@alanszp/express 15.0.3 → 15.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -17,20 +17,28 @@ const getIp_1 = require("../helpers/getIp");
|
|
|
17
17
|
function auditLog(action, bodyModifier) {
|
|
18
18
|
return function writeAuditLogMiddleware(req, res, next) {
|
|
19
19
|
res.on("finish", function writeAuditLog() {
|
|
20
|
-
var _a, _b, _c;
|
|
20
|
+
var _a, _b, _c, _d, _e;
|
|
21
21
|
return __awaiter(this, void 0, void 0, function* () {
|
|
22
22
|
try {
|
|
23
23
|
const audit = req.context.audit;
|
|
24
24
|
const partialBody = bodyModifier
|
|
25
25
|
? yield Promise.resolve(bodyModifier(req, res))
|
|
26
26
|
: {};
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
partialBody.
|
|
27
|
+
const jwtUser = req.context.jwtUser;
|
|
28
|
+
if (jwtUser) {
|
|
29
|
+
partialBody.orgRef =
|
|
30
|
+
(_a = jwtUser.originalOrganizationReference) !== null && _a !== void 0 ? _a : jwtUser.organizationReference;
|
|
31
|
+
partialBody.impersonatedOrgRef = jwtUser.isImpersonating()
|
|
32
|
+
? jwtUser.organizationReference
|
|
33
|
+
: undefined;
|
|
34
|
+
partialBody.actorRef = (_b = jwtUser.originalId) !== null && _b !== void 0 ? _b : jwtUser.id;
|
|
35
|
+
partialBody.impersonatedActorRef = jwtUser.isImpersonating()
|
|
36
|
+
? jwtUser.id
|
|
37
|
+
: undefined;
|
|
30
38
|
}
|
|
31
39
|
partialBody.ip = (0, getIp_1.getIp)(req) || "no-ip";
|
|
32
40
|
audit.log(Object.assign(Object.assign({ succeed: res.statusCode === 304 ||
|
|
33
|
-
(res.statusCode >= 200 && res.statusCode < 300) }, partialBody), { lid: (
|
|
41
|
+
(res.statusCode >= 200 && res.statusCode < 300) }, partialBody), { lid: (_c = req.context.lifecycleId) !== null && _c !== void 0 ? _c : undefined, lch: (_d = req.context.lifecycleChain) !== null && _d !== void 0 ? _d : undefined, cid: (_e = req.context.contextId) !== null && _e !== void 0 ? _e : undefined, action }));
|
|
34
42
|
}
|
|
35
43
|
catch (error) {
|
|
36
44
|
req.context.log.error("auditLog.writeLog.error", { action, error });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auditLog.js","sourceRoot":"","sources":["../../src/middlewares/auditLog.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,4CAAyC;AAQzC;;GAEG;AACH,SAAgB,QAAQ,CAAC,MAAc,EAAE,YAAgC;IACvE,OAAO,SAAS,uBAAuB,CACrC,GAAmB,EACnB,GAAa,EACb,IAAkB;QAElB,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,SAAe,aAAa;;;gBAC3C,IAAI;oBACF,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC;oBAEhC,MAAM,WAAW,GAAG,YAAY;wBAC9B,CAAC,CAAC,MAAM,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;wBAC/C,CAAC,CAAE,EAAyB,CAAC;oBAE/B,
|
|
1
|
+
{"version":3,"file":"auditLog.js","sourceRoot":"","sources":["../../src/middlewares/auditLog.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,4CAAyC;AAQzC;;GAEG;AACH,SAAgB,QAAQ,CAAC,MAAc,EAAE,YAAgC;IACvE,OAAO,SAAS,uBAAuB,CACrC,GAAmB,EACnB,GAAa,EACb,IAAkB;QAElB,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,SAAe,aAAa;;;gBAC3C,IAAI;oBACF,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC;oBAEhC,MAAM,WAAW,GAAG,YAAY;wBAC9B,CAAC,CAAC,MAAM,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;wBAC/C,CAAC,CAAE,EAAyB,CAAC;oBAE/B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC;oBACpC,IAAI,OAAO,EAAE;wBACX,WAAW,CAAC,MAAM;4BAChB,MAAA,OAAO,CAAC,6BAA6B,mCACrC,OAAO,CAAC,qBAAqB,CAAC;wBAChC,WAAW,CAAC,kBAAkB,GAAG,OAAO,CAAC,eAAe,EAAE;4BACxD,CAAC,CAAC,OAAO,CAAC,qBAAqB;4BAC/B,CAAC,CAAC,SAAS,CAAC;wBACd,WAAW,CAAC,QAAQ,GAAG,MAAA,OAAO,CAAC,UAAU,mCAAI,OAAO,CAAC,EAAE,CAAC;wBACxD,WAAW,CAAC,oBAAoB,GAAG,OAAO,CAAC,eAAe,EAAE;4BAC1D,CAAC,CAAC,OAAO,CAAC,EAAE;4BACZ,CAAC,CAAC,SAAS,CAAC;qBACf;oBAED,WAAW,CAAC,EAAE,GAAG,IAAA,aAAK,EAAC,GAAG,CAAC,IAAI,OAAO,CAAC;oBAEvC,KAAK,CAAC,GAAG,+BACP,OAAO,EACL,GAAG,CAAC,UAAU,KAAK,GAAG;4BACtB,CAAC,GAAG,CAAC,UAAU,IAAI,GAAG,IAAI,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC,IAC9C,WAAW,KACd,GAAG,EAAE,MAAA,GAAG,CAAC,OAAO,CAAC,WAAW,mCAAI,SAAS,EACzC,GAAG,EAAE,MAAA,GAAG,CAAC,OAAO,CAAC,cAAc,mCAAI,SAAS,EAC5C,GAAG,EAAE,MAAA,GAAG,CAAC,OAAO,CAAC,SAAS,mCAAI,SAAS,EACvC,MAAM,IACN,CAAC;iBACJ;gBAAC,OAAO,KAAc,EAAE;oBACvB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;iBACrE;;SACF,CAAC,CAAC;QAEH,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AA/CD,4BA+CC"}
|
|
@@ -5,16 +5,16 @@ import { GenericRequest } from "../types/GenericRequest";
|
|
|
5
5
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
6
6
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
7
7
|
*/
|
|
8
|
-
export declare function hasPermission(permission: string
|
|
8
|
+
export declare function hasPermission(permission: string): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
9
9
|
/**
|
|
10
10
|
* Check if the jwtUser has at least one permission
|
|
11
11
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
12
12
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
13
13
|
*/
|
|
14
|
-
export declare function hasSomePermission(permissions: string[]
|
|
14
|
+
export declare function hasSomePermission(permissions: string[]): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
15
15
|
/**
|
|
16
16
|
* Check if the jwtUser has all permissions
|
|
17
17
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
18
18
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
19
19
|
*/
|
|
20
|
-
export declare function hasEveryPermission(permissions: string[]
|
|
20
|
+
export declare function hasEveryPermission(permissions: string[]): (req: GenericRequest, res: Response, next: NextFunction) => Promise<void>;
|
|
@@ -20,20 +20,21 @@ function response401(res) {
|
|
|
20
20
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
21
21
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
22
22
|
*/
|
|
23
|
-
function hasPermission(permission
|
|
23
|
+
function hasPermission(permission) {
|
|
24
24
|
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
25
25
|
try {
|
|
26
26
|
const { jwtUser } = req.context;
|
|
27
27
|
if (!jwtUser) {
|
|
28
28
|
return response401(res);
|
|
29
29
|
}
|
|
30
|
+
// TODO: Remove when we have service accounts, SA will have it's own permissions so this will not be needed.
|
|
31
|
+
if (jwtUser.isServiceAccount()) {
|
|
32
|
+
return (0, hasRoles_1.hasRoles)(["admin"])(req, res, next);
|
|
33
|
+
}
|
|
30
34
|
yield jwtUser.validatePermission(permission);
|
|
31
35
|
next();
|
|
32
36
|
}
|
|
33
37
|
catch (error) {
|
|
34
|
-
if (oldRoleCodes) {
|
|
35
|
-
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
36
|
-
}
|
|
37
38
|
next(error);
|
|
38
39
|
}
|
|
39
40
|
});
|
|
@@ -44,20 +45,21 @@ exports.hasPermission = hasPermission;
|
|
|
44
45
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
45
46
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
46
47
|
*/
|
|
47
|
-
function hasSomePermission(permissions
|
|
48
|
+
function hasSomePermission(permissions) {
|
|
48
49
|
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
49
50
|
try {
|
|
50
51
|
const { jwtUser } = req.context;
|
|
51
52
|
if (!jwtUser) {
|
|
52
53
|
return response401(res);
|
|
53
54
|
}
|
|
55
|
+
// TODO: Remove when we have service accounts, SA will have it's own permissions so this will not be needed.
|
|
56
|
+
if (jwtUser.isServiceAccount()) {
|
|
57
|
+
return (0, hasRoles_1.hasRoles)(["admin"])(req, res, next);
|
|
58
|
+
}
|
|
54
59
|
yield jwtUser.validateSomePermission(permissions);
|
|
55
60
|
next();
|
|
56
61
|
}
|
|
57
62
|
catch (error) {
|
|
58
|
-
if (oldRoleCodes) {
|
|
59
|
-
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
60
|
-
}
|
|
61
63
|
next(error);
|
|
62
64
|
}
|
|
63
65
|
});
|
|
@@ -68,20 +70,21 @@ exports.hasSomePermission = hasSomePermission;
|
|
|
68
70
|
* If not, check if the jwtUser has the required roles (to maintain backwards compatibility)
|
|
69
71
|
* When neither permissions nor roles requirements are met, throw a NoPermissionError
|
|
70
72
|
*/
|
|
71
|
-
function hasEveryPermission(permissions
|
|
73
|
+
function hasEveryPermission(permissions) {
|
|
72
74
|
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
73
75
|
try {
|
|
74
76
|
const { jwtUser } = req.context;
|
|
75
77
|
if (!jwtUser) {
|
|
76
78
|
return response401(res);
|
|
77
79
|
}
|
|
80
|
+
// TODO: Remove when we have service accounts, SA will have it's own permissions so this will not be needed.
|
|
81
|
+
if (jwtUser.isServiceAccount()) {
|
|
82
|
+
return (0, hasRoles_1.hasRoles)(["admin"])(req, res, next);
|
|
83
|
+
}
|
|
78
84
|
yield jwtUser.validateEveryPermission(permissions);
|
|
79
85
|
next();
|
|
80
86
|
}
|
|
81
87
|
catch (error) {
|
|
82
|
-
if (oldRoleCodes) {
|
|
83
|
-
return (0, hasRoles_1.hasRoles)(oldRoleCodes)(req, res, next);
|
|
84
|
-
}
|
|
85
88
|
next(error);
|
|
86
89
|
}
|
|
87
90
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hasPermissions.js","sourceRoot":"","sources":["../../src/middlewares/hasPermissions.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,yCAAsC;AACtC,
|
|
1
|
+
{"version":3,"file":"hasPermissions.js","sourceRoot":"","sources":["../../src/middlewares/hasPermissions.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,yCAAsC;AACtC,gEAA4D;AAE5D,SAAS,WAAW,CAAC,GAAa;IAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAc,EAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,UAAkB;IAC9C,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,4GAA4G;YAC5G,IAAI,OAAO,CAAC,gBAAgB,EAAE,EAAE;gBAC9B,OAAO,IAAA,mBAAQ,EAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC5C;YAED,MAAM,OAAO,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YAC7C,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AAnBD,sCAmBC;AAED;;;;GAIG;AACH,SAAgB,iBAAiB,CAAC,WAAqB;IACrD,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,4GAA4G;YAC5G,IAAI,OAAO,CAAC,gBAAgB,EAAE,EAAE;gBAC9B,OAAO,IAAA,mBAAQ,EAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC5C;YAED,MAAM,OAAO,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC;YAClD,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AAnBD,8CAmBC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,WAAqB;IACtD,OAAO,CAAO,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACtE,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;aACzB;YAED,4GAA4G;YAC5G,IAAI,OAAO,CAAC,gBAAgB,EAAE,EAAE;gBAC9B,OAAO,IAAA,mBAAQ,EAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;aAC5C;YAED,MAAM,OAAO,CAAC,uBAAuB,CAAC,WAAW,CAAC,CAAC;YACnD,IAAI,EAAE,CAAC;SACR;QAAC,OAAO,KAAc,EAAE;YACvB,IAAI,CAAC,KAAK,CAAC,CAAC;SACb;IACH,CAAC,CAAA,CAAC;AACJ,CAAC;AAnBD,gDAmBC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@alanszp/express",
|
|
3
|
-
"version": "15.0.
|
|
3
|
+
"version": "15.0.4",
|
|
4
4
|
"description": "Alan's express utils and middlewares.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"typings": "dist/index.d.ts",
|
|
@@ -38,14 +38,14 @@
|
|
|
38
38
|
"typescript": "^4.3.4"
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
|
-
"@alanszp/audit": "^15.0.
|
|
42
|
-
"@alanszp/jwt": "^15.0.
|
|
41
|
+
"@alanszp/audit": "^15.0.4",
|
|
42
|
+
"@alanszp/jwt": "^15.0.4",
|
|
43
43
|
"@alanszp/logger": "^15.0.0",
|
|
44
|
-
"@alanszp/shared-context": "^15.0.
|
|
44
|
+
"@alanszp/shared-context": "^15.0.4",
|
|
45
45
|
"@babel/core": "^7.23.9",
|
|
46
46
|
"@paralleldrive/cuid2": "^2.2.2",
|
|
47
47
|
"body-parser": "^1.20.2",
|
|
48
48
|
"lodash": "^4.17.21"
|
|
49
49
|
},
|
|
50
|
-
"gitHead": "
|
|
50
|
+
"gitHead": "21554c6285f8c1f6d4aea93d4f9253033d7bf385"
|
|
51
51
|
}
|