@litusarchieve18/agricore-utils 1.0.28 → 1.0.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +16 -3
- package/dist/index.mjs +16 -3
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -183,7 +183,9 @@ Run the publish command:
|
|
|
183
183
|
Bash
|
|
184
184
|
npm publish --access public
|
|
185
185
|
📝 Version History
|
|
186
|
-
V1.0.
|
|
186
|
+
V1.0.30 — altered authscoped Id to receive a list of string not a single string
|
|
187
|
+
|
|
188
|
+
V1.0.29 — altered filtering logic from validFrom_lte: targetIso to validFrom: { $lte: targetIso }
|
|
187
189
|
|
|
188
190
|
V1.0.28 — altered the logic and added scope aware filtering and write-time validation in priceHelpers.ts
|
|
189
191
|
|
package/dist/index.d.mts
CHANGED
|
@@ -177,10 +177,10 @@ declare function evaluateBaseAccess(resourcePath: string, session: AgriCoreSessi
|
|
|
177
177
|
*/
|
|
178
178
|
declare function resolveEffectiveAccess(base: AccessLevelType, override?: AccessLevelType | null): AccessLevelType;
|
|
179
179
|
declare function findSpecificOverride(session: AgriCoreSession, activeScopeId: string, resourcePath: string): AccessLevelType | null;
|
|
180
|
-
declare function assertTenantBoundary(db: any, session: AgriCoreSession,
|
|
181
|
-
targets: {
|
|
180
|
+
declare function assertTenantBoundary(db: any, session: AgriCoreSession, targets: {
|
|
182
181
|
targetUserId?: string;
|
|
183
182
|
authScopeId?: string;
|
|
183
|
+
authScopeIds?: string[];
|
|
184
184
|
expectedScopeType?: ScopeType;
|
|
185
185
|
}): Promise<boolean>;
|
|
186
186
|
declare function verifyAndExtractSession(token: string, secret: string): Promise<AgriCoreSession>;
|
package/dist/index.d.ts
CHANGED
|
@@ -177,10 +177,10 @@ declare function evaluateBaseAccess(resourcePath: string, session: AgriCoreSessi
|
|
|
177
177
|
*/
|
|
178
178
|
declare function resolveEffectiveAccess(base: AccessLevelType, override?: AccessLevelType | null): AccessLevelType;
|
|
179
179
|
declare function findSpecificOverride(session: AgriCoreSession, activeScopeId: string, resourcePath: string): AccessLevelType | null;
|
|
180
|
-
declare function assertTenantBoundary(db: any, session: AgriCoreSession,
|
|
181
|
-
targets: {
|
|
180
|
+
declare function assertTenantBoundary(db: any, session: AgriCoreSession, targets: {
|
|
182
181
|
targetUserId?: string;
|
|
183
182
|
authScopeId?: string;
|
|
183
|
+
authScopeIds?: string[];
|
|
184
184
|
expectedScopeType?: ScopeType;
|
|
185
185
|
}): Promise<boolean>;
|
|
186
186
|
declare function verifyAndExtractSession(token: string, secret: string): Promise<AgriCoreSession>;
|
package/dist/index.js
CHANGED
|
@@ -400,7 +400,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
400
400
|
productId,
|
|
401
401
|
contractReferenceNumber,
|
|
402
402
|
matrixType: "procurement_buy",
|
|
403
|
-
|
|
403
|
+
validFrom: { $lte: targetIso }
|
|
404
404
|
},
|
|
405
405
|
SORT_MOST_RECENT_FIRST,
|
|
406
406
|
ACTIVE_ROW_LOOKBACK
|
|
@@ -412,7 +412,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
412
412
|
async findAccountPrice({ productId, accountCode, targetDate }) {
|
|
413
413
|
const targetIso = targetDate.toISOString();
|
|
414
414
|
const rows = await db.ProductPriceMatrix.filter(
|
|
415
|
-
{ ...scopeFilter, productId, accountCode,
|
|
415
|
+
{ ...scopeFilter, productId, accountCode, validFrom: { $lte: targetIso } },
|
|
416
416
|
SORT_MOST_RECENT_FIRST,
|
|
417
417
|
ACTIVE_ROW_LOOKBACK
|
|
418
418
|
);
|
|
@@ -421,7 +421,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
421
421
|
async findDefaultPrice({ productId, targetDate }) {
|
|
422
422
|
const targetIso = targetDate.toISOString();
|
|
423
423
|
const rows = await db.ProductPriceMatrix.filter(
|
|
424
|
-
{ ...scopeFilter, productId, accountCode: "INTERNAL_DEFAULT",
|
|
424
|
+
{ ...scopeFilter, productId, accountCode: "INTERNAL_DEFAULT", validFrom: { $lte: targetIso } },
|
|
425
425
|
SORT_MOST_RECENT_FIRST,
|
|
426
426
|
ACTIVE_ROW_LOOKBACK
|
|
427
427
|
);
|
|
@@ -1870,6 +1870,19 @@ async function assertTenantBoundary(db, session, targets) {
|
|
|
1870
1870
|
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Invalid authorization scope level.");
|
|
1871
1871
|
}
|
|
1872
1872
|
}
|
|
1873
|
+
if (targets.authScopeIds?.length) {
|
|
1874
|
+
const matchedScope = session.availableScopes?.find(
|
|
1875
|
+
(scope) => targets.authScopeIds.includes(scope.authScopeId)
|
|
1876
|
+
);
|
|
1877
|
+
if (!matchedScope) {
|
|
1878
|
+
console.error(`[SECURITY BREACH] None of scopes [${targets.authScopeIds.join(", ")}] found in user's permitted list.`);
|
|
1879
|
+
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Tenant boundary violation.");
|
|
1880
|
+
}
|
|
1881
|
+
if (targets.expectedScopeType && matchedScope.type !== targets.expectedScopeType) {
|
|
1882
|
+
console.error(`[VALIDATION ERROR] Expected type ${targets.expectedScopeType} but got ${matchedScope.type}`);
|
|
1883
|
+
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Invalid authorization scope level.");
|
|
1884
|
+
}
|
|
1885
|
+
}
|
|
1873
1886
|
return true;
|
|
1874
1887
|
}
|
|
1875
1888
|
async function verifyAndExtractSession(token, secret) {
|
package/dist/index.mjs
CHANGED
|
@@ -340,7 +340,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
340
340
|
productId,
|
|
341
341
|
contractReferenceNumber,
|
|
342
342
|
matrixType: "procurement_buy",
|
|
343
|
-
|
|
343
|
+
validFrom: { $lte: targetIso }
|
|
344
344
|
},
|
|
345
345
|
SORT_MOST_RECENT_FIRST,
|
|
346
346
|
ACTIVE_ROW_LOOKBACK
|
|
@@ -352,7 +352,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
352
352
|
async findAccountPrice({ productId, accountCode, targetDate }) {
|
|
353
353
|
const targetIso = targetDate.toISOString();
|
|
354
354
|
const rows = await db.ProductPriceMatrix.filter(
|
|
355
|
-
{ ...scopeFilter, productId, accountCode,
|
|
355
|
+
{ ...scopeFilter, productId, accountCode, validFrom: { $lte: targetIso } },
|
|
356
356
|
SORT_MOST_RECENT_FIRST,
|
|
357
357
|
ACTIVE_ROW_LOOKBACK
|
|
358
358
|
);
|
|
@@ -361,7 +361,7 @@ function createBase44PricingAdapter(db, scope) {
|
|
|
361
361
|
async findDefaultPrice({ productId, targetDate }) {
|
|
362
362
|
const targetIso = targetDate.toISOString();
|
|
363
363
|
const rows = await db.ProductPriceMatrix.filter(
|
|
364
|
-
{ ...scopeFilter, productId, accountCode: "INTERNAL_DEFAULT",
|
|
364
|
+
{ ...scopeFilter, productId, accountCode: "INTERNAL_DEFAULT", validFrom: { $lte: targetIso } },
|
|
365
365
|
SORT_MOST_RECENT_FIRST,
|
|
366
366
|
ACTIVE_ROW_LOOKBACK
|
|
367
367
|
);
|
|
@@ -851,6 +851,19 @@ async function assertTenantBoundary(db, session, targets) {
|
|
|
851
851
|
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Invalid authorization scope level.");
|
|
852
852
|
}
|
|
853
853
|
}
|
|
854
|
+
if (targets.authScopeIds?.length) {
|
|
855
|
+
const matchedScope = session.availableScopes?.find(
|
|
856
|
+
(scope) => targets.authScopeIds.includes(scope.authScopeId)
|
|
857
|
+
);
|
|
858
|
+
if (!matchedScope) {
|
|
859
|
+
console.error(`[SECURITY BREACH] None of scopes [${targets.authScopeIds.join(", ")}] found in user's permitted list.`);
|
|
860
|
+
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Tenant boundary violation.");
|
|
861
|
+
}
|
|
862
|
+
if (targets.expectedScopeType && matchedScope.type !== targets.expectedScopeType) {
|
|
863
|
+
console.error(`[VALIDATION ERROR] Expected type ${targets.expectedScopeType} but got ${matchedScope.type}`);
|
|
864
|
+
throw ErrorFactory.forbidden(MOD.ADMIN, ACT.EDIT, "Invalid authorization scope level.");
|
|
865
|
+
}
|
|
866
|
+
}
|
|
854
867
|
return true;
|
|
855
868
|
}
|
|
856
869
|
async function verifyAndExtractSession(token, secret) {
|