refactor: return all scope information instead of just the name

logto-io · Apr 15, 2024 · 1af9615 · 1af9615
1 parent de16757
commit 1af9615
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 13 deletions.
diff --git a/packages/core/src/oidc/grants/refresh-token.test.ts b/packages/core/src/oidc/grants/refresh-token.test.ts
@@ -307,9 +307,9 @@ describe('organization token grant', () => {
     Sinon.stub(tenant.queries.organizations.relations.users, 'exists').resolves(true);
     Sinon.stub(tenant.queries.applications, 'findApplicationById').resolves(mockApplication);
     Sinon.stub(tenant.queries.organizations.relations.rolesUsers, 'getUserScopes').resolves([
-      { id: 'foo', name: 'foo' },
-      { id: 'bar', name: 'bar' },
-      { id: 'baz', name: 'baz' },
+      { tenantId: 'default', id: 'foo', name: 'foo', description: 'foo' },
+      { tenantId: 'default', id: 'bar', name: 'bar', description: 'bar' },
+      { tenantId: 'default', id: 'baz', name: 'baz', description: 'baz' },
     ]);
 
     const entityStub = Sinon.stub(ctx.oidc, 'entity');

diff --git a/packages/core/src/queries/organization/relations.ts b/packages/core/src/queries/organization/relations.ts
@@ -9,7 +9,7 @@ import {
   type OrganizationWithRoles,
   type UserWithOrganizationRoles,
   type FeaturedUser,
-  type OrganizationScopeEntity,
+  type OrganizationScope,
 } from '@logto/schemas';
 import { sql, type CommonQueryMethods } from '@silverhand/slonik';
 
@@ -178,14 +178,14 @@ export class RoleUserRelationQueries extends RelationQueries<
   async getUserScopes(
     organizationId: string,
     userId: string
-  ): Promise<readonly OrganizationScopeEntity[]> {
+  ): Promise<readonly OrganizationScope[]> {
     const { fields } = convertToIdentifiers(OrganizationRoleUserRelations, true);
     const roleScopeRelations = convertToIdentifiers(OrganizationRoleScopeRelations, true);
     const scopes = convertToIdentifiers(OrganizationScopes, true);
 
-    return this.pool.any<OrganizationScopeEntity>(sql`
+    return this.pool.any<OrganizationScope>(sql`
       select distinct on (${scopes.fields.id})
-        ${scopes.fields.id}, ${scopes.fields.name}
+        ${scopes.fields.tenantId} ${scopes.fields.id}, ${scopes.fields.name}, ${scopes.fields.description}
       from ${this.table}
       join ${roleScopeRelations.table}
         on ${roleScopeRelations.fields.organizationRoleId} = ${fields.organizationRoleId}

diff --git a/packages/core/src/routes/organization/index.ts b/packages/core/src/routes/organization/index.ts
@@ -4,6 +4,7 @@ import {
   Organizations,
   featuredUserGuard,
   userWithOrganizationRolesGuard,
+  OrganizationScopes,
 } from '@logto/schemas';
 import { yes } from '@silverhand/essentials';
 import { z } from 'zod';
@@ -239,14 +240,15 @@ export default function organizationRoutes<T extends AuthedRouter>(...args: Rout
     '/:id/users/:userId/scopes',
     koaGuard({
       params: z.object(params),
-      response: z.string().array(),
+      response: z.array(OrganizationScopes.guard),
       status: [200, 422],
     }),
     async (ctx, next) => {
       const { id, userId } = ctx.guard.params;
+
       const scopes = await organizations.relations.rolesUsers.getUserScopes(id, userId);
 
-      ctx.body = scopes.map(({ name }) => name);
+      ctx.body = scopes;
       return next();
     }
   );

diff --git a/packages/integration-tests/src/api/organization.ts b/packages/integration-tests/src/api/organization.ts
@@ -4,6 +4,7 @@ import {
   type OrganizationWithRoles,
   type UserWithOrganizationRoles,
   type OrganizationWithFeatured,
+  type OrganizationScope,
 } from '@logto/schemas';
 
 import { authedAdminApi } from './api.js';
@@ -68,7 +69,9 @@ export class OrganizationApi extends ApiFactory<
     return authedAdminApi.get(`users/${userId}/organizations`).json<OrganizationWithRoles[]>();
   }
 
-  async getUserOrganizationScopes(id: string, userId: string): Promise<string[]> {
-    return authedAdminApi.get(`${this.path}/${id}/users/${userId}/scopes`).json<string[]>();
+  async getUserOrganizationScopes(id: string, userId: string): Promise<OrganizationScope[]> {
+    return authedAdminApi
+      .get(`${this.path}/${id}/users/${userId}/scopes`)
+      .json<OrganizationScope[]>();
   }
 }
diff --git a/packages/integration-tests/src/tests/api/organization/organization-user.test.ts b/packages/integration-tests/src/tests/api/organization/organization-user.test.ts
@@ -275,13 +275,13 @@ describe('organization user APIs', () => {
       // Assign role1 to user
       await organizationApi.addUserRoles(organization.id, user.id, [role1.id]);
       const scopes = await organizationApi.getUserOrganizationScopes(organization.id, user.id);
-      expect(scopes).toMatchObject([scope1.name, scope2.name]);
+      expect(scopes.map(({ name }) => name)).toMatchObject([scope1.name, scope2.name]);
 
       // Remove role1 and assign role2 to user
       await organizationApi.deleteUserRole(organization.id, user.id, role1.id);
       await organizationApi.addUserRoles(organization.id, user.id, [role2.id]);
       const newScopes = await organizationApi.getUserOrganizationScopes(organization.id, user.id);
-      expect(newScopes).toEqual([scope1.name]);
+      expect(newScopes.map(({ name }) => name)).toEqual([scope1.name]);
     });
   });
 });