Added permission for auth:members_stripe_connect

no-issue

This permission is used to ensure that only the Owner can
authenticate/authorize the members_stripe_connect integration.

core/server/data/migrations/versions/3.18/02-add-members_stripe_connect-auth-permissions.js

@@ -0,0 +1,56 @@
+const ObjectId = require('bson-objectid');
+const logging = require('../../../../../shared/logging');
+
+module.exports = {
+    config: {
+        transaction: true
+    },
+    async up(options) {
+        const connection = options.transacting;
+
+        const existingIdentityPermission = await connection('permissions').where({
+            action_type: 'auth',
+            object_type: 'members_stripe_connect'
+        }).first();
+
+        if (existingIdentityPermission) {
+            logging.warn('Permission for auth:members_stripe_connect already added');
+            return;
+        }
+
+        logging.info('Adding permission for auth:members_stripe_connect');
+
+        const date = connection.raw('CURRENT_TIMESTAMP');
+
+        await connection('permissions').insert({
+            id: ObjectId.generate(),
+            name: 'Auth Stripe Connect for Members',
+            action_type: 'auth',
+            object_type: 'members_stripe_connect',
+            created_at: date,
+            created_by: 1,
+            updated_at: date,
+            updated_by: 1
+        });
+    },
+    async down(options) {
+        const connection = options.transacting;
+
+        const existingIdentityPermission = await connection('permissions').where({
+            action_type: 'auth',
+            object_type: 'members_stripe_connect'
+        }).first();
+
+        if (!existingIdentityPermission) {
+            logging.warn('Permission for auth:members_stripe_connect already removed');
+            return;
+        }
+
+        logging.info('Removing permission for auth:members_stripe_connect');
+
+        await connection('permissions').where({
+            action_type: 'auth',
+            object_type: 'members_stripe_connect'
+        }).del();
+    }
+};

core/server/data/schema/fixtures/fixtures.json

@@ -422,6 +422,11 @@
                     "name": "Read identities",
                     "action_type": "read",
                     "object_type": "identity"
+                },
+                {
+                    "name": "Auth Stripe Connect for Members",
+                    "action_type": "auth",
+                    "object_type": "members_stripe_connect"
                 }
             ]
         },

test/unit/data/schema/integrity_spec.js

@@ -20,7 +20,7 @@ const fixtures = require('../../../../core/server/data/schema/fixtures');
 describe('DB version integrity', function () {
     // Only these variables should need updating
     const currentSchemaHash = '7cd198f085844aa5725964069b051189';
-    const currentFixturesHash = '1e5856f5172a4389bd72a98b388792e6';
+    const currentFixturesHash = '94cf7dfe95e88022b3515c9664af2e66';
 
     // If this test is failing, then it is likely a change has been made that requires a DB version bump,
     // and the values above will need updating as confirmation