#30 - Fixed merge conflicts.

RHoKAustralia · Sep 4, 2018 · d3ac535 · d3ac535
1 parent 9e1b17e
commit d3ac535
Show file tree

Hide file tree

Showing 11 changed files with 2,266 additions and 49 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -52,7 +52,7 @@ jobs:
   services-deploy:
     docker:
       - image: circleci/node:7.10
-    working_directory: ~/carpal/infrastructure/services
+    working_directory: ~/carpal/backend/src
     steps:
       - checkout:
           path: ~/carpal
@@ -67,7 +67,8 @@ jobs:
             - node_modules
           key: v1-dependencies-{{ checksum "package.json" }}
       - run: ./writeSecrets.sh
-      - run: npm run deploy-sls      
+      - run: npm test
+      - run: npm run deploy-sls
 workflows:
   version: 2
   ui-build-deploy:

diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/backend/package.json b/backend/package.json
@@ -5,7 +5,8 @@
     "test": "mocha './src/test/**/*.test.js'",
     "start": "node src/test/expressApis.js",
     "refresh-db": "node ./src/main/database/index.js",
-    "refresh-test-db": "node ./src/test/database/refreshDatabase.js"
+    "refresh-test-db": "node ./src/test/database/refreshDatabase.js",
+    "deploy-sls": "sls deploy"
   },
   "dependencies": {
     "body-parser": "^1.18.3",
@@ -22,6 +23,7 @@
     "aws-sdk": "^2.250.1",
     "chai": "^4.1.2",
     "chai-exclude": "^1.0.9",
-    "mocha": "^5.2.0"
+    "mocha": "^5.2.0",
+    "serverless": "^1.30.1"
   }
 }
diff --git a/backend/src/main/rides/ListRidesService.js b/backend/src/main/rides/ListRidesService.js
@@ -10,30 +10,48 @@ class ListRidesService {
     this._rideRepository = new RideRepository(databaseManager);
   }
 
-  listRides(queryParams, loginData) {
+  listRides(query, loginData) {
     const connection = this._databaseManager.createConnection();
 
-    return this._listRides(queryParams, loginData, connection)
+    return this._listRides(query, loginData, connection)
       .then(rides => rides.map(RidesMapper.entityToDto))
       .finally(() => this._databaseManager.closeConnection(connection));
   }
 
-  _listRides(queryParams, loginData, connection) {
-    let jsonQuery = this._parseParams(queryParams, loginData);
+  _listRides(query, loginData, connection) {
+    let jsonQuery = this._parseParams(query, loginData);
+    if (!jsonQuery) {
+      return Promise.resolve([]);
+    }
     return this._rideRepository.list(jsonQuery, connection);
   }
 
-  _parseParams(queryParams, loginData) {
+  _parseParams(query, loginData) {
+    const listType = query.listType || 'driver';
+    const isAdmin = this._hasRole('admin', loginData);
+    const isDriver = this._hasRole('driver', loginData);
+    const isFacilitator = this._hasRole('facilitator', loginData);
+    const notAdminAndListTypeDoesNotMatchRole = !this._hasRole(listType, loginData) && !isAdmin;
+    if (notAdminAndListTypeDoesNotMatchRole) {
+      console.log("WARNING: unauthorised attempt to query data", loginData);
+      return null;
+    }
+
     return {
-      toLongitude: queryParams.toLongitude,
-      toLatitude: queryParams.toLatitude,
-      fromLongitude: queryParams.fromLongitude,
-      fromLatitude: queryParams.fromLatitude,
-      driverGenders: loginData.role === 'driver' ? ['any', loginData.driverGender] : undefined,
-      includePickupTimeInPast: loginData.role !== 'driver',
-      facilitatorId: loginData.role === 'facilitator' ? loginData.email : undefined,
+      toLongitude: query.toLongitude,
+      toLatitude: query.toLatitude,
+      fromLongitude: query.fromLongitude,
+      fromLatitude: query.fromLatitude,
+      driverGenders: isDriver ? ['any', loginData.driverGender] : undefined,
+      includePickupTimeInPast: !isDriver,
+      facilitatorId: isFacilitator ? loginData.email : undefined,
     };
   }
+
+  _hasRole(role, loginData) {
+    return loginData.roles.indexOf(role) >= 0;
+  }
 }
 
+
 module.exports = ListRidesService;
diff --git a/backend/src/main/utils/jwt.js b/backend/src/main/utils/jwt.js
@@ -14,8 +14,8 @@ module.exports.decodeJwt = (event) => {
     const decodedToken = jsonwebtoken.decode(tokenValue);
     const claims = {};
     claims.email = decodedToken[`https://${domain}/email`];
-    claims.role = decodedToken[`https://${domain}/role`];
-    if (claims.role === 'driver') {
+    claims.roles = decodedToken[`https://${domain}/roles`];
+    if (claims.roles.indexOf('driver') >= 0) {
       claims.driverGender = decodedToken[`https://${domain}/gender`];
       claims.car = decodedToken[`https://${domain}/car`];
     }

diff --git a/backend/src/test/auth/ExpressAuthApis.js b/backend/src/test/auth/ExpressAuthApis.js
@@ -17,7 +17,6 @@ class ExpressAuthApis {
   }
 
   wellKnown(req, res) {
-    let expiry = moment().add(100, 'd');
     console.log(req.query);
     let jwks = fs.readFileSync(path.resolve(__dirname, '../config/express/certs/jwks.json'));
     res.status(200).send(JSON.parse(jwks));
@@ -61,7 +60,7 @@ class ExpressAuthApis {
   _authAs(queryParams, host, userInfo, expiry) {
     let payload = this._completeJWT(userInfo, host, expiry.toDate(), queryParams.nonce);
 
-    let accessToken = userInfo.role;
+    let accessToken = userInfo.roles[0];
     let cert = fs.readFileSync(path.resolve(__dirname, '../config/express/certs/private.key'));
     let jwtToken = jwt.sign(payload, cert, {algorithm: 'RS256'});
     return {accessToken, jwtToken};

diff --git a/backend/src/test/rides/ListRides.integration.test.js b/backend/src/test/rides/ListRides.integration.test.js
@@ -44,21 +44,21 @@ afterEach(async () => {
 describe('When listing rides', async () => {
   it('should show rides for facilitator', async function () {
     // given
-    const loginData = {email: RandomUtils.randomEmail(), role: 'facilitator'};
+    const loginData = {email: RandomUtils.randomEmail(), roles: ['facilitator']};
     const email = loginData.email;
     const ride1 = randomRideWithFacilitator(email);
     const ride2 = randomRideWithFacilitator(email);
     await databaseContainsRides(ride1, ride2);
 
     // when
-    const rides = await listRideController.listRides({}, loginData);
+    const rides = await listRideController.listRides({listType: 'facilitator'}, loginData);
 
     assert.deepEqualExcluding(rides, [ride1, ride2], 'id');
   });
 
   it('should show all rides for admin', async function () {
     // given
-    const loginData = {email: RandomUtils.randomEmail(), role: 'admin'};
+    const loginData = {email: RandomUtils.randomEmail(), roles: ['admin']};
     const ride1 = RideEntityBuilder.randomRideEntity();
     const ride2 = RideEntityBuilder.randomRideEntity();
     await databaseContainsRides(ride1, ride2);
@@ -72,7 +72,7 @@ describe('When listing rides', async () => {
 
   it('should show all rides for driver', async function () {
     // given
-    const loginData = {email: RandomUtils.randomEmail(), role: 'driver', driverGender: 'male'};
+    const loginData = {email: RandomUtils.randomEmail(), roles: ['driver'], driverGender: 'male'};
     const ride1 = randomRideWithGender('male');
     const ride2 = randomRideWithGender('female');
     const ride3 = randomRideWithGender('any');

diff --git a/backend/src/test/users/admin.json b/backend/src/test/users/admin.json
@@ -1,5 +1,5 @@
 {
   "email": "[email protected]",
   "gender": "male",
-  "role": "admin"
+  "roles": ["admin"]
 }
diff --git a/backend/src/test/users/driver.json b/backend/src/test/users/driver.json
@@ -2,5 +2,5 @@
   "email": "[email protected]",
   "gender": "male",
   "car": "suv",
-  "role": "driver"
+  "roles": ["driver"]
 }
diff --git a/backend/src/test/users/facilitator.json b/backend/src/test/users/facilitator.json
@@ -1,5 +1,5 @@
 {
   "email": "[email protected]",
   "gender": "female",
-  "role": "facilitator"
+  "roles": ["facilitator"]
 }
diff --git a/infrastructure/services/writeSecrets.sh → backend/writeSecrets.sh b/infrastructure/services/writeSecrets.sh → backend/writeSecrets.sh