npm - @expo/entity - Versions diffs - 0.38.0 → 0.40.0 - Mend

@expo/entity 0.38.0 → 0.40.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (206) hide show

package/src/utils/EntityPrivacyUtils.ts CHANGED Viewed

@@ -9,9 +9,22 @@ import { EntityCascadingDeletionInfo } from '../EntityMutationInfo';
 import EntityPrivacyPolicy from '../EntityPrivacyPolicy';
 import { EntityQueryContext } from '../EntityQueryContext';
 import ViewerContext from '../ViewerContext';
-import { failedResults } from '../entityUtils';
+import { failedResults, partitionArray } from '../entityUtils';
 import EntityNotAuthorizedError from '../errors/EntityNotAuthorizedError';
+export type EntityPrivacyEvaluationResultSuccess = {
+  allowed: true;
+};
+export type EntityPrivacyEvaluationResultFailure = {
+  allowed: false;
+  authorizationErrors: EntityNotAuthorizedError<any, any, any, any, any>[];
+};
+export type EntityPrivacyEvaluationResult =
+  | EntityPrivacyEvaluationResultSuccess
+  | EntityPrivacyEvaluationResultFailure;
 /**
  * Check whether an entity loaded by a viewer can be updated by that same viewer.
  *
@@ -30,34 +43,67 @@ import EntityNotAuthorizedError from '../errors/EntityNotAuthorizedError';
  * @param queryContext - query context in which to perform the check
  */
 export async function canViewerUpdateAsync<
-  TMFields extends object,
-  TMID extends NonNullable<TMFields[TMSelectedFields]>,
-  TMViewerContext extends ViewerContext,
-  TMEntity extends Entity<TMFields, TMID, TMViewerContext, TMSelectedFields>,
-  TMPrivacyPolicy extends EntityPrivacyPolicy<
-    TMFields,
-    TMID,
-    TMViewerContext,
-    TMEntity,
-    TMSelectedFields
+  TFields extends object,
+  TID extends NonNullable<TFields[TSelectedFields]>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
+  TPrivacyPolicy extends EntityPrivacyPolicy<
+    TFields,
+    TID,
+    TViewerContext,
+    TEntity,
+    TSelectedFields
   >,
-  TMSelectedFields extends keyof TMFields = keyof TMFields,
+  TSelectedFields extends keyof TFields = keyof TFields,
 >(
-  entityClass: IEntityClass<
-    TMFields,
-    TMID,
-    TMViewerContext,
-    TMEntity,
-    TMPrivacyPolicy,
-    TMSelectedFields
-  >,
-  sourceEntity: TMEntity,
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
+  sourceEntity: TEntity,
   queryContext: EntityQueryContext = sourceEntity
     .getViewerContext()
     .getViewerScopedEntityCompanionForClass(entityClass)
     .getQueryContextProvider()
     .getQueryContext(),
 ): Promise<boolean> {
+  const result = await canViewerUpdateInternalAsync(
+    entityClass,
+    sourceEntity,
+    /* cascadingDeleteCause */ null,
+    queryContext,
+  );
+  return result.allowed;
+}
+/**
+ * Check whether an entity loaded by a viewer can be updated by that same viewer and return the evaluation result.
+ *
+ * @see canViewerUpdateAsync
+ *
+ * @param entityClass - class of entity
+ * @param sourceEntity - entity loaded by viewer
+ * @param queryContext - query context in which to perform the check
+ */
+export async function getCanViewerUpdateResultAsync<
+  TFields extends object,
+  TID extends NonNullable<TFields[TSelectedFields]>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
+  TPrivacyPolicy extends EntityPrivacyPolicy<
+    TFields,
+    TID,
+    TViewerContext,
+    TEntity,
+    TSelectedFields
+  >,
+  TSelectedFields extends keyof TFields = keyof TFields,
+>(
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
+  sourceEntity: TEntity,
+  queryContext: EntityQueryContext = sourceEntity
+    .getViewerContext()
+    .getViewerScopedEntityCompanionForClass(entityClass)
+    .getQueryContextProvider()
+    .getQueryContext(),
+): Promise<EntityPrivacyEvaluationResult> {
   return await canViewerUpdateInternalAsync(
     entityClass,
     sourceEntity,
@@ -67,31 +113,24 @@ export async function canViewerUpdateAsync<
 }
 async function canViewerUpdateInternalAsync<
-  TMFields extends object,
-  TMID extends NonNullable<TMFields[TMSelectedFields]>,
-  TMViewerContext extends ViewerContext,
-  TMEntity extends Entity<TMFields, TMID, TMViewerContext, TMSelectedFields>,
-  TMPrivacyPolicy extends EntityPrivacyPolicy<
-    TMFields,
-    TMID,
-    TMViewerContext,
-    TMEntity,
-    TMSelectedFields
+  TFields extends object,
+  TID extends NonNullable<TFields[TSelectedFields]>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
+  TPrivacyPolicy extends EntityPrivacyPolicy<
+    TFields,
+    TID,
+    TViewerContext,
+    TEntity,
+    TSelectedFields
   >,
-  TMSelectedFields extends keyof TMFields = keyof TMFields,
+  TSelectedFields extends keyof TFields = keyof TFields,
 >(
-  entityClass: IEntityClass<
-    TMFields,
-    TMID,
-    TMViewerContext,
-    TMEntity,
-    TMPrivacyPolicy,
-    TMSelectedFields
-  >,
-  sourceEntity: TMEntity,
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
+  sourceEntity: TEntity,
   cascadingDeleteCause: EntityCascadingDeletionInfo | null,
   queryContext: EntityQueryContext,
-): Promise<boolean> {
+): Promise<EntityPrivacyEvaluationResult> {
   const companion = sourceEntity
     .getViewerContext()
     .getViewerScopedEntityCompanionForClass(entityClass);
@@ -107,20 +146,19 @@ async function canViewerUpdateInternalAsync<
   );
   if (!evaluationResult.ok) {
     if (evaluationResult.reason instanceof EntityNotAuthorizedError) {
-      return false;
+      return { allowed: false, authorizationErrors: [evaluationResult.reason] };
     } else {
       throw evaluationResult.reason;
     }
   }
-  return evaluationResult.ok;
+  return { allowed: true };
 }
 /**
  * Check whether a single entity loaded by a viewer can be deleted by that same viewer.
  * This recursively checks edge cascade permissions (EntityEdgeDeletionBehavior) as well.
  *
- * @remarks
- * See remarks for canViewerUpdate.
+ * @see canViewerUpdateAsync
  *
  * @param entityClass - class of entity
  * @param sourceEntity - entity loaded by viewer
@@ -129,32 +167,65 @@ async function canViewerUpdateInternalAsync<
 export async function canViewerDeleteAsync<
   TFields extends object,
   TID extends NonNullable<TFields[TSelectedFields]>,
-  TMViewerContext extends ViewerContext,
-  TEntity extends Entity<TFields, TID, TMViewerContext, TSelectedFields>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
   TPrivacyPolicy extends EntityPrivacyPolicy<
     TFields,
     TID,
-    TMViewerContext,
+    TViewerContext,
     TEntity,
     TSelectedFields
   >,
   TSelectedFields extends keyof TFields = keyof TFields,
 >(
-  entityClass: IEntityClass<
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
+  sourceEntity: TEntity,
+  queryContext: EntityQueryContext = sourceEntity
+    .getViewerContext()
+    .getViewerScopedEntityCompanionForClass(entityClass)
+    .getQueryContextProvider()
+    .getQueryContext(),
+): Promise<boolean> {
+  const result = await canViewerDeleteInternalAsync(
+    entityClass,
+    sourceEntity,
+    /* cascadingDeleteCause */ null,
+    queryContext,
+  );
+  return result.allowed;
+}
+/**
+ * Check whether a single entity loaded by a viewer can be deleted by that same viewer and return the evaluation result.
+ *
+ * @see canViewerDeleteAsync
+ *
+ * @param entityClass - class of entity
+ * @param sourceEntity - entity loaded by viewer
+ * @param queryContext - query context in which to perform the check
+ */
+export async function getCanViewerDeleteResultAsync<
+  TFields extends object,
+  TID extends NonNullable<TFields[TSelectedFields]>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
+  TPrivacyPolicy extends EntityPrivacyPolicy<
     TFields,
     TID,
-    TMViewerContext,
+    TViewerContext,
     TEntity,
-    TPrivacyPolicy,
     TSelectedFields
   >,
+  TSelectedFields extends keyof TFields = keyof TFields,
+>(
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
   sourceEntity: TEntity,
   queryContext: EntityQueryContext = sourceEntity
     .getViewerContext()
     .getViewerScopedEntityCompanionForClass(entityClass)
     .getQueryContextProvider()
     .getQueryContext(),
-): Promise<boolean> {
+): Promise<EntityPrivacyEvaluationResult> {
   return await canViewerDeleteInternalAsync(
     entityClass,
     sourceEntity,
@@ -166,29 +237,22 @@ export async function canViewerDeleteAsync<
 async function canViewerDeleteInternalAsync<
   TFields extends object,
   TID extends NonNullable<TFields[TSelectedFields]>,
-  TMViewerContext extends ViewerContext,
-  TEntity extends Entity<TFields, TID, TMViewerContext, TSelectedFields>,
+  TViewerContext extends ViewerContext,
+  TEntity extends Entity<TFields, TID, TViewerContext, TSelectedFields>,
   TPrivacyPolicy extends EntityPrivacyPolicy<
     TFields,
     TID,
-    TMViewerContext,
+    TViewerContext,
     TEntity,
     TSelectedFields
   >,
   TSelectedFields extends keyof TFields = keyof TFields,
 >(
-  entityClass: IEntityClass<
-    TFields,
-    TID,
-    TMViewerContext,
-    TEntity,
-    TPrivacyPolicy,
-    TSelectedFields
-  >,
+  entityClass: IEntityClass<TFields, TID, TViewerContext, TEntity, TPrivacyPolicy, TSelectedFields>,
   sourceEntity: TEntity,
   cascadingDeleteCause: EntityCascadingDeletionInfo | null,
   queryContext: EntityQueryContext,
-): Promise<boolean> {
+): Promise<EntityPrivacyEvaluationResult> {
   const viewerContext = sourceEntity.getViewerContext();
   const entityCompanionProvider = viewerContext.entityCompanionProvider;
   const viewerScopedCompanion = sourceEntity
@@ -207,7 +271,7 @@ async function canViewerDeleteInternalAsync<
   );
   if (!evaluationResult.ok) {
     if (evaluationResult.reason instanceof EntityNotAuthorizedError) {
-      return false;
+      return { allowed: false, authorizationErrors: [evaluationResult.reason] };
     } else {
       throw evaluationResult.reason;
     }
@@ -266,9 +330,8 @@ async function canViewerDeleteInternalAsync<
         edgeDeletionPermissionInferenceBehavior ===
         EntityEdgeDeletionAuthorizationInferenceBehavior.ONE_IMPLIES_ALL
       ) {
-        const singleEntityToTestForInboundEdge = await loader
-          .withAuthorizationResults()
-          .loadFirstByFieldEqualityConjunctionAsync(
+        const singleEntityResultToTestForInboundEdge =
+          await loader.loadFirstByFieldEqualityConjunctionAsync(
             [
               {
                 fieldName,
@@ -279,25 +342,23 @@ async function canViewerDeleteInternalAsync<
             ],
             { orderBy: [] },
           );
-        entityResultsToCheckForInboundEdge = singleEntityToTestForInboundEdge
-          ? [singleEntityToTestForInboundEdge]
+        entityResultsToCheckForInboundEdge = singleEntityResultToTestForInboundEdge
+          ? [singleEntityResultToTestForInboundEdge]
           : [];
       } else {
-        const entityResultsForInboundEdge = await loader
-          .withAuthorizationResults()
-          .loadManyByFieldEqualingAsync(
-            fieldName,
-            association.associatedEntityLookupByField
-              ? sourceEntity.getField(association.associatedEntityLookupByField as any)
-              : sourceEntity.getID(),
-          );
+        const entityResultsForInboundEdge = await loader.loadManyByFieldEqualingAsync(
+          fieldName,
+          association.associatedEntityLookupByField
+            ? sourceEntity.getField(association.associatedEntityLookupByField as any)
+            : sourceEntity.getID(),
+        );
         entityResultsToCheckForInboundEdge = entityResultsForInboundEdge;
       }
       const failedEntityLoadResults = failedResults(entityResultsToCheckForInboundEdge);
       for (const failedResult of failedEntityLoadResults) {
         if (failedResult.reason instanceof EntityNotAuthorizedError) {
-          return false;
+          return { allowed: false, authorizationErrors: [failedResult.reason] };
         } else {
           throw failedResult.reason;
         }
@@ -311,48 +372,68 @@ async function canViewerDeleteInternalAsync<
       switch (association.edgeDeletionBehavior) {
         case EntityEdgeDeletionBehavior.CASCADE_DELETE:
         case EntityEdgeDeletionBehavior.CASCADE_DELETE_INVALIDATE_CACHE_ONLY: {
-          const canDeleteAll = (
-            await Promise.all(
-              entitiesForInboundEdge.map((entity) =>
-                canViewerDeleteInternalAsync(
-                  inboundEdge,
-                  entity,
-                  newCascadingDeleteCause,
-                  queryContext,
-                ),
+          const canDeleteEvaluationResults = await Promise.all(
+            entitiesForInboundEdge.map((entity) =>
+              canViewerDeleteInternalAsync(
+                inboundEdge,
+                entity,
+                newCascadingDeleteCause,
+                queryContext,
               ),
-            )
-          ).every((b) => b);
+            ),
+          );
-          if (!canDeleteAll) {
-            return false;
+          const reducedEvaluationResult = reduceEvaluationResults(canDeleteEvaluationResults);
+          if (!reducedEvaluationResult.allowed) {
+            return reducedEvaluationResult;
           }
           break;
         }
         case EntityEdgeDeletionBehavior.SET_NULL:
         case EntityEdgeDeletionBehavior.SET_NULL_INVALIDATE_CACHE_ONLY: {
-          const canUpdateAll = (
-            await Promise.all(
-              entitiesForInboundEdge.map((entity) =>
-                canViewerUpdateInternalAsync(
-                  inboundEdge,
-                  entity,
-                  newCascadingDeleteCause,
-                  queryContext,
-                ),
+          const canUpdateEvaluationResults = await Promise.all(
+            entitiesForInboundEdge.map((entity) =>
+              canViewerUpdateInternalAsync(
+                inboundEdge,
+                entity,
+                newCascadingDeleteCause,
+                queryContext,
               ),
-            )
-          ).every((b) => b);
+            ),
+          );
-          if (!canUpdateAll) {
-            return false;
+          const reducedEvaluationResult = reduceEvaluationResults(canUpdateEvaluationResults);
+          if (!reducedEvaluationResult.allowed) {
+            return reducedEvaluationResult;
           }
           break;
         }
       }
     }
   }
-  return true;
+  return { allowed: true };
+}
+function reduceEvaluationResults(
+  evaluationResults: EntityPrivacyEvaluationResult[],
+): EntityPrivacyEvaluationResult {
+  const [successResults, failureResults] = partitionArray<
+    EntityPrivacyEvaluationResultSuccess,
+    EntityPrivacyEvaluationResultFailure
+  >(evaluationResults, (evaluationResult) => evaluationResult.allowed);
+  if (successResults.length === evaluationResults.length) {
+    return { allowed: true };
+  }
+  return {
+    allowed: false,
+    authorizationErrors: failureResults.flatMap(
+      (failureResult) => failureResult.authorizationErrors,
+    ),
+  };
 }