@flipdish/authorization 0.2.7-rc.1763978242 → 0.2.11-rc.1764849351
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +57 -4
- package/api.ts +682 -152
- package/configuration.ts +1 -1
- package/dist/api.d.ts +406 -143
- package/dist/api.js +653 -29
- package/dist/configuration.js +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -10,9 +10,9 @@ Internally the package utilizes the [axios](https://github.com/axios/axios) as i
|
|
|
10
10
|
import {
|
|
11
11
|
AuthorizationApi,
|
|
12
12
|
Configuration,
|
|
13
|
+
ConfigurationDataApi,
|
|
13
14
|
type ErrorResponse,
|
|
14
15
|
Permissions,
|
|
15
|
-
PermissionsApi,
|
|
16
16
|
UserPermissionsApi,
|
|
17
17
|
} from "@flipdish/authorization";
|
|
18
18
|
import { describe, expect, it, test } from "@jest/globals";
|
|
@@ -30,7 +30,7 @@ const bearerConfiguration = new Configuration({
|
|
|
30
30
|
});
|
|
31
31
|
|
|
32
32
|
const authorization = new AuthorizationApi(bearerConfiguration);
|
|
33
|
-
const
|
|
33
|
+
const configurationData = new ConfigurationDataApi(bearerConfiguration);
|
|
34
34
|
|
|
35
35
|
// mimic brower config where cookies will be sent automatically
|
|
36
36
|
// you shouldn't need to pass an axios instance as the cookies will be
|
|
@@ -48,7 +48,7 @@ const userPermissions = new UserPermissionsApi(
|
|
|
48
48
|
describe("Authorization Tests", () => {
|
|
49
49
|
describe("Authorization", () => {
|
|
50
50
|
test("List Permissions", async () => {
|
|
51
|
-
const permissionsResponse = await
|
|
51
|
+
const permissionsResponse = await configurationData.listPermissions();
|
|
52
52
|
expect(permissionsResponse.status).toBe(200);
|
|
53
53
|
expect(permissionsResponse.data.permissions).toBeDefined();
|
|
54
54
|
expect(permissionsResponse.data.permissions.length).toBeGreaterThan(0);
|
|
@@ -69,6 +69,24 @@ describe("Authorization Tests", () => {
|
|
|
69
69
|
);
|
|
70
70
|
});
|
|
71
71
|
|
|
72
|
+
test("List Feature Based Roles", async () => {
|
|
73
|
+
const featureBasedRolesResponse = await configurationData.listFeatureBasedRoles();
|
|
74
|
+
expect(featureBasedRolesResponse.status).toBe(200);
|
|
75
|
+
expect(featureBasedRolesResponse.data.roles).toBeDefined();
|
|
76
|
+
expect(featureBasedRolesResponse.data.roles.length).toBeGreaterThan(0);
|
|
77
|
+
expect(featureBasedRolesResponse.data.roles).toContainEqual(
|
|
78
|
+
{ name: "OrgViewer", permissions: ["ViewOrg"] }
|
|
79
|
+
);
|
|
80
|
+
});
|
|
81
|
+
|
|
82
|
+
test("List named roles", async () => {
|
|
83
|
+
const namedRolesResponse = await configurationData.listRoles();
|
|
84
|
+
expect(namedRolesResponse.status).toBe(200);
|
|
85
|
+
expect(namedRolesResponse.data.roles).toBeDefined();
|
|
86
|
+
expect(namedRolesResponse.data.roles.length).toBeGreaterThan(0);
|
|
87
|
+
expect(namedRolesResponse.data.roles).toContainEqual("Admin");
|
|
88
|
+
});
|
|
89
|
+
|
|
72
90
|
describe("List User Permission Sets", () => {
|
|
73
91
|
it("should list user permission sets", async () => {
|
|
74
92
|
const userPermissionSetsResponse =
|
|
@@ -172,9 +190,44 @@ describe("Authorization Tests", () => {
|
|
|
172
190
|
expect(authorizationResponse.data.allowed).toBe(false);
|
|
173
191
|
expect(authorizationResponse.data.decision).toBe("DENY");
|
|
174
192
|
});
|
|
193
|
+
|
|
194
|
+
describe("Check is in role", () => {
|
|
195
|
+
it("should check if a user is in a role", async () => {
|
|
196
|
+
const isInRoleResponse = await authorization.checkIsInRole({
|
|
197
|
+
principal: {
|
|
198
|
+
id: "12345",
|
|
199
|
+
type: "User",
|
|
200
|
+
},
|
|
201
|
+
roles: ["Admin"],
|
|
202
|
+
});
|
|
203
|
+
expect(isInRoleResponse.status).toBe(200);
|
|
204
|
+
expect(isInRoleResponse.data.authorized).toBe(false);
|
|
205
|
+
});
|
|
206
|
+
|
|
207
|
+
it("should authenticate and check if a user is in a role with a valid FD-Authorization cookie", async () => {
|
|
208
|
+
const isInRoleResponse = await authorization.authenticateAndCheckIsInRole({
|
|
209
|
+
headers: {
|
|
210
|
+
Cookie: `FD-Authorization=${process.env.FD_AUTH_COOKIE_PROD};`,
|
|
211
|
+
},
|
|
212
|
+
roles: ["Admin"],
|
|
213
|
+
});
|
|
214
|
+
expect(isInRoleResponse.status).toBe(200);
|
|
215
|
+
expect(isInRoleResponse.data.authorized).toBe(false);
|
|
216
|
+
});
|
|
217
|
+
|
|
218
|
+
it("should authenticate and check if a user is in a role with a valid Bearer token", async () => {
|
|
219
|
+
const isInRoleResponse = await authorization.authenticateAndCheckIsInRole({
|
|
220
|
+
headers: {
|
|
221
|
+
Authorization: `Bearer ${process.env.FLIPDISH_BEARER_TOKEN_PROD}`,
|
|
222
|
+
},
|
|
223
|
+
roles: ["Admin"],
|
|
224
|
+
});
|
|
225
|
+
expect(isInRoleResponse.status).toBe(200);
|
|
226
|
+
expect(isInRoleResponse.data.authorized).toBe(false);
|
|
227
|
+
});
|
|
228
|
+
});
|
|
175
229
|
});
|
|
176
230
|
});
|
|
177
|
-
|
|
178
231
|
```
|
|
179
232
|
|
|
180
233
|
The generated Node module can be used in the following environments:
|