@autofleet/zehut 3.0.11-beta.1 → 3.1.0-beta.1

package/lib/user/ApiUser.d.ts

@@ -3,6 +3,7 @@ interface EntityPermissions {
     [key: string]: string[];
 }
 export declare const ELEVATED_PERMISSIONS_HEADER = "x-af-elevated-permissions";
+export declare const CONTEXTS_IDS_HEADER = "x-af-context-ids";
 export interface UserPayload {
     businessModels: EntityPermissions;
     fleets: EntityPermissions;
@@ -31,7 +32,8 @@ export default class ApiUser {
     };
     emptyUser: boolean;
     accountType: AccountType | undefined;
-    constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload);
+    contextIds?: string[];
+    constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload, contextIds?: string[]);
     getUserPermissions(): Promise<UserPayload>;
     useCustomPermissionLoader(customPermissionLoader: any): Promise<UserPayload>;
     get businessModels(): string[] | undefined;

package/lib/user/ApiUser.js

@@ -3,21 +3,24 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ELEVATED_PERMISSIONS_HEADER = void 0;
+exports.CONTEXTS_IDS_HEADER = exports.ELEVATED_PERMISSIONS_HEADER = void 0;
 /* eslint-disable consistent-return */
 const node_cache_1 = __importDefault(require("node-cache"));
+const object_hash_1 = __importDefault(require("object-hash"));
 const merge_deep_1 = __importDefault(require("merge-deep"));
 const uuid_1 = require("uuid");
 const outbreak_1 = require("@autofleet/outbreak");
 const services_1 = require("../services");
 exports.ELEVATED_PERMISSIONS_HEADER = 'x-af-elevated-permissions';
+exports.CONTEXTS_IDS_HEADER = 'x-af-context-ids';
 const userCache = new node_cache_1.default({ stdTTL: 10 });
 class ApiUser {
-    constructor(id, accountType, elevatedPermissions) {
+    constructor(id, accountType, elevatedPermissions, contextIds) {
         this.id = id;
         this.emptyUser = !!id;
         this.appPermission = {};
         this.privateElevatedPermissionsHash = new Map();
+        this.contextIds = contextIds;
         if (elevatedPermissions) {
             this.privateElevatedPermissionsHash.set('initial', elevatedPermissions);
         }
@@ -32,10 +35,14 @@ class ApiUser {
         if (this.privatePermissions) {
             return this.privatePermissions;
         }
-        let data = userCache.get(this.id);
+        const cacheKey = (0, object_hash_1.default)({
+            id: this.id,
+            contextIds: this.contextIds,
+        });
+        let data = userCache.get(cacheKey);
         if (!data) {
-            ({ data } = await services_1.IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload`));
-            userCache.set(this.id, data);
+            ({ data } = await services_1.IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload`, { contextIds: this.contextIds }));
+            userCache.set(cacheKey, data);
         }
         this.accountType = data.accountType;
         this.privatePermissions = data;
@@ -48,13 +55,14 @@ class ApiUser {
         if (this.privatePermissions) {
             return this.privatePermissions;
         }
-        const cachedResult = userCache.get(this.id);
+        const cacheKey = this.id;
+        const cachedResult = userCache.get(cacheKey);
         if (cachedResult) {
             this.privatePermissions = cachedResult;
             return cachedResult;
         }
         const data = await customPermissionLoader(this.id);
-        userCache.set(this.id, data);
+        userCache.set(cacheKey, data);
         this.privatePermissions = data;
         return this.privatePermissions;
     }
@@ -139,7 +147,8 @@ class ApiUser {
         if (currentAppPermission) {
             return currentAppPermission;
         }
-        const cachedResult = userCache.get(`${this.id}:${appId}`);
+        const cacheKey = `${this.id}:${appId}`;
+        const cachedResult = userCache.get(cacheKey);
         if (cachedResult) {
             this.appPermission[appId] = cachedResult;
             return cachedResult;
@@ -151,7 +160,7 @@ class ApiUser {
                 'x-autofleet-apps-secret': clientSecret,
             },
         });
-        userCache.set(this.id, data);
+        userCache.set(cacheKey, data);
         this.appPermission[appId] = data;
         return this.appPermission[appId];
     }

package/lib/user/index.js

@@ -34,7 +34,6 @@ const app_auth_1 = require("../app-auth");
 const appDoesNotExist_1 = __importDefault(require("../exceptions/appDoesNotExist"));
 const utils_1 = require("../utils");
 const IDENTITY_MS = 'identity-ms';
-const ANONYMOUS_USER = 'anonymous';
 const middleware = (options = {}) => async (req, res, next) => {
     try {
         const originHeader = req.headers['X-IAF-ORIGIN-SERVICE'] || req.headers['x-iaf-origin-service'] || '';
@@ -43,6 +42,7 @@ const middleware = (options = {}) => async (req, res, next) => {
         }
         const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
         const userId = req.headers['x-af-user-id'];
+        const contextIds = req.headers?.['x-af-contexts-ids']?.split(',');
         const trace = (0, tracer_1.newTrace)('userPayload');
         if (!userId) {
             return next();
@@ -50,20 +50,18 @@ const middleware = (options = {}) => async (req, res, next) => {
         const elevatedPermissionsFromHeader = req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER] && req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER].length > 0
             ? JSON.parse(req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER])
             : {};
-        const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader);
-        if (userId !== ANONYMOUS_USER) {
-            if (eagerLoadUserPermissions) {
-                if (customPermissionLoader) {
-                    await userObject.useCustomPermissionLoader(customPermissionLoader);
-                }
-                else {
-                    await userObject.getUserPermissions();
-                }
+        const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader, contextIds);
+        if (eagerLoadUserPermissions) {
+            if (customPermissionLoader) {
+                await userObject.useCustomPermissionLoader(customPermissionLoader);
             }
-            if (eagerLoadUserPermissionsLegacy) {
-                await userObject.getUserPermissionsLegacy();
+            else {
+                await userObject.getUserPermissions();
             }
         }
+        if (eagerLoadUserPermissionsLegacy) {
+            await userObject.getUserPermissionsLegacy();
+        }
         req.user = userObject;
         trace.context.set('userObject', userObject);
         // Added in order to support outbreak.
@@ -111,7 +109,8 @@ const middlewareWithDecode = (options = {}) => async (req, res, next) => {
         if (userId) {
             req.headers['X-AF-USER-ID'] = userId;
         }
-        const userObject = new ApiUser_1.default(userId, decoded?.user?.accountType);
+        const contextIds = req.headers?.['x-af-contexts-ids']?.split(',');
+        const userObject = new ApiUser_1.default(userId, decoded?.user?.accountType, undefined, contextIds);
         if (eagerLoadUserPermissions) {
             await userObject.getUserPermissions();
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "3.0.11-beta.1",
+  "version": "3.1.0-beta.1",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -33,6 +33,7 @@
     "moment": "^2.29.1",
     "nock": "^13.2.9",
     "node-cache": "^5.1.2",
+    "object-hash": "^3.0.0",
     "supertest": "^6.2.4",
     "uuid": "^8.3.2"
   },