@mondaydotcomorg/monday-authorization 1.0.4 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/index.d.ts +1 -0
  2. package/dist/index.js +3 -1
  3. package/dist/lib/authorization-internal-service.d.ts +6 -0
  4. package/dist/lib/authorization-internal-service.js +17 -0
  5. package/dist/lib/authorization-middleware.js +4 -3
  6. package/dist/lib/authorization-service.d.ts +0 -4
  7. package/dist/lib/authorization-service.js +0 -11
  8. package/package.json +2 -2
package/dist/index.d.ts CHANGED
@@ -1 +1,2 @@
1
1
  export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware, } from './lib/authorization-middleware';
2
+ export { AuthorizationService } from './lib/authorization-service';
package/dist/index.js CHANGED
@@ -1,7 +1,9 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = exports.authorizationCheckMiddleware = void 0;
3
+ exports.AuthorizationService = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = exports.authorizationCheckMiddleware = void 0;
4
4
  var authorization_middleware_1 = require("./lib/authorization-middleware");
5
5
  Object.defineProperty(exports, "authorizationCheckMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.authorizationCheckMiddleware; } });
6
6
  Object.defineProperty(exports, "getAuthorizationMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.getAuthorizationMiddleware; } });
7
7
  Object.defineProperty(exports, "skipAuthorizationMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.skipAuthorizationMiddleware; } });
8
+ var authorization_service_1 = require("./lib/authorization-service");
9
+ Object.defineProperty(exports, "AuthorizationService", { enumerable: true, get: function () { return authorization_service_1.AuthorizationService; } });
package/dist/lib/authorization-internal-service.d.ts ADDED
@@ -0,0 +1,6 @@
1
+ import { Request } from 'express';
2
+ export declare class AuthorizationInternalService {
3
+ static skipAuthorization(requset: Request): void;
4
+ static markAuthorized(request: Request): void;
5
+ static failIfNotCoveredByAuthorization(request: Request): void;
6
+ }
package/dist/lib/authorization-internal-service.js ADDED
@@ -0,0 +1,17 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.AuthorizationInternalService = void 0;
4
+ class AuthorizationInternalService {
5
+ static skipAuthorization(requset) {
6
+ requset.authorizationSkipPerformed = true;
7
+ }
8
+ static markAuthorized(request) {
9
+ request.authorizationCheckPerformed = true;
10
+ }
11
+ static failIfNotCoveredByAuthorization(request) {
12
+ if (!request.authorizationCheckPerformed && !request.authorizationSkipPerformed) {
13
+ throw 'Endpoint is not covered by authorization check';
14
+ }
15
+ }
16
+ }
17
+ exports.AuthorizationInternalService = AuthorizationInternalService;
package/dist/lib/authorization-middleware.js CHANGED
@@ -14,6 +14,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
14
14
  Object.defineProperty(exports, "__esModule", { value: true });
15
15
  exports.authorizationCheckMiddleware = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = void 0;
16
16
  const on_headers_1 = __importDefault(require("on-headers"));
17
+ const authorization_internal_service_1 = require("./authorization-internal-service");
17
18
  const authorization_service_1 = require("./authorization-service");
18
19
  function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
19
20
  return function authorizationMiddleware(request, response, next) {
@@ -22,7 +23,7 @@ function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
22
23
  const { userId, accountId } = contextGetter(request);
23
24
  const resources = resourceGetter(request);
24
25
  const isAuthorized = yield authorization_service_1.AuthorizationService.isAuthorized(accountId, userId, resources, action);
25
- authorization_service_1.AuthorizationService.markAuthorized(request);
26
+ authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
26
27
  if (!isAuthorized) {
27
28
  response.status(401).json({ message: 'Access denied' });
28
29
  return;
@@ -33,14 +34,14 @@ function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
33
34
  }
34
35
  exports.getAuthorizationMiddleware = getAuthorizationMiddleware;
35
36
  function skipAuthorizationMiddleware(request, response, next) {
36
- authorization_service_1.AuthorizationService.skipAuthorization(request);
37
+ authorization_internal_service_1.AuthorizationInternalService.skipAuthorization(request);
37
38
  next();
38
39
  }
39
40
  exports.skipAuthorizationMiddleware = skipAuthorizationMiddleware;
40
41
  function authorizationCheckMiddleware(request, response, next) {
41
42
  if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
42
43
  on_headers_1.default(response, function () {
43
- authorization_service_1.AuthorizationService.failIfNotCoveredByAuthorization(request);
44
+ authorization_internal_service_1.AuthorizationInternalService.failIfNotCoveredByAuthorization(request);
44
45
  });
45
46
  }
46
47
  next();
package/dist/lib/authorization-service.d.ts CHANGED
@@ -1,8 +1,4 @@
1
- import { Request } from 'express';
2
1
  import { Action, Resource } from './types/general';
3
2
  export declare class AuthorizationService {
4
3
  static isAuthorized(accountId: number, userId: number, resources: Resource[], action: Action): Promise<boolean>;
5
- static skipAuthorization(requset: Request): void;
6
- static markAuthorized(request: Request): void;
7
- static failIfNotCoveredByAuthorization(request: Request): void;
8
4
  }
package/dist/lib/authorization-service.js CHANGED
@@ -74,17 +74,6 @@ class AuthorizationService {
74
74
  return true;
75
75
  });
76
76
  }
77
- static skipAuthorization(requset) {
78
- requset.authorizationSkipPerformed = true;
79
- }
80
- static markAuthorized(request) {
81
- request.authorizationCheckPerformed = true;
82
- }
83
- static failIfNotCoveredByAuthorization(request) {
84
- if (!request.authorizationCheckPerformed && !request.authorizationSkipPerformed) {
85
- throw 'Endpoint is not covered by authorization check';
86
- }
87
- }
88
77
  }
89
78
  exports.AuthorizationService = AuthorizationService;
90
79
  function createAuthorizationParams(resources, action) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mondaydotcomorg/monday-authorization",
3
- "version": "1.0.4",
3
+ "version": "1.0.5",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "license": "BSD-3-Clause",
@@ -30,5 +30,5 @@
30
30
  "files": [
31
31
  "dist/"
32
32
  ],
33
- "gitHead": "f2b58ee5d4010907ecabc7d606bd302d9cf8c329"
33
+ "gitHead": "b219697cb12144df6ff430780ba35dd7108844fa"
34
34
  }