diff --git a/integration-tests/testkit/seed.ts b/integration-tests/testkit/seed.ts index e6b8fafb5..d1560134b 100644 --- a/integration-tests/testkit/seed.ts +++ b/integration-tests/testkit/seed.ts @@ -122,16 +122,19 @@ export function initSeed() { .then(r => r.expectNoGraphQLErrors()) .then(r => r.deleteTokens.deletedTokens); }, - async createToken( - targetScopes: TargetAccessScope[] = [ - TargetAccessScope.RegistryRead, - TargetAccessScope.RegistryWrite, - ], - projectScopes: ProjectAccessScope[] = [], - organizationScopes: OrganizationAccessScope[] = [], + async createToken({ + targetScopes = [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes = [], + organizationScopes = [], targetId = target.cleanId, actorToken = ownerToken, - ) { + }: { + targetScopes?: TargetAccessScope[]; + projectScopes?: ProjectAccessScope[]; + organizationScopes?: OrganizationAccessScope[]; + targetId?: string; + actorToken?: string; + }) { const tokenResult = await createToken( { name: generateUnique(), diff --git a/integration-tests/tests/api/artifacts-cdn.spec.ts b/integration-tests/tests/api/artifacts-cdn.spec.ts index 2788c8b85..289e95e97 100644 --- a/integration-tests/tests/api/artifacts-cdn.spec.ts +++ b/integration-tests/tests/api/artifacts-cdn.spec.ts @@ -121,11 +121,9 @@ function runArtifactsCDNTests( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken, target } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + }); // Publish Schema const publishSchemaResult = await writeToken @@ -167,11 +165,9 @@ function runArtifactsCDNTests( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken, target } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + }); // Publish Schema const publishSchemaResult = await writeToken @@ -226,11 +222,9 @@ function runArtifactsCDNTests( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken, target } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + }); // Publish Schema diff --git a/integration-tests/tests/api/legacy-auth.spec.ts b/integration-tests/tests/api/legacy-auth.spec.ts index 8f1732bac..5922651e1 100644 --- a/integration-tests/tests/api/legacy-auth.spec.ts +++ b/integration-tests/tests/api/legacy-auth.spec.ts @@ -11,7 +11,7 @@ test.concurrent( const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { publishSchema, collectOperations, readOperationsStats } = await createToken(); + const { publishSchema, collectOperations, readOperationsStats } = await createToken({}); const result = await publishSchema({ sdl: `type Query { ping: String }`, diff --git a/integration-tests/tests/api/organization/get-started.spec.ts b/integration-tests/tests/api/organization/get-started.spec.ts index 3e1678fd9..5487e9458 100644 --- a/integration-tests/tests/api/organization/get-started.spec.ts +++ b/integration-tests/tests/api/organization/get-started.spec.ts @@ -38,16 +38,16 @@ test.concurrent('completing each step should result in updated Get Started progr } const { publishSchema, checkSchema, collectOperations, toggleTargetValidation } = - await createToken( - [ + await createToken({ + targetScopes: [ TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite, TargetAccessScope.Settings, ], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); // Step: publish schema await publishSchema({ sdl: 'type Query { foo: String }' }).then(r => r.expectNoGraphQLErrors()); diff --git a/integration-tests/tests/api/persisted-operations/publish.spec.ts b/integration-tests/tests/api/persisted-operations/publish.spec.ts index 3950e8adb..4a699a0bf 100644 --- a/integration-tests/tests/api/persisted-operations/publish.spec.ts +++ b/integration-tests/tests/api/persisted-operations/publish.spec.ts @@ -9,19 +9,26 @@ test.concurrent( const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); // Create a token with no rights - const { secret: noAccessToken } = await createToken([], [], []); + const { secret: noAccessToken } = await createToken({ + targetScopes: [], + projectScopes: [], + organizationScopes: [], + }); // Create a token with read rights - const { secret: readToken } = await createToken( - [], - [ProjectAccessScope.OperationsStoreRead], - [], - ); + const { secret: readToken } = await createToken({ + targetScopes: [], + projectScopes: [ProjectAccessScope.OperationsStoreRead], + organizationScopes: [], + }); // Create a token with write rights - const { secret: writeToken } = await createToken( - [], - [ProjectAccessScope.OperationsStoreRead, ProjectAccessScope.OperationsStoreWrite], - [], - ); + const { secret: writeToken } = await createToken({ + targetScopes: [], + projectScopes: [ + ProjectAccessScope.OperationsStoreRead, + ProjectAccessScope.OperationsStoreWrite, + ], + organizationScopes: [], + }); const operations = [ { @@ -68,11 +75,14 @@ test.concurrent('should skip on already persisted operations', async () => { const { createToken } = await createProject(ProjectType.Single); // Create a token with write rights - const { secret: writeToken } = await createToken( - [], - [ProjectAccessScope.OperationsStoreRead, ProjectAccessScope.OperationsStoreWrite], - [], - ); + const { secret: writeToken } = await createToken({ + targetScopes: [], + projectScopes: [ + ProjectAccessScope.OperationsStoreRead, + ProjectAccessScope.OperationsStoreWrite, + ], + organizationScopes: [], + }); const operations = [ { diff --git a/integration-tests/tests/api/rate-limit/emails.spec.ts b/integration-tests/tests/api/rate-limit/emails.spec.ts index 39dd15bb2..53ffe4c4a 100644 --- a/integration-tests/tests/api/rate-limit/emails.spec.ts +++ b/integration-tests/tests/api/rate-limit/emails.spec.ts @@ -32,11 +32,15 @@ test.only('rate limit approaching and reached for organization', async () => { ownerToken, ); - const { collectOperations } = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const { collectOperations } = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const op = { operation: 'query ping { ping }', diff --git a/integration-tests/tests/api/schema/check.spec.ts b/integration-tests/tests/api/schema/check.spec.ts index e53331a4a..480f23b8e 100644 --- a/integration-tests/tests/api/schema/check.spec.ts +++ b/integration-tests/tests/api/schema/check.spec.ts @@ -7,10 +7,9 @@ test.concurrent('can check a schema with target:registry:read access', async () const { createToken } = await createProject(ProjectType.Single); // Create a token with write rights - const writeToken = await createToken([ - TargetAccessScope.RegistryRead, - TargetAccessScope.RegistryWrite, - ]); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + }); // Publish schema with write rights const publishResult = await writeToken @@ -26,10 +25,18 @@ test.concurrent('can check a schema with target:registry:read access', async () expect(publishResult.schemaPublish.__typename).toBe('SchemaPublishSuccess'); // Create a token with no rights - const noAccessToken = await createToken([], [], []); + const noAccessToken = await createToken({ + targetScopes: [], + projectScopes: [], + organizationScopes: [], + }); // Create a token with read rights - const readToken = await createToken([TargetAccessScope.RegistryRead], [], []); + const readToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead], + projectScopes: [], + organizationScopes: [], + }); // Check schema with no read and write rights const checkResultErrors = await noAccessToken @@ -65,11 +72,11 @@ test.concurrent('should match indentation of previous description', async () => const { createToken } = await createProject(ProjectType.Single); // Create a token with write rights - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await writeToken @@ -89,7 +96,11 @@ test.concurrent('should match indentation of previous description', async () => expect(publishResult.schemaPublish.__typename).toBe('SchemaPublishSuccess'); // Create a token with read rights - const readToken = await createToken([TargetAccessScope.RegistryRead], [], []); + const readToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead], + projectScopes: [], + organizationScopes: [], + }); // Check schema with read rights const checkResult = await readToken diff --git a/integration-tests/tests/api/schema/composition-federation-2.spec.ts b/integration-tests/tests/api/schema/composition-federation-2.spec.ts index 1476d2616..b6646c6e9 100644 --- a/integration-tests/tests/api/schema/composition-federation-2.spec.ts +++ b/integration-tests/tests/api/schema/composition-federation-2.spec.ts @@ -13,11 +13,11 @@ test.concurrent('call an external service to compose and validate services', asy const { createToken, project } = await createProject(ProjectType.Federation); // Create a token with write rights - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Settings, ProjectAccessScope.Read], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [ProjectAccessScope.Settings, ProjectAccessScope.Read], + organizationScopes: [], + }); const usersServiceName = generateUnique(); const publishUsersResult = await writeToken .publishSchema({ diff --git a/integration-tests/tests/api/schema/external-composition.spec.ts b/integration-tests/tests/api/schema/external-composition.spec.ts index 2beb32ef4..263858e7d 100644 --- a/integration-tests/tests/api/schema/external-composition.spec.ts +++ b/integration-tests/tests/api/schema/external-composition.spec.ts @@ -10,11 +10,11 @@ test.concurrent('call an external service to compose and validate services', asy const { createToken, project } = await createProject(ProjectType.Federation); // Create a token with write rights - const writeToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Settings, ProjectAccessScope.Read], - [], - ); + const writeToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [ProjectAccessScope.Settings, ProjectAccessScope.Read], + organizationScopes: [], + }); const usersServiceName = generateUnique(); const publishUsersResult = await writeToken diff --git a/integration-tests/tests/api/schema/publish.spec.ts b/integration-tests/tests/api/schema/publish.spec.ts index a3e0c7660..4f8708c56 100644 --- a/integration-tests/tests/api/schema/publish.spec.ts +++ b/integration-tests/tests/api/schema/publish.spec.ts @@ -8,7 +8,11 @@ test.concurrent('cannot publish a schema without target:registry:write access', const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readToken = await createToken([TargetAccessScope.RegistryRead], [], []); + const readToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead], + projectScopes: [], + organizationScopes: [], + }); const resultErrors = await readToken .publishSchema({ @@ -28,11 +32,11 @@ test.concurrent('can publish a schema with target:registry:write access', async const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const result1 = await readWriteToken .publishSchema({ @@ -67,11 +71,11 @@ test.concurrent('base schema should not affect the output schema persisted in db const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await readWriteToken @@ -115,11 +119,11 @@ test.concurrent('directives should not be removed (federation)', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await readWriteToken @@ -150,11 +154,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const basePublishParams = { service: 'test', @@ -205,11 +209,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const basePublishParams = { service: 'test', @@ -254,11 +258,11 @@ test.concurrent('directives should not be removed (stitching)', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Stitching); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await readWriteToken @@ -289,11 +293,11 @@ test.concurrent('directives should not be removed (single)', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await readWriteToken .publishSchema({ @@ -323,11 +327,11 @@ test.concurrent('share publication of schema using redis', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Publish schema with write rights const publishResult = await readWriteToken @@ -365,11 +369,11 @@ test("Two targets with the same commit id shouldn't return an error", async () = const { createOrg, ownerToken } = await initSeed().createOwner(); const { organization, createProject } = await createOrg(); const { project, createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const publishResult = await readWriteToken .publishSchema({ @@ -387,12 +391,12 @@ test("Two targets with the same commit id shouldn't return an error", async () = ownerToken, ).then(r => r.expectNoGraphQLErrors()); const target2 = createTargetResult.createTarget.ok!.createdTarget; - const writeTokenResult2 = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - target2.cleanId, - ); + const writeTokenResult2 = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + targetId: target2.cleanId, + }); const publishResult2 = await writeTokenResult2 .publishSchema({ author: 'gilad', @@ -410,11 +414,11 @@ test.concurrent('marking versions as valid', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Initial schema let result = await readWriteToken @@ -485,11 +489,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Initial schema let result = await readWriteToken @@ -564,11 +568,11 @@ test.concurrent('CDN data can not be fetched with an invalid access token', asyn const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Initial schema const result = await readWriteToken @@ -597,11 +601,11 @@ test.concurrent('CDN data can be fetched with an valid access token', async () = const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Initial schema const result = await readWriteToken @@ -632,11 +636,11 @@ test.concurrent('linkToWebsite should be available when publishing initial schem const { createOrg } = await initSeed().createOwner(); const { createProject, organization } = await createOrg(); const { project, target, createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const result = await readWriteToken .publishSchema({ @@ -664,11 +668,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject, organization } = await createOrg(); const { createToken, project, target } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); let result = await readWriteToken .publishSchema({ @@ -732,11 +736,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Stitching); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // cats service has only one field let result = await readWriteToken @@ -800,11 +804,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const basePublishParams = { service: 'test', @@ -847,11 +851,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); await readWriteToken.publishSchema({ service: 'reviews', @@ -948,11 +952,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Federation); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); await readWriteToken.publishSchema({ service: 'products', @@ -1004,11 +1008,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); const commits = ['a1', 'a2', 'a3', 'a4', 'a5', 'a6']; const publishes = await Promise.all( diff --git a/integration-tests/tests/api/schema/sync.spec.ts b/integration-tests/tests/api/schema/sync.spec.ts index 409c85e6f..89515652c 100644 --- a/integration-tests/tests/api/schema/sync.spec.ts +++ b/integration-tests/tests/api/schema/sync.spec.ts @@ -7,11 +7,11 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const readWriteToken = await createToken( - [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [], - [], - ); + const readWriteToken = await createToken({ + targetScopes: [TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + }); // Initial schema const publishResult = await readWriteToken diff --git a/integration-tests/tests/api/target/tokens.spec.ts b/integration-tests/tests/api/target/tokens.spec.ts index 08b06c730..abe329b4b 100644 --- a/integration-tests/tests/api/target/tokens.spec.ts +++ b/integration-tests/tests/api/target/tokens.spec.ts @@ -9,7 +9,11 @@ test.concurrent( const { createToken } = await createProject(ProjectType.Single); // member should not have access to target:registry:write - const token = await createToken([], [], []); + const token = await createToken({ + targetScopes: [], + projectScopes: [], + organizationScopes: [], + }); const tokenInfo = await token.fetchTokenInfo(); if (tokenInfo.__typename === 'TokenNotFoundError') { throw new Error('Token not found'); @@ -58,13 +62,13 @@ test.concurrent('cannot set a scope on a token if user has no access to that sco ); // member should not have access to target:registry:write - const tokenResult = createToken( - [TargetAccessScope.RegistryWrite], - [], - [], - target.cleanId, - memberToken, - ); + const tokenResult = createToken({ + targetScopes: [TargetAccessScope.RegistryWrite], + projectScopes: [], + organizationScopes: [], + targetId: target.cleanId, + actorToken: memberToken, + }); await expect(tokenResult).rejects.toThrowError('target:registry:write'); }); diff --git a/integration-tests/tests/api/target/usage.spec.ts b/integration-tests/tests/api/target/usage.spec.ts index 4c39c3e93..6fec4acdc 100644 --- a/integration-tests/tests/api/target/usage.spec.ts +++ b/integration-tests/tests/api/target/usage.spec.ts @@ -11,7 +11,7 @@ import { CollectedOperation } from '../../../testkit/usage'; import { clickHouseQuery } from '../../../testkit/clickhouse'; // eslint-disable-next-line hive/enforce-deps-in-dev import { normalizeOperation } from '@graphql-hive/core'; -// eslint-disable-next-line import/no-extraneous-dependencies + import { parse, print } from 'graphql'; import { initSeed } from '../../../testkit/seed'; @@ -38,17 +38,21 @@ test.concurrent('collect operation', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const settingsToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.Settings], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const settingsToken = await createToken({ + targetScopes: [TargetAccessScope.Read, TargetAccessScope.Settings], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const schemaPublishResult = await writeToken .publishSchema({ @@ -120,11 +124,15 @@ test.concurrent('normalize and collect operation without breaking its syntax', a const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const raw_document = ` query outfit { @@ -233,11 +241,15 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const batchSize = 1000; const totalAmount = 10_000; @@ -298,23 +310,27 @@ test.concurrent('check usage from two selected targets', async () => { expect(productionTargetResult.createTarget.error).toBeNull(); const productionTarget = productionTargetResult.createTarget.ok!.createdTarget; - const stagingToken = await createToken( - [ + const stagingToken = await createToken({ + targetScopes: [ TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite, TargetAccessScope.Settings, ], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read, OrganizationAccessScope.Settings], - ); + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read, OrganizationAccessScope.Settings], + }); - const productionToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - productionTarget.cleanId, - ); + const productionToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + targetId: productionTarget.cleanId, + }); const schemaPublishResult = await stagingToken .publishSchema({ @@ -426,16 +442,16 @@ test.concurrent('check usage not from excluded client names', async () => { const { organization, createProject } = await createOrg(); const { project, target, createToken } = await createProject(ProjectType.Single); - const token = await createToken( - [ + const token = await createToken({ + targetScopes: [ TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite, TargetAccessScope.Settings, ], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const schemaPublishResult = await token .publishSchema({ @@ -560,11 +576,15 @@ test.concurrent('number of produced and collected operations should match', asyn const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const batchSize = 1000; const totalAmount = 10_000; @@ -647,11 +667,15 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); await writeToken.collectOperations([ { @@ -712,11 +736,15 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); await writeToken.collectOperations([ { @@ -785,11 +813,15 @@ test.concurrent( const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); await writeToken.collectOperations([ { @@ -848,11 +880,15 @@ test.concurrent('ignore operations with syntax errors', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); const collectResult = await writeToken.collectOperations([ { @@ -918,11 +954,15 @@ test.concurrent('ensure correct data', async () => { const { createOrg } = await initSeed().createOwner(); const { createProject } = await createOrg(); const { target, createToken } = await createProject(ProjectType.Single); - const writeToken = await createToken( - [TargetAccessScope.Read, TargetAccessScope.RegistryRead, TargetAccessScope.RegistryWrite], - [ProjectAccessScope.Read], - [OrganizationAccessScope.Read], - ); + const writeToken = await createToken({ + targetScopes: [ + TargetAccessScope.Read, + TargetAccessScope.RegistryRead, + TargetAccessScope.RegistryWrite, + ], + projectScopes: [ProjectAccessScope.Read], + organizationScopes: [OrganizationAccessScope.Read], + }); await writeToken.collectOperations([ { diff --git a/integration-tests/tests/api/tokens.spec.ts b/integration-tests/tests/api/tokens.spec.ts index a96b619e8..a1d4e8e52 100644 --- a/integration-tests/tests/api/tokens.spec.ts +++ b/integration-tests/tests/api/tokens.spec.ts @@ -6,7 +6,11 @@ test.concurrent('deleting a token should clear the cache', async () => { const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken, removeTokens } = await createProject(ProjectType.Single); - const { secret, token: createdToken, fetchTokenInfo } = await createToken([], [], []); + const { + secret, + token: createdToken, + fetchTokenInfo, + } = await createToken({ targetScopes: [], projectScopes: [], organizationScopes: [] }); expect(secret).toBeDefined(); diff --git a/integration-tests/tests/cli/schema.spec.ts b/integration-tests/tests/cli/schema.spec.ts index ef0679f36..5cc681293 100644 --- a/integration-tests/tests/cli/schema.spec.ts +++ b/integration-tests/tests/cli/schema.spec.ts @@ -9,7 +9,7 @@ test.concurrent('can publish and check a schema with target:registry:read access const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); await schemaPublish([ '--token', @@ -33,7 +33,7 @@ test.concurrent('publishing a breaking change results in invalid state', async ( const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); await schemaPublish([ '--token', @@ -57,7 +57,7 @@ test.concurrent( const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); const allocatedError = new Error('Should have thrown.'); try { @@ -86,7 +86,7 @@ test.concurrent('service url should be available in supergraph', async () => { const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Federation); - const { secret, fetchSupergraph } = await createToken(); + const { secret, fetchSupergraph } = await createToken({}); await schemaPublish([ '--token', @@ -111,7 +111,7 @@ test.concurrent('service url should be required in Federation', async () => { const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Federation); - const { secret } = await createToken(); + const { secret } = await createToken({}); await expect( schemaPublish([ @@ -133,7 +133,7 @@ test.concurrent('schema:publish should print a link to the website', async () => const { organization, inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { project, target, createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); await expect(schemaPublish(['--token', secret, 'fixtures/init-schema.graphql'])).resolves.toMatch( `Available at ${process.env.HIVE_APP_BASE_URL}/${organization.cleanId}/${project.cleanId}/${target.cleanId}`, @@ -151,7 +151,7 @@ test.concurrent('schema:check should notify user when registry is empty', async const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); await expect(schemaCheck(['--token', secret, 'fixtures/init-schema.graphql'])).resolves.toMatch( 'empty', @@ -163,7 +163,7 @@ test.concurrent('schema:check should throw on corrupted schema', async () => { const { inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); const output = schemaCheck(['--token', secret, 'fixtures/missing-type.graphql']); await expect(output).rejects.toThrowError('Unknown type'); @@ -183,7 +183,7 @@ test.concurrent( const { organization, inviteAndJoinMember, createProject } = await createOrg(); await inviteAndJoinMember(); const { project, target, createToken } = await createProject(ProjectType.Single); - const { secret } = await createToken(); + const { secret } = await createToken({}); await expect( schemaPublish(['--token', secret, 'fixtures/init-schema.graphql']),