calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-06-23 15:51:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix inline policy fields in resource update response

Browse Source
This commit is contained in:
Ritwij Aryan Parmar
2026-06-17 14:36:34 -04:00
parent 16c0f4eef4
commit 95c3f74a33
4 changed files with 103 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/routers/resource/getResource.ts
View File

@@ -9,6 +9,7 @@ import { NextFunction, Request, Response } from "express";
import createHttpError from "http-errors"; import createHttpError from "http-errors";
import { z } from "zod"; import { z } from "zod";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { applyInlinePolicyFields } from "./inlinePolicyFields";
const getResourceSchema = z.strictObject({ const getResourceSchema = z.strictObject({
resourceId: z resourceId: z
@@ -151,13 +152,7 @@ export async function getResource(
const policy = await queryInlinePolicy( const policy = await queryInlinePolicy(
resource.defaultResourcePolicyId! resource.defaultResourcePolicyId!
); );
returnData = { returnData = applyInlinePolicyFields(returnData, policy);
...returnData,
sso: policy?.sso || null,
emailWhitelistEnabled: policy?.emailWhitelistEnabled || null,
applyRules: policy?.applyRules || null,
skipToIdpId: policy?.idpId || null
};
} }
return response<GetResourceResponse>(res, { return response<GetResourceResponse>(res, {

74
server/routers/resource/inlinePolicyFields.test.ts Normal file
View File

@@ -0,0 +1,74 @@
import { assertEquals } from "../../../test/assert";
import { applyInlinePolicyFields } from "./inlinePolicyFields";
function runTests() {
const resource = {
resourceId: 1,
name: "dashboard",
sso: null,
emailWhitelistEnabled: null,
applyRules: null,
skipToIdpId: null
} as any;
const enabledPolicy = {
sso: true,
emailWhitelistEnabled: true,
applyRules: true,
idpId: 42
};
const enabledResult = applyInlinePolicyFields(resource, enabledPolicy);
assertEquals(enabledResult.sso, true, "sso should mirror policy true");
assertEquals(
enabledResult.emailWhitelistEnabled,
true,
"email whitelist should mirror policy true"
);
assertEquals(
enabledResult.applyRules,
true,
"applyRules should mirror policy true"
);
assertEquals(
enabledResult.skipToIdpId,
42,
"skipToIdpId should use policy idpId"
);
const disabledPolicy = {
sso: false,
emailWhitelistEnabled: false,
applyRules: false,
idpId: null
};
const disabledResult = applyInlinePolicyFields(resource, disabledPolicy);
assertEquals(disabledResult.sso, false, "sso false must not become null");
assertEquals(
disabledResult.emailWhitelistEnabled,
false,
"email whitelist false must not become null"
);
assertEquals(
disabledResult.applyRules,
false,
"applyRules false must not become null"
);
assertEquals(
disabledResult.skipToIdpId,
null,
"missing idp should stay null"
);
const missingPolicyResult = applyInlinePolicyFields(resource, null);
assertEquals(
missingPolicyResult.sso,
null,
"missing policy should return nullable resource fields"
);
console.log("PASS: inline policy fields mirror policy values");
}
runTests();

19
server/routers/resource/inlinePolicyFields.ts Normal file
View File

@@ -0,0 +1,19 @@
import type { Resource, ResourcePolicy } from "@server/db";
type InlinePolicyFields = Pick<
ResourcePolicy,
"sso" | "emailWhitelistEnabled" | "applyRules" | "idpId"
>;
export function applyInlinePolicyFields<T extends Resource>(
resource: T,
policy: InlinePolicyFields | null | undefined
): T {
return {
...resource,
sso: policy?.sso ?? null,
emailWhitelistEnabled: policy?.emailWhitelistEnabled ?? null,
applyRules: policy?.applyRules ?? null,
skipToIdpId: policy?.idpId ?? null
};
}

9
server/routers/resource/updateResource.ts
View File

@@ -47,6 +47,7 @@ import { build } from "@server/build";
import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed"; import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed";
import { tierMatrix } from "@server/lib/billing/tierMatrix"; import { tierMatrix } from "@server/lib/billing/tierMatrix";
import { isSubscribed } from "#dynamic/lib/isSubscribed"; import { isSubscribed } from "#dynamic/lib/isSubscribed";
import { applyInlinePolicyFields } from "./inlinePolicyFields";
const updateResourceParamsSchema = z.strictObject({ const updateResourceParamsSchema = z.strictObject({
resourceId: z.coerce.number().int().positive() resourceId: z.coerce.number().int().positive()
@@ -682,6 +683,12 @@ async function updateHttpResource(
.where(eq(resourcePolicies.resourcePolicyId, policyId)); .where(eq(resourcePolicies.resourcePolicyId, policyId));
} }
const [inlinePolicy] = await db
.select()
.from(resourcePolicies)
.where(eq(resourcePolicies.resourcePolicyId, policyId))
.limit(1);
const updatedResource = await db const updatedResource = await db
.update(resources) .update(resources)
.set({ ...resourceOnlyData, headers }) .set({ ...resourceOnlyData, headers })
@@ -698,7 +705,7 @@ async function updateHttpResource(
} }
return response(res, { return response(res, {
data: updatedResource[0], data: applyInlinePolicyFields(updatedResource[0], inlinePolicy),
success: true, success: true,
error: false, error: false,
message: "HTTP resource updated successfully", message: "HTTP resource updated successfully",