npm - @mondaydotcomorg/monday-authorization - Versions diffs - 1.1.9-featureorcomonday-jwt-ts.472 → 1.1.9-featuresergeytsadd-testkit-to-monday-authorization.1486 - Mend

@mondaydotcomorg/monday-authorization 1.1.9-featureorcomonday-jwt-ts.472 → 1.1.9-featuresergeytsadd-testkit-to-monday-authorization.1486

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md +4 -0
package/dist/index.d.ts +2 -0
package/dist/index.js +26 -1
package/dist/lib/authorization-middleware.d.ts +2 -1
package/dist/lib/authorization-middleware.js +2 -1
package/dist/lib/authorization-service.d.ts +1 -0
package/dist/lib/authorization-service.js +1 -1
package/dist/lib/testKit/index.d.ts +11 -0
package/dist/lib/testKit/index.js +58 -0
package/package.json +4 -4

package/CHANGELOG.md CHANGED Viewed

@@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
+## [1.2.0] - 2024-01-05
+### Added
+ - `isAuthorized` now return the unauthorized objects - regardless to the unauthorized ids (which may be missing resource ids if resource has no id, like `feature` e.g.)
 ## [1.1.0] - 2023-08-09
 ### ⚠ BREAKING CHANGES

package/dist/index.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
+import * as TestKit from './lib/testKit';
 export interface InitOptions {
     prometheus?: any;
     mondayFetchOptions?: MondayFetchOptions;
@@ -8,3 +9,4 @@ export interface InitOptions {
 export declare function init(options?: InitOptions): void;
 export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware, } from './lib/authorization-middleware';
 export { AuthorizationService } from './lib/authorization-service';
+export { TestKit };

package/dist/index.js CHANGED Viewed

@@ -1,8 +1,33 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthorizationService = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = exports.authorizationCheckMiddleware = exports.init = void 0;
+exports.TestKit = exports.AuthorizationService = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = exports.authorizationCheckMiddleware = exports.init = void 0;
 const prometheus_service_1 = require("./lib/prometheus-service");
 const authorization_service_1 = require("./lib/authorization-service");
+const TestKit = __importStar(require("./lib/testKit"));
+exports.TestKit = TestKit;
 function init(options = {}) {
     if (options.prometheus) {
         (0, prometheus_service_1.setPrometheus)(options.prometheus);

package/dist/lib/authorization-middleware.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { NextFunction } from 'express';
-import { Action, BaseRequest, BaseResponse, ContextGetter, ResourceGetter } from './types/general';
+import { Action, BaseRequest, BaseResponse, Context, ContextGetter, ResourceGetter } from './types/general';
 export declare function getAuthorizationMiddleware(action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter): (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
 export declare function skipAuthorizationMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
 export declare function authorizationCheckMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
+export declare function defaultContextGetter(request: BaseRequest): Context;

package/dist/lib/authorization-middleware.js CHANGED Viewed

@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.authorizationCheckMiddleware = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = void 0;
+exports.defaultContextGetter = exports.authorizationCheckMiddleware = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = void 0;
 const on_headers_1 = __importDefault(require("on-headers"));
 const authorization_internal_service_1 = require("./authorization-internal-service");
 const authorization_service_1 = require("./authorization-service");
@@ -52,3 +52,4 @@ exports.authorizationCheckMiddleware = authorizationCheckMiddleware;
 function defaultContextGetter(request) {
     return request.payload;
 }
+exports.defaultContextGetter = defaultContextGetter;

package/dist/lib/authorization-service.d.ts CHANGED Viewed

@@ -4,6 +4,7 @@ import { ScopedAction, ScopedActionPermit, ScopedActionResponseObject, ScopeOpti
 export interface AuthorizeResponse {
     isAuthorized: boolean;
     unauthorizedIds?: number[];
+    unauthorizedObjects?: AuthorizationObject[];
 }
 export declare function setRequestFetchOptions(customMondayFetchOptions: MondayFetchOptions): void;
 export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;

package/dist/lib/authorization-service.js CHANGED Viewed

@@ -182,7 +182,7 @@ class AuthorizationService {
                 const unauthorizedIds = unauthorizedObjects
                     .filter(obj => !!obj.resource_id)
                     .map(obj => obj.resource_id);
-                return { isAuthorized: false, unauthorizedIds };
+                return { isAuthorized: false, unauthorizedIds, unauthorizedObjects };
             }
             return { isAuthorized: true };
         });

package/dist/lib/testKit/index.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { NextFunction } from "express";
+import { Action, BaseRequest, BaseResponse, ContextGetter, Resource, ResourceGetter } from "lib/types/general";
+export type TestPermittedAction = {
+    accountId: number;
+    userId: number;
+    resources: Resource[];
+    action: Action;
+};
+export declare const addTestPermittedAction: (accountId: number, userId: number, resources: Resource[], action: Action) => void;
+export declare const clearTestPermittedActions: () => void;
+export declare const testGetAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;

package/dist/lib/testKit/index.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.testGetAuthorizationMiddleware = exports.clearTestPermittedActions = exports.addTestPermittedAction = void 0;
+const authorization_middleware_1 = require("lib/authorization-middleware");
+const authorization_internal_service_1 = require("lib/authorization-internal-service");
+let testPermittedActions = [];
+const addTestPermittedAction = (accountId, userId, resources, action) => {
+    testPermittedActions.push({ accountId, userId, resources, action });
+};
+exports.addTestPermittedAction = addTestPermittedAction;
+const clearTestPermittedActions = () => {
+    testPermittedActions = [];
+};
+exports.clearTestPermittedActions = clearTestPermittedActions;
+const testIsAuthorized = (accountId, userId, resources, action) => {
+    return {
+        isAuthorized: resources.every(resource => {
+            return testPermittedActions.some(combination => {
+                return combination.accountId === accountId &&
+                    combination.userId === userId &&
+                    combination.action === action &&
+                    combination.resources.some(combinationResource => {
+                        return resources.some(resource => {
+                            return combinationResource.id === resource.id &&
+                                combinationResource.type === resource.type &&
+                                combinationResource.wrapperData === resource.wrapperData;
+                        });
+                    });
+            });
+        })
+    };
+};
+const testGetAuthorizationMiddleware = (action, resourceGetter, contextGetter) => {
+    return function authorizationMiddleware(request, response, next) {
+        return __awaiter(this, void 0, void 0, function* () {
+            contextGetter || (contextGetter = authorization_middleware_1.defaultContextGetter);
+            const { userId, accountId } = contextGetter(request);
+            const resources = resourceGetter(request);
+            const { isAuthorized } = testIsAuthorized(accountId, userId, resources, action);
+            authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
+            if (!isAuthorized) {
+                response.status(403).json({ message: 'Access denied' });
+                return;
+            }
+            next();
+        });
+    };
+};
+exports.testGetAuthorizationMiddleware = testGetAuthorizationMiddleware;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mondaydotcomorg/monday-authorization",
-  "version": "1.1.9-featureorcomonday-jwt-ts.472+0053951b7",
+  "version": "1.1.9-featuresergeytsadd-testkit-to-monday-authorization.1486+de3b3bf86",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "license": "BSD-3-Clause",
@@ -10,9 +10,10 @@
   },
   "dependencies": {
     "@mondaydotcomorg/monday-fetch": "^0.0.7",
-    "@mondaydotcomorg/monday-jwt": "^3.0.9-featureorcomonday-jwt-ts.472+0053951b7",
+    "@mondaydotcomorg/monday-jwt": "^3.0.10",
     "@mondaydotcomorg/monday-logger": "^3.0.10",
     "node-fetch": "^2.6.7",
+    "on-headers": "^1.0.2",
     "ts-node": "^10.0.0"
   },
   "devDependencies": {
@@ -24,7 +25,6 @@
     "ioredis": "^5.2.4",
     "ioredis-mock": "^8.2.2",
     "mocha": "^9.0.1",
-    "on-headers": "^1.0.2",
     "supertest": "^6.1.3",
     "tsconfig-paths": "^3.9.0",
     "typescript": "^5.1.6"
@@ -32,5 +32,5 @@
   "files": [
     "dist/"
   ],
-  "gitHead": "0053951b70f13ef040d8646d709dd3cdcce11168"
+  "gitHead": "de3b3bf86b523bdace69ad4290b088108043dcd7"
 }