feat: Add availableTeams to auth.info endpoint (#3981)

* Index emails migration * feat: Add available teams to auth.info endpoint * test * separate presenter * Include data from sessions cookie, include likely logged in state * test * test: Add test for team only in session cookie * Suggested query change in PR feedback
2022-09-10 15:58:38 +02:00
parent c10be0ebaa
commit 1f93399447
11 changed files with 150 additions and 24 deletions
--- a/server/routes/api/auth.test.ts
+++ b/server/routes/api/auth.test.ts
@@ -3,6 +3,16 @@ import env from "@server/env";
 import { buildUser, buildTeam } from "@server/test/factories";
 import { getTestDatabase, getTestServer } from "@server/test/support";

+const mockTeamInSessionId = "1e023d05-951c-41c6-9012-c9fa0402e1c3";
+
+jest.mock("@server/utils/authentication", () => {
+  return {
+    getSessionsInCookie() {
+      return { [mockTeamInSessionId]: {} };
+    },
+  };
+});
+
 const db = getTestDatabase();
 const server = getTestServer();

@@ -13,16 +23,32 @@ beforeEach(db.flush);
 describe("#auth.info", () => {
  it("should return current authentication", async () => {
    const team = await buildTeam();
+    const team2 = await buildTeam();
+    const team3 = await buildTeam({
+      id: mockTeamInSessionId,
+    });
+
    const user = await buildUser({
      teamId: team.id,
    });
+    await buildUser();
+    await buildUser({
+      teamId: team2.id,
+      email: user.email,
+    });
    const res = await server.post("/api/auth.info", {
      body: {
        token: user.getJwtToken(),
      },
    });
    const body = await res.json();
+    const availableTeamIds = body.data.availableTeams.map((t: any) => t.id);
+
    expect(res.status).toEqual(200);
+    expect(availableTeamIds.length).toEqual(3);
+    expect(availableTeamIds).toContain(team.id);
+    expect(availableTeamIds).toContain(team2.id);
+    expect(availableTeamIds).toContain(team3.id);
    expect(body.data.user.name).toBe(user.name);
    expect(body.data.team.name).toBe(team.name);
    expect(body.data.team.allowedDomains).toEqual([]);
--- a/server/routes/api/auth.ts
+++ b/server/routes/api/auth.ts
@@ -1,12 +1,18 @@
 import Router from "koa-router";
-import { find } from "lodash";
+import { find, uniqBy } from "lodash";
 import { parseDomain } from "@shared/utils/domains";
 import { sequelize } from "@server/database/sequelize";
 import env from "@server/env";
 import auth from "@server/middlewares/authentication";
 import { Event, Team } from "@server/models";
-import { presentUser, presentTeam, presentPolicies } from "@server/presenters";
+import {
+  presentUser,
+  presentTeam,
+  presentPolicies,
+  presentAvailableTeam,
+} from "@server/presenters";
 import ValidateSSOAccessTask from "@server/queues/tasks/ValidateSSOAccessTask";
+import { getSessionsInCookie } from "@server/utils/authentication";
 import providers from "../auth/providers";

 const router = new Router();
@@ -107,9 +113,20 @@ router.post("auth.config", async (ctx) => {

 router.post("auth.info", auth(), async (ctx) => {
  const { user } = ctx.state;
-  const team = await Team.scope("withDomains").findByPk(user.teamId, {
-    rejectOnEmpty: true,
-  });
+  const sessions = getSessionsInCookie(ctx);
+  const signedInTeamIds = Object.keys(sessions);
+
+  const [team, signedInTeams, availableTeams] = await Promise.all([
+    Team.scope("withDomains").findByPk(user.teamId, {
+      rejectOnEmpty: true,
+    }),
+    Team.findAll({
+      where: {
+        id: signedInTeamIds,
+      },
+    }),
+    user.availableTeams(),
+  ]);

  await ValidateSSOAccessTask.schedule({ userId: user.id });

@@ -119,6 +136,15 @@ router.post("auth.info", auth(), async (ctx) => {
        includeDetails: true,
      }),
      team: presentTeam(team),
+      availableTeams: uniqBy(
+        [...signedInTeams, ...availableTeams],
+        "id"
+      ).map((team) =>
+        presentAvailableTeam(
+          team,
+          signedInTeamIds.includes(team.id) || team.id === user.teamId
+        )
+      ),
    },
    policies: presentPolicies(user, [team]),
  };