From faad25646c7e9d8d3c9fcb5c0f1b490dd9ff66ee Mon Sep 17 00:00:00 2001 From: Domagoj Kriskovic Date: Fri, 24 Jan 2025 14:07:56 +0100 Subject: [PATCH] Allow reviewers to reopen comment threads (#23075) GitOrigin-RevId: 065acf5931213c288dbdcb3bc06da988b094a1f4 --- .../Authorization/AuthorizationManager.js | 6 ++-- .../Authorization/AuthorizationMiddleware.js | 29 ++++++++++++------- .../AuthorizationManagerTests.js | 2 +- .../AuthorizationMiddlewareTests.js | 9 ++++-- 4 files changed, 29 insertions(+), 17 deletions(-) diff --git a/services/web/app/src/Features/Authorization/AuthorizationManager.js b/services/web/app/src/Features/Authorization/AuthorizationManager.js index 612d98585e..6d4f09ed56 100644 --- a/services/web/app/src/Features/Authorization/AuthorizationManager.js +++ b/services/web/app/src/Features/Authorization/AuthorizationManager.js @@ -273,7 +273,7 @@ async function canUserDeleteOrResolveThread( return comment.metadata.user_id === userId } -async function canUserSendComment(userId, projectId, token) { +async function canUserSendOrReopenComment(userId, projectId, token) { const privilegeLevel = await getPrivilegeLevelForProject( userId, projectId, @@ -289,8 +289,8 @@ async function canUserSendComment(userId, projectId, token) { module.exports = { canUserReadProject: callbackify(canUserReadProject), canUserWriteProjectContent: callbackify(canUserWriteProjectContent), + canUserSendOrReopenComment: callbackify(canUserSendOrReopenComment), canUserDeleteOrResolveThread: callbackify(canUserDeleteOrResolveThread), - canUserSendComment: callbackify(canUserSendComment), canUserWriteProjectSettings: callbackify(canUserWriteProjectSettings), canUserRenameProject: callbackify(canUserRenameProject), canUserAdminProject: callbackify(canUserAdminProject), @@ -301,8 +301,8 @@ module.exports = { promises: { canUserReadProject, canUserWriteProjectContent, + canUserSendOrReopenComment, canUserDeleteOrResolveThread, - canUserSendComment, canUserWriteProjectSettings, canUserRenameProject, canUserAdminProject, diff --git a/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js b/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js index 851254cf21..c26210572a 100644 --- a/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js +++ b/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js @@ -132,22 +132,29 @@ async function ensureUserCanDeleteOrResolveThread(req, res, next) { return HttpErrorHandler.forbidden(req, res) } -async function ensureUserCanSendComment(req, res, next) { +async function ensureUserCanSendOrReopenComment(req, res, next) { const projectId = _getProjectId(req) const userId = _getUserId(req) const token = TokenAccessHandler.getRequestToken(req, projectId) - const canSendComment = await AuthorizationManager.promises.canUserSendComment( - userId, - projectId, - token - ) - if (canSendComment) { - logger.debug({ userId, projectId }, 'allowing user to send a comment') + const canSendOrReopenComment = + await AuthorizationManager.promises.canUserSendOrReopenComment( + userId, + projectId, + token + ) + if (canSendOrReopenComment) { + logger.debug( + { userId, projectId }, + 'allowing user to send or reopen a comment' + ) return next() } - logger.debug({ userId, projectId }, 'denying user to send a comment') + logger.debug( + { userId, projectId }, + 'denying user to send or reopen a comment' + ) return HttpErrorHandler.forbidden(req, res) } @@ -270,10 +277,12 @@ module.exports = { ensureUserCanWriteProjectSettings: expressify( ensureUserCanWriteProjectSettings ), + ensureUserCanSendOrReopenComment: expressify( + ensureUserCanSendOrReopenComment + ), ensureUserCanDeleteOrResolveThread: expressify( ensureUserCanDeleteOrResolveThread ), - ensureUserCanSendComment: expressify(ensureUserCanSendComment), ensureUserCanWriteProjectContent: expressify( ensureUserCanWriteProjectContent ), diff --git a/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js b/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js index 5d88a319fc..c0ac9b1087 100644 --- a/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js +++ b/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js @@ -453,7 +453,7 @@ describe('AuthorizationManager', function () { tokenReadOnly: true, }) - testPermission('canUserSendComment', { + testPermission('canUserSendOrReopenComment', { siteAdmin: true, owner: true, readAndWrite: true, diff --git a/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js b/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js index b4d6cc264f..851b15d00b 100644 --- a/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js +++ b/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js @@ -25,8 +25,8 @@ describe('AuthorizationMiddleware', function () { canUserReadProject: sinon.stub(), canUserWriteProjectSettings: sinon.stub(), canUserWriteProjectContent: sinon.stub(), + canUserSendOrReopenComment: sinon.stub(), canUserDeleteOrResolveThread: sinon.stub(), - canUserSendComment: sinon.stub(), canUserAdminProject: sinon.stub(), canUserRenameProject: sinon.stub(), isUserSiteAdmin: sinon.stub(), @@ -86,8 +86,11 @@ describe('AuthorizationMiddleware', function () { ) }) - describe('ensureUserCanSendComment', function () { - testMiddleware('ensureUserCanSendComment', 'canUserSendComment') + describe('ensureUserCanSendOrReopenComment', function () { + testMiddleware( + 'ensureUserCanSendOrReopenComment', + 'canUserSendOrReopenComment' + ) }) describe('ensureUserCanDeleteOrResolveThread', function () {