mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-02-13 12:55:00 +00:00
chore(core): better doc action error message (#10288)
This commit is contained in:
forehalo
@@ -856,7 +856,7 @@ test('default page role should be able to override the workspace role', async t
|
||||
await t.throwsAsync(
|
||||
updateDocDefaultRole(app, workspace.id, docId, DocRole.Manager),
|
||||
{
|
||||
message: `You do not have permission to access doc ${docId} under Space ${workspace.id}.`,
|
||||
message: `You do not have permission to perform Doc.Users.Manage action on doc ${docId}.`,
|
||||
}
|
||||
);
|
||||
}
|
||||
@@ -908,7 +908,7 @@ test('should be able to grant and revoke doc user role', async t => {
|
||||
// external user can't manage the page
|
||||
app.switchUser(external);
|
||||
await t.throwsAsync(revokeDocUserRoles(app, ws.id, docId, read.id), {
|
||||
message: `You do not have permission to access doc ${docId} under Space ${ws.id}.`,
|
||||
message: `You do not have permission to perform Doc.Users.Manage action on doc ${docId}.`,
|
||||
});
|
||||
}
|
||||
});
|
||||
@@ -922,7 +922,7 @@ test('update page default role should throw error if the space does not exist',
|
||||
await t.throwsAsync(
|
||||
updateDocDefaultRole(app, nonExistWorkspaceId, docId, DocRole.Manager),
|
||||
{
|
||||
message: `You do not have permission to access doc ${docId} under Space ${nonExistWorkspaceId}.`,
|
||||
message: `You do not have permission to perform Doc.Users.Manage action on doc ${docId}.`,
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
@@ -108,12 +108,12 @@ test('should not be able to public not permitted doc', async t => {
|
||||
|
||||
await t.throwsAsync(publishDoc(app, 'not_exists_ws', 'doc2'), {
|
||||
message:
|
||||
'You do not have permission to access doc doc2 under Space not_exists_ws.',
|
||||
'You do not have permission to perform Doc.Publish action on doc doc2.',
|
||||
});
|
||||
|
||||
await t.throwsAsync(revokePublicDoc(app, 'not_exists_ws', 'doc2'), {
|
||||
message:
|
||||
'You do not have permission to access doc doc2 under Space not_exists_ws.',
|
||||
'You do not have permission to perform Doc.Publish action on doc doc2.',
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@@ -419,11 +419,11 @@ export const USER_FRIENDLY_ERRORS = {
|
||||
message: ({ spaceId, docId }) =>
|
||||
`Doc ${docId} under Space ${spaceId} not found.`,
|
||||
},
|
||||
doc_access_denied: {
|
||||
doc_action_denied: {
|
||||
type: 'no_permission',
|
||||
args: { spaceId: 'string', docId: 'string' },
|
||||
message: ({ spaceId, docId }) =>
|
||||
`You do not have permission to access doc ${docId} under Space ${spaceId}.`,
|
||||
args: { spaceId: 'string', docId: 'string', action: 'string' },
|
||||
message: ({ docId, action }) =>
|
||||
`You do not have permission to perform ${action} action on doc ${docId}.`,
|
||||
},
|
||||
version_rejected: {
|
||||
type: 'action_forbidden',
|
||||
|
||||
@@ -299,14 +299,15 @@ export class DocNotFound extends UserFriendlyError {
|
||||
}
|
||||
}
|
||||
@ObjectType()
|
||||
class DocAccessDeniedDataType {
|
||||
class DocActionDeniedDataType {
|
||||
@Field() spaceId!: string
|
||||
@Field() docId!: string
|
||||
@Field() action!: string
|
||||
}
|
||||
|
||||
export class DocAccessDenied extends UserFriendlyError {
|
||||
constructor(args: DocAccessDeniedDataType, message?: string | ((args: DocAccessDeniedDataType) => string)) {
|
||||
super('no_permission', 'doc_access_denied', message, args);
|
||||
export class DocActionDenied extends UserFriendlyError {
|
||||
constructor(args: DocActionDeniedDataType, message?: string | ((args: DocActionDeniedDataType) => string)) {
|
||||
super('no_permission', 'doc_action_denied', message, args);
|
||||
}
|
||||
}
|
||||
@ObjectType()
|
||||
@@ -832,7 +833,7 @@ export enum ErrorNames {
|
||||
SPACE_OWNER_NOT_FOUND,
|
||||
SPACE_SHOULD_HAVE_ONLY_ONE_OWNER,
|
||||
DOC_NOT_FOUND,
|
||||
DOC_ACCESS_DENIED,
|
||||
DOC_ACTION_DENIED,
|
||||
VERSION_REJECTED,
|
||||
INVALID_HISTORY_TIMESTAMP,
|
||||
DOC_HISTORY_NOT_FOUND,
|
||||
@@ -903,5 +904,5 @@ registerEnumType(ErrorNames, {
|
||||
export const ErrorDataUnionType = createUnionType({
|
||||
name: 'ErrorDataUnion',
|
||||
types: () =>
|
||||
[GraphqlBadRequestDataType, QueryTooLongDataType, WrongSignInCredentialsDataType, UnknownOauthProviderDataType, MissingOauthQueryParameterDataType, InvalidEmailDataType, InvalidPasswordLengthDataType, WorkspacePermissionNotFoundDataType, SpaceNotFoundDataType, MemberNotFoundInSpaceDataType, NotInSpaceDataType, AlreadyInSpaceDataType, SpaceAccessDeniedDataType, SpaceOwnerNotFoundDataType, SpaceShouldHaveOnlyOneOwnerDataType, DocNotFoundDataType, DocAccessDeniedDataType, VersionRejectedDataType, InvalidHistoryTimestampDataType, DocHistoryNotFoundDataType, BlobNotFoundDataType, ExpectToGrantDocUserRolesDataType, ExpectToRevokeDocUserRolesDataType, ExpectToUpdateDocUserRoleDataType, UnsupportedSubscriptionPlanDataType, SubscriptionAlreadyExistsDataType, SubscriptionNotExistsDataType, SameSubscriptionRecurringDataType, SubscriptionPlanNotFoundDataType, CopilotDocNotFoundDataType, CopilotMessageNotFoundDataType, CopilotPromptNotFoundDataType, CopilotProviderSideErrorDataType, CopilotInvalidContextDataType, CopilotContextFileNotSupportedDataType, CopilotFailedToModifyContextDataType, CopilotFailedToMatchContextDataType, RuntimeConfigNotFoundDataType, InvalidRuntimeConfigTypeDataType, InvalidLicenseUpdateParamsDataType, WorkspaceMembersExceedLimitToDowngradeDataType] as const,
|
||||
[GraphqlBadRequestDataType, QueryTooLongDataType, WrongSignInCredentialsDataType, UnknownOauthProviderDataType, MissingOauthQueryParameterDataType, InvalidEmailDataType, InvalidPasswordLengthDataType, WorkspacePermissionNotFoundDataType, SpaceNotFoundDataType, MemberNotFoundInSpaceDataType, NotInSpaceDataType, AlreadyInSpaceDataType, SpaceAccessDeniedDataType, SpaceOwnerNotFoundDataType, SpaceShouldHaveOnlyOneOwnerDataType, DocNotFoundDataType, DocActionDeniedDataType, VersionRejectedDataType, InvalidHistoryTimestampDataType, DocHistoryNotFoundDataType, BlobNotFoundDataType, ExpectToGrantDocUserRolesDataType, ExpectToRevokeDocUserRolesDataType, ExpectToUpdateDocUserRoleDataType, UnsupportedSubscriptionPlanDataType, SubscriptionAlreadyExistsDataType, SubscriptionNotExistsDataType, SameSubscriptionRecurringDataType, SubscriptionPlanNotFoundDataType, CopilotDocNotFoundDataType, CopilotMessageNotFoundDataType, CopilotPromptNotFoundDataType, CopilotProviderSideErrorDataType, CopilotInvalidContextDataType, CopilotContextFileNotSupportedDataType, CopilotFailedToModifyContextDataType, CopilotFailedToMatchContextDataType, RuntimeConfigNotFoundDataType, InvalidRuntimeConfigTypeDataType, InvalidLicenseUpdateParamsDataType, WorkspaceMembersExceedLimitToDowngradeDataType] as const,
|
||||
});
|
||||
|
||||
@@ -5,7 +5,7 @@ import { groupBy } from 'lodash-es';
|
||||
|
||||
import {
|
||||
CanNotBatchGrantDocOwnerPermissions,
|
||||
DocAccessDenied,
|
||||
DocActionDenied,
|
||||
EventBus,
|
||||
OnEvent,
|
||||
SpaceAccessDenied,
|
||||
@@ -552,7 +552,7 @@ export class PermissionService {
|
||||
user?: string
|
||||
) {
|
||||
if (!(await this.tryCheckPage(ws, page, action, user))) {
|
||||
throw new DocAccessDenied({ spaceId: ws, docId: page });
|
||||
throw new DocActionDenied({ spaceId: ws, docId: page, action });
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ import type { WorkspaceDoc as PrismaWorkspaceDoc } from '@prisma/client';
|
||||
import { PrismaClient } from '@prisma/client';
|
||||
|
||||
import {
|
||||
DocAccessDenied,
|
||||
DocActionDenied,
|
||||
DocDefaultRoleCanNotBeOwner,
|
||||
DocIsNotPublic,
|
||||
ExpectToGrantDocUserRoles,
|
||||
@@ -662,7 +662,7 @@ export class DocResolver {
|
||||
user.id
|
||||
);
|
||||
} catch (error) {
|
||||
if (error instanceof DocAccessDenied) {
|
||||
if (error instanceof DocActionDenied) {
|
||||
this.logger.log(
|
||||
`User does not have permission to update page default role (${JSON.stringify(
|
||||
{
|
||||
|
||||
@@ -250,7 +250,8 @@ input DeleteSessionInput {
|
||||
workspaceId: String!
|
||||
}
|
||||
|
||||
type DocAccessDeniedDataType {
|
||||
type DocActionDeniedDataType {
|
||||
action: String!
|
||||
docId: String!
|
||||
spaceId: String!
|
||||
}
|
||||
@@ -315,7 +316,7 @@ type EditorType {
|
||||
name: String!
|
||||
}
|
||||
|
||||
union ErrorDataUnion = AlreadyInSpaceDataType | BlobNotFoundDataType | CopilotContextFileNotSupportedDataType | CopilotDocNotFoundDataType | CopilotFailedToMatchContextDataType | CopilotFailedToModifyContextDataType | CopilotInvalidContextDataType | CopilotMessageNotFoundDataType | CopilotPromptNotFoundDataType | CopilotProviderSideErrorDataType | DocAccessDeniedDataType | DocHistoryNotFoundDataType | DocNotFoundDataType | ExpectToGrantDocUserRolesDataType | ExpectToRevokeDocUserRolesDataType | ExpectToUpdateDocUserRoleDataType | GraphqlBadRequestDataType | InvalidEmailDataType | InvalidHistoryTimestampDataType | InvalidLicenseUpdateParamsDataType | InvalidPasswordLengthDataType | InvalidRuntimeConfigTypeDataType | MemberNotFoundInSpaceDataType | MissingOauthQueryParameterDataType | NotInSpaceDataType | QueryTooLongDataType | RuntimeConfigNotFoundDataType | SameSubscriptionRecurringDataType | SpaceAccessDeniedDataType | SpaceNotFoundDataType | SpaceOwnerNotFoundDataType | SpaceShouldHaveOnlyOneOwnerDataType | SubscriptionAlreadyExistsDataType | SubscriptionNotExistsDataType | SubscriptionPlanNotFoundDataType | UnknownOauthProviderDataType | UnsupportedSubscriptionPlanDataType | VersionRejectedDataType | WorkspaceMembersExceedLimitToDowngradeDataType | WorkspacePermissionNotFoundDataType | WrongSignInCredentialsDataType
|
||||
union ErrorDataUnion = AlreadyInSpaceDataType | BlobNotFoundDataType | CopilotContextFileNotSupportedDataType | CopilotDocNotFoundDataType | CopilotFailedToMatchContextDataType | CopilotFailedToModifyContextDataType | CopilotInvalidContextDataType | CopilotMessageNotFoundDataType | CopilotPromptNotFoundDataType | CopilotProviderSideErrorDataType | DocActionDeniedDataType | DocHistoryNotFoundDataType | DocNotFoundDataType | ExpectToGrantDocUserRolesDataType | ExpectToRevokeDocUserRolesDataType | ExpectToUpdateDocUserRoleDataType | GraphqlBadRequestDataType | InvalidEmailDataType | InvalidHistoryTimestampDataType | InvalidLicenseUpdateParamsDataType | InvalidPasswordLengthDataType | InvalidRuntimeConfigTypeDataType | MemberNotFoundInSpaceDataType | MissingOauthQueryParameterDataType | NotInSpaceDataType | QueryTooLongDataType | RuntimeConfigNotFoundDataType | SameSubscriptionRecurringDataType | SpaceAccessDeniedDataType | SpaceNotFoundDataType | SpaceOwnerNotFoundDataType | SpaceShouldHaveOnlyOneOwnerDataType | SubscriptionAlreadyExistsDataType | SubscriptionNotExistsDataType | SubscriptionPlanNotFoundDataType | UnknownOauthProviderDataType | UnsupportedSubscriptionPlanDataType | VersionRejectedDataType | WorkspaceMembersExceedLimitToDowngradeDataType | WorkspacePermissionNotFoundDataType | WrongSignInCredentialsDataType
|
||||
|
||||
enum ErrorNames {
|
||||
ACCESS_DENIED
|
||||
@@ -347,7 +348,7 @@ enum ErrorNames {
|
||||
COPILOT_SESSION_DELETED
|
||||
COPILOT_SESSION_NOT_FOUND
|
||||
CUSTOMER_PORTAL_CREATE_FAILED
|
||||
DOC_ACCESS_DENIED
|
||||
DOC_ACTION_DENIED
|
||||
DOC_DEFAULT_ROLE_CAN_NOT_BE_OWNER
|
||||
DOC_HISTORY_NOT_FOUND
|
||||
DOC_IS_NOT_PUBLIC
|
||||
|
||||
Reference in New Issue
Block a user