@aeriajs/builtins 0.0.230 → 0.0.231

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/collections/user/createAccount.js +1 -1
  2. package/dist/collections/user/createAccount.mjs +1 -1
  3. package/dist/collections/user/index.d.ts +1 -1
  4. package/dist/collections/user/insert.d.ts +1 -1
  5. package/dist/collections/user/insert.js +21 -19
  6. package/dist/collections/user/insert.mjs +21 -19
  7. package/dist/index.d.ts +1 -1
  8. package/package.json +6 -6
package/dist/collections/user/createAccount.js CHANGED
@@ -64,7 +64,7 @@ const createAccount = async (payload, context) => {
64
64
  what: {
65
65
  ...user,
66
66
  ...defaults,
67
- roles,
67
+ roles: Array.from(roles),
68
68
  },
69
69
  }, context);
70
70
  };
package/dist/collections/user/createAccount.mjs CHANGED
@@ -62,7 +62,7 @@ export const createAccount = async (payload, context) => {
62
62
  what: {
63
63
  ...user,
64
64
  ...defaults,
65
- roles
65
+ roles: Array.from(roles)
66
66
  }
67
67
  }, context);
68
68
  };
package/dist/collections/user/index.d.ts CHANGED
@@ -263,7 +263,7 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
263
263
  httpStatus: import("@aeriajs/types").HTTPStatus.NotFound;
264
264
  }> | import("@aeriajs/types").Result.Error<{
265
265
  readonly code: import("@aeriajs/types").ACError.AuthorizationError;
266
- readonly message: "tried to edit an user with a roler higher in the hierarchy";
266
+ readonly message: "tried to edit an user with a role higher in the hierarchy";
267
267
  } & {
268
268
  httpStatus: import("@aeriajs/types").HTTPStatus.Forbidden;
269
269
  }> | import("@aeriajs/types").InsertReturnType<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>>;
package/dist/collections/user/insert.d.ts CHANGED
@@ -16,7 +16,7 @@ export declare const insert: <TDescription extends Description, TInsertPayload e
16
16
  httpStatus: HTTPStatus.NotFound;
17
17
  }> | import("@aeriajs/types").Result.Error<{
18
18
  readonly code: ACError.AuthorizationError;
19
- readonly message: "tried to edit an user with a roler higher in the hierarchy";
19
+ readonly message: "tried to edit an user with a role higher in the hierarchy";
20
20
  } & {
21
21
  httpStatus: HTTPStatus.Forbidden;
22
22
  }> | import("@aeriajs/types").InsertReturnType<SchemaWithId<TDescription>>>;
package/dist/collections/user/insert.js CHANGED
@@ -6,7 +6,10 @@ const common_1 = require("@aeriajs/common");
6
6
  const core_1 = require("@aeriajs/core");
7
7
  const bcrypt = require("bcrypt");
8
8
  const isRoleAllowed = (targetRole, context) => {
9
- if (!context.config.security.rolesHierarchy || !context.token.authenticated) {
9
+ if (!context.config.security.rolesHierarchy) {
10
+ return true;
11
+ }
12
+ if (!context.token.authenticated) {
10
13
  throw new Error;
11
14
  }
12
15
  for (const role of context.token.roles) {
@@ -43,24 +46,23 @@ const insert = async (payload, context) => {
43
46
  });
44
47
  }
45
48
  }
46
- if ('_id' in payload.what && typeof payload.what._id === 'string') {
47
- context.collection.description.$id === 'oi';
48
- const user = await context.collections.user.model.findOne({
49
- _id: new core_1.ObjectId(payload.what._id),
50
- });
51
- if (!user) {
52
- return context.error(types_1.HTTPStatus.NotFound, {
53
- code: types_1.ACError.ResourceNotFound,
54
- });
55
- }
56
- const allowed = user.roles.every((role) => isRoleAllowed(role, context));
57
- if (!allowed) {
58
- return context.error(types_1.HTTPStatus.Forbidden, {
59
- code: types_1.ACError.AuthorizationError,
60
- message: 'tried to edit an user with a roler higher in the hierarchy',
61
- });
62
- }
63
- }
49
+ }
50
+ }
51
+ if ('_id' in payload.what && typeof payload.what._id === 'string') {
52
+ const user = await context.collections.user.model.findOne({
53
+ _id: new core_1.ObjectId(payload.what._id),
54
+ });
55
+ if (!user) {
56
+ return context.error(types_1.HTTPStatus.NotFound, {
57
+ code: types_1.ACError.ResourceNotFound,
58
+ });
59
+ }
60
+ const allowed = user.roles.every((role) => isRoleAllowed(role, context));
61
+ if (!allowed) {
62
+ return context.error(types_1.HTTPStatus.Forbidden, {
63
+ code: types_1.ACError.AuthorizationError,
64
+ message: 'tried to edit an user with a role higher in the hierarchy',
65
+ });
64
66
  }
65
67
  }
66
68
  if ('password' in payload.what && typeof payload.what.password === 'string') {
package/dist/collections/user/insert.mjs CHANGED
@@ -4,7 +4,10 @@ import { arraysIntersect } from "@aeriajs/common";
4
4
  import { ObjectId, insert as originalInsert } from "@aeriajs/core";
5
5
  import * as bcrypt from "bcrypt";
6
6
  const isRoleAllowed = (targetRole, context) => {
7
- if (!context.config.security.rolesHierarchy || !context.token.authenticated) {
7
+ if (!context.config.security.rolesHierarchy) {
8
+ return true;
9
+ }
10
+ if (!context.token.authenticated) {
8
11
  throw new Error();
9
12
  }
10
13
  for (const role of context.token.roles) {
@@ -41,24 +44,23 @@ export const insert = async (payload, context) => {
41
44
  });
42
45
  }
43
46
  }
44
- if ("_id" in payload.what && typeof payload.what._id === "string") {
45
- context.collection.description.$id === "oi";
46
- const user = await context.collections.user.model.findOne({
47
- _id: new ObjectId(payload.what._id)
48
- });
49
- if (!user) {
50
- return context.error(HTTPStatus.NotFound, {
51
- code: ACError.ResourceNotFound
52
- });
53
- }
54
- const allowed = user.roles.every((role) => isRoleAllowed(role, context));
55
- if (!allowed) {
56
- return context.error(HTTPStatus.Forbidden, {
57
- code: ACError.AuthorizationError,
58
- message: "tried to edit an user with a roler higher in the hierarchy"
59
- });
60
- }
61
- }
47
+ }
48
+ }
49
+ if ("_id" in payload.what && typeof payload.what._id === "string") {
50
+ const user = await context.collections.user.model.findOne({
51
+ _id: new ObjectId(payload.what._id)
52
+ });
53
+ if (!user) {
54
+ return context.error(HTTPStatus.NotFound, {
55
+ code: ACError.ResourceNotFound
56
+ });
57
+ }
58
+ const allowed = user.roles.every((role) => isRoleAllowed(role, context));
59
+ if (!allowed) {
60
+ return context.error(HTTPStatus.Forbidden, {
61
+ code: ACError.AuthorizationError,
62
+ message: "tried to edit an user with a role higher in the hierarchy"
63
+ });
62
64
  }
63
65
  }
64
66
  if ("password" in payload.what && typeof payload.what.password === "string") {
package/dist/index.d.ts CHANGED
@@ -727,7 +727,7 @@ export declare const collections: {
727
727
  httpStatus: import("@aeriajs/types").HTTPStatus.NotFound;
728
728
  }> | import("@aeriajs/types").Result.Error<{
729
729
  readonly code: import("@aeriajs/types").ACError.AuthorizationError;
730
- readonly message: "tried to edit an user with a roler higher in the hierarchy";
730
+ readonly message: "tried to edit an user with a role higher in the hierarchy";
731
731
  } & {
732
732
  httpStatus: import("@aeriajs/types").HTTPStatus.Forbidden;
733
733
  }> | import("@aeriajs/types").InsertReturnType<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>>;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aeriajs/builtins",
3
- "version": "0.0.230",
3
+ "version": "0.0.231",
4
4
  "description": "## Installation",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -55,10 +55,10 @@
55
55
  "mongodb": "^6.5.0"
56
56
  },
57
57
  "peerDependencies": {
58
- "@aeriajs/core": "^0.0.230",
59
- "@aeriajs/common": "^0.0.131",
60
- "@aeriajs/entrypoint": "^0.0.134",
61
- "@aeriajs/types": "^0.0.113",
62
- "@aeriajs/validation": "^0.0.146"
58
+ "@aeriajs/core": "^0.0.231",
59
+ "@aeriajs/common": "^0.0.132",
60
+ "@aeriajs/entrypoint": "^0.0.135",
61
+ "@aeriajs/types": "^0.0.114",
62
+ "@aeriajs/validation": "^0.0.147"
63
63
  }
64
64
  }