@autofleet/zehut 3.0.11-beta.1 → 3.1.0-beta.0

package/lib/user/ApiUser.d.ts

@@ -20,9 +20,15 @@ export interface PartialUserPayload {
     drivers?: EntityPermissions;
     businessAccounts?: EntityPermissions;
 }
+export interface AuthorizationFilters {
+    businessModelId?: string;
+    fleetId?: string;
+    demandSourceId?: string;
+}
 export type CustomPermissionLoader = (string: any) => Promise<UserPayload>;
 export default class ApiUser {
     id: string | undefined;
+    authorizationFilters: AuthorizationFilters;
     privatePermissions: UserPayload | undefined;
     privateElevatedPermissionsHash: Map<string, PartialUserPayload | undefined>;
     privatePermissionsLegacy: any;
@@ -31,7 +37,7 @@ export default class ApiUser {
     };
     emptyUser: boolean;
     accountType: AccountType | undefined;
-    constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload);
+    constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload, authorizationFilters?: AuthorizationFilters);
     getUserPermissions(): Promise<UserPayload>;
     useCustomPermissionLoader(customPermissionLoader: any): Promise<UserPayload>;
     get businessModels(): string[] | undefined;

package/lib/user/ApiUser.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ELEVATED_PERMISSIONS_HEADER = void 0;
 /* eslint-disable consistent-return */
 const node_cache_1 = __importDefault(require("node-cache"));
+const object_hash_1 = __importDefault(require("object-hash"));
 const merge_deep_1 = __importDefault(require("merge-deep"));
 const uuid_1 = require("uuid");
 const outbreak_1 = require("@autofleet/outbreak");
@@ -13,8 +14,9 @@ const services_1 = require("../services");
 exports.ELEVATED_PERMISSIONS_HEADER = 'x-af-elevated-permissions';
 const userCache = new node_cache_1.default({ stdTTL: 10 });
 class ApiUser {
-    constructor(id, accountType, elevatedPermissions) {
+    constructor(id, accountType, elevatedPermissions, authorizationFilters = {}) {
         this.id = id;
+        this.authorizationFilters = authorizationFilters;
         this.emptyUser = !!id;
         this.appPermission = {};
         this.privateElevatedPermissionsHash = new Map();
@@ -32,10 +34,14 @@ class ApiUser {
         if (this.privatePermissions) {
             return this.privatePermissions;
         }
-        let data = userCache.get(this.id);
+        const cacheKey = (0, object_hash_1.default)({
+            id: this.id,
+            authorizationFilters: this.authorizationFilters,
+        });
+        let data = userCache.get(cacheKey);
         if (!data) {
-            ({ data } = await services_1.IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload`));
-            userCache.set(this.id, data);
+            ({ data } = await services_1.IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload`, this.authorizationFilters));
+            userCache.set(cacheKey, data);
         }
         this.accountType = data.accountType;
         this.privatePermissions = data;
@@ -48,13 +54,14 @@ class ApiUser {
         if (this.privatePermissions) {
             return this.privatePermissions;
         }
-        const cachedResult = userCache.get(this.id);
+        const cacheKey = this.id;
+        const cachedResult = userCache.get(cacheKey);
         if (cachedResult) {
             this.privatePermissions = cachedResult;
             return cachedResult;
         }
         const data = await customPermissionLoader(this.id);
-        userCache.set(this.id, data);
+        userCache.set(cacheKey, data);
         this.privatePermissions = data;
         return this.privatePermissions;
     }
@@ -139,7 +146,8 @@ class ApiUser {
         if (currentAppPermission) {
             return currentAppPermission;
         }
-        const cachedResult = userCache.get(`${this.id}:${appId}`);
+        const cacheKey = `${this.id}:${appId}`;
+        const cachedResult = userCache.get(cacheKey);
         if (cachedResult) {
             this.appPermission[appId] = cachedResult;
             return cachedResult;
@@ -151,7 +159,7 @@ class ApiUser {
                 'x-autofleet-apps-secret': clientSecret,
             },
         });
-        userCache.set(this.id, data);
+        userCache.set(cacheKey, data);
         this.appPermission[appId] = data;
         return this.appPermission[appId];
     }

package/lib/user/index.js

@@ -34,7 +34,6 @@ const app_auth_1 = require("../app-auth");
 const appDoesNotExist_1 = __importDefault(require("../exceptions/appDoesNotExist"));
 const utils_1 = require("../utils");
 const IDENTITY_MS = 'identity-ms';
-const ANONYMOUS_USER = 'anonymous';
 const middleware = (options = {}) => async (req, res, next) => {
     try {
         const originHeader = req.headers['X-IAF-ORIGIN-SERVICE'] || req.headers['x-iaf-origin-service'] || '';
@@ -43,6 +42,7 @@ const middleware = (options = {}) => async (req, res, next) => {
         }
         const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
         const userId = req.headers['x-af-user-id'];
+        const { fleetId, businessModelId, demandSourceId, } = req.query;
         const trace = (0, tracer_1.newTrace)('userPayload');
         if (!userId) {
             return next();
@@ -50,20 +50,22 @@ const middleware = (options = {}) => async (req, res, next) => {
         const elevatedPermissionsFromHeader = req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER] && req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER].length > 0
             ? JSON.parse(req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER])
             : {};
-        const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader);
-        if (userId !== ANONYMOUS_USER) {
-            if (eagerLoadUserPermissions) {
-                if (customPermissionLoader) {
-                    await userObject.useCustomPermissionLoader(customPermissionLoader);
-                }
-                else {
-                    await userObject.getUserPermissions();
-                }
+        const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader, {
+            fleetId,
+            businessModelId,
+            demandSourceId,
+        });
+        if (eagerLoadUserPermissions) {
+            if (customPermissionLoader) {
+                await userObject.useCustomPermissionLoader(customPermissionLoader);
             }
-            if (eagerLoadUserPermissionsLegacy) {
-                await userObject.getUserPermissionsLegacy();
+            else {
+                await userObject.getUserPermissions();
             }
         }
+        if (eagerLoadUserPermissionsLegacy) {
+            await userObject.getUserPermissionsLegacy();
+        }
         req.user = userObject;
         trace.context.set('userObject', userObject);
         // Added in order to support outbreak.
@@ -111,7 +113,12 @@ const middlewareWithDecode = (options = {}) => async (req, res, next) => {
         if (userId) {
             req.headers['X-AF-USER-ID'] = userId;
         }
-        const userObject = new ApiUser_1.default(userId, decoded?.user?.accountType);
+        const { fleetId, businessModelId, demandSourceId, } = req.query;
+        const userObject = new ApiUser_1.default(userId, decoded?.user?.accountType, undefined, {
+            fleetId,
+            businessModelId,
+            demandSourceId,
+        });
         if (eagerLoadUserPermissions) {
             await userObject.getUserPermissions();
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "3.0.11-beta.1",
+  "version": "3.1.0-beta.0",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -33,6 +33,7 @@
     "moment": "^2.29.1",
     "nock": "^13.2.9",
     "node-cache": "^5.1.2",
+    "object-hash": "^3.0.0",
     "supertest": "^6.2.4",
     "uuid": "^8.3.2"
   },