diff --git a/e2e-tests/cypress/e2e/team.cy.js b/e2e-tests/cypress/e2e/team.cy.js index a50b3778c..a2e4caa6e 100644 --- a/e2e-tests/cypress/e2e/team.cy.js +++ b/e2e-tests/cypress/e2e/team.cy.js @@ -21,14 +21,17 @@ describe('Team edition tests', () => { cy.testid('AdminMenuWidget_itemConnections').click(); cy.contains('New connection').click(); cy.testid('ConnectionDriverFields_connectionType').select('PostgreSQL'); + cy.contains('not granted').should('not.exist'); cy.themeshot('connection-administration'); cy.testid('AdminMenuWidget_itemRoles').click(); cy.contains('logged-user').click(); + cy.contains('not granted').should('not.exist'); cy.themeshot('role-administration'); cy.testid('AdminMenuWidget_itemUsers').click(); cy.contains('New user').click(); + cy.contains('not granted').should('not.exist'); cy.themeshot('user-administration'); cy.testid('AdminMenuWidget_itemAuthentication').click(); @@ -36,6 +39,7 @@ describe('Team edition tests', () => { cy.contains('Use database login').click(); cy.contains('Add authentication').click(); cy.contains('OAuth 2.0').click(); + cy.contains('not granted').should('not.exist'); cy.themeshot('authentication-administration'); }); @@ -120,7 +124,7 @@ describe('Team edition tests', () => { cy.themeshot('auditlog'); }); - it.only('Edit database permissions', () => { + it('Edit database permissions', () => { cy.testid('LoginPage_linkAdmin').click(); cy.testid('LoginPage_password').type('adminpwd'); cy.testid('LoginPage_submitLogin').click(); @@ -140,6 +144,8 @@ describe('Team edition tests', () => { cy.testid('AdminDatabasesPermissionsGrid_roleSelect_1').select('-3'); cy.testid('AdminDatabasesPermissionsGrid_roleSelect_2').select('-4'); + cy.contains('not granted').should('not.exist'); + cy.themeshot('database-permissions'); }); }); diff --git a/packages/api/src/controllers/databaseConnections.js b/packages/api/src/controllers/databaseConnections.js index f8d3f10ab..ad6560f2a 100644 --- a/packages/api/src/controllers/databaseConnections.js +++ b/packages/api/src/controllers/databaseConnections.js @@ -460,7 +460,7 @@ module.exports = { for (const operation of operations) { const role = getTablePermissionRole(conid, database, 'tables', operation.schemaName, operation.pureName, tablePermissions, databasePermissions); if (getTablePermissionRoleLevelIndex(role) < getTablePermissionRoleLevelIndex(requiredRole)) { - throw new Error('Permission not granted'); + throw new Error('DBGM-00262 Permission not granted'); } } } diff --git a/packages/api/src/utility/hasPermission.js b/packages/api/src/utility/hasPermission.js index 316e46810..c34bd410c 100644 --- a/packages/api/src/utility/hasPermission.js +++ b/packages/api/src/utility/hasPermission.js @@ -56,11 +56,11 @@ async function testConnectionPermission(connection, req, loadedPermissions) { return; } if (!(await authProvider.checkCurrentConnectionPermission(req, conid))) { - throw new Error('Connection permission not granted'); + throw new Error('DBGM-00263 Connection permission not granted'); } } else { if (!connectionHasPermission(connection, loadedPermissions)) { - throw new Error('Connection permission not granted'); + throw new Error('DBGM-00264 Connection permission not granted'); } } } @@ -280,7 +280,7 @@ async function testStandardPermission(permission, req, loadedPermissions) { loadedPermissions = await loadPermissionsFromRequest(req); } if (!hasPermission(permission, loadedPermissions)) { - throw new Error('Permission not granted'); + throw new Error('DBGM-00265 Permission not granted'); } } @@ -297,7 +297,7 @@ async function testDatabaseRolePermission(conid, database, requiredRole, req) { const requiredIndex = getDatabaseRoleLevelIndex(requiredRole); const roleIndex = getDatabaseRoleLevelIndex(role); if (roleIndex < requiredIndex) { - throw new Error('Permission not granted'); + throw new Error('DBGM-00266 Permission not granted'); } }