Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

removed admin check flag #2514

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion src/config/feature-flags.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ export enum BooleanFlags {
MAINTENANCE_MODE = "maintenance-mode",
VERBOSE_LOGGING = "verbose-logging",
SEND_PR_COMMENTS_TO_JIRA = "send-pr-comments-to-jira_zy5ib",
JIRA_ADMIN_CHECK = "jira-admin-check",
REMOVE_STALE_MESSAGES = "remove-stale-messages",
USE_NEW_PULL_ALGO = "use-new-pull-algo",
USE_DYNAMODB_FOR_DEPLOYMENT_WEBHOOK = "use-dynamodb-for-deployment-webhook",
Expand Down
53 changes: 3 additions & 50 deletions src/middleware/jira-admin-permission-middleware.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ import {
fetchAndSaveUserJiraAdminStatus,
jiraAdminPermissionsMiddleware
} from "middleware/jira-admin-permission-middleware";
import { booleanFlag, BooleanFlags } from "config/feature-flags";
import { when } from "jest-when";

jest.mock("config/feature-flags");

Expand All @@ -24,67 +22,22 @@ describe("jiraAdminPermissionsMiddleware", () => {
send: jest.fn()
};
mockNext = jest.fn();

when(booleanFlag).calledWith(
BooleanFlags.JIRA_ADMIN_CHECK
).mockResolvedValue(true);
});

test("should return 403 Forbidden if session is undefined", async () => {
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockResponse.status).toHaveBeenCalledWith(403);
});

test("should return 403 Forbidden if hasAdminPermissions is false", async () => {
mockRequest.session.isJiraAdmin = false;
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockResponse.status).toHaveBeenCalledWith(403);
});

test("should call next() if user has Jira admin permissions", async () => {
mockRequest.session.isJiraAdmin = true;
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockNext).toHaveBeenCalled();
});
});

// Delete this describe block during flag clean up
describe("jiraAdminPermissionsMiddleware - feature flag off", () => {
let mockRequest;
let mockResponse;
let mockNext;

beforeEach(() => {
mockRequest = {
session: {},
log: { info: jest.fn() }
};
mockResponse = {
status: jest.fn().mockReturnThis(),
send: jest.fn()
};
mockNext = jest.fn();

when(booleanFlag).calledWith(
BooleanFlags.JIRA_ADMIN_CHECK
).mockResolvedValue(false);
});

test("should return 403 Forbidden if session is undefined", async () => {
delete mockRequest.session.isJiraAdmin;
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockNext).toHaveBeenCalled();
});

test("should return 403 Forbidden if hasAdminPermissions is false", async () => {
mockRequest.session.isJiraAdmin = false;
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockNext).toHaveBeenCalled();
});

test("should call next() if user has Jira admin permissions", async () => {
mockRequest.session.isJiraAdmin = true;
await jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
jiraAdminPermissionsMiddleware(mockRequest, mockResponse, mockNext);
expect(mockNext).toHaveBeenCalled();
});
});
Expand Down
7 changes: 2 additions & 5 deletions src/middleware/jira-admin-permission-middleware.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { NextFunction, Request, Response } from "express";
import { Installation } from "models/installation";
import { JiraClient } from "models/jira-client";
import { booleanFlag, BooleanFlags } from "config/feature-flags";

export const fetchAndSaveUserJiraAdminStatus = async (req: Request, claims: { sub?: string;}, installation: Installation): Promise<void> => {
const ADMIN_PERMISSION = "ADMINISTER";
Expand All @@ -27,10 +26,8 @@ export const fetchAndSaveUserJiraAdminStatus = async (req: Request, claims: { su
}
};

export const jiraAdminPermissionsMiddleware = async (req: Request, res: Response, next: NextFunction): Promise<void | Response> => {
if (!(await booleanFlag(BooleanFlags.JIRA_ADMIN_CHECK))) {
return next();
}
export const jiraAdminPermissionsMiddleware = (req: Request, res: Response, next: NextFunction): void | Response => {

const { isJiraAdmin } = req.session;

if (isJiraAdmin === undefined) {
Expand Down
4 changes: 0 additions & 4 deletions src/rest/middleware/jira-admin/jira-admin-check.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@ import { encodeSymmetric } from "atlassian-jwt";
import { Application } from "express";
import supertest from "supertest";
import { Installation } from "models/installation";
import { booleanFlag, BooleanFlags } from "config/feature-flags";
import { when } from "jest-when";
import { getFrontendApp } from "~/src/app";

jest.mock("config/feature-flags");
Expand All @@ -19,8 +17,6 @@ describe("Jira Admin Check", () => {

beforeEach(async () => {

when(booleanFlag).calledWith(BooleanFlags.JIRA_ADMIN_CHECK, jiraHost).mockResolvedValue(true);

app = getFrontendApp();

await Installation.install({
Expand Down
7 changes: 1 addition & 6 deletions src/rest/middleware/jira-admin/jira-admin-check.ts
Original file line number Diff line number Diff line change
@@ -1,18 +1,13 @@
import { NextFunction, Request, Response } from "express";
import { JiraClient } from "models/jira-client";
import { booleanFlag, BooleanFlags } from "config/feature-flags";
import { InsufficientPermissionError, InvalidTokenError } from "config/errors";
import { errorWrapper } from "../../helper";
import { BaseLocals } from "../../routes";

const ADMIN_PERMISSION = "ADMINISTER";
export const JiraAdminEnforceMiddleware = errorWrapper("jiraAdminEnforceMiddleware", async (req: Request, res: Response<any, BaseLocals>, next: NextFunction): Promise<void> => {

const { accountId, installation, jiraHost } = res.locals;

if (!(await booleanFlag(BooleanFlags.JIRA_ADMIN_CHECK, jiraHost))) {
return next();
}
const { accountId, installation } = res.locals;

if (!accountId) {
throw new InvalidTokenError("Missing userAccountId");
Expand Down
3 changes: 0 additions & 3 deletions src/routes/github/github-oauth.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,6 @@ import {
generateSignedSessionCookieHeader,
parseCookiesAndSession
} from "test/utils/cookies";
import { booleanFlag, BooleanFlags } from "config/feature-flags";
import { when } from "jest-when";
import { Installation } from "models/installation";

jest.mock("config/feature-flags");
Expand Down Expand Up @@ -175,7 +173,6 @@ describe("github-oauth", () => {
});

it("must work only for Jira admins", async () => {
when(booleanFlag).calledWith(BooleanFlags.JIRA_ADMIN_CHECK).mockResolvedValue(true);

const res = await supertest(getFrontendApp())
.get("/github/login?blah=true")
Expand Down
3 changes: 0 additions & 3 deletions src/routes/jira/jira-connected-repos-get.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ import { getLogger } from "config/logger";
import { Subscription } from "models/subscription";
import { DatabaseStateCreator } from "test/utils/database-state-creator";
import supertest from "supertest";
import { booleanFlag, BooleanFlags } from "config/feature-flags";
import { when } from "jest-when";
import { RepoSyncState } from "models/reposyncstate";

jest.mock("config/feature-flags");
Expand Down Expand Up @@ -36,7 +34,6 @@ describe("jira-connected-repos-get", () => {
subscription = result.subscription;
repoSyncState = result.repoSyncState!;

when(booleanFlag).calledWith(BooleanFlags.JIRA_ADMIN_CHECK).mockResolvedValue(true);
});

it("should return 403 when not an admin", async () => {
Expand Down
Loading