@mondaydotcomorg/monday-authorization 1.0.18 → 1.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -38,9 +38,6 @@ const MondayLogger = __importStar(require("@mondaydotcomorg/monday-logger"));
|
|
|
38
38
|
const monday_fetch_1 = __importDefault(require("@mondaydotcomorg/monday-fetch"));
|
|
39
39
|
const prometheus_service_1 = require("./prometheus-service");
|
|
40
40
|
const INTERNAL_APP_NAME = 'internal_ms';
|
|
41
|
-
const URL = `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
|
|
42
|
-
const IS_DEV_ENV = process.env.NODE_ENV === 'development';
|
|
43
|
-
const REQUEST_TIMEOUT = IS_DEV_ENV ? 60000 : 2000;
|
|
44
41
|
const logger = MondayLogger.getLogger();
|
|
45
42
|
class AuthorizationService {
|
|
46
43
|
static isAuthorized(accountId, userId, resources, action) {
|
|
@@ -48,10 +45,10 @@ class AuthorizationService {
|
|
|
48
45
|
const internalAuthToken = monday_jwt_1.signAuthorizationHeader(INTERNAL_APP_NAME, accountId);
|
|
49
46
|
const { authorizationObjects } = createAuthorizationParams(resources, action);
|
|
50
47
|
const startTime = perf_hooks_1.performance.now();
|
|
51
|
-
const response = yield monday_fetch_1.default(
|
|
48
|
+
const response = yield monday_fetch_1.default(getUrl(), {
|
|
52
49
|
method: 'POST',
|
|
53
50
|
headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
|
|
54
|
-
timeout:
|
|
51
|
+
timeout: getRequestTimeout(),
|
|
55
52
|
body: JSON.stringify({
|
|
56
53
|
user_id: userId,
|
|
57
54
|
authorize_request_objects: authorizationObjects,
|
|
@@ -82,7 +79,7 @@ class AuthorizationService {
|
|
|
82
79
|
logger.info({
|
|
83
80
|
resources: JSON.stringify(unauthorizedObjects),
|
|
84
81
|
}, 'AuthorizationService: resource is unauthorized');
|
|
85
|
-
const unauthorizedIds = unauthorizedObjects.map(obj => obj.resource_id);
|
|
82
|
+
const unauthorizedIds = unauthorizedObjects.filter(obj => !!obj.resource_id).map(obj => obj.resource_id);
|
|
86
83
|
return { isAuthorized: false, unauthorizedIds };
|
|
87
84
|
}
|
|
88
85
|
return { isAuthorized: true };
|
|
@@ -109,3 +106,10 @@ function createAuthorizationParams(resources, action) {
|
|
|
109
106
|
function logOnFetchFail(retries, error, response) {
|
|
110
107
|
logger.error({ attempt: retries, error }, 'Authorization attempt failed due to network issues');
|
|
111
108
|
}
|
|
109
|
+
function getUrl() {
|
|
110
|
+
return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
|
|
111
|
+
}
|
|
112
|
+
function getRequestTimeout() {
|
|
113
|
+
const isDevEnv = process.env.NODE_ENV === 'development';
|
|
114
|
+
return isDevEnv ? 60000 : 2000;
|
|
115
|
+
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { Request, Response } from 'express';
|
|
2
2
|
export interface Resource {
|
|
3
|
-
id
|
|
3
|
+
id?: number;
|
|
4
4
|
type: string;
|
|
5
5
|
wrapperData?: object;
|
|
6
6
|
}
|
|
@@ -12,7 +12,7 @@ export interface Context {
|
|
|
12
12
|
}
|
|
13
13
|
export declare type ContextGetter = (request: BaseRequest) => Context;
|
|
14
14
|
export interface AuthorizationObject {
|
|
15
|
-
resource_id
|
|
15
|
+
resource_id?: Resource['id'];
|
|
16
16
|
resource_type: Resource['type'];
|
|
17
17
|
wrapper_data?: Resource['wrapperData'];
|
|
18
18
|
action: Action;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mondaydotcomorg/monday-authorization",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.20",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"license": "BSD-3-Clause",
|
|
@@ -31,5 +31,5 @@
|
|
|
31
31
|
"files": [
|
|
32
32
|
"dist/"
|
|
33
33
|
],
|
|
34
|
-
"gitHead": "
|
|
34
|
+
"gitHead": "885a2695f0c341cf28613bb0a49d26a2c96d01d7"
|
|
35
35
|
}
|