Add operation argument to validateAuthAccessControl (#4865)

.changeset/late-nails-tease.md

@@ -0,0 +1,6 @@
+---
+'@keystonejs/access-control': major
+'@keystonejs/keystone': patch
+---
+
+Updated `validateAuthAccessControl` to now require an explicit `operation` argument.

packages/access-control/src/access-control.ts

@@ -404,8 +404,8 @@ export async function validateAuthAccessControl({
   authentication,
   gqlName,
   context,
-}: { access: AuthAccess<AuthAccessArgs> } & Omit<AuthAccessArgs, 'operation'>) {
-  const operation = 'auth';
+  operation,
+}: { access: AuthAccess<AuthAccessArgs> } & AuthAccessArgs) {
   // Either a boolean or an object describing a where clause
   let result: Static | Declarative = false;
   const acc = access[operation];

packages/access-control/tests/access-control.test.ts

@@ -513,19 +513,19 @@ describe('Access control package tests', () => {
     // Test the static case: returning a boolean
     const authArgs = { listKey: 'listKey', authentication: {}, gqlName: 'gqlName', context: {} };
     await expect(
-      validateAuthAccessControl({ access: { [operation]: true }, ...authArgs })
+      validateAuthAccessControl({ access: { [operation]: true }, operation, ...authArgs })
     ).resolves.toBe(true);
     await expect(
-      validateAuthAccessControl({ access: { [operation]: false }, ...authArgs })
+      validateAuthAccessControl({ access: { [operation]: false }, operation, ...authArgs })
     ).resolves.toBe(false);
     await expect(
       // @ts-ignore
-      validateAuthAccessControl({ access: { [operation]: 10 }, ...authArgs })
+      validateAuthAccessControl({ access: { [operation]: 10 }, operation, ...authArgs })
     ).rejects.toThrow(Error);
 
     const accessFn = jest.fn(() => true);
 
-    await validateAuthAccessControl({ access: { [operation]: accessFn }, ...authArgs });
+    await validateAuthAccessControl({ access: { [operation]: accessFn }, operation, ...authArgs });
 
     expect(accessFn).toHaveBeenCalledTimes(1);
 
@@ -535,13 +535,15 @@ describe('Access control package tests', () => {
       await expect(
         validateAuthAccessControl({
           access: { [operation]: () => true },
+          operation,
           ...authArgs,
           authentication,
         })
       ).resolves.toBe(true);
       await expect(
         validateAuthAccessControl({
           access: { [operation]: () => false },
+          operation,
           ...authArgs,
           authentication,
         })
@@ -550,6 +552,7 @@ describe('Access control package tests', () => {
       await expect(
         validateAuthAccessControl({
           access: { [operation]: () => ({ a: 1 }) },
+          operation,
           ...authArgs,
           authentication,
         })
@@ -560,15 +563,21 @@ describe('Access control package tests', () => {
         validateAuthAccessControl({
           // @ts-ignore
           access: { create: () => ({ a: 1 }) },
+          operation,
           ...authArgs,
           authentication,
         })
       ).rejects.toThrow(Error);
 
       // Number function
       await expect(
-        // @ts-ignore
-        validateAuthAccessControl({ access: { create: () => 10 }, ...authArgs, authentication })
+        validateAuthAccessControl({
+          // @ts-ignore
+          access: { create: () => 10 },
+          operation,
+          ...authArgs,
+          authentication,
+        })
       ).rejects.toThrow(Error);
     }
   });

packages/keystone/lib/Keystone/index.js

@@ -171,6 +171,7 @@ module.exports = class Keystone {
           listKey,
           gqlName,
           context,
+          operation: 'auth',
         });
       },
       { isPromise: true }