Skip to content

Commit c35e218

Browse files
l4u532l4u532
authored
feat: circumvent permission checks when developing locally via serve-dev (credits go to bradleyDean) (#371)
1 parent cfada19 commit c35e218

5 files changed

Lines changed: 60 additions & 3 deletions

File tree

.vscode/launch.json

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,18 @@
4444
],
4545
"console": "integratedTerminal",
4646
},
47+
{
48+
"type": "node",
49+
"request": "launch",
50+
"name": "Launch API Server (serve-dev)",
51+
"skipFiles": ["<node_internals>/**"],
52+
"program": "${workspaceFolder}/src/main.ts",
53+
"preLaunchTask": "tsc: build - tsconfig.json",
54+
"outFiles": ["${workspaceFolder}/build/**/*.js"],
55+
"runtimeExecutable": "yarn",
56+
"runtimeArgs": ["run", "serve-dev"],
57+
"console": "integratedTerminal"
58+
},
4759
{
4860
"name": "Debug Jest Tests",
4961
"type": "node",

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,7 @@
7171
"build-release": "tsc -p tsconfig.release.json",
7272
"clean": "tsc -b --clean && rm -rf build/*",
7373
"serve": "yarn build && node --experimental-json-modules build/main.js",
74+
"serve-dev": "echo \"🚨 LOCAL_DEV_BYPASS_AUTH enabled 🚨\" && LOCAL_DEV_BYPASS_AUTH=true yarn serve",
7475
"refresh-db": "./refresh-db.sh",
7576
"seed-usa": "yarn build && node build/db/import/usa/USADay0Seed.js",
7677
"seed-db": "./seed-db.sh",

src/auth/local-dev/middleware.ts

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
/*
2+
* This file is a mod of src/auth/middleware.ts and is used when starting the server via `yarn serve-dev`
3+
* It bypasses the authentication for local development
4+
*/
5+
import muuid, { MUUID } from 'uuid-mongodb'
6+
import { AuthUserType } from '../../types.js'
7+
import { logger } from '../../logger.js'
8+
9+
export const localDevBypassAuthMiddleware = (() => {
10+
const testUUID: MUUID = muuid.v4()
11+
12+
return async ({ req }): Promise<any> => {
13+
const user: AuthUserType = {
14+
roles: ['user_admin', 'org_admin', 'editor'],
15+
uuid: testUUID,
16+
isBuilder: false
17+
}
18+
logger.info(`The user.roles for this session is: ${user.roles.toString()}`)
19+
return { user }
20+
}
21+
})()

src/auth/local-dev/permissions.ts

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
/*
2+
* This file is a mod of src/auth/permissions.ts and is used when starting the server via `yarn serve-dev`
3+
* It bypasses the authorization for local development and allows all queries and mutations
4+
*/
5+
import { shield, allow } from 'graphql-shield'
6+
7+
const localDevBypassAuthPermissions = shield({
8+
Query: {
9+
'*': allow
10+
},
11+
Mutation: {
12+
'*': allow
13+
}
14+
}, {
15+
allowExternalErrors: true,
16+
fallbackRule: allow
17+
})
18+
19+
export default localDevBypassAuthPermissions

src/server.ts

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,10 @@ import ChangeLogDataSource from './model/ChangeLogDataSource.js'
88
import MutableMediaDataSource from './model/MutableMediaDataSource.js'
99
import MutableClimbDataSource from './model/MutableClimbDataSource.js'
1010
import TickDataSource from './model/TickDataSource.js'
11-
import { createContext, permissions } from './auth/index.js'
11+
import { createContext } from './auth/middleware.js'
12+
import permissions from './auth/permissions.js'
13+
import { localDevBypassAuthMiddleware } from './auth/local-dev/middleware.js'
14+
import localDevBypassAuthPermissions from './auth/local-dev/permissions.js'
1215
import XMediaDataSource from './model/XMediaDataSource.js'
1316
import PostDataSource from './model/PostDataSource.js'
1417
import MutableOrgDS from './model/MutableOrganizationDataSource.js'
@@ -19,7 +22,7 @@ import UserDataSource from './model/UserDataSource.js'
1922
export async function createServer (): Promise<ApolloServer> {
2023
const schema = applyMiddleware(
2124
graphqlSchema,
22-
permissions.generate(graphqlSchema)
25+
(process.env.LOCAL_DEV_BYPASS_AUTH === 'true' ? localDevBypassAuthPermissions : permissions).generate(graphqlSchema)
2326
)
2427
const dataSources: () => DataSources<Context> = () => ({
2528
climbs: MutableClimbDataSource.getInstance(),
@@ -36,10 +39,11 @@ export async function createServer (): Promise<ApolloServer> {
3639
xmedia: new XMediaDataSource(mongoose.connection.db.collection('xmedia')),
3740
post: new PostDataSource(mongoose.connection.db.collection('post'))
3841
})
42+
3943
const server = new ApolloServer({
4044
introspection: true,
4145
schema,
42-
context: createContext,
46+
context: process.env.LOCAL_DEV_BYPASS_AUTH === 'true' ? localDevBypassAuthMiddleware : createContext,
4347
dataSources,
4448
cache: 'bounded'
4549
})

0 commit comments

Comments
 (0)