@alanszp/express 12.0.3 → 13.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/helpers/getRequestBaseLog.d.ts +2 -0
- package/dist/helpers/getRequestBaseLog.js +9 -0
- package/dist/helpers/getRequestBaseLog.js.map +1 -0
- package/dist/helpers/renderErrorJson.d.ts +1 -0
- package/dist/helpers/renderErrorJson.js +10 -1
- package/dist/helpers/renderErrorJson.js.map +1 -1
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/index.js.map +1 -1
- package/dist/middlewares/errorRequestHandlerMiddleware.d.ts +4 -0
- package/dist/middlewares/errorRequestHandlerMiddleware.js +68 -0
- package/dist/middlewares/errorRequestHandlerMiddleware.js.map +1 -0
- package/dist/middlewares/hasPermissions.d.ts +20 -0
- package/dist/middlewares/hasPermissions.js +90 -0
- package/dist/middlewares/hasPermissions.js.map +1 -0
- package/dist/middlewares/hasRoles.js +4 -4
- package/dist/middlewares/hasRoles.js.map +1 -1
- package/package.json +9 -7
- package/dist/middlewares/returnInternalServerError.d.ts +0 -4
- package/dist/middlewares/returnInternalServerError.js +0 -10
- package/dist/middlewares/returnInternalServerError.js.map +0 -1
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getRequestBaseLog = void 0;
|
|
4
|
+
const lodash_1 = require("lodash");
|
|
5
|
+
function getRequestBaseLog(req) {
|
|
6
|
+
return `${(0, lodash_1.snakeCase)(req.path)}.${(0, lodash_1.snakeCase)(req.method)}`;
|
|
7
|
+
}
|
|
8
|
+
exports.getRequestBaseLog = getRequestBaseLog;
|
|
9
|
+
//# sourceMappingURL=getRequestBaseLog.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getRequestBaseLog.js","sourceRoot":"","sources":["../../src/helpers/getRequestBaseLog.ts"],"names":[],"mappings":";;;AACA,mCAAmC;AAEnC,SAAgB,iBAAiB,CAAC,GAAY;IAC5C,OAAO,GAAG,IAAA,kBAAS,EAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAA,kBAAS,EAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;AAC3D,CAAC;AAFD,8CAEC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { RenderableView } from "@alanszp/errors";
|
|
2
2
|
export declare function render401Error(requiredChecks: string[]): RenderableView;
|
|
3
|
+
export declare function render403Error(): RenderableView;
|
|
3
4
|
export declare function render404Error(): RenderableView;
|
|
4
5
|
export declare function render400Error(message: string): RenderableView;
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.render400Error = exports.render404Error = exports.render401Error = void 0;
|
|
3
|
+
exports.render400Error = exports.render404Error = exports.render403Error = exports.render401Error = void 0;
|
|
4
4
|
const core_1 = require("@alanszp/core");
|
|
5
5
|
function render401Error(requiredChecks) {
|
|
6
6
|
return {
|
|
@@ -11,6 +11,15 @@ function render401Error(requiredChecks) {
|
|
|
11
11
|
};
|
|
12
12
|
}
|
|
13
13
|
exports.render401Error = render401Error;
|
|
14
|
+
function render403Error() {
|
|
15
|
+
return {
|
|
16
|
+
code: "forbidden",
|
|
17
|
+
message: "Forbidden",
|
|
18
|
+
context: {},
|
|
19
|
+
origin: (0, core_1.appIdentifier)(),
|
|
20
|
+
};
|
|
21
|
+
}
|
|
22
|
+
exports.render403Error = render403Error;
|
|
14
23
|
function render404Error() {
|
|
15
24
|
return {
|
|
16
25
|
code: "not_found",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"renderErrorJson.js","sourceRoot":"","sources":["../../src/helpers/renderErrorJson.ts"],"names":[],"mappings":";;;AAAA,wCAA8C;AAG9C,SAAgB,cAAc,CAAC,cAAwB;IACrD,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,oBAAoB;QAC7B,OAAO,EAAE,EAAE,cAAc,EAAE;QAC3B,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC;AAED,SAAgB,cAAc;IAC5B,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC;AAED,SAAgB,cAAc,CAAC,OAAe;IAC5C,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,OAAO;QACP,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC"}
|
|
1
|
+
{"version":3,"file":"renderErrorJson.js","sourceRoot":"","sources":["../../src/helpers/renderErrorJson.ts"],"names":[],"mappings":";;;AAAA,wCAA8C;AAG9C,SAAgB,cAAc,CAAC,cAAwB;IACrD,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,oBAAoB;QAC7B,OAAO,EAAE,EAAE,cAAc,EAAE;QAC3B,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC;AAED,SAAgB,cAAc;IAC5B,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC;AAED,SAAgB,cAAc;IAC5B,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC;AAED,SAAgB,cAAc,CAAC,OAAe;IAC5C,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,OAAO;QACP,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,IAAA,oBAAa,GAAE;KACxB,CAAC;AACJ,CAAC;AAPD,wCAOC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -4,7 +4,9 @@ export * from "./middlewares/accessLogger";
|
|
|
4
4
|
export * from "./middlewares/authedForOrg";
|
|
5
5
|
export * from "./middlewares/createContext";
|
|
6
6
|
export * from "./middlewares/authenticateUser";
|
|
7
|
-
export * from "./middlewares/
|
|
7
|
+
export * from "./middlewares/errorRequestHandlerMiddleware";
|
|
8
8
|
export * from "./middlewares/returnNotFound";
|
|
9
9
|
export * from "./middlewares/jsonBodyParser";
|
|
10
10
|
export * from "./middlewares/hasRoles";
|
|
11
|
+
export * from "./middlewares/hasPermissions";
|
|
12
|
+
export * from "./helpers/getRequestBaseLog";
|
package/dist/index.js
CHANGED
|
@@ -16,8 +16,10 @@ __exportStar(require("./middlewares/accessLogger"), exports);
|
|
|
16
16
|
__exportStar(require("./middlewares/authedForOrg"), exports);
|
|
17
17
|
__exportStar(require("./middlewares/createContext"), exports);
|
|
18
18
|
__exportStar(require("./middlewares/authenticateUser"), exports);
|
|
19
|
-
__exportStar(require("./middlewares/
|
|
19
|
+
__exportStar(require("./middlewares/errorRequestHandlerMiddleware"), exports);
|
|
20
20
|
__exportStar(require("./middlewares/returnNotFound"), exports);
|
|
21
21
|
__exportStar(require("./middlewares/jsonBodyParser"), exports);
|
|
22
22
|
__exportStar(require("./middlewares/hasRoles"), exports);
|
|
23
|
+
__exportStar(require("./middlewares/hasPermissions"), exports);
|
|
24
|
+
__exportStar(require("./helpers/getRequestBaseLog"), exports);
|
|
23
25
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAmC;AACnC,yDAAuC;AACvC,6DAA2C;AAC3C,6DAA2C;AAC3C,8DAA4C;AAC5C,iEAA+C;AAC/C,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAmC;AACnC,yDAAuC;AACvC,6DAA2C;AAC3C,6DAA2C;AAC3C,8DAA4C;AAC5C,iEAA+C;AAC/C,8EAA4D;AAC5D,+DAA6C;AAC7C,+DAA6C;AAC7C,yDAAuC;AACvC,+DAA6C;AAC7C,8DAA4C"}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import { ErrorRequestHandler } from "express";
|
|
2
|
+
import { ILogger } from "@alanszp/logger";
|
|
3
|
+
export declare type ErrorRequestHandlerMiddleware = (getLogger: () => ILogger) => ErrorRequestHandler;
|
|
4
|
+
export declare const errorRequestHandlerMiddleware: ErrorRequestHandlerMiddleware;
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.errorRequestHandlerMiddleware = void 0;
|
|
4
|
+
const errors_1 = require("@alanszp/errors");
|
|
5
|
+
const getRequestBaseLog_1 = require("../helpers/getRequestBaseLog");
|
|
6
|
+
const typeorm_1 = require("typeorm");
|
|
7
|
+
const renderErrorJson_1 = require("../helpers/renderErrorJson");
|
|
8
|
+
const errorRequestHandlerMiddleware = (getLogger) => (error, req, res, _next) => {
|
|
9
|
+
const logger = getLogger();
|
|
10
|
+
const baseLog = (0, getRequestBaseLog_1.getRequestBaseLog)(req);
|
|
11
|
+
try {
|
|
12
|
+
if (error instanceof errors_1.RenderableError) {
|
|
13
|
+
const statusCode = error instanceof errors_1.HttpRenderableError ? error.httpCode() : 500;
|
|
14
|
+
if (statusCode >= 500) {
|
|
15
|
+
logger.error(`${baseLog}.error.${error.code()}`, {
|
|
16
|
+
statusCode,
|
|
17
|
+
error,
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
else {
|
|
21
|
+
logger.info(`${baseLog}.error.${error.code()}`, {
|
|
22
|
+
statusCode,
|
|
23
|
+
error,
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
res.status(statusCode).json(error.toView());
|
|
27
|
+
return;
|
|
28
|
+
}
|
|
29
|
+
if (error instanceof typeorm_1.EntityNotFoundError) {
|
|
30
|
+
logger.info(`${baseLog}.error.typeorm.entity_not_found`, {
|
|
31
|
+
error,
|
|
32
|
+
});
|
|
33
|
+
res.status(404).json((0, renderErrorJson_1.render404Error)());
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
36
|
+
if (error instanceof typeorm_1.QueryFailedError) {
|
|
37
|
+
if (error.code === "23505") {
|
|
38
|
+
logger.info(`${baseLog}.error.typeorm.query_error.duplicate`, {
|
|
39
|
+
error,
|
|
40
|
+
});
|
|
41
|
+
res.status(400).json((0, renderErrorJson_1.render400Error)("Entity already exists"));
|
|
42
|
+
}
|
|
43
|
+
else {
|
|
44
|
+
logger.error(`${baseLog}.error.typeorm.query_error.unknown`, {
|
|
45
|
+
error,
|
|
46
|
+
});
|
|
47
|
+
res.status(500).json(new errors_1.InternalServerError(error).toView());
|
|
48
|
+
}
|
|
49
|
+
return;
|
|
50
|
+
}
|
|
51
|
+
res.status(500).json(new errors_1.InternalServerError(error).toView());
|
|
52
|
+
logger.error(`${baseLog}.error.return_internal_server_error.error_to_client`, { error });
|
|
53
|
+
}
|
|
54
|
+
catch (errorOfError) {
|
|
55
|
+
try {
|
|
56
|
+
// Try one last time to log the error
|
|
57
|
+
logger.error(`${baseLog}.error.return_internal_server_error.error_rendering_error_to_client`, { error: errorOfError });
|
|
58
|
+
}
|
|
59
|
+
catch (_error) { }
|
|
60
|
+
res.status(500).json({
|
|
61
|
+
code: "internal_server_error",
|
|
62
|
+
message: "Internal server error",
|
|
63
|
+
context: {},
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
};
|
|
67
|
+
exports.errorRequestHandlerMiddleware = errorRequestHandlerMiddleware;
|
|
68
|
+
//# sourceMappingURL=errorRequestHandlerMiddleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errorRequestHandlerMiddleware.js","sourceRoot":"","sources":["../../src/middlewares/errorRequestHandlerMiddleware.ts"],"names":[],"mappings":";;;AACA,4CAIyB;AAGzB,oEAAiE;AACjE,qCAAgE;AAChE,gEAA4E;AAMrE,MAAM,6BAA6B,GACxC,CAAC,SAAwB,EAAE,EAAE,CAC7B,CAAC,KAAc,EAAE,GAAmB,EAAE,GAAa,EAAE,KAAmB,EAAE,EAAE;IAC1E,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,OAAO,GAAG,IAAA,qCAAiB,EAAC,GAAG,CAAC,CAAC;IAEvC,IAAI;QACF,IAAI,KAAK,YAAY,wBAAe,EAAE;YACpC,MAAM,UAAU,GACd,KAAK,YAAY,4BAAmB,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YAEhE,IAAI,UAAU,IAAI,GAAG,EAAE;gBACrB,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,UAAU,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE;oBAC/C,UAAU;oBACV,KAAK;iBACN,CAAC,CAAC;aACJ;iBAAM;gBACL,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,UAAU,KAAK,CAAC,IAAI,EAAE,EAAE,EAAE;oBAC9C,UAAU;oBACV,KAAK;iBACN,CAAC,CAAC;aACJ;YAED,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC5C,OAAO;SACR;QAED,IAAI,KAAK,YAAY,6BAAmB,EAAE;YACxC,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,iCAAiC,EAAE;gBACvD,KAAK;aACN,CAAC,CAAC;YACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,GAAE,CAAC,CAAC;YACvC,OAAO;SACR;QAED,IAAI,KAAK,YAAY,0BAAgB,EAAE;YACrC,IAAK,KAAqC,CAAC,IAAI,KAAK,OAAO,EAAE;gBAC3D,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,sCAAsC,EAAE;oBAC5D,KAAK;iBACN,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,EAAC,uBAAuB,CAAC,CAAC,CAAC;aAC/D;iBAAM;gBACL,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,oCAAoC,EAAE;oBAC3D,KAAK;iBACN,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,4BAAmB,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;aAC/D;YACD,OAAO;SACR;QAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,4BAAmB,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,KAAK,CACV,GAAG,OAAO,qDAAqD,EAC/D,EAAE,KAAK,EAAE,CACV,CAAC;KACH;IAAC,OAAO,YAAqB,EAAE;QAC9B,IAAI;YACF,qCAAqC;YACrC,MAAM,CAAC,KAAK,CACV,GAAG,OAAO,qEAAqE,EAC/E,EAAE,KAAK,EAAE,YAAY,EAAE,CACxB,CAAC;SACH;QAAC,OAAO,MAAe,EAAE,GAAE;QAE5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,IAAI,EAAE,uBAAuB;YAC7B,OAAO,EAAE,uBAAuB;YAChC,OAAO,EAAE,EAAE;SACZ,CAAC,CAAC;KACJ;AACH,CAAC,CAAC;AAtES,QAAA,6BAA6B,iCAsEtC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { NextFunction, Response } from "express";
|
|
2
|
+
import { GenericRequest } from "../types/GenericRequest";
|
|
3
|
+
/**
|
|
4
|
+
* Check if the jwtUser has a single permission
|
|
5
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
6
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
7
|
+
*/
|
|
8
|
+
export declare function hasPermission(permission: string, oldRoleCodes?: string | string[]): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
9
|
+
/**
|
|
10
|
+
* Check if the jwtUser has at least one permission
|
|
11
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
12
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
13
|
+
*/
|
|
14
|
+
export declare function hasSomePermission(permissions: string[], oldRoleCodes?: string | string[]): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
15
|
+
/**
|
|
16
|
+
* Check if the jwtUser has all permissions
|
|
17
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
18
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
19
|
+
*/
|
|
20
|
+
export declare function hasEveryPermission(permissions: string[], oldRoleCodes?: string | string[]): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.hasEveryPermission = exports.hasSomePermission = exports.hasPermission = void 0;
|
|
13
|
+
const hasRoles_1 = require("./hasRoles");
|
|
14
|
+
const renderErrorJson_1 = require("../helpers/renderErrorJson");
|
|
15
|
+
function response401(res) {
|
|
16
|
+
res.status(401).json((0, renderErrorJson_1.render401Error)(["jwt"]));
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Check if the jwtUser has a single permission
|
|
20
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
21
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
22
|
+
*/
|
|
23
|
+
function hasPermission(permission, oldRoleCodes) {
|
|
24
|
+
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
25
|
+
try {
|
|
26
|
+
const { jwtUser } = req.context;
|
|
27
|
+
if (!jwtUser) {
|
|
28
|
+
return response401(res);
|
|
29
|
+
}
|
|
30
|
+
yield jwtUser.validatePermission(permission);
|
|
31
|
+
next();
|
|
32
|
+
}
|
|
33
|
+
catch (error) {
|
|
34
|
+
if (oldRoleCodes) {
|
|
35
|
+
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
36
|
+
}
|
|
37
|
+
next(error);
|
|
38
|
+
}
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
exports.hasPermission = hasPermission;
|
|
42
|
+
/**
|
|
43
|
+
* Check if the jwtUser has at least one permission
|
|
44
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
45
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
46
|
+
*/
|
|
47
|
+
function hasSomePermission(permissions, oldRoleCodes) {
|
|
48
|
+
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
49
|
+
try {
|
|
50
|
+
const { jwtUser } = req.context;
|
|
51
|
+
if (!jwtUser) {
|
|
52
|
+
return response401(res);
|
|
53
|
+
}
|
|
54
|
+
yield jwtUser.validateSomePermission(permissions);
|
|
55
|
+
next();
|
|
56
|
+
}
|
|
57
|
+
catch (error) {
|
|
58
|
+
if (oldRoleCodes) {
|
|
59
|
+
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
60
|
+
}
|
|
61
|
+
next(error);
|
|
62
|
+
}
|
|
63
|
+
});
|
|
64
|
+
}
|
|
65
|
+
exports.hasSomePermission = hasSomePermission;
|
|
66
|
+
/**
|
|
67
|
+
* Check if the jwtUser has all permissions
|
|
68
|
+
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
69
|
+
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
70
|
+
*/
|
|
71
|
+
function hasEveryPermission(permissions, oldRoleCodes) {
|
|
72
|
+
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
73
|
+
try {
|
|
74
|
+
const { jwtUser } = req.context;
|
|
75
|
+
if (!jwtUser) {
|
|
76
|
+
return response401(res);
|
|
77
|
+
}
|
|
78
|
+
yield jwtUser.validateEveryPermission(permissions);
|
|
79
|
+
next();
|
|
80
|
+
}
|
|
81
|
+
catch (error) {
|
|
82
|
+
if (oldRoleCodes) {
|
|
83
|
+
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
84
|
+
}
|
|
85
|
+
next(error);
|
|
86
|
+
}
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
exports.hasEveryPermission = hasEveryPermission;
|
|
90
|
+
//# sourceMappingURL=hasPermissions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hasPermissions.js","sourceRoot":"","sources":["../../src/middlewares/hasPermissions.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,yCAAsC;AACtC,gEAA4E;AAE5E,SAAS,WAAW,CAAC,GAAa;IAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,EAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAC3B,UAAkB,EAClB,YAAgC;IAEhC,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,MAAM,OAAO,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YAC7C,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,YAAY,EAAE;gBAChB,OAAO,IAAA,mBAAQ,EAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC/C;YACD,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AApBD,sCAoBC;AAED;;;;GAIG;AACH,SAAgB,iBAAiB,CAC/B,WAAqB,EACrB,YAAgC;IAEhC,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,MAAM,OAAO,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC;YAClD,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,YAAY,EAAE;gBAChB,OAAO,IAAA,mBAAQ,EAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC/C;YACD,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AApBD,8CAoBC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAChC,WAAqB,EACrB,YAAgC;IAEhC,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,MAAM,OAAO,CAAC,uBAAuB,CAAC,WAAW,CAAC,CAAC;YACnD,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,YAAY,EAAE;gBAChB,OAAO,IAAA,mBAAQ,EAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC/C;YACD,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AApBD,gDAoBC"}
|
|
@@ -2,19 +2,19 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.hasRoles = void 0;
|
|
4
4
|
const renderErrorJson_1 = require("../helpers/renderErrorJson");
|
|
5
|
-
function
|
|
6
|
-
res.status(
|
|
5
|
+
function response403(res) {
|
|
6
|
+
res.status(403).json((0, renderErrorJson_1.render403Error)());
|
|
7
7
|
}
|
|
8
8
|
function hasRoles(roles) {
|
|
9
9
|
return (req, res, next) => {
|
|
10
10
|
const { jwtUser } = req.context;
|
|
11
11
|
if (!jwtUser) {
|
|
12
|
-
return
|
|
12
|
+
return response403(res);
|
|
13
13
|
}
|
|
14
14
|
if (jwtUser.hasRoles(roles)) {
|
|
15
15
|
return next();
|
|
16
16
|
}
|
|
17
|
-
|
|
17
|
+
response403(res);
|
|
18
18
|
};
|
|
19
19
|
}
|
|
20
20
|
exports.hasRoles = hasRoles;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hasRoles.js","sourceRoot":"","sources":["../../src/middlewares/hasRoles.ts"],"names":[],"mappings":";;;AAEA,gEAA4D;AAE5D,SAAS,WAAW,CAAC,GAAa;IAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,
|
|
1
|
+
{"version":3,"file":"hasRoles.js","sourceRoot":"","sources":["../../src/middlewares/hasRoles.ts"],"names":[],"mappings":";;;AAEA,gEAA4D;AAE5D,SAAS,WAAW,CAAC,GAAa;IAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,GAAE,CAAC,CAAC;AACzC,CAAC;AAED,SAAgB,QAAQ,CACtB,KAAwB;IAExB,OAAO,CAAC,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAChE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;QAChC,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;SACzB;QAED,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;YAC3B,OAAO,IAAI,EAAE,CAAC;SACf;QAED,WAAW,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC,CAAC;AACJ,CAAC;AAfD,4BAeC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@alanszp/express",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "13.0.0",
|
|
4
4
|
"description": "Alan's express utils and middlewares.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"typings": "dist/index.d.ts",
|
|
@@ -18,7 +18,8 @@
|
|
|
18
18
|
},
|
|
19
19
|
"peerDependencies": {
|
|
20
20
|
"@alanszp/errors": ">=12.0.0",
|
|
21
|
-
"express": "^4.17.1"
|
|
21
|
+
"express": "^4.17.1",
|
|
22
|
+
"typeorm": "^0.2.41"
|
|
22
23
|
},
|
|
23
24
|
"devDependencies": {
|
|
24
25
|
"@types/body-parser": "^1.19.1",
|
|
@@ -30,17 +31,18 @@
|
|
|
30
31
|
"jest": "^29.7.0",
|
|
31
32
|
"ts-node": "^10.0.0",
|
|
32
33
|
"tslint": "^6.1.3",
|
|
34
|
+
"typeorm": "^0.2.41",
|
|
33
35
|
"typescript": "^4.3.4"
|
|
34
36
|
},
|
|
35
37
|
"dependencies": {
|
|
36
|
-
"@alanszp/audit": "^
|
|
37
|
-
"@alanszp/jwt": "^
|
|
38
|
-
"@alanszp/logger": "^
|
|
39
|
-
"@alanszp/shared-context": "^
|
|
38
|
+
"@alanszp/audit": "^13.0.0",
|
|
39
|
+
"@alanszp/jwt": "^13.0.0",
|
|
40
|
+
"@alanszp/logger": "^13.0.0",
|
|
41
|
+
"@alanszp/shared-context": "^13.0.0",
|
|
40
42
|
"@babel/core": "^7.23.9",
|
|
41
43
|
"@paralleldrive/cuid2": "^2.2.2",
|
|
42
44
|
"body-parser": "^1.20.2",
|
|
43
45
|
"lodash": "^4.17.21"
|
|
44
46
|
},
|
|
45
|
-
"gitHead": "
|
|
47
|
+
"gitHead": "a9643f1301fe2e704611805b65e64de2ee5186cd"
|
|
46
48
|
}
|
|
@@ -1,4 +0,0 @@
|
|
|
1
|
-
import { ErrorRequestHandler } from "express";
|
|
2
|
-
import { ILogger } from "@alanszp/logger";
|
|
3
|
-
export declare type GetInternalServerErrorMiddleware = (getLogger: () => ILogger) => ErrorRequestHandler;
|
|
4
|
-
export declare const returnInternalServerError: GetInternalServerErrorMiddleware;
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.returnInternalServerError = void 0;
|
|
4
|
-
const errors_1 = require("@alanszp/errors");
|
|
5
|
-
const returnInternalServerError = (getLogger) => (error, req, res, _next) => {
|
|
6
|
-
res.status(500).json(new errors_1.InternalServerError(error).toView());
|
|
7
|
-
getLogger().error("error_to_client", { error });
|
|
8
|
-
};
|
|
9
|
-
exports.returnInternalServerError = returnInternalServerError;
|
|
10
|
-
//# sourceMappingURL=returnInternalServerError.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"returnInternalServerError.js","sourceRoot":"","sources":["../../src/middlewares/returnInternalServerError.ts"],"names":[],"mappings":";;;AACA,4CAAsD;AAQ/C,MAAM,yBAAyB,GACpC,CAAC,SAAwB,EAAE,EAAE,CAC7B,CAAC,KAAc,EAAE,GAAmB,EAAE,GAAa,EAAE,KAAmB,EAAE,EAAE;IAC1E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,4BAAmB,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9D,SAAS,EAAE,CAAC,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AAClD,CAAC,CAAC;AALS,QAAA,yBAAyB,6BAKlC"}
|