fix: validation on the controller, not the interface is illegal

also changed the tests so we have at least one test for that controller
2024-11-27 06:01:08 +08:00 · 2023-12-20 14:49:10 +01:00 · 2023-12-20 14:49:10 +01:00 · 23a2559511
commit 23a2559511
parent ace9793556
3 changed files with 9 additions and 4 deletions
--- a/backend/src/main/java/io/papermc/hangar/controller/api/v1/PermissionsController.java
+++ b/backend/src/main/java/io/papermc/hangar/controller/api/v1/PermissionsController.java
@ -11,7 +11,6 @@ import io.papermc.hangar.model.common.PermissionType;
 import io.papermc.hangar.security.annotations.Anyone;
 import io.papermc.hangar.security.annotations.ratelimit.RateLimit;
 import io.papermc.hangar.service.PermissionService;
-import jakarta.validation.constraints.Size;
 import java.util.Collection;
 import java.util.Set;
 import java.util.function.BiPredicate;
@ -35,7 +34,7 @@ public class PermissionsController extends HangarComponent implements IPermissio
    }

    @Override
-    public ResponseEntity<PermissionCheck> hasAllPermissions(final @Size(max = 50) Set<NamedPermission> permissions, final String slug, final String organization) {
+    public ResponseEntity<PermissionCheck> hasAllPermissions(final Set<NamedPermission> permissions, final String slug, final String organization) {
        return this.has(permissions, slug, organization, (namedPerms, perm) -> namedPerms.stream().allMatch(p -> perm.has(p.getPermission())));
    }

--- a/backend/src/main/java/io/papermc/hangar/controller/api/v1/interfaces/IPermissionsController.java
+++ b/backend/src/main/java/io/papermc/hangar/controller/api/v1/interfaces/IPermissionsController.java
@ -9,6 +9,7 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.validation.constraints.Size;
 import java.util.Set;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
@ -34,7 +35,7 @@ public interface IPermissionsController {
        @ApiResponse(responseCode = "401", description = "Api session missing, invalid or expired")
    })
    @GetMapping("/permissions/hasAll")
-    ResponseEntity<PermissionCheck> hasAllPermissions(@Parameter(description = "The permissions to check", required = true) @RequestParam Set<NamedPermission> permissions,
+    ResponseEntity<PermissionCheck> hasAllPermissions(@Parameter(description = "The permissions to check", required = true) @RequestParam @Size(max = 50) Set<NamedPermission> permissions,
                                                      @Parameter(description = "The project slug of the project to check permissions in. Must not be used together with `organizationName`") @RequestParam(required = false) String slug,
                                                      @Parameter(description = "The organization to check permissions in. Must not be used together with `projectOwner` and `projectSlug`") @RequestParam(required = false) String organization
    );
--- a/backend/src/test/java/io/papermc/hangar/controller/api/v1/PermissionsControllerTest.java
+++ b/backend/src/test/java/io/papermc/hangar/controller/api/v1/PermissionsControllerTest.java
@ -8,7 +8,6 @@ import org.junit.jupiter.api.Test;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;

-@Disabled //TODO fix wtf is going on here
 class PermissionsControllerTest extends ControllerTest {

    @Test
@ -19,6 +18,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHasAllWithAll() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions/hasAll?permissions=create_organization&permissions=create_project")
                .with(this.apiKey(TestData.KEY_ALL)))
@ -26,6 +26,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHasAnyWithProjectOnly() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions/hasAny?permissions=create_organization&permissions=create_project")
                .with(this.apiKey(TestData.KEY_PROJECT_ONLY)))
@ -33,6 +34,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHasAnyWithAll() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions/hasAny?permissions=create_organization&permissions=create_project")
                .with(this.apiKey(TestData.KEY_ALL)))
@ -40,6 +42,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHiddenProjectSeeHidden() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions?slug=" + TestData.PROJECT.getSlug())
                .with(this.apiKey(TestData.KEY_SEE_HIDDEN)))
@ -47,6 +50,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHiddenProjectProjectOnly() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions?slug=" + TestData.PROJECT.getSlug())
                .with(this.apiKey(TestData.KEY_PROJECT_ONLY)))
@ -54,6 +58,7 @@ class PermissionsControllerTest extends ControllerTest {
    }

    @Test
+    @Disabled //TODO fix wtf is going on here
    void testHiddenProjectOrganizationOnly() throws Exception {
        this.mockMvc.perform(get("/api/v1/permissions?organization=" + TestData.ORG.getName())
                .with(this.apiKey(TestData.KEY_PROJECT_ONLY)))