Skip to content

Commit

Permalink
Merge pull request #166 from vtex-apps/fix/authentication
Browse files Browse the repository at this point in the history
Fix/authentication
  • Loading branch information
cdcs0128 authored Feb 21, 2024
2 parents 09ddcba + 5c071c7 commit 09e7fae
Show file tree
Hide file tree
Showing 5 changed files with 125 additions and 110 deletions.
34 changes: 0 additions & 34 deletions .github/workflows/qe-pull-request.yml

This file was deleted.

3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

## [Unreleased]

### Fixed
- Authentication to queries and mutation fixed

### Added
- Authentication yo queries and mutation added

Expand Down
31 changes: 4 additions & 27 deletions dotnet/GraphQL/Mutation.cs
Original file line number Diff line number Diff line change
Expand Up @@ -19,27 +19,16 @@ public Mutation(IWishListService wishListService)
{
Name = "Mutation";

FieldAsync<IntGraphType>(
Field<IntGraphType>(
"addToList",
arguments: new QueryArguments(
new QueryArgument<NonNullGraphType<ListItemInputType>> { Name = "listItem" },
new QueryArgument<NonNullGraphType<StringGraphType>> { Name = "shopperId" },
new QueryArgument<StringGraphType> { Name = "name" },
new QueryArgument<BooleanGraphType> { Name = "public" }
),
resolve: async context =>
resolve: context =>
{

HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser();
if (isValidAuthUser != HttpStatusCode.OK)
{
context.Errors.Add(new ExecutionError(isValidAuthUser.ToString())
{
Code = isValidAuthUser.ToString()
});

return null;
}

var listItem = context.GetArgument<ListItem>("listItem");
string shopperId = context.GetArgument<string>("shopperId");
Expand All @@ -49,28 +38,16 @@ public Mutation(IWishListService wishListService)
return wishListService.SaveItem(listItem, shopperId, listName, isPublic);
});

FieldAsync<BooleanGraphType>(
Field<BooleanGraphType>(
"removeFromList",
arguments: new QueryArguments(
new QueryArgument<NonNullGraphType<IdGraphType>> { Name = "id" },
new QueryArgument<NonNullGraphType<StringGraphType>> { Name = "shopperId" },
new QueryArgument<StringGraphType> { Name = "name" }
),
resolve: async context =>
resolve: context =>
{

HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser();

if (isValidAuthUser != HttpStatusCode.OK)
{
context.Errors.Add(new ExecutionError(isValidAuthUser.ToString())
{
Code = isValidAuthUser.ToString()
});

return null;
}

int id = context.GetArgument<int>("id");
string shopperId = context.GetArgument<string>("shopperId");
string listName = context.GetArgument<string>("name");
Expand Down
165 changes: 117 additions & 48 deletions dotnet/Services/WishListService.cs
Original file line number Diff line number Diff line change
Expand Up @@ -102,81 +102,150 @@ public async Task<bool> SaveList(IList<ListItem> listItems, string shopperId, st

public async Task<int?> SaveItem(ListItem listItem, string shopperId, string listName, bool? isPublic)
{
IList<ListItem> listItemsToSave = null;

WishListWrapper wishListWrapper = await this.GetList(shopperId, listName);
ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault();
if (listItemsWrapper != null && listItemsWrapper.ListItems != null)
if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken))
{
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' {listItemsWrapper.ListItems.Count} existing items.");
listItemsToSave = listItemsWrapper.ListItems;
foreach (ListItem item in listItemsToSave)
return null;
}

ValidatedUser validatedUser = null;

try {
validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken);
}
catch (Exception ex)
{
_context.Vtex.Logger.Error("IsValidAuthUser", null, "Error fetching user", ex);

return null;
}

bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success");

if (!hasPermission)
{
_context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission");

return null;
}

if(hasPermission) {

IList<ListItem> listItemsToSave = null;

WishListWrapper wishListWrapper = await this.GetList(shopperId, listName);
ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault();
if (listItemsWrapper != null && listItemsWrapper.ListItems != null)
{
if (listItem.ProductId == item.ProductId)
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' {listItemsWrapper.ListItems.Count} existing items.");
listItemsToSave = listItemsWrapper.ListItems;
foreach (ListItem item in listItemsToSave)
{
listItem.Id = item.Id;
if (listItem.ProductId == item.ProductId)
{
listItem.Id = item.Id;
}
}
}
if(listItem.Id == null)
{
int maxId = 0;
if (listItemsToSave.Count > 0)
if(listItem.Id == null)
{
maxId = listItemsToSave.Max(t => t.Id ?? 0);
int maxId = 0;
if (listItemsToSave.Count > 0)
{
maxId = listItemsToSave.Max(t => t.Id ?? 0);
}

listItem.Id = ++maxId;
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Setting Id: {listItem.Id}");
}
else
{
// If an Id has been specified, remove existing item
ListItem itemToRemove = listItemsToSave.Where(r => r.Id == listItem.Id).FirstOrDefault();
if (itemToRemove != null && listItemsToSave.Remove(itemToRemove))
{
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Removing {listItem.Id}");
listItemsToSave.Remove(itemToRemove);
}
}

listItem.Id = ++maxId;
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Setting Id: {listItem.Id}");
listItemsToSave.Add(listItem);
}
else
{
// If an Id has been specified, remove existing item
ListItem itemToRemove = listItemsToSave.Where(r => r.Id == listItem.Id).FirstOrDefault();
if (itemToRemove != null && listItemsToSave.Remove(itemToRemove))
{
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Removing {listItem.Id}");
listItemsToSave.Remove(itemToRemove);
}
listItem.Id = listItem.Id ?? 0;
listItemsToSave = new List<ListItem> { listItem };
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' First Item: {listItem.Id}");
}

listItemsToSave.Add(listItem);
if(await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, isPublic, wishListWrapper.Id))
{
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Saved: {listItem.Id}");
}
else
{
_context.Vtex.Logger.Warn("SaveItem", null, $"Saving '{shopperId}' '{listName}' Failed to save: {listItem.Id}");
}

return listItem.Id;

} else {
return null;
}
else


}

public async Task<bool> RemoveItem(int itemId, string shopperId, string listName)
{

if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken))
{
listItem.Id = listItem.Id ?? 0;
listItemsToSave = new List<ListItem> { listItem };
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' First Item: {listItem.Id}");
return false;
}

if(await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, isPublic, wishListWrapper.Id))
{
_context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Saved: {listItem.Id}");
ValidatedUser validatedUser = null;

try {
validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken);
}
else
catch (Exception ex)
{
_context.Vtex.Logger.Warn("SaveItem", null, $"Saving '{shopperId}' '{listName}' Failed to save: {listItem.Id}");
_context.Vtex.Logger.Error("IsValidAuthUser", null, "Error fetching user", ex);

return false;
}

return listItem.Id;
}
bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success");

public async Task<bool> RemoveItem(int itemId, string shopperId, string listName)
{
bool wasRemoved = false;
IList<ListItem> listItemsToSave = null;
WishListWrapper wishListWrapper = await this.GetList(shopperId, listName);
ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault();
if (listItemsWrapper != null && listItemsWrapper.ListItems != null)
if (!hasPermission)
{
listItemsToSave = listItemsWrapper.ListItems;
ListItem itemToRemove = listItemsToSave.FirstOrDefault(r => r.Id == itemId);
if (itemToRemove != null && listItemsToSave.Remove(itemToRemove))
_context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission");

return false;
}

if(hasPermission) {

bool wasRemoved = false;
IList<ListItem> listItemsToSave = null;
WishListWrapper wishListWrapper = await this.GetList(shopperId, listName);
ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault();
if (listItemsWrapper != null && listItemsWrapper.ListItems != null)
{
wasRemoved = await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, listItemsWrapper.IsPublic, wishListWrapper.Id);
listItemsToSave = listItemsWrapper.ListItems;
ListItem itemToRemove = listItemsToSave.FirstOrDefault(r => r.Id == itemId);
if (itemToRemove != null && listItemsToSave.Remove(itemToRemove))
{
wasRemoved = await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, listItemsWrapper.IsPublic, wishListWrapper.Id);
}
}

return wasRemoved;

} else {
return false;
}

return wasRemoved;
}

public async Task<IList<ListItem>> LimitList(IList<ListItem> listItems, int from, int to)

Check warning on line 251 in dotnet/Services/WishListService.cs

View workflow job for this annotation

GitHub Actions / QE / Lint .Net

This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.

Check warning on line 251 in dotnet/Services/WishListService.cs

View workflow job for this annotation

GitHub Actions / QE / Lint .Net

This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.
Expand Down
2 changes: 1 addition & 1 deletion manifest.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "wish-list",
"vendor": "vtex",
"version": "1.16.3",
"version": "1.16.4",
"title": "Wish List",
"description": "The Wishlist app is designed for B2C. It adds a heart icon to the Shelfs and Product Page, so the user can add it to the Wishlist, you can list all the Wishlisted items at /wishlist",
"categories": [],
Expand Down

0 comments on commit 09e7fae

Please sign in to comment.