@mondaydotcomorg/monday-authorization 1.1.9-featureliorshonehourjwttoken.465 → 1.1.9-featuremosheauthorizationesm.3695

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/CHANGELOG.md +15 -0
  2. package/README.md +57 -0
  3. package/dist/attributions-service.d.ts +3 -0
  4. package/dist/attributions-service.js +55 -0
  5. package/dist/authorization-attributes-service.d.ts +44 -0
  6. package/dist/authorization-attributes-service.js +144 -0
  7. package/dist/authorization-internal-service.d.ts +13 -0
  8. package/dist/authorization-internal-service.js +80 -0
  9. package/dist/{lib/authorization-middleware.d.ts → authorization-middleware.d.ts} +2 -1
  10. package/dist/authorization-middleware.js +48 -0
  11. package/dist/{lib/authorization-service.d.ts → authorization-service.d.ts} +2 -1
  12. package/dist/authorization-service.js +176 -0
  13. package/dist/constants/sns.d.ts +3 -0
  14. package/dist/constants/sns.js +9 -0
  15. package/dist/esm/attributions-service.d.ts +3 -0
  16. package/dist/esm/attributions-service.mjs +53 -0
  17. package/dist/esm/authorization-attributes-service.d.ts +44 -0
  18. package/dist/esm/authorization-attributes-service.mjs +138 -0
  19. package/dist/esm/authorization-internal-service.d.ts +13 -0
  20. package/dist/esm/authorization-internal-service.mjs +57 -0
  21. package/dist/esm/authorization-middleware.d.ts +6 -0
  22. package/dist/esm/authorization-middleware.mjs +39 -0
  23. package/dist/esm/authorization-service.d.ts +29 -0
  24. package/dist/esm/authorization-service.mjs +172 -0
  25. package/dist/esm/constants/sns.d.ts +3 -0
  26. package/dist/esm/constants/sns.mjs +5 -0
  27. package/dist/esm/index.d.ts +13 -0
  28. package/dist/esm/index.mjs +21 -0
  29. package/dist/esm/prometheus-service.mjs +45 -0
  30. package/dist/esm/testKit/index.d.ts +11 -0
  31. package/dist/esm/testKit/index.mjs +44 -0
  32. package/dist/esm/types/authorization-attributes-contracts.d.ts +27 -0
  33. package/dist/esm/types/authorization-attributes-contracts.mjs +7 -0
  34. package/dist/esm/types/express.mjs +1 -0
  35. package/dist/esm/types/general.mjs +1 -0
  36. package/dist/esm/types/scoped-actions-contracts.mjs +8 -0
  37. package/dist/index.d.ts +5 -2
  38. package/dist/index.js +18 -14
  39. package/dist/prometheus-service.d.ts +10 -0
  40. package/dist/{lib/prometheus-service.js → prometheus-service.js} +11 -10
  41. package/dist/testKit/index.d.ts +11 -0
  42. package/dist/testKit/index.js +48 -0
  43. package/dist/types/authorization-attributes-contracts.d.ts +27 -0
  44. package/dist/types/authorization-attributes-contracts.js +7 -0
  45. package/dist/types/express.d.ts +10 -0
  46. package/dist/types/express.js +1 -0
  47. package/dist/types/general.d.ts +30 -0
  48. package/dist/types/general.js +1 -0
  49. package/dist/types/scoped-actions-contracts.d.ts +38 -0
  50. package/dist/{lib/types → types}/scoped-actions-contracts.js +3 -4
  51. package/package.json +30 -7
  52. package/dist/lib/authorization-internal-service.d.ts +0 -6
  53. package/dist/lib/authorization-internal-service.js +0 -17
  54. package/dist/lib/authorization-middleware.js +0 -54
  55. package/dist/lib/authorization-service.js +0 -233
  56. package/dist/lib/types/express.js +0 -1
  57. package/dist/lib/types/general.js +0 -2
  58. /package/dist/{lib → esm}/prometheus-service.d.ts +0 -0
  59. /package/dist/{lib → esm}/types/express.d.ts +0 -0
  60. /package/dist/{lib → esm}/types/general.d.ts +0 -0
  61. /package/dist/{lib → esm}/types/scoped-actions-contracts.d.ts +0 -0
package/dist/types/general.js ADDED
@@ -0,0 +1 @@
1
+
package/dist/types/scoped-actions-contracts.d.ts ADDED
@@ -0,0 +1,38 @@
1
+ export interface WorkspaceScope {
2
+ workspaceId: number;
3
+ }
4
+ export interface BoardScope {
5
+ boardId: number;
6
+ }
7
+ export interface PulseScope {
8
+ pulseId: number;
9
+ }
10
+ export interface AccountProductScope {
11
+ accountProductId: number;
12
+ }
13
+ export interface AccountScope {
14
+ accountId: number;
15
+ }
16
+ export type ScopeOptions = WorkspaceScope | BoardScope | PulseScope | AccountProductScope | AccountScope;
17
+ export interface Translation {
18
+ key: string;
19
+ [option: string]: string;
20
+ }
21
+ export declare enum PermitTechnicalReason {
22
+ NO_REASON = 0,
23
+ NOT_ELIGIBLE = 1,
24
+ BY_ROLE_IN_SCOPE = 2
25
+ }
26
+ export interface ScopedActionPermit {
27
+ can: boolean;
28
+ reason: Translation;
29
+ technicalReason: PermitTechnicalReason;
30
+ }
31
+ export interface ScopedAction {
32
+ action: string;
33
+ scope: ScopeOptions;
34
+ }
35
+ export interface ScopedActionResponseObject {
36
+ scopedAction: ScopedAction;
37
+ permit: ScopedActionPermit;
38
+ }
package/dist/{lib/types → types}/scoped-actions-contracts.js RENAMED
@@ -1,9 +1,8 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
1
+ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
2
+
3
3
  exports.PermitTechnicalReason = void 0;
4
- var PermitTechnicalReason;
5
4
  (function (PermitTechnicalReason) {
6
5
  PermitTechnicalReason[PermitTechnicalReason["NO_REASON"] = 0] = "NO_REASON";
7
6
  PermitTechnicalReason[PermitTechnicalReason["NOT_ELIGIBLE"] = 1] = "NOT_ELIGIBLE";
8
7
  PermitTechnicalReason[PermitTechnicalReason["BY_ROLE_IN_SCOPE"] = 2] = "BY_ROLE_IN_SCOPE";
9
- })(PermitTechnicalReason || (exports.PermitTechnicalReason = PermitTechnicalReason = {}));
8
+ })(exports.PermitTechnicalReason || (exports.PermitTechnicalReason = {}));
package/package.json CHANGED
@@ -1,36 +1,59 @@
1
1
  {
2
2
  "name": "@mondaydotcomorg/monday-authorization",
3
- "version": "1.1.9-featureliorshonehourjwttoken.465+164eb3b11",
3
+ "version": "1.1.9-featuremosheauthorizationesm.3695+dabe70b1e",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "license": "BSD-3-Clause",
7
+ "exports": {
8
+ ".": {
9
+ "import": "./dist/esm/index.mjs",
10
+ "require": "./dist/index.js",
11
+ "types": "./dist/index.d.ts"
12
+ },
13
+ "./package.json": "./package.json"
14
+ },
7
15
  "scripts": {
8
- "test": "mocha -r ts-node/register -r tsconfig-paths/register './tests/*.test.ts' --timeout 5000 --exit",
9
- "build": "tsc --build"
16
+ "test": "trident-library test",
17
+ "lint": "trident-library lint",
18
+ "build": "trident-library build",
19
+ "watch": "trident-library build -w"
10
20
  },
11
21
  "dependencies": {
12
22
  "@mondaydotcomorg/monday-fetch": "^0.0.7",
13
- "@mondaydotcomorg/monday-jwt": "^3.0.9-featureliorshonehourjwttoken.465+164eb3b11",
14
- "@mondaydotcomorg/monday-logger": "^3.0.10",
23
+ "@mondaydotcomorg/monday-jwt": "^3.0.14",
24
+ "@mondaydotcomorg/monday-logger": "^4.0.11",
25
+ "@mondaydotcomorg/monday-sns": "^1.0.6",
26
+ "@mondaydotcomorg/trident-backend-api": "^0.23.10",
27
+ "@types/lodash": "^4.17.10",
28
+ "lodash": "^4.17.21",
15
29
  "node-fetch": "^2.6.7",
30
+ "on-headers": "^1.0.2",
16
31
  "ts-node": "^10.0.0"
17
32
  },
18
33
  "devDependencies": {
34
+ "@mondaydotcomorg/trident-library": "^0.6.53",
19
35
  "@types/express": "^4.17.20",
36
+ "@types/jest": "^27.4.1",
20
37
  "@types/mocha": "^8.2.2",
21
38
  "@types/on-headers": "^1.0.0",
22
39
  "@types/supertest": "^2.0.11",
23
40
  "express": "^4.17.1",
24
41
  "ioredis": "^5.2.4",
25
42
  "ioredis-mock": "^8.2.2",
43
+ "jest": "^27.5.1",
26
44
  "mocha": "^9.0.1",
27
- "on-headers": "^1.0.2",
28
45
  "supertest": "^6.1.3",
46
+ "ts-jest": "^27.1.3",
29
47
  "tsconfig-paths": "^3.9.0",
30
48
  "typescript": "^5.1.6"
31
49
  },
32
50
  "files": [
33
51
  "dist/"
34
52
  ],
35
- "gitHead": "164eb3b11392586ed8175eaa15ec61c914a85234"
53
+ "trident": {
54
+ "build": {
55
+ "esmMjsRename": true
56
+ }
57
+ },
58
+ "gitHead": "dabe70b1ee6b4bee07fdd8ca06eb4944d62a4c96"
36
59
  }
package/dist/lib/authorization-internal-service.d.ts DELETED
@@ -1,6 +0,0 @@
1
- import { Request } from 'express';
2
- export declare class AuthorizationInternalService {
3
- static skipAuthorization(requset: Request): void;
4
- static markAuthorized(request: Request): void;
5
- static failIfNotCoveredByAuthorization(request: Request): void;
6
- }
package/dist/lib/authorization-internal-service.js DELETED
@@ -1,17 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.AuthorizationInternalService = void 0;
4
- class AuthorizationInternalService {
5
- static skipAuthorization(requset) {
6
- requset.authorizationSkipPerformed = true;
7
- }
8
- static markAuthorized(request) {
9
- request.authorizationCheckPerformed = true;
10
- }
11
- static failIfNotCoveredByAuthorization(request) {
12
- if (!request.authorizationCheckPerformed && !request.authorizationSkipPerformed) {
13
- throw 'Endpoint is not covered by authorization check';
14
- }
15
- }
16
- }
17
- exports.AuthorizationInternalService = AuthorizationInternalService;
package/dist/lib/authorization-middleware.js DELETED
@@ -1,54 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- var __importDefault = (this && this.__importDefault) || function (mod) {
12
- return (mod && mod.__esModule) ? mod : { "default": mod };
13
- };
14
- Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.authorizationCheckMiddleware = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = void 0;
16
- const on_headers_1 = __importDefault(require("on-headers"));
17
- const authorization_internal_service_1 = require("./authorization-internal-service");
18
- const authorization_service_1 = require("./authorization-service");
19
- function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
20
- return function authorizationMiddleware(request, response, next) {
21
- return __awaiter(this, void 0, void 0, function* () {
22
- contextGetter || (contextGetter = defaultContextGetter);
23
- const { userId, accountId } = contextGetter(request);
24
- const resources = resourceGetter(request);
25
- const { isAuthorized } = yield authorization_service_1.AuthorizationService.isAuthorized(accountId, userId, resources, action);
26
- authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
27
- if (!isAuthorized) {
28
- response.status(403).json({ message: 'Access denied' });
29
- return;
30
- }
31
- next();
32
- });
33
- };
34
- }
35
- exports.getAuthorizationMiddleware = getAuthorizationMiddleware;
36
- function skipAuthorizationMiddleware(request, response, next) {
37
- authorization_internal_service_1.AuthorizationInternalService.skipAuthorization(request);
38
- next();
39
- }
40
- exports.skipAuthorizationMiddleware = skipAuthorizationMiddleware;
41
- function authorizationCheckMiddleware(request, response, next) {
42
- if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
43
- (0, on_headers_1.default)(response, function () {
44
- if (response.statusCode < 400) {
45
- authorization_internal_service_1.AuthorizationInternalService.failIfNotCoveredByAuthorization(request);
46
- }
47
- });
48
- }
49
- next();
50
- }
51
- exports.authorizationCheckMiddleware = authorizationCheckMiddleware;
52
- function defaultContextGetter(request) {
53
- return request.payload;
54
- }
package/dist/lib/authorization-service.js DELETED
@@ -1,233 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
- return new (P || (P = Promise))(function (resolve, reject) {
28
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
- step((generator = generator.apply(thisArg, _arguments || [])).next());
32
- });
33
- };
34
- Object.defineProperty(exports, "__esModule", { value: true });
35
- exports.AuthorizationService = exports.setRedisClient = exports.setRequestFetchOptions = void 0;
36
- const lodash_1 = require("lodash");
37
- const perf_hooks_1 = require("perf_hooks");
38
- const monday_jwt_1 = require("@mondaydotcomorg/monday-jwt");
39
- const MondayLogger = __importStar(require("@mondaydotcomorg/monday-logger"));
40
- const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
41
- const prometheus_service_1 = require("./prometheus-service");
42
- const INTERNAL_APP_NAME = 'internal_ms';
43
- const logger = MondayLogger.getLogger();
44
- const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
45
- const defaultMondayFetchOptions = {
46
- retries: 3,
47
- callback: logOnFetchFail,
48
- };
49
- let mondayFetchOptions = defaultMondayFetchOptions;
50
- function setRequestFetchOptions(customMondayFetchOptions) {
51
- mondayFetchOptions = Object.assign(Object.assign({}, defaultMondayFetchOptions), customMondayFetchOptions);
52
- }
53
- exports.setRequestFetchOptions = setRequestFetchOptions;
54
- function setRedisClient(client, grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS) {
55
- AuthorizationService.redisClient = client;
56
- if (grantedFeatureRedisExpirationInSeconds && grantedFeatureRedisExpirationInSeconds > 0) {
57
- AuthorizationService.grantedFeatureRedisExpirationInSeconds = grantedFeatureRedisExpirationInSeconds;
58
- }
59
- else {
60
- logger.warn({ grantedFeatureRedisExpirationInSeconds }, 'Invalid input for grantedFeatureRedisExpirationInSeconds, must be positive number. using default ttl.');
61
- AuthorizationService.grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS;
62
- }
63
- }
64
- exports.setRedisClient = setRedisClient;
65
- class AuthorizationService {
66
- static isAuthorized(...args) {
67
- return __awaiter(this, void 0, void 0, function* () {
68
- if (args.length === 3) {
69
- return this.isAuthorizedMultiple(args[0], args[1], args[2]);
70
- }
71
- else if (args.length == 4) {
72
- return this.isAuthorizedSingular(args[0], args[1], args[2], args[3]);
73
- }
74
- else {
75
- throw new Error('isAuthorized accepts either 3 or 4 arguments');
76
- }
77
- });
78
- }
79
- static isUserGrantedWithFeature(accountId, userId, featureName, options = {}) {
80
- var _a;
81
- return __awaiter(this, void 0, void 0, function* () {
82
- let cachedKey = this.getCachedKeyName(userId, featureName);
83
- const shouldSkipCache = (_a = options.shouldSkipCache) !== null && _a !== void 0 ? _a : false;
84
- if (this.redisClient && !shouldSkipCache) {
85
- let grantedFeatureValue = yield this.redisClient.get(cachedKey);
86
- if (!(grantedFeatureValue === undefined || grantedFeatureValue === null)) {
87
- // redis returns the value as string
88
- return grantedFeatureValue === 'true';
89
- }
90
- }
91
- let grantedFeatureValue = yield this.fetchIsUserGrantedWithFeature(featureName, accountId, userId);
92
- if (this.redisClient) {
93
- yield this.redisClient.set(cachedKey, grantedFeatureValue, 'EX', this.grantedFeatureRedisExpirationInSeconds);
94
- }
95
- return grantedFeatureValue;
96
- });
97
- }
98
- static fetchIsUserGrantedWithFeature(featureName, accountId, userId) {
99
- return __awaiter(this, void 0, void 0, function* () {
100
- let authorizationObject = {
101
- action: featureName,
102
- resource_type: 'feature',
103
- };
104
- let authorizeResponsePromise = yield this.isAuthorized(accountId, userId, [authorizationObject]);
105
- return authorizeResponsePromise.isAuthorized;
106
- });
107
- }
108
- static getCachedKeyName(userId, featureName) {
109
- return `granted-feature-${featureName}-${userId}`;
110
- }
111
- static canActionInScope(accountId, userId, action, scope) {
112
- return __awaiter(this, void 0, void 0, function* () {
113
- const scopedActions = [{ action, scope }];
114
- const scopedActionResponseObjects = yield this.canActionInScopeMultiple(accountId, userId, scopedActions);
115
- return scopedActionResponseObjects[0].permit;
116
- });
117
- }
118
- static canActionInScopeMultiple(accountId, userId, scopedActions) {
119
- return __awaiter(this, void 0, void 0, function* () {
120
- const internalAuthToken = (0, monday_jwt_1.signAuthorizationHeader)({ appName: INTERNAL_APP_NAME, accountId, userId });
121
- const scopedActionsPayload = scopedActions.map(scopedAction => {
122
- return Object.assign(Object.assign({}, scopedAction), { scope: (0, lodash_1.mapKeys)(scopedAction.scope, (_, key) => (0, lodash_1.snakeCase)(key)) }); // for example: { workspaceId: 1 } => { workspace_id: 1 }
123
- });
124
- const response = yield (0, monday_fetch_1.fetch)(getCanActionsInScopesUrl(), {
125
- method: 'POST',
126
- headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
127
- timeout: getRequestTimeout(),
128
- body: JSON.stringify({
129
- user_id: userId,
130
- scoped_actions: scopedActionsPayload,
131
- }),
132
- }, mondayFetchOptions);
133
- throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
134
- const responseBody = yield response.json();
135
- const camelCaseKeys = (obj) => Object.fromEntries(Object.entries(obj).map(([key, value]) => [(0, lodash_1.camelCase)(key), value]));
136
- const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
137
- const { scopedAction, permit } = responseObject;
138
- const { scope } = scopedAction;
139
- const transformKeys = (obj) => camelCaseKeys(obj);
140
- return Object.assign(Object.assign({}, responseObject), { scopedAction: Object.assign(Object.assign({}, scopedAction), { scope: transformKeys(scope) }), permit: transformKeys(permit) });
141
- });
142
- return scopedActionsResponseObjects;
143
- });
144
- }
145
- static isAuthorizedSingular(accountId, userId, resources, action) {
146
- return __awaiter(this, void 0, void 0, function* () {
147
- const { authorizationObjects } = createAuthorizationParams(resources, action);
148
- return this.isAuthorizedMultiple(accountId, userId, authorizationObjects);
149
- });
150
- }
151
- static isAuthorizedMultiple(accountId, userId, authorizationRequestObjects) {
152
- return __awaiter(this, void 0, void 0, function* () {
153
- const internalAuthToken = (0, monday_jwt_1.signAuthorizationHeader)({ appName: INTERNAL_APP_NAME, accountId, userId });
154
- const startTime = perf_hooks_1.performance.now();
155
- const response = yield (0, monday_fetch_1.fetch)(getAuthorizeUrl(), {
156
- method: 'POST',
157
- headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
158
- timeout: getRequestTimeout(),
159
- body: JSON.stringify({
160
- user_id: userId,
161
- authorize_request_objects: authorizationRequestObjects,
162
- }),
163
- }, mondayFetchOptions);
164
- const endTime = perf_hooks_1.performance.now();
165
- const time = endTime - startTime;
166
- const responseStatus = response.status;
167
- (0, prometheus_service_1.sendAuthorizationChecksPerRequestMetric)(responseStatus, authorizationRequestObjects.length);
168
- throwOnHttpErrorIfNeeded(response, 'isAuthorizedMultiple');
169
- const responseBody = yield response.json();
170
- const unauthorizedObjects = [];
171
- responseBody.result.forEach(function (isAuthorized, index) {
172
- const authorizationObject = authorizationRequestObjects[index];
173
- if (!isAuthorized) {
174
- unauthorizedObjects.push(authorizationObject);
175
- }
176
- (0, prometheus_service_1.sendAuthorizationCheckResponseTimeMetric)(authorizationObject.resource_type, authorizationObject.action, isAuthorized, responseStatus, time);
177
- });
178
- if (unauthorizedObjects.length > 0) {
179
- logger.info({
180
- resources: JSON.stringify(unauthorizedObjects),
181
- }, 'AuthorizationService: resource is unauthorized');
182
- const unauthorizedIds = unauthorizedObjects
183
- .filter(obj => !!obj.resource_id)
184
- .map(obj => obj.resource_id);
185
- return { isAuthorized: false, unauthorizedIds };
186
- }
187
- return { isAuthorized: true };
188
- });
189
- }
190
- }
191
- exports.AuthorizationService = AuthorizationService;
192
- function createAuthorizationParams(resources, action) {
193
- const params = {
194
- authorizationObjects: resources.map((resource) => {
195
- const authorizationObject = {
196
- resource_id: resource.id,
197
- resource_type: resource.type,
198
- action,
199
- };
200
- if (resource.wrapperData) {
201
- authorizationObject.wrapper_data = resource.wrapperData;
202
- }
203
- return authorizationObject;
204
- }),
205
- };
206
- return params;
207
- }
208
- function logOnFetchFail(retriesLeft, error) {
209
- if (retriesLeft == 0) {
210
- logger.error({ retriesLeft, error }, 'Authorization attempt failed due to network issues');
211
- }
212
- else {
213
- logger.info({ retriesLeft, error }, 'Authorization attempt failed due to network issues, trying again');
214
- }
215
- }
216
- function getAuthorizeUrl() {
217
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
218
- }
219
- function getCanActionsInScopesUrl() {
220
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/can_actions_in_scopes`;
221
- }
222
- function getRequestTimeout() {
223
- const isDevEnv = process.env.NODE_ENV === 'development';
224
- return isDevEnv ? 60000 : 2000;
225
- }
226
- function throwOnHttpErrorIfNeeded(response, placement) {
227
- if (response.ok) {
228
- return;
229
- }
230
- const status = response.status;
231
- logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
232
- throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
233
- }
package/dist/lib/types/express.js DELETED
@@ -1 +0,0 @@
1
- "use strict";
package/dist/lib/types/general.js DELETED
@@ -1,2 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
/package/dist/{lib → esm}/prometheus-service.d.ts RENAMED
File without changes
/package/dist/{lib → esm}/types/express.d.ts RENAMED
File without changes
/package/dist/{lib → esm}/types/general.d.ts RENAMED
File without changes