npm - @axium/server - Versions diffs - 0.34.3 → 0.35.0 - Mend

@axium/server 0.34.3 → 0.35.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/api/acl.js CHANGED Viewed

@@ -2,7 +2,7 @@ import * as z from 'zod';
 import * as acl from '../acl.js';
 import { error, parseBody, withError } from '../requests.js';
 import { addRoute } from '../routes.js';
-import { checkAuthForItem } from '../auth.js';
+import { authRequestForItem } from '../auth.js';
 import { AccessControlUpdate, AccessTarget } from '@axium/core';
 function getTable(itemType) {
     const tables = acl.listTables();
@@ -23,19 +23,19 @@ addRoute({
     async PATCH(request, { itemType, itemId }) {
         const table = getTable(itemType);
         const { target, permissions } = await parseBody(request, AccessControlUpdate);
-        await checkAuthForItem(request, itemType, itemId, { manage: true });
+        await authRequestForItem(request, itemType, itemId, { manage: true });
         return await acl.update(table, itemId, target, permissions);
     },
     async PUT(request, { itemType, itemId }) {
         const table = getTable(itemType);
         const target = await parseBody(request, AccessTarget);
-        await checkAuthForItem(request, itemType, itemId, { manage: true });
+        await authRequestForItem(request, itemType, itemId, { manage: true });
         return await acl.add(table, itemId, target);
     },
     async DELETE(request, { itemType, itemId }) {
         const table = getTable(itemType);
         const target = await parseBody(request, AccessTarget);
-        await checkAuthForItem(request, itemType, itemId, { manage: true });
+        await authRequestForItem(request, itemType, itemId, { manage: true });
         return await acl.remove(table, itemId, target);
     },
 });

package/dist/auth.d.ts CHANGED Viewed

@@ -41,8 +41,9 @@ export interface ItemAuthResult<TB extends acl.TargetName> {
     user?: UserInternal;
     session?: SessionInternal;
 }
+export declare function authSessionForItem<const TB extends acl.TargetName>(itemType: TB, itemId: string, permissions: Partial<acl.PermissionsFor<`acl.${TB}`>>, session?: SessionAndUser | null): Promise<ItemAuthResult<TB>>;
 /**
  * Authenticate a request against an "item" which has an ACL table.
  * This will fetch the item, ACLs, users, and the authenticating session.
  */
-export declare function checkAuthForItem<const TB extends acl.TargetName>(request: Request, itemType: TB, itemId: string, permissions: Partial<acl.PermissionsFor<`acl.${TB}`>>): Promise<ItemAuthResult<TB>>;
+export declare function authRequestForItem<const TB extends acl.TargetName>(request: Request, itemType: TB, itemId: string, permissions: Partial<acl.PermissionsFor<`acl.${TB}`>>): Promise<ItemAuthResult<TB>>;

package/dist/auth.js CHANGED Viewed

@@ -110,15 +110,7 @@ export async function checkAuthForUser(request, userId, sensitive = false) {
         error(403, 'This token can not be used for sensitive actions');
     return Object.assign(session, { accessor: session.user });
 }
-/**
- * Authenticate a request against an "item" which has an ACL table.
- * This will fetch the item, ACLs, users, and the authenticating session.
- */
-export async function checkAuthForItem(request, itemType, itemId, permissions) {
-    const token = getToken(request, false);
-    if (!token)
-        error(401, 'Missing token');
-    const session = await getSessionAndUser(token).catch(() => null);
+export async function authSessionForItem(itemType, itemId, permissions, session) {
     const { userId, user } = session ?? {};
     // Note: we need to do casting because of TS limitations with generics
     const item = await db
@@ -152,3 +144,14 @@ export async function checkAuthForItem(request, itemType, itemId, permissions) {
         error(403, 'Access denied');
     return result;
 }
+/**
+ * Authenticate a request against an "item" which has an ACL table.
+ * This will fetch the item, ACLs, users, and the authenticating session.
+ */
+export async function authRequestForItem(request, itemType, itemId, permissions) {
+    const token = getToken(request, false);
+    if (!token)
+        error(401, 'Missing token');
+    const session = await getSessionAndUser(token).catch(() => null);
+    return await authSessionForItem(itemType, itemId, permissions, session);
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@axium/server",
-	"version": "0.34.3",
+	"version": "0.35.0",
 	"author": "James Prevett <axium@jamespre.dev>",
 	"funding": {
 		"type": "individual",