diff --git a/app/__test__/app/mcp/mcp.auth.test.ts b/app/__test__/app/mcp/mcp.auth.test.ts index e7658b4..2636730 100644 --- a/app/__test__/app/mcp/mcp.auth.test.ts +++ b/app/__test__/app/mcp/mcp.auth.test.ts @@ -201,7 +201,10 @@ describe("mcp auth", async () => { }, return_config: true, }); - expect(addGuestRole.config.guest.permissions).toEqual(["read", "write"]); + expect(addGuestRole.config.guest.permissions.map((p) => p.permission)).toEqual([ + "read", + "write", + ]); // update role await tool(server, "config_auth_roles_update", { @@ -210,13 +213,15 @@ describe("mcp auth", async () => { permissions: ["read"], }, }); - expect(app.toJSON().auth.roles?.guest?.permissions).toEqual(["read"]); + expect(app.toJSON().auth.roles?.guest?.permissions?.map((p) => p.permission)).toEqual([ + "read", + ]); // get role const getGuestRole = await tool(server, "config_auth_roles_get", { key: "guest", }); - expect(getGuestRole.value.permissions).toEqual(["read"]); + expect(getGuestRole.value.permissions.map((p) => p.permission)).toEqual(["read"]); // remove role await tool(server, "config_auth_roles_remove", { diff --git a/app/__test__/auth/authorize/authorize.spec.ts b/app/__test__/auth/authorize/authorize.spec.ts index 5e39fb8..b13935a 100644 --- a/app/__test__/auth/authorize/authorize.spec.ts +++ b/app/__test__/auth/authorize/authorize.spec.ts @@ -11,7 +11,7 @@ function createGuard( ) { const _roles = roles ? objectTransform(roles, ({ permissions = [], is_default, implicit_allow }, name) => { - return Role.create({ name, permissions, is_default, implicit_allow }); + return Role.create(name, { permissions, is_default, implicit_allow }); }) : {}; const _permissions = permissionNames.map((name) => new Permission(name)); diff --git a/app/__test__/auth/authorize/permissions.spec.ts b/app/__test__/auth/authorize/permissions.spec.ts index f885d6e..78abdd0 100644 --- a/app/__test__/auth/authorize/permissions.spec.ts +++ b/app/__test__/auth/authorize/permissions.spec.ts @@ -252,7 +252,7 @@ describe("permission middleware", () => { it("allows if user has (plain) role", async () => { const p = new Permission("test"); - const r = Role.create({ name: "test", permissions: [p.name] }); + const r = Role.create("test", { permissions: [p.name] }); const hono = makeApp([p], [r]) .use(async (c, next) => { // @ts-expect-error @@ -512,7 +512,7 @@ describe("Role", () => { true, ); const json = JSON.parse(JSON.stringify(r.toJSON())); - const r2 = Role.create(json); + const r2 = Role.create(p.name, json); expect(r2.toJSON()).toEqual(r.toJSON()); }); }); diff --git a/app/src/auth/AppAuth.ts b/app/src/auth/AppAuth.ts index cead597..a73f9ec 100644 --- a/app/src/auth/AppAuth.ts +++ b/app/src/auth/AppAuth.ts @@ -2,7 +2,7 @@ import type { DB, PrimaryFieldType } from "bknd"; import * as AuthPermissions from "auth/auth-permissions"; import type { AuthStrategy } from "auth/authenticate/strategies/Strategy"; import type { PasswordStrategy } from "auth/authenticate/strategies/PasswordStrategy"; -import { $console, secureRandomString, transformObject } from "bknd/utils"; +import { $console, secureRandomString, transformObject, pick } from "bknd/utils"; import type { Entity, EntityManager } from "data/entities"; import { em, entity, enumm, type FieldSchema } from "data/prototype"; import { Module } from "modules/Module"; @@ -211,12 +211,11 @@ export class AppAuth extends Module { const strategies = this.authenticator.getStrategies(); const roles = Object.fromEntries(this.ctx.guard.getRoles().map((r) => [r.name, r.toJSON()])); - console.log("roles", roles); return { ...this.config, ...this.authenticator.toJSON(secrets), - roles: secrets ? roles : undefined, + roles, strategies: transformObject(strategies, (strategy) => ({ enabled: this.isStrategyEnabled(strategy), ...strategy.toJSON(secrets),