role->toString()); + $role = new Role('label', 'vip'); $this->assertEquals('label:vip', $role->toString()); } @@ -100,6 +116,12 @@ public function testInputFromRoles(): void $role = Role::team(ID::custom('123'), '456'); $this->assertEquals('team:123/456', $role->toString()); + $role = Role::team(ID::custom('123'), 'project-456-owner'); + $this->assertEquals('team:123/project-456-owner', $role->toString()); + + $role = Role::team(ID::custom('123'), 'project-456'); + $this->assertEquals('team:123/project-456', $role->toString()); + $role = Role::label('vip'); $this->assertEquals('label:vip', $role->toString()); } diff --git a/tests/unit/Validator/PermissionsTest.php b/tests/unit/Validator/PermissionsTest.php index 70f2df0f1..aac7c5458 100644 --- a/tests/unit/Validator/PermissionsTest.php +++ b/tests/unit/Validator/PermissionsTest.php @@ -290,7 +290,7 @@ public function testInvalidPermissions(): void $this->assertFalse($object->isValid([Permission::read(Role::team(ID::custom('ab&cd3'), 'efgh'))])); $this->assertEquals('Role "team" identifier value is invalid: Parameter must contain at most 36 chars. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char', $object->getDescription()); $this->assertFalse($object->isValid([Permission::read(Role::team(ID::custom('abcd'), 'ef*gh'))])); - $this->assertEquals('Role "team" dimension value is invalid: Parameter must contain at most 36 chars. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char', $object->getDescription()); + $this->assertEquals('Role "team" dimension value is invalid: Parameter must contain at most 60 chars. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char', $object->getDescription()); // Permission-list length must be valid $object = new Permissions(100); diff --git a/tests/unit/Validator/RolesTest.php b/tests/unit/Validator/RolesTest.php index e30921f36..a0ac63ed7 100644 --- a/tests/unit/Validator/RolesTest.php +++ b/tests/unit/Validator/RolesTest.php @@ -3,6 +3,7 @@ namespace Tests\Unit\Validator; use PHPUnit\Framework\TestCase; +use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Role; use Utopia\Database\Validator\Roles; @@ -23,6 +24,12 @@ public function testValidRole(): void { $object = new Roles(); $this->assertTrue($object->isValid([Role::users()->toString()])); + $this->assertTrue($object->isValid([Role::users(Roles::DIMENSION_VERIFIED)->toString()])); + $this->assertTrue($object->isValid([Role::users(Roles::DIMENSION_UNVERIFIED)->toString()])); + $this->assertTrue($object->isValid([Role::team(ID::custom('696f34ea003d48edab8e'))->toString()])); + $this->assertTrue($object->isValid([Role::team(ID::custom('696f34ea003d48edab8e'), 'project-696f34ea003d48edab8e-owner')->toString()])); + $this->assertTrue($object->isValid([Role::team(ID::custom('696f34ea003d48edab8e'), 'project-696f34ea003d48edab8e')->toString()])); + $this->assertTrue($object->isValid([Role::label('vip')->toString()])); } public function testNotAnArray(): void