1 yıl önce · 9bd4fb2d79
--- a/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValue.spec.ts
+++ b/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValue.spec.ts
@@ -92,6 +92,7 @@ describe('SetSettingValue', () => {
 
				       userUuid: '00000000-0000-0000-0000-000000000000',
			
 
				       settingName: SettingName.NAMES.ListedAuthorSecrets,
			
 
				       value: 'value',
			
 
				+      checkUserPermissions: true,
			
 
				     })
			
 
				 
			
 
				     expect(result.isFailed()).toBe(true)
			
@@ -108,6 +109,7 @@ describe('SetSettingValue', () => {
 
				       userUuid: '00000000-0000-0000-0000-000000000000',
			
 
				       settingName: SettingName.NAMES.MfaSecret,
			
 
				       value: 'value',
			
 
				+      checkUserPermissions: true,
			
 
				     })
			
 
				 
			
 
				     expect(result.isFailed()).toBe(true)
			
@@ -140,6 +142,20 @@ describe('SetSettingValue', () => {
 
				     expect(settingRepository.update).toHaveBeenCalled()
			
 
				   })
			
 
				 
			
 
				+  it('should create a setting with checking user permissions', async () => {
			
 
				+    const useCase = createUseCase()
			
 
				+
			
 
				+    const result = await useCase.execute({
			
 
				+      userUuid: '00000000-0000-0000-0000-000000000000',
			
 
				+      settingName: SettingName.NAMES.MfaSecret,
			
 
				+      value: 'value',
			
 
				+      checkUserPermissions: true,
			
 
				+    })
			
 
				+
			
 
				+    expect(result.isFailed()).toBe(false)
			
 
				+    expect(settingRepository.insert).toHaveBeenCalled()
			
 
				+  })
			
 
				+
			
 
				   it('should insert a new setting if one does not exist', async () => {
			
 
				     getSetting.execute = jest.fn().mockReturnValue(Result.fail('not found'))
			
 
				 
			
--- a/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValue.ts
+++ b/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValue.ts
@@ -37,7 +37,7 @@ export class SetSettingValue implements UseCaseInterface<Setting> {
 
				       return Result.fail(`Setting ${settingName.value} is a subscription setting!`)
			
 
				     }
			
 
				 
			
 
				-    if (!(await this.userHasPermissionToUpdateSetting(userUuid, settingName))) {
			
 
				+    if (dto.checkUserPermissions && !(await this.userHasPermissionToUpdateSetting(userUuid, settingName))) {
			
 
				       return Result.fail(`User ${userUuid.value} does not have permission to update setting ${settingName.value}.`)
			
 
				     }
			
 
				 
			
--- a/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValueDTO.ts
+++ b/packages/auth/src/Domain/UseCase/SetSettingValue/SetSettingValueDTO.ts
@@ -2,4 +2,5 @@ export interface SetSettingValueDTO {
 
				   settingName: string
			
 
				   userUuid: string
			
 
				   value: string | null
			
 
				+  checkUserPermissions?: boolean
			
 
				 }
			
--- a/packages/auth/src/Infra/InversifyExpressUtils/Base/BaseSettingsController.ts
+++ b/packages/auth/src/Infra/InversifyExpressUtils/Base/BaseSettingsController.ts
@@ -160,6 +160,7 @@ export class BaseSettingsController extends BaseHttpController {
 
				       settingName: name,
			
 
				       value,
			
 
				       userUuid: response.locals.user.uuid,
			
 
				+      checkUserPermissions: true,
			
 
				     })
			
 
				 
			
 
				     if (result.isFailed()) {