npm - @blazedpath/commons - Versions diffs - 0.0.5 → 0.0.7 - Mend

@blazedpath/commons 0.0.5 → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/blz-config/index.js +8 -8
package/blz-rds-oracle/index.js +0 -1
package/blz-security/__test__/AuthorizationKpn.yaml +106 -99
package/blz-security/__test__/autorization.test.js +54 -54
package/blz-security/__test__/autorizationKpn.test.js +42 -0
package/blz-security/__test__/orderManagement.test.js +4 -4
package/blz-security/authorizationService.js +18 -17
package/blz-security/lab/ConfigurationAdmin.agent.json +258 -0
package/blz-security/lab/frontend.json +430 -0
package/blz-security/lab/index.js +14 -5
package/blz-security/lab/result.json +430 -0
package/blz-security/lab/resultOnWeb.json +430 -0
package/blz-security/lab/rules.json +614 -0
package/blz-security/lab/securityRules.json +680 -0
package/blz-security/middleware/HapiServerAzureAd.js +45 -6
package/blz-security/middleware/HapiServerKeycloak.js +40 -2
package/blz-security/middleware/HapiServerSimToken.js +39 -0
package/blz-security/middleware/hapi.js +40 -0
package/blz-security/middleware/hapiServer.js +41 -8
package/blz-security/secureUrlService.js +9 -8
package/blz-security/securityService.js +4 -0
package/package.json +1 -1

package/blz-security/__test__/autorization.test.js CHANGED Viewed

@@ -30,76 +30,76 @@ describe('Permission Service', () => {
     expect('adminAccounts,adminMenu,adminView,adminActions,roleEdit,userAccounts,userMenu,userView,userActions,roleView,guestAccounts,guestMenu,guestView,guestActions').toStrictEqual(permissions)
   })
   test('authorized by Guest', () => {
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account', '*', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/21', '*', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/22', '*', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Guest']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/guest', '', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/user', '', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/admin', '', ['Guest']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['Guest']))
   })
   test('authorized by User', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account', '*', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/21', '*', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/22', '*', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/guest', '', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/user', '', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/admin', '', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['User']))
   })
   test('authorized by Admin', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account', '*', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/21', '*', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/22', '*', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/guest', '', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/user', '', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/menu-security/admin', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['Admin']))
   })
   test('authorized by Guest and User', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account', '*', ['Guest', 'User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/21', '*', ['Guest', 'User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/22', '*', ['Guest', 'User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Guest', 'User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Guest', 'User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Guest', 'User']))
   })
   test('authorized by User and Admin', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account', '*', ['User', 'Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/21', '*', ['User', 'Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/account/22', '*', ['User', 'Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['User', 'Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['User', 'Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['User', 'Admin']))
   })
   test('Role access to Guest', () => {
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', '', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'View', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Add', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Edit', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Remove', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles', 'GET', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles/merged', 'POST', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'GET', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'DELETE', ['Guest']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'PATCH', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['Guest']))
   })
   test('Role access to User', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', '', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'View', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Add', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Edit', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Remove', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles', 'GET', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles/merged', 'POST', ['User']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'GET', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'DELETE', ['User']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'PATCH', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['User']))
   })
   test('Role access to Admin', () => {
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', '', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'View', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Add', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Edit', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/roles', 'Remove', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles', 'GET', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/roles/merged', 'POST', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'GET', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'DELETE', ['Admin']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/service/role/1', 'PATCH', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['Admin']))
   })
 })

package/blz-security/__test__/autorizationKpn.test.js ADDED Viewed

@@ -0,0 +1,42 @@
+/* eslint-disable no-undef */
+const { h3lp } = require('h3lp')
+const Yaml = require('js-yaml')
+const path = require('path')
+const AuthorizationService = require('../authorizationService')
+const _ = require('underscore')
+const logger = require('pino')()
+let authorizationService = null
+let config = null
+describe('Permission Service', () => {
+  beforeAll(async () => {
+    authorizationService = new AuthorizationService(_,logger)
+    const content = await h3lp.fs.read(path.join(__dirname, '/AuthorizationKpn.yaml'))
+    const list = await Yaml.loadAll(content)
+    config = authorizationService.importSecurityConfig(list[0])
+  })
+  test('Permissions by Configuration.Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/', null, ['Configuration.Admin'], ['agent']))
+  })
+  test('Permissions by Collections.Admin, Collections.Finance, Configuration.Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+  })
+})

package/blz-security/__test__/orderManagement.test.js CHANGED Viewed

@@ -17,10 +17,10 @@ describe('Permission Service', () => {
   })
   test('Paths with query parameters', () => {
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/ext-common-business/businessDomains', 'GET', ['OMUserMenu']))
-    expect(false).toStrictEqual(authorizationService.defaultAuthorized('/api/ext-common-business/businessDomains?offset=0&limit=1', 'GET', ['OMUserMenu']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains', 'GET', ['OMUserMenu']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains?offset=0&limit=1', 'GET', ['OMUserMenu']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/ext-common-business/businessDomains', 'delete', ['OMUserMenu']))
-    expect(true).toStrictEqual(authorizationService.defaultAuthorized('/api/ext-common-business/businessDomains?offset=0&limit=1', 'DELETE', ['OMUserMenu']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains', 'delete', ['OMUserMenu']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains?offset=0&limit=1', 'DELETE', ['OMUserMenu']))
   })
 })

package/blz-security/authorizationService.js CHANGED Viewed

@@ -168,22 +168,22 @@ module.exports = class AuthorizationService {
     return this.config.permissions.filter(p => p.visible || p.visible === null || p.visible === undefined ).map(p => p.name).sort()
   }
-  authorized (path, action, roles) {
+  authorized (path, action, roles, domains) {
     if (this.config.defaultUserRole)
       roles.push(this.config.defaultUserRole);
     if (path.startsWith('/api')) {
-      return this._checkApi(path, action, roles)
+      return this._checkApi(path, action, roles, domains)
     } else {
       if (!action || action.trim() === '') {
-        return this._checkPath(path, roles)
+        return this._checkPath(path, roles, domains)
       } else {
-        return this._checkWidget(path, action, roles)
+        return this._checkWidget(path, action, roles, domains)
       }
     }
   }
-  defaultAuthorized (path, action, roles) {
-    const result = this.authorized(path, action, roles)
+  checkAuthorize (path, action, roles, domains) {
+    const result = this.authorized(path, action, roles, domains)
     if (result === null || result === undefined) {
       return true
     }
@@ -217,16 +217,17 @@ module.exports = class AuthorizationService {
           continue
         }
         for (const rule of permission.rules) {
+          const domain = permission.domain || 'default'
           if (rule.path.startsWith('/api')) {
-            const exists = role.rules.backend.find(p => p.path === rule.path && p.actions === rule.actions && p.enable === rule.enable)
+            const exists = role.rules.backend.find(p => p.path === rule.path && p.actions === rule.actions && p.enable === rule.enable && p.domain === domain)
             if (!exists) {
-              rule.domain = permission.domain || 'default'
+              rule.domain = domain
               role.rules.backend.push(rule)
             }
           } else {
-            const exists = role.rules.frontend.find(p => p.path === rule.path && p.actions === rule.actions && p.enable === rule.enable)
+            const exists = role.rules.frontend.find(p => p.path === rule.path && p.actions === rule.actions && p.enable === rule.enable && p.domain === domain)
             if (!exists) {
-              rule.domain = permission.domain || 'default'
+              rule.domain = domain
               role.rules.frontend.push(rule)
             }
           }
@@ -285,7 +286,7 @@ module.exports = class AuthorizationService {
   _solveMergeRule (rules, rule) {
     let _rules = JSON.parse(JSON.stringify(rules))
     const previousRules = _rules.filter(p => p.path === rule.path)
-    if (!previousRules.length === 0) {
+    if (previousRules.length == 0) {
       _rules.push(rule)
     } else {
       if (previousRules.some(p => p.actions.includes('*') && p.enable)) {
@@ -430,10 +431,10 @@ module.exports = class AuthorizationService {
       .filter((route) => route)
   }
-  _checkApi (path, action, roles) {
+  _checkApi (path, action, roles, domains) {
     const cleanedPath = this._cleanPath(path)
     const _action = action.toUpperCase()
-    const securityRules = this._getBackendSecurityRules(roles, _action)
+    const securityRules = this._getBackendSecurityRules(roles, _action, domains)
     const matchedRoutes = this._findMatchedRoutes(cleanedPath, securityRules)
     const list = this.utils
       .chain(matchedRoutes)
@@ -451,8 +452,8 @@ module.exports = class AuthorizationService {
     return null
   }
-  _checkPath (path, roles) {
-    const securityRules = this.getFrontendSecurityRules(roles)
+  _checkPath (path, roles, domains) {
+    const securityRules = this.getFrontendSecurityRules(roles, domains)
     const list = this.utils
       .chain(this._findMatchedRoutes(path, securityRules))
       .value()
@@ -467,9 +468,9 @@ module.exports = class AuthorizationService {
     return null
   }
-  _checkWidget (path, securityOption, roles) {
+  _checkWidget (path, securityOption, roles, domains) {
     const _securityOption = securityOption.toUpperCase()
-    const securityRules = this.getFrontendSecurityRules(roles)
+    const securityRules = this.getFrontendSecurityRules(roles, domains)
     const rules = this.utils
       .chain(this._findMatchedRoutes(path, securityRules))
       .filter(({ path }) => path.includes(this.WIDGET_SEPARATOR))

package/blz-security/lab/ConfigurationAdmin.agent.json ADDED Viewed

@@ -0,0 +1,258 @@
+[
+    {
+        "path": "/bkr/**|CC_BKRSENDMESSAGE",
+        "enable": true
+    },
+    {
+        "path": "/bkr/**|BC_BKRSENDMESSAGE",
+        "enable": true
+    },
+    {
+        "path": "/debtors/**|CC_SETTLEMENTDISCOUNTCARD",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGSUSPENDACCOUNT",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGUPDATEPERCENTAGE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGRESETAGING",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGTERMINATIONOFSERVICES",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCHANGEPAYMENTRESPONSIBLE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCAPTURECHARGEDISPUTE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGREVERSEWRITEOFF",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCHANGEPLACEMENTSTATUS",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGASSIGNMENTPLACEMENT",
+        "enable": true
+    },
+    {
+        "path": "/debtors/**|BC_SETTLEMENTDISCOUNTCARD",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGSUSPENDACCOUNT",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGUPDATEPERCENTAGE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGRESETAGING",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGTERMINATIONOFSERVICES",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCHANGEPAYMENTRESPONSIBLE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCAPTURECHARGEDISPUTE",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGREVERSEWRITEOFF",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCHANGEPLACEMENTSTATUS",
+        "enable": true
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGASSIGNMENTPLACEMENT",
+        "enable": true
+    },
+    {
+        "path": "/debtors/**|FILTERS_ALPHABETICORDERLIST",
+        "enable": false
+    },
+    {
+        "path": "/debtors/**|CC_DEPOSITACCOUNTCARD",
+        "enable": false
+    },
+    {
+        "path": "/debtors/**|CC_CREDITDISPUTECARD",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGRESENDINVOICE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGSENDREMINDER",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCHANGEFPAYMENTRESPONSIBLE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGSECURITYDEPOSIT",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCHANGEPAYMENTMETHOD",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGCAPTURECREDITDISPUTE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGRESENDPAYMENTEMAIL",
+        "enable": false
+    },
+    {
+        "path": "/ledger/accounts/**|CC_BILLINGACOUNTSTATEMANTDOWNLOAD",
+        "enable": false
+    },
+    {
+        "path": "/ledger/accounts/**|CC_BILLINGACOUNTSTATEMANTRESEND",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|CC_DUNNINGDISABLED",
+        "enable": false
+    },
+    {
+        "path": "/debtors/**|BC_DEPOSITACCOUNTCARD",
+        "enable": false
+    },
+    {
+        "path": "/debtors/**|BC_CREDITDISPUTECARD",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGRESENDINVOICE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGSENDREMINDER",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCHANGEFPAYMENTRESPONSIBLE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGSECURITYDEPOSIT",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCHANGEPAYMENTMETHOD",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGCAPTURECREDITDISPUTE",
+        "enable": false
+    },
+    {
+        "path": "/dunning/**|BC_DUNNINGRESENDPAYMENTEMAIL",
+        "enable": false
+    },
+    {
+        "path": "/ledger/accounts/**|BC_BILLINGACOUNTSTATEMANTDOWNLOAD",
+        "enable": false
+    },
+    {
+        "path": "/ledger/accounts/**|BC_BILLINGACOUNTSTATEMANTRESEND",
+        "enable": false
+    },
+    {
+        "path": "consumer-debtor",
+        "enable": true
+    },
+    {
+        "path": "/debtors",
+        "enable": true
+    },
+    {
+        "path": "/debtor/**",
+        "enable": true
+    },
+    {
+        "path": "organization-debtor",
+        "enable": true
+    },
+    {
+        "path": "/taskManagement/**",
+        "enable": true
+    },
+    {
+        "path": "/taskManagement",
+        "enable": true
+    },
+    {
+        "path": "/payment-responsibles",
+        "enable": true
+    },
+    {
+        "path": "/ep-manual-credit/**",
+        "enable": true
+    },
+    {
+        "path": "/ep-out-manual-credit/**",
+        "enable": true
+    },
+    {
+        "path": "/ep-manua-historicall-credit/**",
+        "enable": true
+    },
+    {
+        "path": "/ep-manual-debit/**",
+        "enable": true
+    },
+    {
+        "path": "/ep-out-manual-debit/**",
+        "enable": true
+    },
+    {
+        "path": "/ep-manua-historicall-debit/**",
+        "enable": true
+    },
+    {
+        "path": "/collection-home",
+        "enable": true
+    },
+    {
+        "path": "/ep-out-manual-credit",
+        "enable": false
+    },
+    {
+        "path": "/ep-manua-historicall-credit",
+        "enable": false
+    },
+    {
+        "path": "/ep-out-manual-debit",
+        "enable": false
+    },
+    {
+        "path": "/ep-manua-historicall-debit",
+        "enable": false
+    }
+]