@axinom/mosaic-id-utils 0.25.0-rc.4 → 0.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/check-permissions/check-permissions.d.ts.map +1 -1
- package/dist/check-permissions/check-permissions.js +6 -5
- package/dist/check-permissions/check-permissions.js.map +1 -1
- package/dist/common/enums.js +4 -4
- package/dist/common/enums.js.map +1 -1
- package/dist/common/functions.d.ts.map +1 -1
- package/dist/common/functions.js.map +1 -1
- package/dist/operation-to-permission-mapping/mappings-helpers.d.ts.map +1 -1
- package/package.json +10 -7
- package/src/check-permissions/check-permissions.spec.ts +39 -20
- package/src/check-permissions/check-permissions.ts +17 -4
- package/src/operation-to-permission-mapping/mappings-helpers.spec.ts +1 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check-permissions.d.ts","sourceRoot":"","sources":["../../src/check-permissions/check-permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"check-permissions.d.ts","sourceRoot":"","sources":["../../src/check-permissions/check-permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAMhD;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACvC,mBAAmB,EAAE,MAAM,EAAE,EAC7B,kBAAkB,EAAE,MAAM,EAAE,GAC3B,OAAO,CAAC;AAEX;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACvC,mBAAmB,EAAE,SAAS,CAAC,aAAa,CAAC,EAC7C,kBAAkB,EAAE,SAAS,CAAC,aAAa,CAAC,GAC3C,OAAO,CAAC"}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.requiredPermissionsExists =
|
|
3
|
+
exports.requiredPermissionsExists = requiredPermissionsExists;
|
|
4
4
|
function requiredPermissionsExists(...args) {
|
|
5
|
-
const requiredPermissions = args
|
|
6
|
-
const grantedPermissions = args[1];
|
|
5
|
+
const [requiredPermissions, grantedPermissions] = args;
|
|
7
6
|
if (Array.isArray(requiredPermissions) && Array.isArray(grantedPermissions)) {
|
|
8
7
|
return requiredPermissions.some((permission) => grantedPermissions.includes(permission));
|
|
9
8
|
}
|
|
10
|
-
|
|
9
|
+
if (!Array.isArray(requiredPermissions) &&
|
|
10
|
+
!Array.isArray(grantedPermissions)) {
|
|
11
11
|
const services = Object.keys(requiredPermissions);
|
|
12
12
|
if (services.length === 0) {
|
|
13
13
|
return true;
|
|
@@ -20,6 +20,7 @@ function requiredPermissionsExists(...args) {
|
|
|
20
20
|
}
|
|
21
21
|
return false;
|
|
22
22
|
}
|
|
23
|
+
// Unreachable: the overloads guarantee both args are always the same type.
|
|
24
|
+
return false;
|
|
23
25
|
}
|
|
24
|
-
exports.requiredPermissionsExists = requiredPermissionsExists;
|
|
25
26
|
//# sourceMappingURL=check-permissions.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check-permissions.js","sourceRoot":"","sources":["../../src/check-permissions/check-permissions.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"check-permissions.js","sourceRoot":"","sources":["../../src/check-permissions/check-permissions.ts"],"names":[],"mappings":";;AA4BA,8DAiCC;AAjCD,SAAgB,yBAAyB,CACvC,GAAG,IAA6B;IAEhC,MAAM,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,GAAG,IAAI,CAAC;IAEvD,IAAI,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC5E,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAC7C,kBAAkB,CAAC,QAAQ,CAAC,UAAU,CAAC,CACxC,CAAC;IACJ,CAAC;IAED,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC;QACnC,CAAC,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAClC,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAClD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;YACtC,IAAI,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;gBACpC,OAAO,yBAAyB,CAC9B,mBAAmB,CAAC,WAAW,CAAC,EAChC,kBAAkB,CAAC,WAAW,CAAC,CAChC,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,2EAA2E;IAC3E,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/dist/common/enums.js
CHANGED
|
@@ -8,19 +8,19 @@ var IdentityProvider;
|
|
|
8
8
|
IdentityProvider["GOOGLE"] = "GOOGLE";
|
|
9
9
|
IdentityProvider["AXINOM"] = "AXINOM";
|
|
10
10
|
IdentityProvider["CUSTOM"] = "CUSTOM";
|
|
11
|
-
})(IdentityProvider
|
|
11
|
+
})(IdentityProvider || (exports.IdentityProvider = IdentityProvider = {}));
|
|
12
12
|
var TokenResponseCode;
|
|
13
13
|
(function (TokenResponseCode) {
|
|
14
14
|
TokenResponseCode[TokenResponseCode["SUCCESS"] = 0] = "SUCCESS";
|
|
15
15
|
TokenResponseCode[TokenResponseCode["NEEDS_LOGIN"] = 1] = "NEEDS_LOGIN";
|
|
16
16
|
TokenResponseCode[TokenResponseCode["ACCOUNT_NOT_ACTIVE"] = 2] = "ACCOUNT_NOT_ACTIVE";
|
|
17
17
|
TokenResponseCode[TokenResponseCode["ERROR"] = 3] = "ERROR";
|
|
18
|
-
})(TokenResponseCode
|
|
18
|
+
})(TokenResponseCode || (exports.TokenResponseCode = TokenResponseCode = {}));
|
|
19
19
|
var LogoutResponseCode;
|
|
20
20
|
(function (LogoutResponseCode) {
|
|
21
21
|
LogoutResponseCode[LogoutResponseCode["SUCCESS"] = 0] = "SUCCESS";
|
|
22
22
|
LogoutResponseCode[LogoutResponseCode["ERROR"] = 1] = "ERROR";
|
|
23
|
-
})(LogoutResponseCode
|
|
23
|
+
})(LogoutResponseCode || (exports.LogoutResponseCode = LogoutResponseCode = {}));
|
|
24
24
|
var ConfigStatusResponseCode;
|
|
25
25
|
(function (ConfigStatusResponseCode) {
|
|
26
26
|
ConfigStatusResponseCode["SUCCESS"] = "SUCCESS";
|
|
@@ -28,5 +28,5 @@ var ConfigStatusResponseCode;
|
|
|
28
28
|
ConfigStatusResponseCode["ENVIRONMENT_NOT_ACTIVE"] = "ENVIRONMENT_NOT_ACTIVE";
|
|
29
29
|
ConfigStatusResponseCode["IDP_MISCONFIGURATION"] = "IDP_MISCONFIGURATION";
|
|
30
30
|
ConfigStatusResponseCode["ERROR"] = "ERROR";
|
|
31
|
-
})(ConfigStatusResponseCode
|
|
31
|
+
})(ConfigStatusResponseCode || (exports.ConfigStatusResponseCode = ConfigStatusResponseCode = {}));
|
|
32
32
|
//# sourceMappingURL=enums.js.map
|
package/dist/common/enums.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"enums.js","sourceRoot":"","sources":["../../src/common/enums.ts"],"names":[],"mappings":";;;AAAA,IAAY,gBAMX;AAND,WAAY,gBAAgB;IAC1B,uCAAmB,CAAA;IACnB,yCAAqB,CAAA;IACrB,qCAAiB,CAAA;IACjB,qCAAiB,CAAA;IACjB,qCAAiB,CAAA;AACnB,CAAC,EANW,gBAAgB,
|
|
1
|
+
{"version":3,"file":"enums.js","sourceRoot":"","sources":["../../src/common/enums.ts"],"names":[],"mappings":";;;AAAA,IAAY,gBAMX;AAND,WAAY,gBAAgB;IAC1B,uCAAmB,CAAA;IACnB,yCAAqB,CAAA;IACrB,qCAAiB,CAAA;IACjB,qCAAiB,CAAA;IACjB,qCAAiB,CAAA;AACnB,CAAC,EANW,gBAAgB,gCAAhB,gBAAgB,QAM3B;AAED,IAAY,iBAKX;AALD,WAAY,iBAAiB;IAC3B,+DAAO,CAAA;IACP,uEAAW,CAAA;IACX,qFAAkB,CAAA;IAClB,2DAAK,CAAA;AACP,CAAC,EALW,iBAAiB,iCAAjB,iBAAiB,QAK5B;AAED,IAAY,kBAGX;AAHD,WAAY,kBAAkB;IAC5B,iEAAO,CAAA;IACP,6DAAK,CAAA;AACP,CAAC,EAHW,kBAAkB,kCAAlB,kBAAkB,QAG7B;AAED,IAAY,wBAMX;AAND,WAAY,wBAAwB;IAClC,+CAAmB,CAAA;IACnB,mEAAuC,CAAA;IACvC,6EAAiD,CAAA;IACjD,yEAA6C,CAAA;IAC7C,2CAAe,CAAA;AACjB,CAAC,EANW,wBAAwB,wCAAxB,wBAAwB,QAMnC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"functions.d.ts","sourceRoot":"","sources":["../../src/common/functions.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAgB3C;;;;;GAKG;AACH,eAAO,MAAM,SAAS,
|
|
1
|
+
{"version":3,"file":"functions.d.ts","sourceRoot":"","sources":["../../src/common/functions.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAgB3C;;;;;GAKG;AACH,eAAO,MAAM,SAAS,GAAI,MAAM,MAAM,EAAE,GAAG,OAAO,MAAM,EAAE,KAAG,GAK5D,CAAC;AAWF,eAAO,MAAM,2BAA2B,GACtC,WAAW,gBAAgB,GAAG,MAAM,EACpC,WAAW,OAAO,GAAG,SAAS,KAC7B,MA6CF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"functions.js","sourceRoot":"","sources":["../../src/common/functions.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;AAEvD,mCAA2C;AAE3C,oHAAoH;AACpH,MAAM,QAAQ,GAAG,CAAC,GAAG,KAAe,EAAU,EAAE;IAC9C,OAAO,KAAK;SACT,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QACnB,IAAI,KAAK,KAAK,CAAC,EAAE;
|
|
1
|
+
{"version":3,"file":"functions.js","sourceRoot":"","sources":["../../src/common/functions.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;AAEvD,mCAA2C;AAE3C,oHAAoH;AACpH,MAAM,QAAQ,GAAG,CAAC,GAAG,KAAe,EAAU,EAAE;IAC9C,OAAO,KAAK;SACT,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QACnB,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;SACvB,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC,CAAC;AAEF;;;;;GAKG;AACI,MAAM,SAAS,GAAG,CAAC,IAAY,EAAE,GAAG,KAAe,EAAO,EAAE;IACjE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC;IAC1B,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;IAEtD,OAAO,IAAI,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;AACtC,CAAC,CAAC;AALW,QAAA,SAAS,aAKpB;AAEF,MAAM,gCAAgC,GAAG,CAAC,SAAiB,EAAU,EAAE;IACrE,OAAO,SAAS;SACb,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;IAC5B,CAAC,CAAC;SACD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC,CAAC;AAEK,MAAM,2BAA2B,GAAG,CACzC,SAAoC,EACpC,SAA8B,EACtB,EAAE;IACV,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,gBAAgB,GAAG,SAA6B,CAAC;QACvD,QAAQ,gBAAgB,EAAE,CAAC;YACzB,KAAK,wBAAgB,CAAC,UAAU;gBAC9B,OAAO,kBAAkB,CAAC;YAC5B,KAAK,wBAAgB,CAAC,sBAAsB;gBAC1C,OAAO,uBAAuB,CAAC;YACjC,KAAK,wBAAgB,CAAC,cAAc;gBAClC,OAAO,2BAA2B,CAAC;YACrC,KAAK,wBAAgB,CAAC,cAAc;gBAClC,OAAO,gBAAgB,CAAC;YAC1B,KAAK,wBAAgB,CAAC,aAAa;gBACjC,OAAO,eAAe,CAAC;YACzB,KAAK,wBAAgB,CAAC,aAAa;gBACjC,OAAO,eAAe,CAAC;YACzB,KAAK,wBAAgB,CAAC,YAAY;gBAChC,OAAO,cAAc,CAAC;YACxB,KAAK,wBAAgB,CAAC,uBAAuB;gBAC3C,OAAO,yBAAyB,CAAC;YACnC,KAAK,wBAAgB,CAAC,eAAe;gBACnC,OAAO,iBAAiB,CAAC;YAC3B,KAAK,wBAAgB,CAAC,oBAAoB;gBACxC,OAAO,sBAAsB,CAAC;YAChC,KAAK,wBAAgB,CAAC,WAAW;gBAC/B,OAAO,aAAa,CAAC;YACvB,KAAK,wBAAgB,CAAC,mBAAmB;gBACvC,OAAO,qBAAqB,CAAC;YAC/B,KAAK,wBAAgB,CAAC,WAAW;gBAC/B,OAAO,aAAa,CAAC;YACvB,OAAO,CAAC,CAAC,CAAC;gBACR,oIAAoI;gBACpI,6DAA6D;gBAC7D,MAAM,yBAAyB,GAAU,gBAAgB,CAAC;gBAC1D,qGAAqG;gBACrG,sCAAsC;gBACtC,OAAO,CAAC,IAAI,CACV,wCAAwC,gBAAgB,uCAAuC,CAChG,CAAC;gBACF,OAAO,gCAAgC,CAAC,SAAS,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,gCAAgC,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC;AACH,CAAC,CAAC;AAhDW,QAAA,2BAA2B,+BAgDtC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mappings-helpers.d.ts","sourceRoot":"","sources":["../../src/operation-to-permission-mapping/mappings-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;;;GAKG;AACH,eAAO,MAAM,0BAA0B,
|
|
1
|
+
{"version":3,"file":"mappings-helpers.d.ts","sourceRoot":"","sources":["../../src/operation-to-permission-mapping/mappings-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;;;GAKG;AACH,eAAO,MAAM,0BAA0B,GACrC,WAAW,MAAM,EACjB,sBAAsB,oBAAoB,KACzC,MAAM,EAIR,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mBAAmB,GAC9B,sBAAsB,oBAAoB,KACzC,MAAM,EAgBR,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,oBAAoB,GAC/B,sBAAsB,oBAAoB,KACzC,MAAM,EAAE,GAAG,SAEb,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,4BAA4B,GACvC,sBAAsB,oBAAoB,KACzC,MAAM,EAER,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axinom/mosaic-id-utils",
|
|
3
|
-
"version": "0.25.0
|
|
3
|
+
"version": "0.25.0",
|
|
4
4
|
"description": "Shared types used by id-service for integration clients",
|
|
5
5
|
"author": "Axinom",
|
|
6
6
|
"license": "PROPRIETARY",
|
|
@@ -20,20 +20,23 @@
|
|
|
20
20
|
"build": "yarn clean && tsc",
|
|
21
21
|
"build:ci": "yarn workspaces focus && yarn build",
|
|
22
22
|
"dev": "tsc -w",
|
|
23
|
-
"test": "
|
|
24
|
-
"test:
|
|
23
|
+
"test": "vitest run --silent --passWithNoTests",
|
|
24
|
+
"test:watch": "vitest watch --silent --passWithNoTests",
|
|
25
|
+
"test:cov": "vitest run --coverage --silent",
|
|
26
|
+
"test:ci": "vitest run --reporter=default --reporter=junit --coverage --coverage.reporter=cobertura --coverage.reporter=html",
|
|
25
27
|
"lint": "eslint . --ext .ts,.tsx,.js --color --cache"
|
|
26
28
|
},
|
|
27
29
|
"dependencies": {
|
|
28
|
-
"@axinom/mosaic-core": "^0.4.
|
|
30
|
+
"@axinom/mosaic-core": "^0.4.31"
|
|
29
31
|
},
|
|
30
32
|
"devDependencies": {
|
|
31
|
-
"
|
|
33
|
+
"@types/node": "^22.0.0",
|
|
32
34
|
"rimraf": "^3.0.2",
|
|
33
|
-
"typescript": "^5.
|
|
35
|
+
"typescript": "^5.9.3",
|
|
36
|
+
"vitest": "^4.0.18"
|
|
34
37
|
},
|
|
35
38
|
"publishConfig": {
|
|
36
39
|
"access": "public"
|
|
37
40
|
},
|
|
38
|
-
"gitHead": "
|
|
41
|
+
"gitHead": "7f614a26d23fbd7e917653b42f234f9ba51f6580"
|
|
39
42
|
}
|
|
@@ -1,30 +1,49 @@
|
|
|
1
1
|
import { UserToken } from '@axinom/mosaic-core';
|
|
2
|
+
import { describe, expect, it } from 'vitest';
|
|
2
3
|
import { requiredPermissionsExists } from './check-permissions';
|
|
3
4
|
|
|
4
5
|
type UserPermissions = UserToken['permissions'];
|
|
5
6
|
|
|
6
7
|
describe('check-permissions', () => {
|
|
7
8
|
describe('requiredPermissionsExists', () => {
|
|
8
|
-
(
|
|
9
|
-
|
|
10
|
-
[
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
9
|
+
describe('object overload (UserToken permissions)', () => {
|
|
10
|
+
(
|
|
11
|
+
[
|
|
12
|
+
[{ id: ['write'] }, { id: ['write'] }, true], // matching permissions
|
|
13
|
+
[{ id: ['write'] }, { id: ['write', 'read'] }, true], // matching permissions, but also additional ones
|
|
14
|
+
[{ id: ['write', 'read'] }, { id: ['read'] }, true], // tread multiple required permissions as `OR`
|
|
15
|
+
[{ id: ['write', 'read'] }, { id: ['write'] }, true], // tread multiple required permissions as `OR`
|
|
16
|
+
[{ id: ['read'], user: ['read'] }, { user: ['read'] }, true], // tread multiple required permissions from different services as `OR`
|
|
17
|
+
[{}, { id: ['write'] }, true], // allow if no permissions required
|
|
18
|
+
[{ id: [] }, { id: ['write'] }, false], // don't allow wildcard checks
|
|
19
|
+
[{ id: ['write'] }, {}, false], // no permissions at all
|
|
20
|
+
[{ id: ['write'] }, { video: ['write'] }, false], // correct permission but on other service
|
|
21
|
+
[{ id: ['write'] }, { id: ['read'] }, false], // wrong permission
|
|
22
|
+
[{ id: ['write'] }, { id: [] }, false], // wrong permission
|
|
23
|
+
] as [UserPermissions, UserPermissions, boolean][]
|
|
24
|
+
).forEach(([required, current, expected]) => {
|
|
25
|
+
it(`checks permissions correctly:
|
|
26
|
+
required: ${JSON.stringify(required)},
|
|
27
|
+
current: ${JSON.stringify(current)},
|
|
28
|
+
expected: ${expected}`, () => {
|
|
29
|
+
expect(requiredPermissionsExists(required, current)).toEqual(
|
|
30
|
+
expected,
|
|
31
|
+
);
|
|
32
|
+
});
|
|
33
|
+
});
|
|
34
|
+
});
|
|
35
|
+
|
|
36
|
+
describe('array overload (string[])', () => {
|
|
37
|
+
it.each<[string[], string[], boolean]>([
|
|
38
|
+
[['write'], ['write'], true], // single matching permission
|
|
39
|
+
[['write', 'read'], ['read'], true], // OR semantics: second permission matches
|
|
40
|
+
[['write'], ['read'], false], // no intersection
|
|
41
|
+
// Note: empty required returns false here (Array.some([]) === false),
|
|
42
|
+
// unlike the object overload where {} returns true.
|
|
43
|
+
[[], ['write'], false], // empty required → false (asymmetry with object overload)
|
|
44
|
+
[['write'], [], false], // empty granted → false
|
|
45
|
+
])('required: %j, granted: %j → %s', (required, granted, expected) => {
|
|
46
|
+
expect(requiredPermissionsExists(required, granted)).toEqual(expected);
|
|
28
47
|
});
|
|
29
48
|
});
|
|
30
49
|
});
|
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
import { UserToken } from '@axinom/mosaic-core';
|
|
2
2
|
|
|
3
|
+
type RequiredPermissionsArgs =
|
|
4
|
+
| [string[], string[]]
|
|
5
|
+
| [UserToken['permissions'], UserToken['permissions']];
|
|
6
|
+
|
|
3
7
|
/**
|
|
4
8
|
* Checks whether the `requiredPermissions` are satisfied by the `grantedPermissions` or not.
|
|
5
9
|
* Having at least one of the required permissions granted satisfies this permission requirement.
|
|
@@ -22,15 +26,21 @@ export function requiredPermissionsExists(
|
|
|
22
26
|
grantedPermissions: UserToken['permissions'],
|
|
23
27
|
): boolean;
|
|
24
28
|
|
|
25
|
-
export function requiredPermissionsExists(
|
|
26
|
-
|
|
27
|
-
|
|
29
|
+
export function requiredPermissionsExists(
|
|
30
|
+
...args: RequiredPermissionsArgs
|
|
31
|
+
): boolean {
|
|
32
|
+
const [requiredPermissions, grantedPermissions] = args;
|
|
28
33
|
|
|
29
34
|
if (Array.isArray(requiredPermissions) && Array.isArray(grantedPermissions)) {
|
|
30
35
|
return requiredPermissions.some((permission) =>
|
|
31
36
|
grantedPermissions.includes(permission),
|
|
32
37
|
);
|
|
33
|
-
}
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
if (
|
|
41
|
+
!Array.isArray(requiredPermissions) &&
|
|
42
|
+
!Array.isArray(grantedPermissions)
|
|
43
|
+
) {
|
|
34
44
|
const services = Object.keys(requiredPermissions);
|
|
35
45
|
if (services.length === 0) {
|
|
36
46
|
return true;
|
|
@@ -46,4 +56,7 @@ export function requiredPermissionsExists(...args: any[]): boolean {
|
|
|
46
56
|
}
|
|
47
57
|
return false;
|
|
48
58
|
}
|
|
59
|
+
|
|
60
|
+
// Unreachable: the overloads guarantee both args are always the same type.
|
|
61
|
+
return false;
|
|
49
62
|
}
|