@adobe/helix-config 4.4.0 → 4.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/package.json +4 -4
- package/src/config-view.js +17 -8
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
## [4.5.1](https://github.com/adobe/helix-config/compare/v4.5.0...v4.5.1) (2024-09-10)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* also respect org-tokens (regression) ([#184](https://github.com/adobe/helix-config/issues/184)) ([2ae41fa](https://github.com/adobe/helix-config/commit/2ae41fa518a32a5fc674bbc85796e21843fb3c3c))
|
|
7
|
+
|
|
8
|
+
# [4.5.0](https://github.com/adobe/helix-config/compare/v4.4.0...v4.5.0) (2024-09-05)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Features
|
|
12
|
+
|
|
13
|
+
* include org apiKeyId to admin and raw scope ([#181](https://github.com/adobe/helix-config/issues/181)) ([223c5bf](https://github.com/adobe/helix-config/commit/223c5bf70b2c8c00c7171b009b294785be7a42c9))
|
|
14
|
+
|
|
1
15
|
# [4.4.0](https://github.com/adobe/helix-config/compare/v4.3.3...v4.4.0) (2024-09-05)
|
|
2
16
|
|
|
3
17
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@adobe/helix-config",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.5.1",
|
|
4
4
|
"description": "Helix Config",
|
|
5
5
|
"main": "src/index.js",
|
|
6
6
|
"types": "src/index.d.ts",
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
"reporter-options": "configFile=.mocha-multi.json"
|
|
36
36
|
},
|
|
37
37
|
"devDependencies": {
|
|
38
|
-
"@adobe/eslint-config-helix": "2.0.
|
|
38
|
+
"@adobe/eslint-config-helix": "2.0.7",
|
|
39
39
|
"@semantic-release/changelog": "6.0.3",
|
|
40
40
|
"@semantic-release/git": "10.0.1",
|
|
41
41
|
"@semantic-release/npm": "12.0.1",
|
|
@@ -43,7 +43,7 @@
|
|
|
43
43
|
"eslint": "8.57.0",
|
|
44
44
|
"husky": "9.1.5",
|
|
45
45
|
"junit-report-builder": "5.0.0",
|
|
46
|
-
"lint-staged": "15.2.
|
|
46
|
+
"lint-staged": "15.2.10",
|
|
47
47
|
"mocha": "10.7.3",
|
|
48
48
|
"mocha-multi-reporters": "1.5.1",
|
|
49
49
|
"mocha-suppress-logs": "0.5.1",
|
|
@@ -56,7 +56,7 @@
|
|
|
56
56
|
},
|
|
57
57
|
"dependencies": {
|
|
58
58
|
"@adobe/fetch": "4.1.8",
|
|
59
|
-
"@adobe/helix-shared-config": "10.6.
|
|
59
|
+
"@adobe/helix-shared-config": "10.6.8",
|
|
60
60
|
"@adobe/helix-shared-utils": "3.0.2"
|
|
61
61
|
}
|
|
62
62
|
}
|
package/src/config-view.js
CHANGED
|
@@ -109,8 +109,9 @@ async function getGlobalTokenHash(ctx, rso) {
|
|
|
109
109
|
/**
|
|
110
110
|
* Returns the normalized access configuration for the give partition.
|
|
111
111
|
*/
|
|
112
|
-
export async function getAccessConfig(ctx, config, partition, rso) {
|
|
113
|
-
const { access
|
|
112
|
+
export async function getAccessConfig(ctx, config, orgConfig, partition, rso) {
|
|
113
|
+
const { access } = config;
|
|
114
|
+
const tokens = { ...orgConfig?.tokens || {}, ...config.tokens };
|
|
114
115
|
const pAccess = access[partition] ?? {};
|
|
115
116
|
const apiKeyId = toArray(pAccess.apiKeyId ?? access.site?.apiKeyId);
|
|
116
117
|
const allow = toArray(pAccess.allow ?? access.site?.allow);
|
|
@@ -343,11 +344,14 @@ function resolveGroup(groups, name) {
|
|
|
343
344
|
/**
|
|
344
345
|
* Compute the access.admin.role arrays for the admin config. Resolves site and org groups.
|
|
345
346
|
* @param admin
|
|
347
|
+
* @param orgConfig
|
|
346
348
|
* @param configGroups
|
|
347
|
-
* @param orgGroups
|
|
348
|
-
* @param orgUsers
|
|
349
349
|
*/
|
|
350
|
-
function computeSiteAdminRoles(admin,
|
|
350
|
+
function computeSiteAdminRoles(admin, orgConfig, configGroups = {}) {
|
|
351
|
+
const {
|
|
352
|
+
users: orgUsers = [],
|
|
353
|
+
groups: orgGroups = {},
|
|
354
|
+
} = orgConfig ?? {};
|
|
351
355
|
const roles = {};
|
|
352
356
|
for (const [roleName, role] of Object.entries(admin.role ?? {})) {
|
|
353
357
|
const users = new Set();
|
|
@@ -385,6 +389,11 @@ function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}, orgUser
|
|
|
385
389
|
...admin,
|
|
386
390
|
role: roles,
|
|
387
391
|
};
|
|
392
|
+
|
|
393
|
+
const apiKeyId = new Set([...admin.apiKeyId ?? [], ...orgConfig?.access?.admin?.apiKeyId ?? []]);
|
|
394
|
+
if (apiKeyId.size) {
|
|
395
|
+
ret.apiKeyId = Array.from(apiKeyId);
|
|
396
|
+
}
|
|
388
397
|
// if there are only roles from the org, ensure that they don't enforce auth
|
|
389
398
|
if (hasOrgUsers && !hasRoles && (!admin.requireAuth || admin.requireAuth === 'auto')) {
|
|
390
399
|
ret.requireAuth = false;
|
|
@@ -430,13 +439,13 @@ export async function getConfigResponse(ctx, opts) {
|
|
|
430
439
|
// normalize access config
|
|
431
440
|
const { admin = {} } = config.access;
|
|
432
441
|
config.access = {
|
|
433
|
-
preview: await getAccessConfig(ctx, config, 'preview', rso),
|
|
434
|
-
live: await getAccessConfig(ctx, config, 'live', rso),
|
|
442
|
+
preview: await getAccessConfig(ctx, config, orgConfig, 'preview', rso),
|
|
443
|
+
live: await getAccessConfig(ctx, config, orgConfig, 'live', rso),
|
|
435
444
|
// access.require.repository ?
|
|
436
445
|
};
|
|
437
446
|
if (opts.scope === SCOPE_ADMIN || opts.scope === SCOPE_RAW) {
|
|
438
447
|
// eslint-disable-next-line max-len
|
|
439
|
-
config.access.admin = computeSiteAdminRoles(admin, config.groups
|
|
448
|
+
config.access.admin = computeSiteAdminRoles(admin, orgConfig, config.groups);
|
|
440
449
|
} else {
|
|
441
450
|
// for pipeline and delivery, also load the site tokens
|
|
442
451
|
const tst = await loadTransientSiteToken(ctx, rso.org, rso.site);
|