diff --git a/.github/workflows/qe-pull-request.yml b/.github/workflows/qe-pull-request.yml deleted file mode 100644 index c7757d6..0000000 --- a/.github/workflows/qe-pull-request.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: '[PRN] Quality Engineering' - -on: - pull_request: - branches: - - main - - master - types: - - opened - - synchronize - - reopened - - ready_for_review - -jobs: - quality-engineering: - name: QE - uses: vtex-apps/usqa/.github/workflows/quality-engineering.yml@v2 - with: - danger: true - dangerRequireChangelog: false - nodeLint: true - reactTest: false - nodeSonar: true - nodeSonarProjectKey: vtex-apps_wish-list-ts - nodeSonarOrganization: vtex-apps - dotnetLint: true - dotnetSonar: true - dotnetSonarProjectKey: vtex-apps_wish-list-dotnet - dotnetSonarOrganization: vtex-apps - cypress: true - secrets: - githubToken: ${{ secrets.GITHUB_TOKEN }} - sonarToken: ${{ secrets.SONAR_TOKEN }} - cypressJson: ${{ secrets.VTEX_QE }} diff --git a/CHANGELOG.md b/CHANGELOG.md index b66b977..915a606 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +### Fixed +- Authentication to queries and mutation fixed + ### Added - Authentication yo queries and mutation added diff --git a/dotnet/GraphQL/Mutation.cs b/dotnet/GraphQL/Mutation.cs index a299009..0b3dae5 100644 --- a/dotnet/GraphQL/Mutation.cs +++ b/dotnet/GraphQL/Mutation.cs @@ -19,7 +19,7 @@ public Mutation(IWishListService wishListService) { Name = "Mutation"; - FieldAsync( + Field( "addToList", arguments: new QueryArguments( new QueryArgument> { Name = "listItem" }, @@ -27,19 +27,8 @@ public Mutation(IWishListService wishListService) new QueryArgument { Name = "name" }, new QueryArgument { Name = "public" } ), - resolve: async context => + resolve: context => { - - HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser(); - if (isValidAuthUser != HttpStatusCode.OK) - { - context.Errors.Add(new ExecutionError(isValidAuthUser.ToString()) - { - Code = isValidAuthUser.ToString() - }); - - return null; - } var listItem = context.GetArgument("listItem"); string shopperId = context.GetArgument("shopperId"); @@ -49,28 +38,16 @@ public Mutation(IWishListService wishListService) return wishListService.SaveItem(listItem, shopperId, listName, isPublic); }); - FieldAsync( + Field( "removeFromList", arguments: new QueryArguments( new QueryArgument> { Name = "id" }, new QueryArgument> { Name = "shopperId" }, new QueryArgument { Name = "name" } ), - resolve: async context => + resolve: context => { - HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser(); - - if (isValidAuthUser != HttpStatusCode.OK) - { - context.Errors.Add(new ExecutionError(isValidAuthUser.ToString()) - { - Code = isValidAuthUser.ToString() - }); - - return null; - } - int id = context.GetArgument("id"); string shopperId = context.GetArgument("shopperId"); string listName = context.GetArgument("name"); diff --git a/dotnet/Services/WishListService.cs b/dotnet/Services/WishListService.cs index c55c511..8c59f1b 100644 --- a/dotnet/Services/WishListService.cs +++ b/dotnet/Services/WishListService.cs @@ -102,81 +102,150 @@ public async Task SaveList(IList listItems, string shopperId, st public async Task SaveItem(ListItem listItem, string shopperId, string listName, bool? isPublic) { - IList listItemsToSave = null; - WishListWrapper wishListWrapper = await this.GetList(shopperId, listName); - ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault(); - if (listItemsWrapper != null && listItemsWrapper.ListItems != null) + if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken)) { - _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' {listItemsWrapper.ListItems.Count} existing items."); - listItemsToSave = listItemsWrapper.ListItems; - foreach (ListItem item in listItemsToSave) + return null; + } + + ValidatedUser validatedUser = null; + + try { + validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken); + } + catch (Exception ex) + { + _context.Vtex.Logger.Error("IsValidAuthUser", null, "Error fetching user", ex); + + return null; + } + + bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success"); + + if (!hasPermission) + { + _context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission"); + + return null; + } + + if(hasPermission) { + + IList listItemsToSave = null; + + WishListWrapper wishListWrapper = await this.GetList(shopperId, listName); + ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault(); + if (listItemsWrapper != null && listItemsWrapper.ListItems != null) { - if (listItem.ProductId == item.ProductId) + _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' {listItemsWrapper.ListItems.Count} existing items."); + listItemsToSave = listItemsWrapper.ListItems; + foreach (ListItem item in listItemsToSave) { - listItem.Id = item.Id; + if (listItem.ProductId == item.ProductId) + { + listItem.Id = item.Id; + } } - } - if(listItem.Id == null) - { - int maxId = 0; - if (listItemsToSave.Count > 0) + if(listItem.Id == null) { - maxId = listItemsToSave.Max(t => t.Id ?? 0); + int maxId = 0; + if (listItemsToSave.Count > 0) + { + maxId = listItemsToSave.Max(t => t.Id ?? 0); + } + + listItem.Id = ++maxId; + _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Setting Id: {listItem.Id}"); + } + else + { + // If an Id has been specified, remove existing item + ListItem itemToRemove = listItemsToSave.Where(r => r.Id == listItem.Id).FirstOrDefault(); + if (itemToRemove != null && listItemsToSave.Remove(itemToRemove)) + { + _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Removing {listItem.Id}"); + listItemsToSave.Remove(itemToRemove); + } } - listItem.Id = ++maxId; - _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Setting Id: {listItem.Id}"); + listItemsToSave.Add(listItem); } else { - // If an Id has been specified, remove existing item - ListItem itemToRemove = listItemsToSave.Where(r => r.Id == listItem.Id).FirstOrDefault(); - if (itemToRemove != null && listItemsToSave.Remove(itemToRemove)) - { - _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Removing {listItem.Id}"); - listItemsToSave.Remove(itemToRemove); - } + listItem.Id = listItem.Id ?? 0; + listItemsToSave = new List { listItem }; + _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' First Item: {listItem.Id}"); } - listItemsToSave.Add(listItem); + if(await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, isPublic, wishListWrapper.Id)) + { + _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Saved: {listItem.Id}"); + } + else + { + _context.Vtex.Logger.Warn("SaveItem", null, $"Saving '{shopperId}' '{listName}' Failed to save: {listItem.Id}"); + } + + return listItem.Id; + + } else { + return null; } - else + + + } + + public async Task RemoveItem(int itemId, string shopperId, string listName) + { + + if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken)) { - listItem.Id = listItem.Id ?? 0; - listItemsToSave = new List { listItem }; - _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' First Item: {listItem.Id}"); + return false; } - if(await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, isPublic, wishListWrapper.Id)) - { - _context.Vtex.Logger.Debug("SaveItem", null, $"Saving '{shopperId}' '{listName}' Saved: {listItem.Id}"); + ValidatedUser validatedUser = null; + + try { + validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken); } - else + catch (Exception ex) { - _context.Vtex.Logger.Warn("SaveItem", null, $"Saving '{shopperId}' '{listName}' Failed to save: {listItem.Id}"); + _context.Vtex.Logger.Error("IsValidAuthUser", null, "Error fetching user", ex); + + return false; } - return listItem.Id; - } + bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success"); - public async Task RemoveItem(int itemId, string shopperId, string listName) - { - bool wasRemoved = false; - IList listItemsToSave = null; - WishListWrapper wishListWrapper = await this.GetList(shopperId, listName); - ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault(); - if (listItemsWrapper != null && listItemsWrapper.ListItems != null) + if (!hasPermission) { - listItemsToSave = listItemsWrapper.ListItems; - ListItem itemToRemove = listItemsToSave.FirstOrDefault(r => r.Id == itemId); - if (itemToRemove != null && listItemsToSave.Remove(itemToRemove)) + _context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission"); + + return false; + } + + if(hasPermission) { + + bool wasRemoved = false; + IList listItemsToSave = null; + WishListWrapper wishListWrapper = await this.GetList(shopperId, listName); + ListItemsWrapper listItemsWrapper = wishListWrapper.ListItemsWrapper.FirstOrDefault(); + if (listItemsWrapper != null && listItemsWrapper.ListItems != null) { - wasRemoved = await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, listItemsWrapper.IsPublic, wishListWrapper.Id); + listItemsToSave = listItemsWrapper.ListItems; + ListItem itemToRemove = listItemsToSave.FirstOrDefault(r => r.Id == itemId); + if (itemToRemove != null && listItemsToSave.Remove(itemToRemove)) + { + wasRemoved = await _wishListRepository.SaveWishList(listItemsToSave, shopperId, listName, listItemsWrapper.IsPublic, wishListWrapper.Id); + } } + + return wasRemoved; + + } else { + return false; } - return wasRemoved; } public async Task> LimitList(IList listItems, int from, int to) diff --git a/manifest.json b/manifest.json index 608a608..9d021bb 100644 --- a/manifest.json +++ b/manifest.json @@ -1,7 +1,7 @@ { "name": "wish-list", "vendor": "vtex", - "version": "1.16.3", + "version": "1.16.4", "title": "Wish List", "description": "The Wishlist app is designed for B2C. It adds a heart icon to the Shelfs and Product Page, so the user can add it to the Wishlist, you can list all the Wishlisted items at /wishlist", "categories": [],