diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php index 1cabc77eb7..ba323dc5a4 100644 --- a/app/controllers/api/functions.php +++ b/app/controllers/api/functions.php @@ -7,7 +7,7 @@ use Appwrite\Event\Delete; use Appwrite\Event\Event; use Appwrite\Event\Func; use Appwrite\Event\Usage; -use Appwrite\Event\Validator\Event as ValidatorEvent; +use Appwrite\Event\Validator\FunctionEvent; use Appwrite\Utopia\Response\Model\Rule; use Appwrite\Extend\Exception; use Appwrite\Utopia\Database\Validator\CustomId; @@ -136,7 +136,7 @@ App::post('/v1/functions') ->param('name', '', new Text(128), 'Function name. Max length: 128 chars.') ->param('runtime', '', new WhiteList(array_keys(Config::getParam('runtimes')), true), 'Execution runtime.') ->param('execute', [], new Roles(APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of role strings with execution permissions. By default no user is granted with any execute permissions. [learn more about roles](https://appwrite.io/docs/permissions#permission-roles). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 64 characters long.', true) - ->param('events', [], new ArrayList(new ValidatorEvent(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Events list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.', true) + ->param('events', [], new ArrayList(new FunctionEvent(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Events list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.', true) ->param('schedule', '', new Cron(), 'Schedule CRON syntax.', true) ->param('timeout', 15, new Range(1, (int) App::getEnv('_APP_FUNCTIONS_TIMEOUT', 900)), 'Function maximum execution time in seconds.', true) ->param('enabled', true, new Boolean(), 'Is function enabled? When set to \'disabled\', users cannot access the function but Server SDKs with and API key can still access the function. No data is lost when this is toggled.', true) @@ -662,7 +662,7 @@ App::put('/v1/functions/:functionId') ->param('name', '', new Text(128), 'Function name. Max length: 128 chars.') ->param('runtime', '', new WhiteList(array_keys(Config::getParam('runtimes')), true), 'Execution runtime.', true) ->param('execute', [], new Roles(APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of role strings with execution permissions. By default no user is granted with any execute permissions. [learn more about roles](https://appwrite.io/docs/permissions#permission-roles). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 64 characters long.', true) - ->param('events', [], new ArrayList(new ValidatorEvent(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Events list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.', true) + ->param('events', [], new ArrayList(new FunctionEvent(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Events list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.', true) ->param('schedule', '', new Cron(), 'Schedule CRON syntax.', true) ->param('timeout', 15, new Range(1, (int) App::getEnv('_APP_FUNCTIONS_TIMEOUT', 900)), 'Maximum execution time in seconds.', true) ->param('enabled', true, new Boolean(), 'Is function enabled? When set to \'disabled\', users cannot access the function but Server SDKs with and API key can still access the function. No data is lost when this is toggled.', true) diff --git a/src/Appwrite/Event/Validator/Event.php b/src/Appwrite/Event/Validator/Event.php index 3f22900486..2061d53ed8 100644 --- a/src/Appwrite/Event/Validator/Event.php +++ b/src/Appwrite/Event/Validator/Event.php @@ -45,12 +45,6 @@ class Event extends Validator * Identify all sections of the pattern. */ $type = $parts[0] ?? false; - - if ($type == 'functions') { - $this->message = 'Triggering a function on a function event is not allowed.'; - return false; - } - $resource = $parts[1] ?? false; $hasSubResource = $count > 3 && ($events[$type]['$resource'] ?? false) && ($events[$type][$parts[2]]['$resource'] ?? false); $hasSubSubResource = $count > 5 && $hasSubResource && ($events[$type][$parts[2]][$parts[4]]['$resource'] ?? false); diff --git a/src/Appwrite/Event/Validator/FunctionEvent.php b/src/Appwrite/Event/Validator/FunctionEvent.php new file mode 100644 index 0000000000..6443b127ad --- /dev/null +++ b/src/Appwrite/Event/Validator/FunctionEvent.php @@ -0,0 +1,25 @@ +message = 'Triggering a function on a function event is not allowed.'; + return false; + } + + return parent::isValid($value); + } +} diff --git a/src/Appwrite/GraphQL/Types/Mapper.php b/src/Appwrite/GraphQL/Types/Mapper.php index 0f9ad661f6..280d094a0c 100644 --- a/src/Appwrite/GraphQL/Types/Mapper.php +++ b/src/Appwrite/GraphQL/Types/Mapper.php @@ -235,6 +235,7 @@ class Mapper case 'Utopia\Validator\Domain': case 'Appwrite\Network\Validator\Email': case 'Appwrite\Event\Validator\Event': + case 'Appwrite\Event\Validator\FunctionEvent': case 'Utopia\Validator\HexColor': case 'Utopia\Validator\Host': case 'Utopia\Validator\IP': diff --git a/tests/unit/Event/Validator/EventValidatorTest.php b/tests/unit/Event/Validator/EventValidatorTest.php index cf62ecca65..e9f652adeb 100644 --- a/tests/unit/Event/Validator/EventValidatorTest.php +++ b/tests/unit/Event/Validator/EventValidatorTest.php @@ -50,7 +50,7 @@ class EventValidatorTest extends TestCase $this->assertTrue($this->object->isValid('databases.books')); $this->assertTrue($this->object->isValid('databases.books.collections.chapters')); $this->assertTrue($this->object->isValid('databases.books.collections.*')); - // $this->assertTrue($this->object->isValid('functions.*')); TODO @christyjacob4 : enable test once we allow functions.* events + $this->assertTrue($this->object->isValid('functions.*')); $this->assertTrue($this->object->isValid('buckets.*')); $this->assertTrue($this->object->isValid('teams.*')); $this->assertTrue($this->object->isValid('users.*')); diff --git a/tests/unit/Event/Validator/FunctionEventValidatorTest.php b/tests/unit/Event/Validator/FunctionEventValidatorTest.php new file mode 100644 index 0000000000..ea59f6771a --- /dev/null +++ b/tests/unit/Event/Validator/FunctionEventValidatorTest.php @@ -0,0 +1,73 @@ +object = new FunctionEvent(); + } + + public function tearDown(): void + { + } + + public function testValues(): void + { + /** + * Test for SUCCESS + */ + $this->assertTrue($this->object->isValid('users.*.create')); + $this->assertTrue($this->object->isValid('users.torsten.update')); + $this->assertTrue($this->object->isValid('users.torsten')); + $this->assertTrue($this->object->isValid('users.*.update.email')); + $this->assertTrue($this->object->isValid('users.*.update')); + $this->assertTrue($this->object->isValid('users.*')); + $this->assertTrue($this->object->isValid('databases.books.collections.chapters.documents.prolog.create')); + $this->assertTrue($this->object->isValid('databases.books.collections.chapters.documents.prolog')); + $this->assertTrue($this->object->isValid('databases.books.collections.chapters.documents.*.create')); + $this->assertTrue($this->object->isValid('databases.books.collections.chapters.documents.*')); + $this->assertTrue($this->object->isValid('databases.books.collections.*.documents.prolog.create')); + $this->assertTrue($this->object->isValid('databases.books.collections.*.documents.prolog')); + $this->assertTrue($this->object->isValid('databases.books.collections.*.documents.*.create')); + $this->assertTrue($this->object->isValid('databases.books.collections.*.documents.*')); + $this->assertTrue($this->object->isValid('databases.*.collections.chapters.documents.prolog.create')); + $this->assertTrue($this->object->isValid('databases.*.collections.chapters.documents.prolog')); + $this->assertTrue($this->object->isValid('databases.*.collections.chapters.documents.*.create')); + $this->assertTrue($this->object->isValid('databases.*.collections.chapters.documents.*')); + $this->assertTrue($this->object->isValid('databases.*.collections.*.documents.prolog.create')); + $this->assertTrue($this->object->isValid('databases.*.collections.*.documents.prolog')); + $this->assertTrue($this->object->isValid('databases.*.collections.*.documents.*.create')); + $this->assertTrue($this->object->isValid('databases.*.collections.*.documents.*')); + $this->assertTrue($this->object->isValid('databases.*.collections.*')); + $this->assertTrue($this->object->isValid('databases.*')); + $this->assertTrue($this->object->isValid('databases.books')); + $this->assertTrue($this->object->isValid('databases.books.collections.chapters')); + $this->assertTrue($this->object->isValid('databases.books.collections.*')); + $this->assertTrue($this->object->isValid('buckets.*')); + $this->assertTrue($this->object->isValid('teams.*')); + $this->assertTrue($this->object->isValid('users.*')); + $this->assertTrue($this->object->isValid('teams.*.memberships.*.update.status')); + + /** + * Test for FAILURE + */ + $this->assertFalse($this->object->isValid(false)); + $this->assertFalse($this->object->isValid(null)); + $this->assertFalse($this->object->isValid('')); + $this->assertFalse($this->object->isValid('unknown.*')); + $this->assertFalse($this->object->isValid('collections')); + $this->assertFalse($this->object->isValid('collections.*.unknown')); + $this->assertFalse($this->object->isValid('collections.*.documents.*.unknown')); + $this->assertFalse($this->object->isValid('users.torsten.unknown')); + $this->assertFalse($this->object->isValid('users.torsten.delete.email')); + $this->assertFalse($this->object->isValid('teams.*.memberships.*.update.unknown')); + $this->assertFalse($this->object->isValid('functions.*')); + } +}