Skip to content

Proper 409 with customIDs #2652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Meldiron wants to merge 5 commits into from
Closed

Proper 409 with customIDs #2652

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
367ed37
Added 409 errors for anonymous session and magicURL when using customID
Meldiron Jan 20, 2022
6780a78
More missing duplicate exceptions
Meldiron Jan 20, 2022
a8bad0b
Added 409 tests
Meldiron Jan 26, 2022
2e37439
Merge branch 'master' into fix-magicurl-existing-id
Meldiron Jan 26, 2022
2102084
Merge branch 'master' of github.com:appwrite/appwrite into fix-magicu…
eldadfux Feb 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 23 additions & 18 deletions app/controllers/api/account.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -667,24 +667,28 @@

$userId = $userId == 'unique()' ? $dbForProject->getId() : $userId;

$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$read' => ['role:all'],
'$write' => ['user:' . $userId],
'email' => $email,
'emailVerification' => false,
'status' => true,
'password' => null,
'passwordUpdate' => \time(),
'registration' => \time(),
'reset' => false,
'prefs' => new \stdClass(),
'sessions' => [],
'tokens' => [],
'memberships' => [],
'search' => implode(' ', [$userId, $email]),
'deleted' => false
])));
try {
$user = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$read' => ['role:all'],
'$write' => ['user:' . $userId],
'email' => $email,
'emailVerification' => false,
'status' => true,
'password' => null,
'passwordUpdate' => \time(),
'registration' => \time(),
'reset' => false,
'prefs' => new \stdClass(),
'sessions' => [],
'tokens' => [],
'memberships' => [],
'search' => implode(' ', [$userId, $email]),
'deleted' => false
])));
} catch (Duplicate $th) {
throw new Exception('Account already exists', 409);
}

$mails->setParam('event', 'users.create');
$audits->setParam('event', 'users.create');
Expand Down Expand Up @@ -938,6 +942,7 @@
}

$userId = $dbForProject->getId();

$user = Authorization::skip(fn() => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$read' => ['role:all'],
Expand Down
58 changes: 31 additions & 27 deletions app/controllers/api/functions.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,23 +54,27 @@
/** @var Utopia\Database\Database $dbForProject */

$functionId = ($functionId == 'unique()') ? $dbForProject->getId() : $functionId;
$function = $dbForProject->createDocument('functions', new Document([
'$id' => $functionId,
'execute' => $execute,
'dateCreated' => time(),
'dateUpdated' => time(),
'status' => 'disabled',
'name' => $name,
'runtime' => $runtime,
'tag' => '',
'vars' => $vars,
'events' => $events,
'schedule' => $schedule,
'schedulePrevious' => 0,
'scheduleNext' => 0,
'timeout' => $timeout,
'search' => implode(' ', [$functionId, $name, $runtime]),
]));
try {
$function = $dbForProject->createDocument('functions', new Document([
'$id' => $functionId,
'execute' => $execute,
'dateCreated' => time(),
'dateUpdated' => time(),
'status' => 'disabled',
'name' => $name,
'runtime' => $runtime,
'tag' => '',
'vars' => $vars,
'events' => $events,
'schedule' => $schedule,
'schedulePrevious' => 0,
'scheduleNext' => 0,
'timeout' => $timeout,
'search' => implode(' ', [$functionId, $name, $runtime]),
]));
} catch (Duplicate $th) {
throw new Exception('Function already exists', 409);
}

$response->setStatusCode(Response::STATUS_CODE_CREATED);
$response->dynamic($function, Response::MODEL_FUNCTION);
Expand Down Expand Up @@ -141,7 +145,7 @@
return $runtimes[$key];
}, array_keys($runtimes));

$response->dynamic(new Document([
$response->dynamic(new Document([
'sum' => count($runtimes),
'runtimes' => $runtimes
]), Response::MODEL_RUNTIME_LIST);
Expand Down Expand Up @@ -199,7 +203,7 @@
if ($function->isEmpty()) {
throw new Exception('Function not found', 404);
}

$usage = [];
if(App::getEnv('_APP_USAGE_STATS', 'enabled') == 'enabled') {
$periods = [
Expand All @@ -220,10 +224,10 @@
'limit' => 90,
],
];

$metrics = [
"functions.$functionId.executions",
"functions.$functionId.failures",
"functions.$functionId.executions",
"functions.$functionId.failures",
"functions.$functionId.compute"
];

Expand All @@ -238,7 +242,7 @@
new Query('period', Query::TYPE_EQUAL, [$period]),
new Query('metric', Query::TYPE_EQUAL, [$metric]),
], $limit, 0, ['time'], [Database::ORDER_DESC]);

$stats[$metric] = [];
foreach ($requestDocs as $requestDoc) {
$stats[$metric][] = [
Expand All @@ -262,7 +266,7 @@
$backfill--;
}
$stats[$metric] = array_reverse($stats[$metric]);
}
}
});

$usage = new Document([
Expand Down Expand Up @@ -494,11 +498,11 @@
// Save to storage
$size = $device->getFileSize($file['tmp_name']);
$path = $device->getPath(\uniqid().'.'.\pathinfo($file['name'], PATHINFO_EXTENSION));

if (!$device->upload($file['tmp_name'], $path)) { // TODO deprecate 'upload' and replace with 'move'
throw new Exception('Failed moving file', 500);
}

$tagId = $dbForProject->getId();
$tag = $dbForProject->createDocument('tags', new Document([
'$id' => $tagId,
Expand Down Expand Up @@ -639,7 +643,7 @@
if ($function->isEmpty()) {
throw new Exception('Function not found', 404);
}

$tag = $dbForProject->getDocument('tags', $tagId);

if ($tag->getAttribute('functionId') !== $function->getId()) {
Expand Down
54 changes: 29 additions & 25 deletions app/controllers/api/projects.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,31 +76,35 @@
}

$projectId = ($projectId == 'unique()') ? $dbForConsole->getId() : $projectId;
$project = $dbForConsole->createDocument('projects', new Document([
'$id' => $projectId == 'unique()' ? $dbForConsole->getId() : $projectId,
'$read' => ['team:' . $teamId],
'$write' => ['team:' . $teamId . '/owner', 'team:' . $teamId . '/developer'],
'name' => $name,
'teamId' => $team->getId(),
'description' => $description,
'logo' => $logo,
'url' => $url,
'version' => APP_VERSION_STABLE,
'legalName' => $legalName,
'legalCountry' => $legalCountry,
'legalState' => $legalState,
'legalCity' => $legalCity,
'legalAddress' => $legalAddress,
'legalTaxId' => $legalTaxId,
'services' => new stdClass(),
'platforms' => null,
'providers' => [],
'webhooks' => null,
'keys' => null,
'domains' => null,
'auths' => $auths,
'search' => implode(' ', [$projectId, $name]),
]));
try {
$project = $dbForConsole->createDocument('projects', new Document([
'$id' => $projectId == 'unique()' ? $dbForConsole->getId() : $projectId,
'$read' => ['team:' . $teamId],
'$write' => ['team:' . $teamId . '/owner', 'team:' . $teamId . '/developer'],
'name' => $name,
'teamId' => $team->getId(),
'description' => $description,
'logo' => $logo,
'url' => $url,
'version' => APP_VERSION_STABLE,
'legalName' => $legalName,
'legalCountry' => $legalCountry,
'legalState' => $legalState,
'legalCity' => $legalCity,
'legalAddress' => $legalAddress,
'legalTaxId' => $legalTaxId,
'services' => new stdClass(),
'platforms' => null,
'providers' => [],
'webhooks' => null,
'keys' => null,
'domains' => null,
'auths' => $auths,
'search' => implode(' ', [$projectId, $name]),
]));
} catch (Duplicate $th) {
throw new Exception('Project already exists', 409);
}

$collections = Config::getParam('collections', []); /** @var array $collections */

Expand Down
44 changes: 24 additions & 20 deletions app/controllers/api/storage.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,26 +147,30 @@
$sizeActual = $device->getFileSize($path);

$fileId = ($fileId == 'unique()') ? $dbForProject->getId() : $fileId;
$file = $dbForProject->createDocument('files', new Document([
'$id' => $fileId,
'$read' => (is_null($read) && !$user->isEmpty()) ? ['user:'.$user->getId()] : $read ?? [], // By default set read permissions for user
'$write' => (is_null($write) && !$user->isEmpty()) ? ['user:'.$user->getId()] : $write ?? [], // By default set write permissions for user
'dateCreated' => \time(),
'bucketId' => '',
'name' => $file['name'] ?? '',
'path' => $path,
'signature' => $device->getFileHash($path),
'mimeType' => $mimeType,
'sizeOriginal' => $size,
'sizeActual' => $sizeActual,
'algorithm' => $compressor->getName(),
'comment' => '',
'openSSLVersion' => '1',
'openSSLCipher' => OpenSSL::CIPHER_AES_128_GCM,
'openSSLTag' => \bin2hex($tag ?? ''),
'openSSLIV' => \bin2hex($iv),
'search' => implode(' ', [$fileId, $file['name'] ?? '',]),
]));
try {
$file = $dbForProject->createDocument('files', new Document([
'$id' => $fileId,
'$read' => (is_null($read) && !$user->isEmpty()) ? ['user:'.$user->getId()] : $read ?? [], // By default set read permissions for user
'$write' => (is_null($write) && !$user->isEmpty()) ? ['user:'.$user->getId()] : $write ?? [], // By default set write permissions for user
'dateCreated' => \time(),
'bucketId' => '',
'name' => $file['name'] ?? '',
'path' => $path,
'signature' => $device->getFileHash($path),
'mimeType' => $mimeType,
'sizeOriginal' => $size,
'sizeActual' => $sizeActual,
'algorithm' => $compressor->getName(),
'comment' => '',
'openSSLVersion' => '1',
'openSSLCipher' => OpenSSL::CIPHER_AES_128_GCM,
'openSSLTag' => \bin2hex($tag ?? ''),
'openSSLIV' => \bin2hex($iv),
'search' => implode(' ', [$fileId, $file['name'] ?? '',]),
]));
} catch (Duplicate $th) {
throw new Exception('File already exists', 409);
}

$audits
->setParam('event', 'storage.files.create')
Expand Down
22 changes: 13 additions & 9 deletions app/controllers/api/teams.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,15 +52,19 @@
$isAppUser = Auth::isAppUser(Authorization::getRoles());

$teamId = $teamId == 'unique()' ? $dbForProject->getId() : $teamId;
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
'$id' => $teamId ,
'$read' => ['team:'.$teamId],
'$write' => ['team:'.$teamId .'/owner'],
'name' => $name,
'sum' => ($isPrivilegedUser || $isAppUser) ? 0 : 1,
'dateCreated' => \time(),
'search' => implode(' ', [$teamId, $name]),
])));
try {
$team = Authorization::skip(fn() => $dbForProject->createDocument('teams', new Document([
'$id' => $teamId ,
'$read' => ['team:'.$teamId],
'$write' => ['team:'.$teamId .'/owner'],
'name' => $name,
'sum' => ($isPrivilegedUser || $isAppUser) ? 0 : 1,
'dateCreated' => \time(),
'search' => implode(' ', [$teamId, $name]),
])));
} catch (Duplicate $th) {
throw new Exception('Team already exists', 409);
}

if (!$isPrivilegedUser && !$isAppUser) { // Don't add user on server mode
$membership = new Document([
Expand Down
21 changes: 21 additions & 0 deletions tests/e2e/Services/Functions/FunctionsCustomServerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,27 @@ public function testCreate():array
/**
* Test for FAILURE
*/
$response1 = $this->client->call(Client::METHOD_POST, '/functions', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'functionId' => $functionId,
'name' => 'Test',
'runtime' => 'php-8.0',
'vars' => [
'funcKey1' => 'funcValue1',
'funcKey2' => 'funcValue2',
'funcKey3' => 'funcValue3',
],
'events' => [
'account.create',
'account.delete',
],
'schedule' => '0 0 1 1 *',
'timeout' => 10,
]);

$this->assertEquals(409, $response1['headers']['status-code']);

return [
'functionId' => $functionId,
Expand Down
13 changes: 12 additions & 1 deletion tests/e2e/Services/Storage/StorageBase.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
use CURLFile;
use Tests\E2E\Client;
use Utopia\Database\Database;
use Utopia\Image\Image;

trait StorageBase
{
Expand Down Expand Up @@ -34,6 +33,18 @@ public function testCreateFile():array
/**
* Test for FAILURE
*/
$file = $this->client->call(Client::METHOD_POST, '/storage/files', array_merge([
'content-type' => 'multipart/form-data',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'fileId' => $file['body']['$id'],
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/logo.png'), 'image/png', 'logo.png'),
'read' => ['role:all'],
'write' => ['role:all'],
]);

$this->assertEquals(409, $file['headers']['status-code']);

return ['fileId' => $file['body']['$id']];
}

Expand Down
11 changes: 11 additions & 0 deletions tests/e2e/Services/Teams/TeamsBase.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,17 @@ public function testCreateTeam():array

$this->assertEquals(400, $response['headers']['status-code']);


$response1 = $this->client->call(Client::METHOD_POST, '/teams', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'teamId' => $teamUid,
'name' => 'Arsenal'
]);

$this->assertEquals(409, $response1['headers']['status-code']);

return ['teamUid' => $teamUid, 'teamName' => $teamName];
}

Expand Down