@kravc/dos 1.11.10 → 1.11.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/src/index.d.ts
CHANGED
|
@@ -40,6 +40,8 @@ export declare class Document<T> {
|
|
|
40
40
|
static _create(attributes: AttributesMap): Promise<Boolean>;
|
|
41
41
|
static _update(query: QueryMap, mutation: UpdateMutationMap): Promise<AttributesMap>;
|
|
42
42
|
|
|
43
|
+
static createId(attributes: AttributesMap): string;
|
|
44
|
+
|
|
43
45
|
static getPartition(
|
|
44
46
|
context: Context,
|
|
45
47
|
parameters: Record<string, any>
|
|
@@ -164,13 +166,14 @@ export declare class JwtAuthorization {
|
|
|
164
166
|
cookieName?: string;
|
|
165
167
|
normalizePayload?: Function;
|
|
166
168
|
tokenVerificationMethod?: Function;
|
|
167
|
-
accessVerificationMethod?:
|
|
169
|
+
accessVerificationMethod?: (context: Context, payload: Record<string, unknown>) => [boolean, string?];
|
|
168
170
|
}): Record<string, any>
|
|
169
171
|
};
|
|
170
172
|
|
|
171
173
|
export declare class SystemAuthorization {
|
|
172
174
|
static createRequirement(options?: {
|
|
173
175
|
name?: string;
|
|
176
|
+
accessVerificationMethod?: (context: Context) => [boolean, string?];
|
|
174
177
|
}): Record<string, any>
|
|
175
178
|
};
|
|
176
179
|
|
|
@@ -3,10 +3,24 @@
|
|
|
3
3
|
const { get } = require('lodash')
|
|
4
4
|
const AccessDeniedError = require('../errors/AccessDeniedError')
|
|
5
5
|
|
|
6
|
+
const SYSTEM_NAME = 'System'
|
|
7
|
+
|
|
8
|
+
const verifySystemAccess = (context) => {
|
|
9
|
+
const { headers } = context
|
|
10
|
+
const isExternalRequest = Object.keys(headers).length > 0
|
|
11
|
+
|
|
12
|
+
if (!isExternalRequest) {
|
|
13
|
+
return [ true ]
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
return [ false ]
|
|
17
|
+
}
|
|
18
|
+
|
|
6
19
|
class SystemAuthorization {
|
|
7
20
|
static createRequirement(options = {}) {
|
|
8
21
|
const name = get(options, 'name', 'authorization')
|
|
9
|
-
|
|
22
|
+
|
|
23
|
+
const requirementName = SYSTEM_NAME
|
|
10
24
|
|
|
11
25
|
return {
|
|
12
26
|
[requirementName]: {
|
|
@@ -20,7 +34,8 @@ class SystemAuthorization {
|
|
|
20
34
|
type: 'apiKey',
|
|
21
35
|
name
|
|
22
36
|
},
|
|
23
|
-
klass: this
|
|
37
|
+
klass: this,
|
|
38
|
+
...options
|
|
24
39
|
}
|
|
25
40
|
}
|
|
26
41
|
}
|
|
@@ -35,12 +50,17 @@ class SystemAuthorization {
|
|
|
35
50
|
}
|
|
36
51
|
}
|
|
37
52
|
|
|
53
|
+
constructor({
|
|
54
|
+
accessVerificationMethod = verifySystemAccess,
|
|
55
|
+
}) {
|
|
56
|
+
this._verifyAccess = accessVerificationMethod
|
|
57
|
+
}
|
|
58
|
+
|
|
38
59
|
async verify(context) {
|
|
39
|
-
const
|
|
40
|
-
const isExternalRequest = Object.keys(headers).length > 0
|
|
60
|
+
const [ isAccessOk, accessErrorMessage ] = await this._verifyAccess(context)
|
|
41
61
|
|
|
42
|
-
if (
|
|
43
|
-
const error = new AccessDeniedError()
|
|
62
|
+
if (!isAccessOk) {
|
|
63
|
+
const error = new AccessDeniedError(accessErrorMessage)
|
|
44
64
|
return { isAuthorized: false, error }
|
|
45
65
|
}
|
|
46
66
|
|