@live-change/security-service 0.2.38 → 0.2.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +3 -3
- package/secured.js +55 -18
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@live-change/security-service",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.41",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -21,10 +21,10 @@
|
|
|
21
21
|
"url": "https://www.viamage.com/"
|
|
22
22
|
},
|
|
23
23
|
"dependencies": {
|
|
24
|
-
"@live-change/framework": "0.6.
|
|
24
|
+
"@live-change/framework": "0.6.8",
|
|
25
25
|
"@live-change/pattern": "0.2.1",
|
|
26
26
|
"@live-change/pattern-db": "^0.2.2",
|
|
27
27
|
"nodemailer": "^6.7.2"
|
|
28
28
|
},
|
|
29
|
-
"gitHead": "
|
|
29
|
+
"gitHead": "d87d9ba56115833967eeff3d9dee5b24e925fd18"
|
|
30
30
|
}
|
package/secured.js
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
const definition = require('./definition.js')
|
|
2
|
-
const { getClientKeysObject, getClientKeysStrings, multiKeyIndexQuery } = require('./utils.js')
|
|
2
|
+
const { getClientKeysObject, getClientKeysStrings, multiKeyIndexQuery, fastMultiKeyIndexQuery } = require('./utils.js')
|
|
3
|
+
const { Ban } = require('./ban.js')
|
|
4
|
+
|
|
5
|
+
async function getBans(client, actions) {
|
|
6
|
+
const keys = []
|
|
7
|
+
for(const action of actions) {
|
|
8
|
+
keys.push(...getClientKeysStrings(client, action + ':'))
|
|
9
|
+
}
|
|
10
|
+
const bans = fastMultiKeyIndexQuery(keys, 'security_Ban_actionBans', Ban.tableName)
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
async function sleep(ms) {
|
|
14
|
+
return new Promise(resolve => setTimeout(resolve, ms))
|
|
15
|
+
}
|
|
3
16
|
|
|
4
17
|
definition.processor(function(service, app) {
|
|
5
18
|
|
|
@@ -7,28 +20,40 @@ definition.processor(function(service, app) {
|
|
|
7
20
|
const action = service.actions[actionName]
|
|
8
21
|
if(!action.secured) continue
|
|
9
22
|
const config = action.secured
|
|
23
|
+
const actions = config.actions || actionName
|
|
10
24
|
|
|
11
|
-
console.log("SECURED", service.name, action.name)
|
|
25
|
+
console.log("SECURED ACTION", service.name, action.name)
|
|
12
26
|
|
|
13
27
|
const oldExec = action.execute
|
|
14
28
|
action.execute = async (...args) => {
|
|
15
29
|
const [ properties, context, emit ] = args
|
|
16
30
|
const { client } = context
|
|
17
|
-
|
|
18
|
-
|
|
31
|
+
const bans = await getBans(client, actions)
|
|
32
|
+
|
|
33
|
+
if(bans.find(ban => ban.type == 'block')) {
|
|
34
|
+
/// TODO: report security violation if failed
|
|
35
|
+
throw 'securityBlock'
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
if(bans.find(ban => ban.type == 'delay')) {
|
|
39
|
+
await sleep(3000)
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
/// TODO: additional delay based on ban type
|
|
43
|
+
|
|
44
|
+
/// TODO: report security violation if succeded - another event
|
|
45
|
+
|
|
46
|
+
/// TODO: additional validation based on ban type(captcha)
|
|
19
47
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
/// TODO: report security violation if succeded
|
|
23
|
-
/// TODO: report security violation if failed - another event
|
|
24
|
-
/// TODO: additional validation based on ban type(captcha)
|
|
25
|
-
/// TODO: additional delay based on ban type
|
|
48
|
+
return oldExec.apply(action, args)
|
|
49
|
+
}
|
|
26
50
|
}
|
|
27
51
|
|
|
28
52
|
for(let triggerName in service.actions) {
|
|
29
53
|
const trigger = service.actions[triggerName]
|
|
30
54
|
if(!trigger.secured) continue
|
|
31
55
|
const config = trigger.secured
|
|
56
|
+
const actions = config.actions || triggerName
|
|
32
57
|
|
|
33
58
|
console.log("SECURED TRIGGER", service.name, trigger.name)
|
|
34
59
|
|
|
@@ -36,15 +61,27 @@ definition.processor(function(service, app) {
|
|
|
36
61
|
trigger.execute = async (...args) => {
|
|
37
62
|
const [ properties, context, emit ] = args
|
|
38
63
|
const { client, ...otherProperties } = properties
|
|
39
|
-
|
|
40
|
-
|
|
64
|
+
const bans = await getBans(client, actions)
|
|
65
|
+
|
|
66
|
+
if(bans.find(ban => ban.type == 'block')) throw 'securityBlock'
|
|
67
|
+
|
|
68
|
+
if(bans.find(ban => ban.type == 'block')) {
|
|
69
|
+
/// TODO: report security violation if failed
|
|
70
|
+
throw 'securityBlock'
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
if(bans.find(ban => ban.type == 'delay')) {
|
|
74
|
+
await sleep(3000)
|
|
75
|
+
}
|
|
41
76
|
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
77
|
+
/// TODO: additional delay based on ban type
|
|
78
|
+
|
|
79
|
+
/// TODO: report security violation if succeded - another event
|
|
80
|
+
|
|
81
|
+
/// TODO: additional validation based on ban type(captcha)
|
|
82
|
+
|
|
83
|
+
return oldExec.apply(trigger, args)
|
|
84
|
+
}
|
|
48
85
|
}
|
|
49
86
|
|
|
50
87
|
})
|