github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-08 15:13:55 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: removed projectMembershipId entirely

Browse Source
This commit is contained in:
Daniel Hougaard
2025-12-06 09:37:25 -05:00
parent b3f2fb1399
commit 0f3108f6fb
3 changed files with 10 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/ee/routes/v2/identity-project-additional-privilege-router.ts
View File

@@ -84,7 +84,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privilege: {
...privilege,
identityId: req.body.identityId,
projectMembershipId: privilege.projectMembershipId || req.body.projectId,
projectId: req.body.projectId,
slug: privilege.name
}
@@ -168,7 +167,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privilege: {
...privilege,
identityId: privilegeDoc.actorIdentityId as string,
projectMembershipId: privilege.projectMembershipId || (privilegeDoc.projectId as string),
projectId: privilegeDoc.projectId as string,
slug: privilege.name
}
@@ -222,7 +220,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privilege: {
...privilege,
identityId: privilegeDoc.actorIdentityId as string,
projectMembershipId: privilege.projectMembershipId || (privilegeDoc.projectId as string),
projectId: privilegeDoc.projectId as string,
slug: privilege.name
}
@@ -276,7 +273,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privilege: {
...privilege,
identityId: privilegeDoc.actorIdentityId as string,
projectMembershipId: privilege.projectMembershipId || (privilegeDoc.projectId as string),
projectId: privilegeDoc.projectId as string,
slug: privilege.name
}
@@ -339,7 +335,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privilege: {
...privilege,
identityId: req.query.identityId,
projectMembershipId: privilege.projectMembershipId || (privilege.projectId as string),
projectId,
slug: privilege.name
}
@@ -391,7 +386,6 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
privileges: privileges.map((privilege) => ({
...privilege,
identityId: req.query.identityId,
projectMembershipId: privilege.projectMembershipId || (privilege.projectId as string),
projectId: req.query.projectId,
slug: privilege.name
}))

4
backend/src/server/routes/sanitizedSchema/identitiy-additional-privilege.ts
View File

@@ -2,6 +2,8 @@ import { IdentityProjectAdditionalPrivilegeSchema } from "@app/db/schemas";
import { UnpackedPermissionSchema } from "./permission";
export const SanitizedIdentityPrivilegeSchema = IdentityProjectAdditionalPrivilegeSchema.extend({
export const SanitizedIdentityPrivilegeSchema = IdentityProjectAdditionalPrivilegeSchema.omit({
projectMembershipId: true
}).extend({
permissions: UnpackedPermissionSchema.array()
});

112
backend/src/services/additional-privilege/additional-privilege-service.ts
View File

@@ -58,21 +58,6 @@ export const additionalPrivilegeServiceFactory = ({
const scope = factory.getScopeField(dto.scopeData);
const dbActorField = data.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: data.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({ message: `Project membership for ${data.actorType} ${data.actorId} not found` });
}
projectMembershipId = projectMembership.id;
}
const existingSlug = await additionalPrivilegeDAL.findOne({
name: data.name,
[dbActorField]: data.actorId,
@@ -96,8 +81,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
}
@@ -124,8 +108,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
};
@@ -137,21 +120,6 @@ export const additionalPrivilegeServiceFactory = ({
const scope = factory.getScopeField(dto.scopeData);
const dbActorField = dto.selector.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: dto.selector.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({
message: `Project membership for ${dto.selector.actorType} ${dto.selector.actorId} not found`
});
}
projectMembershipId = projectMembership.id;
}
const existingPrivilege = await additionalPrivilegeDAL.findOne({
[dbActorField]: dto.selector.actorId,
id: dto.selector.id,
@@ -176,8 +144,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
}
@@ -202,8 +169,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
};
@@ -215,21 +181,6 @@ export const additionalPrivilegeServiceFactory = ({
const scope = factory.getScopeField(dto.scopeData);
const dbActorField = dto.selector.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: dto.selector.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({
message: `Project membership for ${dto.selector.actorType} ${dto.selector.actorId} not found`
});
}
projectMembershipId = projectMembership.id;
}
const existingPrivilege = await additionalPrivilegeDAL.findOne({
id: selector.id,
[dbActorField]: dto.selector.actorId,
@@ -242,8 +193,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
};
@@ -255,21 +205,6 @@ export const additionalPrivilegeServiceFactory = ({
const scope = factory.getScopeField(dto.scopeData);
const dbActorField = dto.selector.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: dto.selector.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({
message: `Project membership for ${dto.selector.actorType} ${dto.selector.actorId} not found`
});
}
projectMembershipId = projectMembership.id;
}
const additionalPrivilege = await additionalPrivilegeDAL.findOne({
id: selector.id,
[dbActorField]: dto.selector.actorId,
@@ -281,8 +216,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
};
@@ -294,21 +228,6 @@ export const additionalPrivilegeServiceFactory = ({
const dbActorField = dto.selector.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
const scope = factory.getScopeField(dto.scopeData);
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: dto.selector.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({
message: `Project membership for ${dto.selector.actorType} ${dto.selector.actorId} not found`
});
}
projectMembershipId = projectMembership.id;
}
const additionalPrivilege = await additionalPrivilegeDAL.findOne({
name: selector.name,
[dbActorField]: dto.selector.actorId,
@@ -320,8 +239,7 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivilege: {
...additionalPrivilege,
permissions: unpackPermissions(additionalPrivilege.permissions),
projectMembershipId
permissions: unpackPermissions(additionalPrivilege.permissions)
}
};
};
@@ -333,21 +251,6 @@ export const additionalPrivilegeServiceFactory = ({
const scope = factory.getScopeField(dto.scopeData);
const dbActorField = dto.selector.actorType === ActorType.IDENTITY ? "actorIdentityId" : "actorUserId";
let projectMembershipId: string | undefined;
if (scope.key === "projectId") {
const projectMembership = await membershipDAL.findOne({
[dbActorField]: dto.selector.actorId,
scopeProjectId: scope.value,
scope: AccessScope.Project
});
if (!projectMembership) {
throw new NotFoundError({
message: `Project membership for ${dto.selector.actorType} ${dto.selector.actorId} not found`
});
}
projectMembershipId = projectMembership.id;
}
const additionalPrivileges = await additionalPrivilegeDAL.find({
[dbActorField]: dto.selector.actorId,
[scope.key]: scope.value
@@ -356,7 +259,6 @@ export const additionalPrivilegeServiceFactory = ({
return {
additionalPrivileges: additionalPrivileges.map((el) => ({
...el,
projectMembershipId,
permissions: unpackPermissions(el.permissions)
}))
};