@forestadmin/agent 1.0.2 → 1.1.0-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/routes/access/chart.js +3 -3
- package/dist/routes/access/count-related.js +3 -3
- package/dist/routes/access/count.js +3 -3
- package/dist/routes/access/csv-related.js +4 -4
- package/dist/routes/access/csv.js +4 -4
- package/dist/routes/access/get.js +3 -3
- package/dist/routes/access/list-related.js +3 -3
- package/dist/routes/access/list.js +3 -3
- package/dist/routes/modification/action.d.ts +1 -1
- package/dist/routes/modification/action.js +24 -7
- package/dist/routes/modification/associate-related.js +3 -3
- package/dist/routes/modification/create.js +4 -4
- package/dist/routes/modification/delete.js +3 -3
- package/dist/routes/modification/dissociate-delete-related.js +3 -3
- package/dist/routes/modification/update-field.js +3 -3
- package/dist/routes/modification/update-relation.js +5 -5
- package/dist/routes/modification/update.js +3 -3
- package/dist/routes/security/scope-invalidation.js +2 -2
- package/dist/services/authorization/authorization.d.ts +31 -0
- package/dist/services/authorization/authorization.js +107 -0
- package/dist/services/authorization/index.d.ts +4 -0
- package/dist/services/authorization/index.js +11 -0
- package/dist/services/authorization/types.d.ts +26 -0
- package/dist/services/authorization/types.js +3 -0
- package/dist/services/index.d.ts +2 -2
- package/dist/services/index.js +8 -6
- package/dist/types.d.ts +2 -0
- package/dist/types.js +1 -1
- package/dist/utils/forest-http-api.d.ts +0 -28
- package/dist/utils/forest-http-api.js +1 -81
- package/dist/utils/options-validator.js +14 -6
- package/package.json +4 -4
- package/dist/services/permissions.d.ts +0 -19
- package/dist/services/permissions.js +0 -85
|
@@ -29,8 +29,8 @@ class UpdateRelation extends relation_route_1.default {
|
|
|
29
29
|
}
|
|
30
30
|
async updateManyToOne(context, relation, parentId, linkedId, caller) {
|
|
31
31
|
// Perms
|
|
32
|
-
const scope = await this.services.
|
|
33
|
-
await this.services.
|
|
32
|
+
const scope = await this.services.authorization.getScope(this.collection, context);
|
|
33
|
+
await this.services.authorization.assertCanEdit(context, this.collection.name);
|
|
34
34
|
// Load the value that will be used as foreignKey (=== linkedId[0] most of the time)
|
|
35
35
|
const foreignValue = linkedId
|
|
36
36
|
? await datasource_toolkit_1.CollectionUtils.getValue(this.foreignCollection, caller, linkedId, relation.foreignKeyTarget)
|
|
@@ -41,8 +41,8 @@ class UpdateRelation extends relation_route_1.default {
|
|
|
41
41
|
}
|
|
42
42
|
async updateOneToOne(context, relation, parentId, linkedId, caller) {
|
|
43
43
|
// Permissions
|
|
44
|
-
const scope = await this.services.
|
|
45
|
-
await this.services.
|
|
44
|
+
const scope = await this.services.authorization.getScope(this.foreignCollection, context);
|
|
45
|
+
await this.services.authorization.assertCanEdit(context, this.foreignCollection.name);
|
|
46
46
|
// Load the value that will be used as originKey (=== parentId[0] most of the time)
|
|
47
47
|
const originValue = await datasource_toolkit_1.CollectionUtils.getValue(this.collection, caller, parentId, relation.originKeyTarget);
|
|
48
48
|
// Break old relation (may update zero or one records).
|
|
@@ -56,4 +56,4 @@ class UpdateRelation extends relation_route_1.default {
|
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
58
|
exports.default = UpdateRelation;
|
|
59
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
59
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXBkYXRlLXJlbGF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vdXBkYXRlLXJlbGF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBU3lDO0FBSXpDLHVDQUF1QztBQUN2Qyx3REFBcUM7QUFDckMsNEVBQXlEO0FBQ3pELHVFQUE4QztBQUU5QyxNQUFxQixjQUFlLFNBQVEsd0JBQWE7SUFDdkQsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FDUixJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSw0QkFBNEIsSUFBSSxDQUFDLFlBQVksRUFBRSxFQUN2RSxJQUFJLENBQUMseUJBQXlCLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUMxQyxDQUFDO0lBQ0osQ0FBQztJQUVNLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxPQUFnQjtRQUNyRCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ2xFLE1BQU0sTUFBTSxHQUFHLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN0RCxNQUFNLFFBQVEsR0FBRyxZQUFPLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFbkYsTUFBTSxRQUFRLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsSUFBSSxFQUFFLEVBQUU7WUFDN0MsQ0FBQyxDQUFDLFlBQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQy9FLENBQUMsQ0FBQyxJQUFJLENBQUM7UUFFVCxJQUFJLFFBQVEsQ0FBQyxJQUFJLEtBQUssV0FBVyxFQUFFO1lBQ2pDLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDM0U7YUFBTSxJQUFJLFFBQVEsQ0FBQyxJQUFJLEtBQUssVUFBVSxFQUFFO1lBQ3ZDLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDMUU7UUFFRCxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLFNBQVMsQ0FBQztJQUMvQyxDQUFDO0lBRU8sS0FBSyxDQUFDLGVBQWUsQ0FDM0IsT0FBZ0IsRUFDaEIsUUFBeUIsRUFDekIsUUFBcUIsRUFDckIsUUFBcUIsRUFDckIsTUFBYztRQUVkLFFBQVE7UUFDUixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25GLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRS9FLG9GQUFvRjtRQUNwRixNQUFNLFlBQVksR0FBRyxRQUFRO1lBQzNCLENBQUMsQ0FBQyxNQUFNLG9DQUFlLENBQUMsUUFBUSxDQUM1QixJQUFJLENBQUMsaUJBQWlCLEVBQ3RCLE1BQU0sRUFDTixRQUFRLEVBQ1IsUUFBUSxDQUFDLGdCQUFnQixDQUMxQjtZQUNILENBQUMsQ0FBQyxJQUFJLENBQUM7UUFFVCxrRUFBa0U7UUFDbEUsTUFBTSxPQUFPLEdBQUcseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQztRQUVsRixNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUMxQixNQUFNLEVBQ04sSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FBQyxFQUM3RSxFQUFFLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLFlBQVksRUFBRSxDQUN4QyxDQUFDO0lBQ0osQ0FBQztJQUVPLEtBQUssQ0FBQyxjQUFjLENBQzFCLE9BQWdCLEVBQ2hCLFFBQXdCLEVBQ3hCLFFBQXFCLEVBQ3JCLFFBQXFCLEVBQ3JCLE1BQWM7UUFFZCxjQUFjO1FBQ2QsTUFBTSxLQUFLLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQzFGLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFdEYsbUZBQW1GO1FBQ25GLE1BQU0sV0FBVyxHQUFHLE1BQU0sb0NBQWUsQ0FBQyxRQUFRLENBQ2hELElBQUksQ0FBQyxVQUFVLEVBQ2YsTUFBTSxFQUNOLFFBQVEsRUFDUixRQUFRLENBQUMsZUFBZSxDQUN6QixDQUFDO1FBRUYsdURBQXVEO1FBQ3ZELE1BQU0sVUFBVSxHQUFHLElBQUksc0NBQWlCLENBQUMsUUFBUSxDQUFDLFNBQVMsRUFBRSxPQUFPLEVBQUUsV0FBVyxDQUFDLENBQUM7UUFDbkYsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUNqQyxNQUFNLEVBQ04sSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FBQyxFQUNoRixFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksRUFBRSxDQUMvQixDQUFDO1FBRUYsd0RBQXdEO1FBQ3hELElBQUksUUFBUSxFQUFFO1lBQ1osTUFBTSxVQUFVLEdBQUcseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDO1lBQzVGLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FDakMsTUFBTSxFQUNOLElBQUksMkJBQU0sQ0FBQyxFQUFFLGFBQWEsRUFBRSx5Q0FBb0IsQ0FBQyxTQUFTLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxFQUFFLENBQUMsRUFDaEYsRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FDdEMsQ0FBQztTQUNIO0lBQ0gsQ0FBQztDQUNGO0FBOUZELGlDQThGQyJ9
|
|
@@ -12,7 +12,7 @@ class UpdateRoute extends collection_route_1.default {
|
|
|
12
12
|
router.put(`/${this.collection.name}/:id`, this.handleUpdate.bind(this));
|
|
13
13
|
}
|
|
14
14
|
async handleUpdate(context) {
|
|
15
|
-
await this.services.
|
|
15
|
+
await this.services.authorization.assertCanEdit(context, this.collection.name);
|
|
16
16
|
const id = id_1.default.unpackId(this.collection.schema, context.params.id);
|
|
17
17
|
const { body } = context.request;
|
|
18
18
|
if ('relationships' in body.data) {
|
|
@@ -20,7 +20,7 @@ class UpdateRoute extends collection_route_1.default {
|
|
|
20
20
|
}
|
|
21
21
|
const record = this.services.serializer.deserialize(this.collection, body);
|
|
22
22
|
datasource_toolkit_1.RecordValidator.validate(this.collection, record);
|
|
23
|
-
const conditionTree = datasource_toolkit_1.ConditionTreeFactory.intersect(datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [id]), await this.services.
|
|
23
|
+
const conditionTree = datasource_toolkit_1.ConditionTreeFactory.intersect(datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [id]), await this.services.authorization.getScope(this.collection, context));
|
|
24
24
|
const caller = query_string_1.default.parseCaller(context);
|
|
25
25
|
await this.collection.update(caller, new datasource_toolkit_1.Filter({ conditionTree }), record);
|
|
26
26
|
const [updateResult] = await this.collection.list(caller, new datasource_toolkit_1.Filter({ conditionTree }), datasource_toolkit_1.ProjectionFactory.all(this.collection));
|
|
@@ -28,4 +28,4 @@ class UpdateRoute extends collection_route_1.default {
|
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
30
|
exports.default = UpdateRoute;
|
|
31
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXBkYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vdXBkYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBS3lDO0FBSXpDLDJFQUFrRDtBQUNsRCx3REFBcUM7QUFDckMsNEVBQXlEO0FBRXpELE1BQXFCLFdBQVksU0FBUSwwQkFBZTtJQUN0RCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLE1BQU0sRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBQzNFLENBQUM7SUFFTSxLQUFLLENBQUMsWUFBWSxDQUFDLE9BQWdCO1FBQ3hDLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRS9FLE1BQU0sRUFBRSxHQUFHLFlBQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUV2RSxNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUVqQyxJQUFJLGVBQWUsSUFBSSxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ2hDLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUM7U0FDaEM7UUFFRCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUMzRSxvQ0FBZSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRWxELE1BQU0sYUFBYSxHQUFHLHlDQUFvQixDQUFDLFNBQVMsQ0FDbEQseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsRUFDM0QsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FDckUsQ0FBQztRQUNGLE1BQU0sTUFBTSxHQUFHLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN0RCxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxJQUFJLDJCQUFNLENBQUMsRUFBRSxhQUFhLEVBQUUsQ0FBQyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzVFLE1BQU0sQ0FBQyxZQUFZLENBQUMsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUMvQyxNQUFNLEVBQ04sSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLENBQUMsRUFDN0Isc0NBQWlCLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FDdkMsQ0FBQztRQUVGLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLFlBQVksQ0FBQyxDQUFDO0lBQzVGLENBQUM7Q0FDRjtBQWpDRCw4QkFpQ0MifQ==
|
|
@@ -20,9 +20,9 @@ class ScopeInvalidation extends base_route_1.default {
|
|
|
20
20
|
if (Number.isNaN(renderingId)) {
|
|
21
21
|
throw new datasource_toolkit_1.ValidationError('Malformed body');
|
|
22
22
|
}
|
|
23
|
-
this.services.
|
|
23
|
+
this.services.authorization.invalidateScopeCache(renderingId);
|
|
24
24
|
context.response.status = types_1.HttpCode.NoContent;
|
|
25
25
|
}
|
|
26
26
|
}
|
|
27
27
|
exports.default = ScopeInvalidation;
|
|
28
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
28
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NvcGUtaW52YWxpZGF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9zZWN1cml0eS9zY29wZS1pbnZhbGlkYXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFDQSx3RUFBa0U7QUFHbEUsdUNBQWtEO0FBQ2xELCtEQUFzQztBQUV0QyxNQUFxQixpQkFBa0IsU0FBUSxvQkFBUztJQUF4RDs7UUFDVyxTQUFJLEdBQUcsaUJBQVMsQ0FBQyxZQUFZLENBQUM7SUFrQnpDLENBQUM7SUFoQkMsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLElBQUksQ0FBQywyQkFBMkIsRUFBRSxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBQzVFLENBQUM7SUFFRCwwRkFBMEY7SUFDbEYsS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUFnQjtRQUM1QyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsV0FBVyxDQUFDLENBQUM7UUFFOUQsSUFBSSxNQUFNLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxFQUFFO1lBQzdCLE1BQU0sSUFBSSxvQ0FBZSxDQUFDLGdCQUFnQixDQUFDLENBQUM7U0FDN0M7UUFFRCxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxvQkFBb0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUU5RCxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLFNBQVMsQ0FBQztJQUMvQyxDQUFDO0NBQ0Y7QUFuQkQsb0NBbUJDIn0=
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import { Context } from 'koa';
|
|
2
|
+
import { Collection, ConditionTree } from '@forestadmin/datasource-toolkit';
|
|
3
|
+
import { ForestAdminClient } from '@forestadmin/forestadmin-client';
|
|
4
|
+
export default class AuthorizationService {
|
|
5
|
+
private readonly forestAdminClient;
|
|
6
|
+
constructor(forestAdminClient: ForestAdminClient);
|
|
7
|
+
assertCanBrowse(context: Context, collectionName: string): Promise<void>;
|
|
8
|
+
assertCanRead(context: Context, collectionName: string): Promise<void>;
|
|
9
|
+
assertCanAdd(context: Context, collectionName: string): Promise<void>;
|
|
10
|
+
assertCanEdit(context: Context, collectionName: string): Promise<void>;
|
|
11
|
+
assertCanDelete(context: Context, collectionName: string): Promise<void>;
|
|
12
|
+
assertCanExport(context: Context, collectionName: string): Promise<void>;
|
|
13
|
+
private assertCanOnCollection;
|
|
14
|
+
assertCanTriggerCustomAction({ context, customActionName, collectionName, }: {
|
|
15
|
+
context: Context;
|
|
16
|
+
customActionName: string;
|
|
17
|
+
collectionName: string;
|
|
18
|
+
}): Promise<void>;
|
|
19
|
+
assertCanApproveCustomAction({ context, customActionName, collectionName, requesterId, }: {
|
|
20
|
+
context: Context;
|
|
21
|
+
customActionName: string;
|
|
22
|
+
collectionName: string;
|
|
23
|
+
requesterId: number | string;
|
|
24
|
+
}): Promise<void>;
|
|
25
|
+
assertCanRequestCustomActionParameters(context: Context, customActionName: string, collectionName: string): Promise<void>;
|
|
26
|
+
assertCanRetrieveChart(context: Context): Promise<void>;
|
|
27
|
+
getScope(collection: Collection, context: Context): Promise<ConditionTree>;
|
|
28
|
+
invalidateScopeCache(renderingId: number | string): void;
|
|
29
|
+
verifySignedActionParameters<TSignedParameters>(signedToken: string): TSignedParameters;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=authorization.d.ts.map
|
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const forestadmin_client_1 = require("@forestadmin/forestadmin-client");
|
|
7
|
+
const types_1 = require("../../types");
|
|
8
|
+
const condition_tree_parser_1 = __importDefault(require("../../utils/condition-tree-parser"));
|
|
9
|
+
class AuthorizationService {
|
|
10
|
+
constructor(forestAdminClient) {
|
|
11
|
+
this.forestAdminClient = forestAdminClient;
|
|
12
|
+
}
|
|
13
|
+
async assertCanBrowse(context, collectionName) {
|
|
14
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Browse, context, collectionName);
|
|
15
|
+
}
|
|
16
|
+
async assertCanRead(context, collectionName) {
|
|
17
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Read, context, collectionName);
|
|
18
|
+
}
|
|
19
|
+
async assertCanAdd(context, collectionName) {
|
|
20
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Add, context, collectionName);
|
|
21
|
+
}
|
|
22
|
+
async assertCanEdit(context, collectionName) {
|
|
23
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Edit, context, collectionName);
|
|
24
|
+
}
|
|
25
|
+
async assertCanDelete(context, collectionName) {
|
|
26
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Delete, context, collectionName);
|
|
27
|
+
}
|
|
28
|
+
async assertCanExport(context, collectionName) {
|
|
29
|
+
await this.assertCanOnCollection(forestadmin_client_1.CollectionActionEvent.Export, context, collectionName);
|
|
30
|
+
}
|
|
31
|
+
async assertCanOnCollection(event, context, collectionName) {
|
|
32
|
+
const { id: userId } = context.state.user;
|
|
33
|
+
const canOnCollection = await this.forestAdminClient.permissionService.canOnCollection({
|
|
34
|
+
userId,
|
|
35
|
+
event,
|
|
36
|
+
collectionName,
|
|
37
|
+
});
|
|
38
|
+
if (!canOnCollection) {
|
|
39
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
async assertCanTriggerCustomAction({ context, customActionName, collectionName, }) {
|
|
43
|
+
const { id: userId } = context.state.user;
|
|
44
|
+
const canTrigger = await this.forestAdminClient.permissionService.canTriggerCustomAction({
|
|
45
|
+
userId,
|
|
46
|
+
customActionName,
|
|
47
|
+
collectionName,
|
|
48
|
+
});
|
|
49
|
+
if (!canTrigger) {
|
|
50
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
async assertCanApproveCustomAction({ context, customActionName, collectionName, requesterId, }) {
|
|
54
|
+
const { id: userId } = context.state.user;
|
|
55
|
+
const canApprove = await this.forestAdminClient.permissionService.canApproveCustomAction({
|
|
56
|
+
userId,
|
|
57
|
+
customActionName,
|
|
58
|
+
collectionName,
|
|
59
|
+
requesterId,
|
|
60
|
+
});
|
|
61
|
+
if (!canApprove) {
|
|
62
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
async assertCanRequestCustomActionParameters(context, customActionName, collectionName) {
|
|
66
|
+
const { id: userId } = context.state.user;
|
|
67
|
+
const canRequest = await this.forestAdminClient.permissionService.canRequestCustomActionParameters({
|
|
68
|
+
userId,
|
|
69
|
+
customActionName,
|
|
70
|
+
collectionName,
|
|
71
|
+
});
|
|
72
|
+
if (!canRequest) {
|
|
73
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
async assertCanRetrieveChart(context) {
|
|
77
|
+
const { renderingId, id: userId } = context.state.user;
|
|
78
|
+
const { body: chartRequest } = context.request;
|
|
79
|
+
const canRetrieve = await this.forestAdminClient.permissionService.canRetrieveChart({
|
|
80
|
+
renderingId,
|
|
81
|
+
userId,
|
|
82
|
+
chartRequest,
|
|
83
|
+
});
|
|
84
|
+
if (!canRetrieve) {
|
|
85
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
async getScope(collection, context) {
|
|
89
|
+
const { user } = context.state;
|
|
90
|
+
const scope = await this.forestAdminClient.getScope({
|
|
91
|
+
renderingId: user.renderingId,
|
|
92
|
+
userId: user.id,
|
|
93
|
+
collectionName: collection.name,
|
|
94
|
+
});
|
|
95
|
+
if (!scope)
|
|
96
|
+
return null;
|
|
97
|
+
return condition_tree_parser_1.default.fromPlainObject(collection, scope);
|
|
98
|
+
}
|
|
99
|
+
invalidateScopeCache(renderingId) {
|
|
100
|
+
this.forestAdminClient.markScopesAsUpdated(renderingId);
|
|
101
|
+
}
|
|
102
|
+
verifySignedActionParameters(signedToken) {
|
|
103
|
+
return this.forestAdminClient.verifySignedActionParameters(signedToken);
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
exports.default = AuthorizationService;
|
|
107
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aG9yaXphdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9zZXJ2aWNlcy9hdXRob3JpemF0aW9uL2F1dGhvcml6YXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFHQSx3RUFBMkY7QUFDM0YsdUNBQXVDO0FBQ3ZDLDhGQUFvRTtBQUVwRSxNQUFxQixvQkFBb0I7SUFDdkMsWUFBNkIsaUJBQW9DO1FBQXBDLHNCQUFpQixHQUFqQixpQkFBaUIsQ0FBbUI7SUFBRyxDQUFDO0lBRTlELEtBQUssQ0FBQyxlQUFlLENBQUMsT0FBZ0IsRUFBRSxjQUFzQjtRQUNuRSxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQywwQ0FBcUIsQ0FBQyxNQUFNLEVBQUUsT0FBTyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQzFGLENBQUM7SUFFTSxLQUFLLENBQUMsYUFBYSxDQUFDLE9BQWdCLEVBQUUsY0FBc0I7UUFDakUsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsMENBQXFCLENBQUMsSUFBSSxFQUFFLE9BQU8sRUFBRSxjQUFjLENBQUMsQ0FBQztJQUN4RixDQUFDO0lBRU0sS0FBSyxDQUFDLFlBQVksQ0FBQyxPQUFnQixFQUFFLGNBQXNCO1FBQ2hFLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLDBDQUFxQixDQUFDLEdBQUcsRUFBRSxPQUFPLEVBQUUsY0FBYyxDQUFDLENBQUM7SUFDdkYsQ0FBQztJQUVNLEtBQUssQ0FBQyxhQUFhLENBQUMsT0FBZ0IsRUFBRSxjQUFzQjtRQUNqRSxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQywwQ0FBcUIsQ0FBQyxJQUFJLEVBQUUsT0FBTyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQ3hGLENBQUM7SUFFTSxLQUFLLENBQUMsZUFBZSxDQUFDLE9BQWdCLEVBQUUsY0FBc0I7UUFDbkUsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsMENBQXFCLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRSxjQUFjLENBQUMsQ0FBQztJQUMxRixDQUFDO0lBRU0sS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUFnQixFQUFFLGNBQXNCO1FBQ25FLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLDBDQUFxQixDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsY0FBYyxDQUFDLENBQUM7SUFDMUYsQ0FBQztJQUVPLEtBQUssQ0FBQyxxQkFBcUIsQ0FDakMsS0FBNEIsRUFDNUIsT0FBZ0IsRUFDaEIsY0FBc0I7UUFFdEIsTUFBTSxFQUFFLEVBQUUsRUFBRSxNQUFNLEVBQUUsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQztRQUUxQyxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQUM7WUFDckYsTUFBTTtZQUNOLEtBQUs7WUFDTCxjQUFjO1NBQ2YsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLGVBQWUsRUFBRTtZQUNwQixPQUFPLENBQUMsS0FBSyxDQUFDLGdCQUFRLENBQUMsU0FBUyxFQUFFLFdBQVcsQ0FBQyxDQUFDO1NBQ2hEO0lBQ0gsQ0FBQztJQUVNLEtBQUssQ0FBQyw0QkFBNEIsQ0FBQyxFQUN4QyxPQUFPLEVBQ1AsZ0JBQWdCLEVBQ2hCLGNBQWMsR0FLZjtRQUNDLE1BQU0sRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUM7UUFDMUMsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsaUJBQWlCLENBQUMsc0JBQXNCLENBQUM7WUFDdkYsTUFBTTtZQUNOLGdCQUFnQjtZQUNoQixjQUFjO1NBQ2YsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFVBQVUsRUFBRTtZQUNmLE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQVEsQ0FBQyxTQUFTLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDaEQ7SUFDSCxDQUFDO0lBRU0sS0FBSyxDQUFDLDRCQUE0QixDQUFDLEVBQ3hDLE9BQU8sRUFDUCxnQkFBZ0IsRUFDaEIsY0FBYyxFQUNkLFdBQVcsR0FNWjtRQUNDLE1BQU0sRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUM7UUFDMUMsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsaUJBQWlCLENBQUMsc0JBQXNCLENBQUM7WUFDdkYsTUFBTTtZQUNOLGdCQUFnQjtZQUNoQixjQUFjO1lBQ2QsV0FBVztTQUNaLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxVQUFVLEVBQUU7WUFDZixPQUFPLENBQUMsS0FBSyxDQUFDLGdCQUFRLENBQUMsU0FBUyxFQUFFLFdBQVcsQ0FBQyxDQUFDO1NBQ2hEO0lBQ0gsQ0FBQztJQUVNLEtBQUssQ0FBQyxzQ0FBc0MsQ0FDakQsT0FBZ0IsRUFDaEIsZ0JBQXdCLEVBQ3hCLGNBQXNCO1FBRXRCLE1BQU0sRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUM7UUFFMUMsTUFBTSxVQUFVLEdBQ2QsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsaUJBQWlCLENBQUMsZ0NBQWdDLENBQUM7WUFDOUUsTUFBTTtZQUNOLGdCQUFnQjtZQUNoQixjQUFjO1NBQ2YsQ0FBQyxDQUFDO1FBRUwsSUFBSSxDQUFDLFVBQVUsRUFBRTtZQUNmLE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQVEsQ0FBQyxTQUFTLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDaEQ7SUFDSCxDQUFDO0lBRU0sS0FBSyxDQUFDLHNCQUFzQixDQUFDLE9BQWdCO1FBQ2xELE1BQU0sRUFBRSxXQUFXLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDO1FBQ3ZELE1BQU0sRUFBRSxJQUFJLEVBQUUsWUFBWSxFQUFFLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUUvQyxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxpQkFBaUIsQ0FBQyxnQkFBZ0IsQ0FBQztZQUNsRixXQUFXO1lBQ1gsTUFBTTtZQUNOLFlBQVk7U0FDYixDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsV0FBVyxFQUFFO1lBQ2hCLE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQVEsQ0FBQyxTQUFTLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDaEQ7SUFDSCxDQUFDO0lBRU0sS0FBSyxDQUFDLFFBQVEsQ0FBQyxVQUFzQixFQUFFLE9BQWdCO1FBQzVELE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBRS9CLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLFFBQVEsQ0FBQztZQUNsRCxXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsTUFBTSxFQUFFLElBQUksQ0FBQyxFQUFFO1lBQ2YsY0FBYyxFQUFFLFVBQVUsQ0FBQyxJQUFJO1NBQ2hDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxLQUFLO1lBQUUsT0FBTyxJQUFJLENBQUM7UUFFeEIsT0FBTywrQkFBbUIsQ0FBQyxlQUFlLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQ2hFLENBQUM7SUFFTSxvQkFBb0IsQ0FBQyxXQUE0QjtRQUN0RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsbUJBQW1CLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDMUQsQ0FBQztJQUVNLDRCQUE0QixDQUFvQixXQUFtQjtRQUN4RSxPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyw0QkFBNEIsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUMxRSxDQUFDO0NBQ0Y7QUFqSkQsdUNBaUpDIn0=
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const authorization_1 = __importDefault(require("./authorization"));
|
|
7
|
+
function authorizationServiceFactory(options) {
|
|
8
|
+
return new authorization_1.default(options.forestAdminClient);
|
|
9
|
+
}
|
|
10
|
+
exports.default = authorizationServiceFactory;
|
|
11
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUNBLG9FQUFtRDtBQUVuRCxTQUF3QiwyQkFBMkIsQ0FDakQsT0FBaUM7SUFFakMsT0FBTyxJQUFJLHVCQUFvQixDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0FBQzdELENBQUM7QUFKRCw4Q0FJQyJ9
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
export interface SmartActionRequestBody {
|
|
2
|
+
data: {
|
|
3
|
+
id: string;
|
|
4
|
+
type: string;
|
|
5
|
+
attributes: {
|
|
6
|
+
requester_id: number;
|
|
7
|
+
ids: Array<string>;
|
|
8
|
+
collection_name: string;
|
|
9
|
+
smart_action_id: string;
|
|
10
|
+
values: Record<string, any> | null;
|
|
11
|
+
parent_collection_name: string | null;
|
|
12
|
+
parent_collection_id: string | null;
|
|
13
|
+
parent_association_name: string | null;
|
|
14
|
+
all_records: boolean;
|
|
15
|
+
all_records_subset_query: null;
|
|
16
|
+
};
|
|
17
|
+
};
|
|
18
|
+
}
|
|
19
|
+
export interface SmartActionApprovalRequestBody extends SmartActionRequestBody {
|
|
20
|
+
data: SmartActionRequestBody['data'] & {
|
|
21
|
+
attributes: SmartActionRequestBody['data']['attributes'] & {
|
|
22
|
+
signed_approval_request: string;
|
|
23
|
+
};
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi90eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiIn0=
|
package/dist/services/index.d.ts
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import { AgentOptionsWithDefaults } from '../types';
|
|
2
|
-
import
|
|
2
|
+
import AuthorizationService from './authorization/authorization';
|
|
3
3
|
import Serializer from './serializer';
|
|
4
4
|
export declare type ForestAdminHttpDriverServices = {
|
|
5
|
-
permissions: PermissionService;
|
|
6
5
|
serializer: Serializer;
|
|
6
|
+
authorization: AuthorizationService;
|
|
7
7
|
};
|
|
8
8
|
declare const _default: (options: AgentOptionsWithDefaults) => ForestAdminHttpDriverServices;
|
|
9
9
|
export default _default;
|
package/dist/services/index.js
CHANGED
|
@@ -3,10 +3,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
const permissions_1 = __importDefault(require("./permissions"));
|
|
7
6
|
const serializer_1 = __importDefault(require("./serializer"));
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
7
|
+
const authorization_1 = __importDefault(require("./authorization"));
|
|
8
|
+
exports.default = (options) => {
|
|
9
|
+
return {
|
|
10
|
+
authorization: (0, authorization_1.default)(options),
|
|
11
|
+
serializer: new serializer_1.default(),
|
|
12
|
+
};
|
|
13
|
+
};
|
|
14
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvc2VydmljZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFFQSw4REFBc0M7QUFDdEMsb0VBQTBEO0FBTzFELGtCQUFlLENBQUMsT0FBaUMsRUFBaUMsRUFBRTtJQUNsRixPQUFPO1FBQ0wsYUFBYSxFQUFFLElBQUEsdUJBQTJCLEVBQUMsT0FBTyxDQUFDO1FBQ25ELFVBQVUsRUFBRSxJQUFJLG9CQUFVLEVBQUU7S0FDN0IsQ0FBQztBQUNKLENBQUMsQ0FBQyJ9
|
package/dist/types.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { CompositeId, Logger, LoggerLevel } from '@forestadmin/datasource-toolkit';
|
|
3
|
+
import { ForestAdminClient } from '@forestadmin/forestadmin-client';
|
|
3
4
|
import { IncomingMessage, ServerResponse } from 'http';
|
|
4
5
|
/** Options to configure behavior of an agent's forestadmin driver */
|
|
5
6
|
export declare type AgentOptions = {
|
|
@@ -15,6 +16,7 @@ export declare type AgentOptions = {
|
|
|
15
16
|
typingsPath?: string | null;
|
|
16
17
|
typingsMaxDepth?: number;
|
|
17
18
|
permissionsCacheDurationInSeconds?: number;
|
|
19
|
+
forestAdminClient?: ForestAdminClient;
|
|
18
20
|
};
|
|
19
21
|
export declare type AgentOptionsWithDefaults = Readonly<Required<AgentOptions>>;
|
|
20
22
|
export declare type HttpCallback = (req: IncomingMessage, res: ServerResponse) => void;
|
package/dist/types.js
CHANGED
|
@@ -20,4 +20,4 @@ var RouteType;
|
|
|
20
20
|
RouteType[RouteType["Authentication"] = 3] = "Authentication";
|
|
21
21
|
RouteType[RouteType["PrivateRoute"] = 4] = "PrivateRoute";
|
|
22
22
|
})(RouteType = exports.RouteType || (exports.RouteType = {}));
|
|
23
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
23
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBd0JBLElBQVksUUFRWDtBQVJELFdBQVksUUFBUTtJQUNsQixxREFBZ0IsQ0FBQTtJQUNoQixtREFBZSxDQUFBO0lBQ2YsdUVBQXlCLENBQUE7SUFDekIsbURBQWUsQ0FBQTtJQUNmLGlEQUFjLENBQUE7SUFDZCxxQ0FBUSxDQUFBO0lBQ1IsMkRBQW1CLENBQUE7QUFDckIsQ0FBQyxFQVJXLFFBQVEsR0FBUixnQkFBUSxLQUFSLGdCQUFRLFFBUW5CO0FBRUQsSUFBWSxTQU9YO0FBUEQsV0FBWSxTQUFTO0lBQ25CLGlHQUFpRztJQUNqRywyREFBaUIsQ0FBQTtJQUNqQix5REFBZ0IsQ0FBQTtJQUNoQix1REFBZSxDQUFBO0lBQ2YsNkRBQWtCLENBQUE7SUFDbEIseURBQWdCLENBQUE7QUFDbEIsQ0FBQyxFQVBXLFNBQVMsR0FBVCxpQkFBUyxLQUFULGlCQUFTLFFBT3BCIn0=
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
import { IssuerMetadata } from 'openid-client';
|
|
2
2
|
import { JSONAPIDocument } from 'json-api-serializer';
|
|
3
|
-
import { PlainConditionTree } from '@forestadmin/datasource-toolkit';
|
|
4
3
|
import { AgentOptions } from '../types';
|
|
5
4
|
export declare type IpWhitelistConfiguration = {
|
|
6
5
|
isFeatureEnabled: boolean;
|
|
@@ -25,22 +24,6 @@ export declare type UserInfo = {
|
|
|
25
24
|
};
|
|
26
25
|
permissionLevel: string;
|
|
27
26
|
};
|
|
28
|
-
export declare type RenderingPermissions = {
|
|
29
|
-
actions: Set<string>;
|
|
30
|
-
actionsByUser: {
|
|
31
|
-
[actionName: string]: Set<number>;
|
|
32
|
-
};
|
|
33
|
-
scopes: {
|
|
34
|
-
[collectionName: string]: {
|
|
35
|
-
conditionTree: PlainConditionTree;
|
|
36
|
-
dynamicScopeValues: {
|
|
37
|
-
[userId: number]: {
|
|
38
|
-
[replacementKey: string]: unknown;
|
|
39
|
-
};
|
|
40
|
-
};
|
|
41
|
-
};
|
|
42
|
-
};
|
|
43
|
-
};
|
|
44
27
|
declare type HttpOptions = Pick<AgentOptions, 'envSecret' | 'forestServerUrl' | 'isProduction'>;
|
|
45
28
|
export default class ForestHttpApi {
|
|
46
29
|
static getIpWhitelistConfiguration(options: HttpOptions): Promise<IpWhitelistConfiguration>;
|
|
@@ -48,17 +31,6 @@ export default class ForestHttpApi {
|
|
|
48
31
|
static getUserInformation(options: HttpOptions, renderingId: number, accessToken: string): Promise<UserInfo>;
|
|
49
32
|
static hasSchema(options: HttpOptions, hash: string): Promise<boolean>;
|
|
50
33
|
static uploadSchema(options: HttpOptions, apimap: JSONAPIDocument): Promise<void>;
|
|
51
|
-
static getPermissions(options: HttpOptions, renderingId: number): Promise<RenderingPermissions>;
|
|
52
|
-
/** Helper to format permissions into something easy to validate against */
|
|
53
|
-
private static decodeChartPermissions;
|
|
54
|
-
/**
|
|
55
|
-
* Helper to format permissions into something easy to validate against
|
|
56
|
-
* Note that the format the server is sending varies depending on if we're using a remote or
|
|
57
|
-
* local environment.
|
|
58
|
-
*/
|
|
59
|
-
private static decodeActionPermissions;
|
|
60
|
-
/** Helper to format permissions into something easy to validate against */
|
|
61
|
-
private static decodeScopePermissions;
|
|
62
34
|
private static handleResponseError;
|
|
63
35
|
}
|
|
64
36
|
export {};
|
|
@@ -3,7 +3,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
const object_hash_1 = __importDefault(require("object-hash"));
|
|
7
6
|
const superagent_1 = __importDefault(require("superagent"));
|
|
8
7
|
class ForestHttpApi {
|
|
9
8
|
static async getIpWhitelistConfiguration(options) {
|
|
@@ -76,85 +75,6 @@ class ForestHttpApi {
|
|
|
76
75
|
this.handleResponseError(e);
|
|
77
76
|
}
|
|
78
77
|
}
|
|
79
|
-
static async getPermissions(options, renderingId) {
|
|
80
|
-
try {
|
|
81
|
-
const { body } = await superagent_1.default
|
|
82
|
-
.get(`${options.forestServerUrl}/liana/v3/permissions`)
|
|
83
|
-
.set('forest-secret-key', options.envSecret)
|
|
84
|
-
.query(`renderingId=${renderingId}`);
|
|
85
|
-
if (!body.meta?.rolesACLActivated) {
|
|
86
|
-
throw new Error('Roles V2 are unsupported');
|
|
87
|
-
}
|
|
88
|
-
const actions = new Set();
|
|
89
|
-
const actionsByUser = {};
|
|
90
|
-
ForestHttpApi.decodeChartPermissions(body?.stats ?? {}, actions);
|
|
91
|
-
ForestHttpApi.decodeActionPermissions(body?.data?.collections ?? {}, actions, actionsByUser);
|
|
92
|
-
return {
|
|
93
|
-
actions,
|
|
94
|
-
actionsByUser,
|
|
95
|
-
scopes: ForestHttpApi.decodeScopePermissions(body?.data?.renderings?.[renderingId] ?? {}),
|
|
96
|
-
};
|
|
97
|
-
}
|
|
98
|
-
catch (e) {
|
|
99
|
-
this.handleResponseError(e);
|
|
100
|
-
}
|
|
101
|
-
}
|
|
102
|
-
/** Helper to format permissions into something easy to validate against */
|
|
103
|
-
static decodeChartPermissions(chartsByType, actions) {
|
|
104
|
-
const serverCharts = Object.values(chartsByType).flat();
|
|
105
|
-
const frontendCharts = serverCharts.map(chart => ({
|
|
106
|
-
type: chart.type,
|
|
107
|
-
filters: chart.filter,
|
|
108
|
-
aggregate: chart.aggregator,
|
|
109
|
-
aggregate_field: chart.aggregateFieldName,
|
|
110
|
-
collection: chart.sourceCollectionId,
|
|
111
|
-
time_range: chart.timeRange,
|
|
112
|
-
group_by_date_field: (chart.type === 'Line' && chart.groupByFieldName) || null,
|
|
113
|
-
group_by_field: (chart.type !== 'Line' && chart.groupByFieldName) || null,
|
|
114
|
-
limit: chart.limit,
|
|
115
|
-
label_field: chart.labelFieldName,
|
|
116
|
-
relationship_field: chart.relationshipFieldName,
|
|
117
|
-
}));
|
|
118
|
-
const hashes = frontendCharts.map(chart => (0, object_hash_1.default)(chart, {
|
|
119
|
-
respectType: false,
|
|
120
|
-
excludeKeys: key => chart[key] === null || chart[key] === undefined,
|
|
121
|
-
}));
|
|
122
|
-
hashes.forEach(hash => actions.add(`chart:${hash}`));
|
|
123
|
-
}
|
|
124
|
-
/**
|
|
125
|
-
* Helper to format permissions into something easy to validate against
|
|
126
|
-
* Note that the format the server is sending varies depending on if we're using a remote or
|
|
127
|
-
* local environment.
|
|
128
|
-
*/
|
|
129
|
-
static decodeActionPermissions(collections, actions, actionsByUser) {
|
|
130
|
-
for (const [name, settings] of Object.entries(collections)) {
|
|
131
|
-
for (const [actionName, userIds] of Object.entries(settings.collection ?? {})) {
|
|
132
|
-
const shortName = actionName.substring(0, actionName.length - 'Enabled'.length);
|
|
133
|
-
if (typeof userIds === 'boolean')
|
|
134
|
-
actions.add(`${shortName}:${name}`);
|
|
135
|
-
else
|
|
136
|
-
actionsByUser[`${shortName}:${name}`] = new Set(userIds);
|
|
137
|
-
}
|
|
138
|
-
for (const [actionName, actionPerms] of Object.entries(settings.actions ?? {})) {
|
|
139
|
-
const userIds = actionPerms.triggerEnabled;
|
|
140
|
-
if (typeof userIds === 'boolean')
|
|
141
|
-
actions.add(`custom:${actionName}:${name}`);
|
|
142
|
-
else
|
|
143
|
-
actionsByUser[`custom:${actionName}:${name}`] = new Set(userIds);
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
}
|
|
147
|
-
/** Helper to format permissions into something easy to validate against */
|
|
148
|
-
static decodeScopePermissions(rendering) {
|
|
149
|
-
const scopes = {};
|
|
150
|
-
for (const [name, { scope }] of Object.entries(rendering)) {
|
|
151
|
-
scopes[name] = scope && {
|
|
152
|
-
conditionTree: scope.filter,
|
|
153
|
-
dynamicScopeValues: scope.dynamicScopesValues?.users ?? {},
|
|
154
|
-
};
|
|
155
|
-
}
|
|
156
|
-
return scopes;
|
|
157
|
-
}
|
|
158
78
|
static handleResponseError(e) {
|
|
159
79
|
if (/certificate/i.test(e.message))
|
|
160
80
|
throw new Error('ForestAdmin server TLS certificate cannot be verified. ' +
|
|
@@ -177,4 +97,4 @@ class ForestHttpApi {
|
|
|
177
97
|
}
|
|
178
98
|
}
|
|
179
99
|
exports.default = ForestHttpApi;
|
|
180
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
100
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZm9yZXN0LWh0dHAtYXBpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3V0aWxzL2ZvcmVzdC1odHRwLWFwaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUdBLDREQUFpRTtBQTZCakUsTUFBcUIsYUFBYTtJQUNoQyxNQUFNLENBQUMsS0FBSyxDQUFDLDJCQUEyQixDQUN0QyxPQUFvQjtRQUVwQixJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQWEsTUFBTSxvQkFBVTtpQkFDeEMsR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLDhCQUE4QixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDaEYsR0FBRyxDQUFDLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUUvQyxNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7WUFFMUMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxPQUFPLEVBQUUsVUFBVSxDQUFDLEtBQUssRUFBRSxDQUFDO1NBQ3JGO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDN0I7SUFDSCxDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyx1QkFBdUIsQ0FBQyxPQUFvQjtRQUN2RCxJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQWEsTUFBTSxvQkFBVTtpQkFDeEMsR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLHdDQUF3QyxFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDMUYsR0FBRyxDQUFDLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUUvQyxPQUFPLFFBQVEsQ0FBQyxJQUFJLENBQUM7U0FDdEI7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUM3QjtJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUM3QixPQUFvQixFQUNwQixXQUFtQixFQUNuQixXQUFtQjtRQUVuQixJQUFJO1lBQ0YsTUFBTSxHQUFHLEdBQUcsSUFBSSxHQUFHLENBQ2pCLHdCQUF3QixXQUFXLGdCQUFnQixFQUNuRCxPQUFPLENBQUMsZUFBZSxDQUN4QixDQUFDO1lBRUYsTUFBTSxRQUFRLEdBQUcsTUFBTSxvQkFBVTtpQkFDOUIsR0FBRyxDQUFDLEdBQUcsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDbkIsR0FBRyxDQUFDLGNBQWMsRUFBRSxXQUFXLENBQUM7aUJBQ2hDLEdBQUcsQ0FBQyxtQkFBbUIsRUFBRSxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFL0MsTUFBTSxFQUFFLFVBQVUsRUFBRSxFQUFFLEVBQUUsR0FBRyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQztZQUU5QyxPQUFPO2dCQUNMLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUNkLEtBQUssRUFBRSxVQUFVLENBQUMsS0FBSztnQkFDdkIsU0FBUyxFQUFFLFVBQVUsQ0FBQyxVQUFVO2dCQUNoQyxRQUFRLEVBQUUsVUFBVSxDQUFDLFNBQVM7Z0JBQzlCLElBQUksRUFBRSxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDekIsSUFBSSxFQUFFLFVBQVUsQ0FBQyxJQUFJO2dCQUNyQixJQUFJLEVBQUUsVUFBVSxDQUFDLElBQUksRUFBRSxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxHQUFHLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxHQUFHLElBQUksRUFBRSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO2dCQUN4RixXQUFXO2dCQUNYLGVBQWUsRUFBRSxVQUFVLENBQUMsZ0JBQWdCO2FBQzdDLENBQUM7U0FDSDtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQzdCO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQW9CLEVBQUUsSUFBWTtRQUN2RCxJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxvQkFBVTtpQkFDOUIsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLDJCQUEyQixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDOUUsSUFBSSxDQUFDLEVBQUUsY0FBYyxFQUFFLElBQUksRUFBRSxDQUFDO2lCQUM5QixHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRS9DLE9BQU8sQ0FBQyxRQUFRLEVBQUUsSUFBSSxFQUFFLFVBQVUsQ0FBQztTQUNwQztRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQzdCO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLE9BQW9CLEVBQUUsTUFBdUI7UUFDckUsSUFBSTtZQUNGLE1BQU0sb0JBQVU7aUJBQ2IsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDcEUsSUFBSSxDQUFDLE1BQU0sQ0FBQztpQkFDWixHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1NBQ2hEO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDN0I7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLG1CQUFtQixDQUFDLENBQVE7UUFDekMsSUFBSSxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUM7WUFDaEMsTUFBTSxJQUFJLEtBQUssQ0FDYix5REFBeUQ7Z0JBQ3ZELHFEQUFxRCxDQUN4RCxDQUFDO1FBRUosSUFBSyxDQUFtQixDQUFDLFFBQVEsRUFBRTtZQUNqQyxNQUFNLE1BQU0sR0FBSSxDQUFtQixFQUFFLFFBQVEsRUFBRSxNQUFNLENBQUM7WUFFdEQsOENBQThDO1lBQzlDLElBQUksTUFBTSxLQUFLLENBQUMsSUFBSSxNQUFNLEtBQUssR0FBRztnQkFDaEMsTUFBTSxJQUFJLEtBQUssQ0FBQyxxREFBcUQsQ0FBQyxDQUFDO1lBRXpFLElBQUksTUFBTSxLQUFLLEdBQUc7Z0JBQ2hCLE1BQU0sSUFBSSxLQUFLLENBQ2Isd0ZBQXdGO29CQUN0RiwwRUFBMEUsQ0FDN0UsQ0FBQztZQUVKLElBQUksTUFBTSxLQUFLLEdBQUc7Z0JBQ2hCLE1BQU0sSUFBSSxLQUFLLENBQ2Isa0ZBQWtGO29CQUNoRiw4REFBOEQsQ0FDakUsQ0FBQztZQUVKLE1BQU0sSUFBSSxLQUFLLENBQ2Isd0VBQXdFO2dCQUN0RSxvRUFBb0UsQ0FDdkUsQ0FBQztTQUNIO1FBRUQsTUFBTSxDQUFDLENBQUM7SUFDVixDQUFDO0NBQ0Y7QUF6SEQsZ0NBeUhDIn0=
|
|
@@ -4,6 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
const fs_1 = require("fs");
|
|
7
|
+
const forestadmin_client_1 = __importDefault(require("@forestadmin/forestadmin-client"));
|
|
7
8
|
const path_1 = __importDefault(require("path"));
|
|
8
9
|
class OptionsValidator {
|
|
9
10
|
static withDefaults(options) {
|
|
@@ -20,11 +21,18 @@ class OptionsValidator {
|
|
|
20
21
|
copyOptions.forestServerUrl = copyOptions.forestServerUrl || 'https://api.forestadmin.com';
|
|
21
22
|
copyOptions.typingsMaxDepth = copyOptions.typingsMaxDepth ?? 5;
|
|
22
23
|
copyOptions.prefix = copyOptions.prefix || '';
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
24
|
+
copyOptions.permissionsCacheDurationInSeconds =
|
|
25
|
+
copyOptions.permissionsCacheDurationInSeconds ?? 15 * 60;
|
|
26
|
+
copyOptions.loggerLevel = copyOptions.loggerLevel || 'Info';
|
|
27
|
+
copyOptions.forestAdminClient =
|
|
28
|
+
copyOptions.forestAdminClient ||
|
|
29
|
+
(0, forestadmin_client_1.default)({
|
|
30
|
+
envSecret: copyOptions.envSecret,
|
|
31
|
+
forestServerUrl: copyOptions.forestServerUrl,
|
|
32
|
+
logger: copyOptions.logger,
|
|
33
|
+
permissionsCacheDurationInSeconds: copyOptions.permissionsCacheDurationInSeconds,
|
|
34
|
+
});
|
|
35
|
+
return copyOptions;
|
|
28
36
|
}
|
|
29
37
|
static validate(options) {
|
|
30
38
|
OptionsValidator.checkForestServerOptions(options);
|
|
@@ -89,4 +97,4 @@ OptionsValidator.loggerPrefix = {
|
|
|
89
97
|
Warn: '\x1b[33mwarning:\x1b[0m',
|
|
90
98
|
Error: '\x1b[31merror:\x1b[0m',
|
|
91
99
|
};
|
|
92
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
100
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3B0aW9ucy12YWxpZGF0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdXRpbHMvb3B0aW9ucy12YWxpZGF0b3IudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSwyQkFBZ0M7QUFDaEMseUZBQXNFO0FBQ3RFLGdEQUF3QjtBQUl4QixNQUFxQixnQkFBZ0I7SUFRbkMsTUFBTSxDQUFDLFlBQVksQ0FBQyxPQUFxQjtRQUN2QyxNQUFNLFdBQVcsR0FBRyxFQUFFLEdBQUcsT0FBTyxFQUFFLENBQUM7UUFFbkMsTUFBTSxhQUFhLEdBQUcsQ0FBQyxLQUFLLEVBQUUsSUFBSSxFQUFFLEVBQUU7WUFDcEMsTUFBTSxXQUFXLEdBQUcsT0FBTyxDQUFDLFdBQVcsSUFBSSxNQUFNLENBQUM7WUFDbEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUM7WUFFOUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLEVBQUU7Z0JBQ3hELE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxFQUFFLElBQUksQ0FBQyxDQUFDO2FBQzNEO1FBQ0gsQ0FBQyxDQUFDO1FBRUYsV0FBVyxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUMsTUFBTSxJQUFJLGFBQWEsQ0FBQztRQUN6RCxXQUFXLENBQUMsVUFBVSxHQUFHLFdBQVcsQ0FBQyxVQUFVLElBQUksMEJBQTBCLENBQUM7UUFDOUUsV0FBVyxDQUFDLGVBQWUsR0FBRyxXQUFXLENBQUMsZUFBZSxJQUFJLDZCQUE2QixDQUFDO1FBQzNGLFdBQVcsQ0FBQyxlQUFlLEdBQUcsV0FBVyxDQUFDLGVBQWUsSUFBSSxDQUFDLENBQUM7UUFDL0QsV0FBVyxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUMsTUFBTSxJQUFJLEVBQUUsQ0FBQztRQUM5QyxXQUFXLENBQUMsaUNBQWlDO1lBQzNDLFdBQVcsQ0FBQyxpQ0FBaUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxDQUFDO1FBQzNELFdBQVcsQ0FBQyxXQUFXLEdBQUcsV0FBVyxDQUFDLFdBQVcsSUFBSSxNQUFNLENBQUM7UUFFNUQsV0FBVyxDQUFDLGlCQUFpQjtZQUMzQixXQUFXLENBQUMsaUJBQWlCO2dCQUM3QixJQUFBLDRCQUF1QixFQUFDO29CQUN0QixTQUFTLEVBQUUsV0FBVyxDQUFDLFNBQVM7b0JBQ2hDLGVBQWUsRUFBRSxXQUFXLENBQUMsZUFBZTtvQkFDNUMsTUFBTSxFQUFFLFdBQVcsQ0FBQyxNQUFNO29CQUMxQixpQ0FBaUMsRUFBRSxXQUFXLENBQUMsaUNBQWlDO2lCQUNqRixDQUFDLENBQUM7UUFFTCxPQUFPLFdBQXVDLENBQUM7SUFDakQsQ0FBQztJQUVELE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBcUI7UUFDbkMsZ0JBQWdCLENBQUMsd0JBQXdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDbkQsZ0JBQWdCLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDM0MsZ0JBQWdCLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFNUMsT0FBTyxPQUFtQyxDQUFDO0lBQzdDLENBQUM7SUFFTyxNQUFNLENBQUMsd0JBQXdCLENBQUMsT0FBcUI7UUFDM0QsSUFBSSxPQUFPLE9BQU8sQ0FBQyxTQUFTLEtBQUssUUFBUSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRTtZQUN0RixNQUFNLElBQUksS0FBSyxDQUNiLGdFQUFnRTtnQkFDOUQsNkJBQTZCLENBQ2hDLENBQUM7U0FDSDtRQUVELElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQyxFQUFFO1lBQ3BELE1BQU0sSUFBSSxLQUFLLENBQ2IsK0RBQStEO2dCQUM3RCxzQ0FBc0MsQ0FDekMsQ0FBQztTQUNIO1FBRUQsSUFBSSxDQUFDLGdCQUFnQixDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLEVBQUU7WUFDeEQsTUFBTSxJQUFJLEtBQUssQ0FDYix1RUFBdUU7Z0JBQ3JFLCtFQUErRSxDQUNsRixDQUFDO1NBQ0g7UUFFRCxJQUFJLE9BQU8sQ0FBQyxXQUFXLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxFQUFFO1lBQ2hGLE1BQU0sSUFBSSxLQUFLLENBQ2Isd0VBQXdFO2dCQUN0RSxxRUFBcUUsQ0FDeEUsQ0FBQztTQUNIO0lBQ0gsQ0FBQztJQUVPLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFxQjtRQUNuRCxJQUFJLE9BQU8sT0FBTyxDQUFDLFVBQVUsS0FBSyxRQUFRLEVBQUU7WUFDMUMsTUFBTSxJQUFJLEtBQUssQ0FDYixvRUFBb0U7Z0JBQ2xFLDhCQUE4QixDQUNqQyxDQUFDO1NBQ0g7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLGlCQUFpQixDQUFDLE9BQXFCO1FBQ3BELElBQUksT0FBTyxPQUFPLENBQUMsTUFBTSxLQUFLLFFBQVEsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFO1lBQzdFLE1BQU0sSUFBSSxLQUFLLENBQ2IsbUVBQW1FO2dCQUNqRSx3REFBd0QsQ0FDM0QsQ0FBQztTQUNIO0lBQ0gsQ0FBQztJQUVPLE1BQU0sQ0FBQyxjQUFjLENBQUMsTUFBZTtRQUMzQyxJQUFJLE9BQU8sTUFBTSxLQUFLLFFBQVEsRUFBRTtZQUM5QixPQUFPLEtBQUssQ0FBQztTQUNkO1FBRUQsTUFBTSxNQUFNLEdBQUcsY0FBSSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVsQyxPQUFPLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxJQUFBLGVBQVUsRUFBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQztJQUMzRCxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFlO1FBQ2xDLElBQUksT0FBTyxNQUFNLEtBQUssUUFBUSxFQUFFO1lBQzlCLE9BQU8sS0FBSyxDQUFDO1NBQ2Q7UUFFRCxJQUFJO1lBQ0YsTUFBTSxHQUFHLEdBQUcsSUFBSSxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUM7WUFFNUIsT0FBTyxHQUFHLENBQUMsUUFBUSxLQUFLLE9BQU8sSUFBSSxHQUFHLENBQUMsUUFBUSxLQUFLLFFBQVEsQ0FBQztTQUM5RDtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsT0FBTyxLQUFLLENBQUM7U0FDZDtJQUNILENBQUM7O0FBdkhILG1DQXdIQztBQXZIZ0IsNkJBQVksR0FBRztJQUM1QixLQUFLLEVBQUUsdUJBQXVCO0lBQzlCLElBQUksRUFBRSxzQkFBc0I7SUFDNUIsSUFBSSxFQUFFLHlCQUF5QjtJQUMvQixLQUFLLEVBQUUsdUJBQXVCO0NBQy9CLENBQUMifQ==
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@forestadmin/agent",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.1.0-alpha.1",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"license": "GPL-3.0",
|
|
6
6
|
"publishConfig": {
|
|
@@ -14,8 +14,9 @@
|
|
|
14
14
|
"dependencies": {
|
|
15
15
|
"@fast-csv/format": "^4.3.5",
|
|
16
16
|
"@fastify/express": "^1.1.0",
|
|
17
|
-
"@forestadmin/datasource-customizer": "1.1.
|
|
18
|
-
"@forestadmin/datasource-toolkit": "1.0.
|
|
17
|
+
"@forestadmin/datasource-customizer": "1.1.2-alpha.1",
|
|
18
|
+
"@forestadmin/datasource-toolkit": "1.0.1-alpha.1",
|
|
19
|
+
"@forestadmin/forestadmin-client": "1.0.0-alpha.1",
|
|
19
20
|
"@koa/cors": "^3.3.0",
|
|
20
21
|
"@koa/router": "^10.1.1",
|
|
21
22
|
"forest-ip-utils": "^1.0.1",
|
|
@@ -25,7 +26,6 @@
|
|
|
25
26
|
"koa": "^2.13.4",
|
|
26
27
|
"koa-bodyparser": "^4.3.0",
|
|
27
28
|
"koa-jwt": "^4.0.3",
|
|
28
|
-
"lru-cache": "^7.3.1",
|
|
29
29
|
"luxon": "^2.3.0",
|
|
30
30
|
"object-hash": "^3.0.0",
|
|
31
31
|
"openid-client": "5.1.3",
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
import { Collection, ConditionTree } from '@forestadmin/datasource-toolkit';
|
|
2
|
-
import { Context } from 'koa';
|
|
3
|
-
import { AgentOptionsWithDefaults } from '../types';
|
|
4
|
-
declare type RolesOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds'>;
|
|
5
|
-
export default class PermissionService {
|
|
6
|
-
private options;
|
|
7
|
-
private cache;
|
|
8
|
-
constructor(options: RolesOptions);
|
|
9
|
-
invalidateCache(renderingId: number): void;
|
|
10
|
-
/** Checks that a charting query is in the list of allowed queries */
|
|
11
|
-
canChart(context: Context): Promise<void>;
|
|
12
|
-
/** Check if a user is allowed to perform a specific action */
|
|
13
|
-
can(context: Context, action: string, allowRefetch?: boolean): Promise<void>;
|
|
14
|
-
getScope(collection: Collection, context: Context): Promise<ConditionTree>;
|
|
15
|
-
/** Get cached version of "rendering permissions" */
|
|
16
|
-
private getRenderingPermissions;
|
|
17
|
-
}
|
|
18
|
-
export {};
|
|
19
|
-
//# sourceMappingURL=permissions.d.ts.map
|