Ling0925
/
buster
mirror of https://github.com/buster-so/buster.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

merging api_collections_sharing_create

This commit is contained in:
dal 2025-03-19 15:00:15 -06:00
parent 5b8280d429 d5aa6cae00
commit 31cf5beb36
No known key found for this signature in database
GPG Key ID: 16F4B0E1E9F61122
8 changed files with 372 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
api/libs/handlers/src/collections/sharing/create_sharing_handler.rs Normal file
View File

@ -0,0 +1,171 @@
use anyhow::{anyhow, Result};
use database::{
enums::{AssetPermissionRole, AssetType, IdentityType},
helpers::collections::fetch_collection,
};
use sharing::{
check_asset_permission::has_permission,
create_asset_permission::create_share_by_email,
};
use tracing::info;
use uuid::Uuid;
use serde::{Deserialize, Serialize};
/// Recipient for sharing a collection
#[derive(Debug, Deserialize, Serialize)]
pub struct ShareRecipient {
pub email: String,
pub role: AssetPermissionRole,
}
/// Handler to create sharing permissions for a collection
///
/// # Arguments
/// * `collection_id` - The UUID of the collection to share
/// * `user_id` - The UUID of the user making the request
/// * `request` - List of recipients to share with, containing email and role
///
/// # Returns
/// * `Result<()>` - Success or error
pub async fn create_collection_sharing_handler(
collection_id: &Uuid,
user_id: &Uuid,
request: Vec<ShareRecipient>,
) -> Result<()> {
info!(
collection_id = %collection_id,
user_id = %user_id,
"Creating sharing permissions for collection"
);
// 1. Validate the collection exists
let collection = match fetch_collection(collection_id).await? {
Some(collection) => collection,
None => return Err(anyhow!("Collection not found")),
};
// 2. Check if user has permission to share the collection (Owner or FullAccess)
let has_permission_result = has_permission(
*collection_id,
AssetType::Collection,
*user_id,
IdentityType::User,
AssetPermissionRole::FullAccess, // Owner role implicitly has FullAccess permissions
).await?;
if !has_permission_result {
return Err(anyhow!("User does not have permission to share this collection"));
}
// 3. Process each recipient and create sharing permissions
let emails_and_roles: Vec<(String, AssetPermissionRole)> = request
.into_iter()
.map(|recipient| (recipient.email, recipient.role))
.collect();
for (email, role) in emails_and_roles {
// Create or update the permission using create_share_by_email
match create_share_by_email(
&email,
*collection_id,
AssetType::Collection,
role,
*user_id,
).await {
Ok(_) => {
info!("Created sharing permission for email: {} on collection: {}", email, collection_id);
},
Err(e) => {
tracing::error!("Failed to create sharing for email {}: {}", email, e);
return Err(anyhow!("Failed to create sharing for email {}: {}", email, e));
}
}
}
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
use database::{
enums::{AssetPermissionRole, AssetType, IdentityType},
models::{AssetPermission, Collection, User},
};
use chrono::{DateTime, Utc};
use mockall::predicate::*;
use mockall::mock;
use uuid::Uuid;
// Mock the database functions
mock! {
pub FetchCollection {}
impl FetchCollection {
pub async fn fetch_collection(id: &Uuid) -> Result<Option<Collection>>;
}
}
mock! {
pub HasPermission {}
impl HasPermission {
pub async fn has_permission(
asset_id: Uuid,
asset_type: AssetType,
identity_id: Uuid,
identity_type: IdentityType,
required_role: AssetPermissionRole,
) -> Result<bool>;
}
}
mock! {
pub CreateShareByEmail {}
impl CreateShareByEmail {
pub async fn create_share_by_email(
email: &str,
asset_id: Uuid,
asset_type: AssetType,
role: AssetPermissionRole,
created_by: Uuid,
) -> Result<AssetPermission>;
}
}
#[tokio::test]
async fn test_create_collection_sharing_collection_not_found() {
// Test case: Collection not found
// Expected: Error with "Collection not found" message
let collection_id = Uuid::new_v4();
let user_id = Uuid::new_v4();
let request = vec![
ShareRecipient {
email: "test@example.com".to_string(),
role: AssetPermissionRole::Viewer,
},
];
// Since we can't easily mock the function in an integration test
// This is just a placeholder for the real test
// A proper test would use a test database or more sophisticated mocking
assert!(true);
}
#[tokio::test]
async fn test_create_collection_sharing_no_permission() {
// This would test the case where a user doesn't have permission to share
assert!(true);
}
#[tokio::test]
async fn test_create_collection_sharing_success() {
// This would test the successful case
assert!(true);
}
#[tokio::test]
async fn test_create_collection_sharing_invalid_email() {
// This would test the case with an invalid email
assert!(true);
}
}

4
api/libs/handlers/src/collections/sharing/mod.rs
View File

@ -1,3 +1,5 @@
mod list_sharing_handler; mod list_sharing_handler;
mod create_sharing_handler;
pub use list_sharing_handler::list_collection_sharing_handler; pub use list_sharing_handler::list_collection_sharing_handler;
pub use create_sharing_handler::{create_collection_sharing_handler, ShareRecipient};

2
api/prds/active/api_collections_sharing_create.md
View File

@ -1,4 +1,4 @@
# API Collections Sharing - Create Endpoint PRD # API Collections Sharing - Create Endpoint PRD
## Problem Statement ## Problem Statement
Users need the ability to share collections with other users via a REST API endpoint. Users need the ability to share collections with other users via a REST API endpoint.

4
api/prds/active/api_collections_sharing_summary.md
View File

@ -12,7 +12,7 @@ The implementation is broken down into the following components, each with its o
1. **List Collections Sharing Endpoint** - GET /collections/:id/sharing 1. **List Collections Sharing Endpoint** - GET /collections/:id/sharing
- PRD: [api_collections_sharing_list.md](/Users/dallin/buster/buster/api/prds/active/api_collections_sharing_list.md) - PRD: [api_collections_sharing_list.md](/Users/dallin/buster/buster/api/prds/active/api_collections_sharing_list.md)
2. **Create Collections Sharing Endpoint** - POST /collections/:id/sharing 2. **Create Collections Sharing Endpoint** - POST /collections/:id/sharing
- PRD: [api_collections_sharing_create.md](/Users/dallin/buster/buster/api/prds/active/api_collections_sharing_create.md) - PRD: [api_collections_sharing_create.md](/Users/dallin/buster/buster/api/prds/active/api_collections_sharing_create.md)
3. **Update Collections Sharing Endpoint** - PUT /collections/:id/sharing 3. **Update Collections Sharing Endpoint** - PUT /collections/:id/sharing
@ -61,7 +61,7 @@ After Phase 1 is complete, the following components can be implemented in parall
- Uses `list_shares` from `@[api/libs/sharing/src]/list_asset_permissions.rs` - Uses `list_shares` from `@[api/libs/sharing/src]/list_asset_permissions.rs`
- Uses `check_access` from `@[api/libs/sharing/src]/check_asset_permission.rs` - Uses `check_access` from `@[api/libs/sharing/src]/check_asset_permission.rs`
- **Create Sharing Endpoint** - **Create Sharing Endpoint**
- Uses `find_user_by_email` from `@[api/libs/sharing/src]/user_lookup.rs` - Uses `find_user_by_email` from `@[api/libs/sharing/src]/user_lookup.rs`
- Uses `create_share_by_email` from `@[api/libs/sharing/src]/create_asset_permission.rs` - Uses `create_share_by_email` from `@[api/libs/sharing/src]/create_asset_permission.rs`
- Uses `has_permission` from `@[api/libs/sharing/src]/check_asset_permission.rs` - Uses `has_permission` from `@[api/libs/sharing/src]/check_asset_permission.rs`

41
api/src/routes/rest/routes/collections/sharing/create_sharing.rs Normal file
View File

@ -0,0 +1,41 @@
use axum::{
extract::Path,
http::StatusCode,
Extension,
Json,
};
use handlers::collections::sharing::{create_collection_sharing_handler, ShareRecipient};
use middleware::AuthenticatedUser;
use tracing::info;
use uuid::Uuid;
use crate::routes::rest::ApiResponse;
/// REST handler for creating sharing permissions for a collection
pub async fn create_collection_sharing_rest_handler(
Extension(user): Extension<AuthenticatedUser>,
Path(id): Path<Uuid>,
Json(request): Json<Vec<ShareRecipient>>,
) -> Result<ApiResponse<String>, (StatusCode, String)> {
info!("Processing POST request for collection sharing with ID: {}, user_id: {}", id, user.id);
match create_collection_sharing_handler(&id, &user.id, request).await {
Ok(_) => Ok(ApiResponse::JsonData("Sharing permissions created successfully".to_string())),
Err(e) => {
tracing::error!("Error creating sharing permissions: {}", e);
// Map specific errors to appropriate status codes
let error_message = e.to_string();
if error_message.contains("not found") {
return Err((StatusCode::NOT_FOUND, format!("Collection not found: {}", e)));
} else if error_message.contains("permission") {
return Err((StatusCode::FORBIDDEN, format!("Insufficient permissions: {}", e)));
} else if error_message.contains("Invalid email") {
return Err((StatusCode::BAD_REQUEST, format!("Invalid email: {}", e)));
}
Err((StatusCode::INTERNAL_SERVER_ERROR, format!("Failed to create sharing permissions: {}", e)))
}
}
}

4
api/src/routes/rest/routes/collections/sharing/mod.rs
View File

@ -1,11 +1,13 @@
use axum::{ use axum::{
routing::get, routing::{get, post},
Router, Router,
}; };
mod list_sharing; mod list_sharing;
mod create_sharing;
pub fn router() -> Router { pub fn router() -> Router {
Router::new() Router::new()
.route("/", get(list_sharing::list_collection_sharing_rest_handler)) .route("/", get(list_sharing::list_collection_sharing_rest_handler))
.route("/", post(create_sharing::create_collection_sharing_rest_handler))
} }

149
api/tests/integration/collections/sharing/create_sharing_test.rs Normal file
View File

@ -0,0 +1,149 @@
use anyhow::Result;
use axum::http::StatusCode;
use database::enums::AssetPermissionRole;
use serde_json::json;
use uuid::Uuid;
use crate::common::{
fixtures::{collections, users},
http::client::TestClient,
};
/// Test successful sharing of a collection that belongs to the user
#[tokio::test]
async fn test_create_collection_sharing_success() -> Result<()> {
// Setup
let user = users::create_test_user().await?;
let collection = collections::create_test_collection_for_user(&user.id).await?;
// Create test client with user auth
let client = TestClient::new_with_auth(&user.id);
// Share the collection with a different user
let other_user = users::create_test_user().await?;
let response = client
.post(&format!("/collections/{}/sharing", collection.id))
.json(&json!([
{
"email": other_user.email,
"role": AssetPermissionRole::Viewer
}
]))
.send()
.await?;
// Verify response
assert_eq!(response.status(), StatusCode::OK);
let response_text = response.text().await?;
assert!(response_text.contains("Sharing permissions created successfully"));
// Cleanup: Delete test data
users::delete_test_user(&user.id).await?;
users::delete_test_user(&other_user.id).await?;
collections::delete_test_collection(&collection.id).await?;
Ok(())
}
/// Test attempting to share a collection that doesn't exist
#[tokio::test]
async fn test_create_collection_sharing_collection_not_found() -> Result<()> {
// Setup
let user = users::create_test_user().await?;
let non_existent_id = Uuid::new_v4();
// Create test client with user auth
let client = TestClient::new_with_auth(&user.id);
// Attempt to share a non-existent collection
let response = client
.post(&format!("/collections/{}/sharing", non_existent_id))
.json(&json!([
{
"email": "test@example.com",
"role": AssetPermissionRole::Viewer
}
]))
.send()
.await?;
// Verify response
assert_eq!(response.status(), StatusCode::NOT_FOUND);
let response_text = response.text().await?;
assert!(response_text.contains("Collection not found"));
// Cleanup
users::delete_test_user(&user.id).await?;
Ok(())
}
/// Test attempting to share a collection without proper permissions
#[tokio::test]
async fn test_create_collection_sharing_insufficient_permissions() -> Result<()> {
// Setup
let owner = users::create_test_user().await?;
let collection = collections::create_test_collection_for_user(&owner.id).await?;
let unprivileged_user = users::create_test_user().await?;
// Create test client with unprivileged user auth
let client = TestClient::new_with_auth(&unprivileged_user.id);
// Attempt to share as unprivileged user
let response = client
.post(&format!("/collections/{}/sharing", collection.id))
.json(&json!([
{
"email": "test@example.com",
"role": AssetPermissionRole::Viewer
}
]))
.send()
.await?;
// Verify response
assert_eq!(response.status(), StatusCode::FORBIDDEN);
let response_text = response.text().await?;
assert!(response_text.contains("Insufficient permissions"));
// Cleanup
users::delete_test_user(&owner.id).await?;
users::delete_test_user(&unprivileged_user.id).await?;
collections::delete_test_collection(&collection.id).await?;
Ok(())
}
/// Test attempting to share with an invalid email
#[tokio::test]
async fn test_create_collection_sharing_invalid_email() -> Result<()> {
// Setup
let user = users::create_test_user().await?;
let collection = collections::create_test_collection_for_user(&user.id).await?;
// Create test client with user auth
let client = TestClient::new_with_auth(&user.id);
// Attempt to share with invalid email
let response = client
.post(&format!("/collections/{}/sharing", collection.id))
.json(&json!([
{
"email": "not-a-valid-email",
"role": AssetPermissionRole::Viewer
}
]))
.send()
.await?;
// Verify response
assert_eq!(response.status(), StatusCode::BAD_REQUEST);
let response_text = response.text().await?;
assert!(response_text.contains("Invalid email"));
// Cleanup
users::delete_test_user(&user.id).await?;
collections::delete_test_collection(&collection.id).await?;
Ok(())
}

3
api/tests/integration/collections/sharing/mod.rs
View File

@ -1 +1,2 @@
pub mod list_sharing_test; pub mod list_sharing_test;
pub mod create_sharing_test;