npm - @hestia-earth/api - Versions diffs - 0.25.50 → 0.25.52 - Mend

@hestia-earth/api 0.25.50 → 0.25.52

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/files/model/model.d.ts +2 -1
package/dist/files/model/model.js +14 -1
package/package.json +6 -4

package/dist/files/model/model.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { ISourceJSONLD } from '@hestia-earth/schema';
 import { BaseModel } from '../../db/model.base';
-import { User } from '../../users/model/model';
+import { User, UserRole } from '../../users/model/model';
 export declare const mb = 1048576;
 export declare const sizeInMb: (size: number) => number;
 export declare const maxFileSizeMb = 100;
@@ -199,3 +199,4 @@ export declare const canSubmit: (file: Partial<File>, user: User) => boolean;
 export declare const isDraft: ({ filepath, filename }: Partial<File>) => boolean;
 export declare const canEditComment: (comment: IFileComment, user: User) => boolean;
 export declare const canCommitHestiaData: (file: File, user: User) => boolean;
+export declare const hasAccess: (file: File, user: User, allowedRoles: UserRole[]) => boolean;

package/dist/files/model/model.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.isAssigned = exports.isAuthorized = exports.isOwner = exports.userFolder = exports.isFolderUpload = exports.isAdminFolder = exports.isAggregation = exports.aggregationFolder = exports.isTerm = exports.isGlossary = exports.hasReconciliationAccess = exports.isReconciliation = exports.isAnalysis = exports.reconciliationFolder = exports.termFolder = exports.glossaryFolder = exports.analysesFolder = exports.filenameFromPath = exports.rootFolderFromPath = exports.folderFromPath = exports.normalizeFolder = exports.isFilepathValid = exports.isFilenameValid = exports.canUploadFolderFile = exports.canUseFolder = exports.replaceInvalidChars = exports.validPathChars = exports.filenameWithoutExt = exports.fileToExt = exports.isSupportedExt = exports.fileExt = exports.filepathSearch = exports.filenameSearch = exports.File = exports.FileValidationStatus = exports.FilePipelineError = exports.FilePipelineProgress = exports.FilePipelineStatus = exports.FileError = exports.FileStatus = exports.FileProgress = exports.FileFindFields = exports.HestiaExtensions = exports.finalFormatExtensions = exports.maxFileSizeByFile = exports.SupportedExtensions = exports.maxFileSize = exports.maxFileSizeMb = exports.sizeInMb = exports.mb = void 0;
-exports.canCommitHestiaData = exports.canEditComment = exports.isDraft = exports.canSubmit = exports.isValidated = exports.canValidate = exports.validatedStatuses = exports.canRemove = void 0;
+exports.hasAccess = exports.canCommitHestiaData = exports.canEditComment = exports.isDraft = exports.canSubmit = exports.isValidated = exports.canValidate = exports.validatedStatuses = exports.canRemove = void 0;
 const model_base_1 = require("../../db/model.base");
 const model_1 = require("../../users/model/model");
 exports.mb = 1048576;
@@ -278,3 +278,16 @@ const canEditComment = (comment, user) => asString(comment?.user) === asString(u
 exports.canEditComment = canEditComment;
 const canCommitHestiaData = (file, user) => !file.archived && (0, exports.isValidated)(file) && ((0, model_1.isReviewer)(user) || user?.canCommitHestiaData);
 exports.canCommitHestiaData = canCommitHestiaData;
+const grantAccessByRole = {
+    [model_1.UserRole.Admin]: () => true,
+    [model_1.UserRole.Reviewer]: (file, user) => !file.isPrivate || (0, exports.isAssigned)(file, user),
+    [model_1.UserRole.Developer]: () => false,
+    [model_1.UserRole.Researcher]: () => false
+};
+const hasAccess = (file, user, allowedRoles) => [
+    (0, model_1.isAdmin)(user),
+    (0, exports.hasReconciliationAccess)(file, user),
+    (!allowedRoles.length || allowedRoles.includes(user.role)) &&
+        ((0, exports.isAuthorized)(file, user) || grantAccessByRole[user.role]?.(file, user))
+].some(Boolean);
+exports.hasAccess = hasAccess;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hestia-earth/api",
-  "version": "0.25.50",
+  "version": "0.25.52",
   "description": "Hestia API definitions",
   "main": "dist/models.js",
   "typings": "dist/models.d.ts",
@@ -14,7 +14,7 @@
     "watch": "tsc --watch",
     "lint": "eslint \"src/**/*.ts\"",
     "lint:fix": "npm run lint -- --fix",
-    "test": "jest --runInBand --coverage",
+    "test": "jest --runInBand --coverage --forceExit",
     "test:watch": "jest --watch",
     "pre-release": "standard-version --prerelease && git push origin develop --follow-tags",
     "release": "standard-version",
@@ -36,8 +36,7 @@
   "dependencies": {
     "@hestia-earth/json-schema": ">=33.0.0",
     "@hestia-earth/schema": ">=33.0.0",
-    "@hestia-earth/utils": ">=0.15.0",
-    "passport-gitlab2": "^5.0.0"
+    "@hestia-earth/utils": ">=0.15.0"
   },
   "devDependencies": {
     "@aws-sdk/client-cloudwatch": "^3.0.0",
@@ -60,6 +59,7 @@
     "@sentry/serverless": "^7.114.0",
     "@sentry/tracing": "^7.114.0",
     "@slack/web-api": "^6.7.0",
+    "@socket.io/redis-adapter": "^8.3.0",
     "@sokratis/passport-linkedin-oauth2": "^2.1.0",
     "@types/compression": "^1.7.2",
     "@types/cors": "^2.8.12",
@@ -110,6 +110,7 @@
     "multer-s3": "^3.0.1",
     "orientjs": "^3.0.11",
     "passport": "^0.4.1",
+    "passport-gitlab2": "^5.0.0",
     "passport-google-oauth20": "^2.0.0",
     "passport-orcid": "0.0.4",
     "prettier": "^3.0.3",
@@ -117,6 +118,7 @@
     "redis": "^3.1.2",
     "request": "^2.88.2",
     "request-promise-native": "^1.0.9",
+    "socket.io": "^4.8.3",
     "source-map-support": "^0.5.21",
     "standard-version": "^9.3.2",
     "supertest": "^3.4.2",