Revert "project: user: create default project id (#2163)"

This reverts commit c39df25.
livepeer · Jun 11, 2024 · d9fcb78 · d9fcb78
1 parent 50c271b
commit d9fcb78
Show file tree

Hide file tree

Showing 21 changed files with 67 additions and 432 deletions.
diff --git a/packages/api/src/controllers/api-token.js b/packages/api/src/controllers/api-token.js
@@ -2,23 +2,15 @@ import Router from "express/lib/router";
 import { v4 as uuid } from "uuid";
 import sql from "sql-template-strings";
 
-import {
-  makeNextHREF,
-  parseOrder,
-  parseFilters,
-  addDefaultProjectId,
-} from "./helpers";
+import { makeNextHREF, parseOrder, parseFilters } from "./helpers";
 import { authorizer, validatePost } from "../middleware";
 import { AuthPolicy } from "../middleware/authPolicy";
 import { db } from "../store";
-import mung from "express-mung";
 
 const app = Router();
 
 app.use(authorizer({ noApiToken: true }));
 
-app.use(mung.jsonAsync(addDefaultProjectId));
-
 app.get("/:id", async (req, res) => {
   const { id } = req.params;
   const apiToken = await req.store.get(`api-token/${id}`);
@@ -75,6 +67,10 @@ app.get("/", async (req, res) => {
 
   if (!userId) {
     const query = parseFilters(fieldsMap, filters);
+    query.push(
+      sql`coalesce(api_token.data->>'projectId', '') = ${req.project?.id || ""}`
+    );
+
     let fields =
       " api_token.id as id, api_token.data as data, users.id as usersId, users.data as usersdata";
     if (count) {
@@ -112,13 +108,9 @@ app.get("/", async (req, res) => {
   }
   const query = parseFilters(fieldsMap, filters);
   query.push(sql`api_token.data->>'userId' = ${userId}`);
-  if (!req.user.admin) {
-    query.push(
-      sql`coalesce(api_token.data->>'projectId', ${
-        req.user.defaultProjectId || ""
-      }) = ${req.project?.id || ""}`
-    );
-  }
+  query.push(
+    sql`coalesce(api_token.data->>'projectId', '') = ${req.project?.id || ""}`
+  );
 
   let fields = " api_token.id as id, api_token.data as data";
   if (count) {

diff --git a/packages/api/src/controllers/asset.test.ts b/packages/api/src/controllers/asset.test.ts
@@ -144,7 +144,7 @@ describe("controllers/asset", () => {
           type: "url",
           url: spec.url,
         },
-        projectId: expect.any(String), //should have a default project id
+        projectId: "", //should be blank when using jwt and projectId not specified as query-param
         status: { phase: "waiting" },
       });
 
@@ -191,7 +191,7 @@ describe("controllers/asset", () => {
     });
   });
 
-  it("should import asset (using jwt) for existing project (created with jwt) and list with filters", async () => {
+  it("should import asset (using jwt) for existing project (created with jwt)", async () => {
     const spec = {
       name: "test",
       url: "https://example.com/test.mp4",
@@ -221,15 +221,6 @@ describe("controllers/asset", () => {
     res = await client.get(`/project/${projectId}`);
     expect(res.status).toBe(200);
     expect(await res.json()).toBeDefined(); //api-key be retrieve if adminApiKey is used..
-
-    res = await client.get(
-      `/asset?limit=10&allUsers=true&filters=[{"id":"playbackId","value":"${asset.playbackId}"}]`
-    );
-    expect(res.status).toBe(200);
-    let assets = await res.json();
-    expect(assets).toHaveLength(1);
-    expect(assets[0].projectId).toBe(projectId);
-    expect(assets[0].playbackId).toBe(asset.playbackId);
   });
 
   it("should import asset (using api-token) for existing project (created with jwt)", async () => {
@@ -263,25 +254,6 @@ describe("controllers/asset", () => {
     expect(project.id).toBeDefined();
   });
 
-  it("should import asset when projectId is not passed and list with projectId", async () => {
-    const spec = {
-      name: "test",
-      url: "https://example.com/test.mp4",
-    };
-    let res = await client.post(`/asset/upload/url`, spec);
-    expect(res.status).toBe(201);
-    const { asset, task } = await res.json();
-
-    client.jwtAuth = null;
-    client.apiKey = adminApiKey;
-
-    res = await client.get(`/asset?limit=10&allUsers=true`);
-    expect(res.status).toBe(200);
-    let assets = await res.json();
-    expect(assets).toHaveLength(1);
-    expect(assets[0].projectId).toBe(asset.projectId);
-  });
-
   it("should NOT import asset (using api-key) when projectId passed as ouery-param", async () => {
     const spec = {
       name: "test",
@@ -310,7 +282,7 @@ describe("controllers/asset", () => {
         type: "url",
         url: spec.url,
       },
-      projectId: adminUser.defaultProjectId,
+      projectId: "", //should be blank when using an existing api-key and new project was created
       status: { phase: "waiting" },
     });
   });

diff --git a/packages/api/src/controllers/asset.ts b/packages/api/src/controllers/asset.ts
@@ -22,7 +22,6 @@ import {
   reqUseReplica,
   isValidBase64,
   mapInputCreatorId,
-  addDefaultProjectId,
 } from "./helpers";
 import { db } from "../store";
 import sql from "sql-template-strings";
@@ -240,7 +239,7 @@ export async function validateAssetPayload(
     name: payload.name,
     source,
     staticMp4: payload.staticMp4,
-    projectId: req.project?.id,
+    projectId: req.project?.id ?? "",
     creatorId: mapInputCreatorId(payload.creatorId),
     playbackPolicy,
     objectStoreId: payload.objectStoreId || (await defaultObjectStoreId(req)),
@@ -496,7 +495,6 @@ export async function createAsset(asset: WithID<Asset>, queue: Queue) {
     timestamp: asset.createdAt,
     event: "asset.created",
     userId: asset.userId,
-    projectId: asset.projectId,
     payload: {
       asset: {
         id: asset.id,
@@ -615,24 +613,14 @@ export async function toExternalAsset(
   return a;
 }
 
-app.use(mung.jsonAsync(addDefaultProjectId));
-
 app.use(
   mung.jsonAsync(async function cleanWriteOnlyResponses(
     data: WithID<Asset>[] | WithID<Asset> | { asset: WithID<Asset> },
     req
   ) {
     const { details } = toStringValues(req.query);
-    const toExternalAssetFunc = async (a: Asset) => {
-      const modifiedAsset = await toExternalAsset(
-        a,
-        req.config,
-        !!details,
-        req.user.admin
-      );
-
-      return modifiedAsset;
-    };
+    const toExternalAssetFunc = (a: Asset) =>
+      toExternalAsset(a, req.config, !!details, req.user.admin);
 
     if (Array.isArray(data)) {
       return Promise.all(data.map(toExternalAssetFunc));
@@ -712,14 +700,9 @@ app.get("/", authorizer({}), async (req, res) => {
     query.push(sql`asset.data->>'deleted' IS NULL`);
   }
 
-  if (!req.user.admin) {
-    query.push(
-      sql`coalesce(asset.data->>'projectId', ${
-        req.user.defaultProjectId || ""
-      }) = ${req.project?.id || ""}`
-    );
-  }
-
+  query.push(
+    sql`coalesce(asset.data->>'projectId', '') = ${req.project?.id || ""}`
+  );
   if (req.user.admin && deleting === "true") {
     const deletionThreshold = new Date(
       Date.now() - DELETE_ASSET_DELAY
@@ -792,7 +775,13 @@ app.get("/:id", authorizer({}), async (req, res) => {
   if (!asset || asset.deleted) {
     throw new NotFoundError(`Asset not found`);
   }
-  req.checkResourceAccess(asset);
+
+  if (req.user.admin !== true && req.user.id !== asset.userId) {
+    throw new ForbiddenError(
+      "user can only request information on their own assets"
+    );
+  }
+
   res.json(asset);
 });
 

diff --git a/packages/api/src/controllers/auth.ts b/packages/api/src/controllers/auth.ts
@@ -69,7 +69,6 @@ app.all(
       : userIds.find((id) => !!id) || req.user.id;
     res.header("x-livepeer-user-id", userId);
     res.header("x-livepeer-is-caller-admin", req.user.admin ? "true" : "false");
-    res.header("x-livepeer-project-id", req.project?.id || "");
 
     res.status(204).end();
   }

diff --git a/packages/api/src/controllers/clip.ts b/packages/api/src/controllers/clip.ts
@@ -177,7 +177,6 @@ app.post(
         user: owner,
         token: req.token,
         config: req.config,
-        project: req.project,
       },
       id,
       uPlaybackId,
@@ -225,7 +224,6 @@ const fieldsMap = {
   createdAt: { val: `asset.data->'createdAt'`, type: "int" },
   updatedAt: { val: `asset.data->'status'->'updatedAt'`, type: "int" },
   userId: `asset.data->>'userId'`,
-  projectId: `asset.data->>'projectId'`,
   playbackId: `asset.data->>'playbackId'`,
   sourceType: `asset.data->'source'->>'type'`,
   sourceSessionId: `asset.data->'source'->>'sessionId'`,
@@ -271,12 +269,6 @@ export const getClips = async (
   let output: WithID<Asset>[];
   let newCursor: string;
 
-  if (!req.user.admin) {
-    query.push(
-      sql`coalesce(asset.data->>'projectId', '') = ${req.project?.id || ""}`
-    );
-  }
-
   query.push(sql`asset.data->>'userId' = ${req.user.id}`);
 
   if (!content) {

diff --git a/packages/api/src/controllers/helpers.test.ts b/packages/api/src/controllers/helpers.test.ts
@@ -4,13 +4,11 @@ import { ObjectStore, User } from "../schema/types";
 import { db } from "../store";
 import { v4 as uuid } from "uuid";
 import {
-  addDefaultProjectId,
   deleteCredentials,
   getS3PresignedUrl,
   toObjectStoreUrl,
   toWeb3StorageUrl,
 } from "./helpers";
-import { Request, Response } from "express";
 
 let server: TestServer;
 
@@ -233,61 +231,4 @@ describe("convert w3 storage to object store URL", () => {
       "undefined property 'credentials.proof'"
     );
   });
-
-  it("should append default project id", async () => {
-    const mockAsset = {
-      id: "asset1",
-      userId: "test",
-      user: {
-        id: "test",
-        admin: false,
-        defaultProjectId: "defaultProject1",
-      },
-      projectId: undefined,
-    };
-    const mockAsset2 = {
-      id: "asset2",
-      userId: "test",
-      projectId: undefined,
-      user: {
-        id: "test",
-        admin: false,
-        defaultProjectId: "defaultProject1",
-      },
-    };
-
-    const assetList = [mockAsset, mockAsset2];
-
-    let mockReq: Request = {
-      user: {
-        id: "test",
-        admin: false,
-        defaultProjectId: "defaultProject1",
-      },
-      project: {
-        id: "test",
-      },
-    } as Request;
-
-    let mockRes: Response = {
-      status: jest.fn().mockReturnThis(),
-      json: jest.fn(),
-    } as any as Response;
-
-    // nonAdmin + singleAsset
-    let result = await addDefaultProjectId(mockAsset, mockReq, mockRes);
-    expect(result.projectId).toBe("defaultProject1");
-    expect(assetList[0].projectId).toBe(undefined);
-    // nonAdmin + multipleAssets
-    result = await addDefaultProjectId(assetList, mockReq, mockRes);
-    expect(result[0].projectId).toBe("defaultProject1");
-    mockReq.user.admin = true;
-    mockReq.user.defaultProjectId = "adminProjectId";
-    // admin + singleAsset
-    result = await addDefaultProjectId(mockAsset, mockReq, mockRes);
-    expect(result.projectId).toBe("defaultProject1");
-    // admin + multipleAssets
-    result = await addDefaultProjectId(assetList, mockReq, mockRes);
-    expect(result[0].projectId).toBe("defaultProject1");
-  });
 });