@mondaydotcomorg/monday-authorization 1.2.18 → 1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.d8b27e3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/dist/attributions-service.d.ts +11 -0
  2. package/dist/attributions-service.d.ts.map +1 -0
  3. package/dist/attributions-service.js +32 -0
  4. package/dist/authorization-attributes-service.d.ts +1 -0
  5. package/dist/authorization-attributes-service.d.ts.map +1 -0
  6. package/dist/authorization-internal-service.d.ts +5 -0
  7. package/dist/authorization-internal-service.d.ts.map +1 -0
  8. package/dist/authorization-internal-service.js +26 -2
  9. package/dist/authorization-middleware.d.ts +1 -0
  10. package/dist/authorization-middleware.d.ts.map +1 -0
  11. package/dist/authorization-service.d.ts +1 -0
  12. package/dist/authorization-service.d.ts.map +1 -0
  13. package/dist/authorization-service.js +78 -42
  14. package/dist/constants/sns.d.ts +1 -0
  15. package/dist/constants/sns.d.ts.map +1 -0
  16. package/dist/esm/attributions-service.d.ts +11 -0
  17. package/dist/esm/attributions-service.d.ts.map +1 -0
  18. package/dist/esm/attributions-service.mjs +31 -1
  19. package/dist/esm/authorization-attributes-service.d.ts +1 -0
  20. package/dist/esm/authorization-attributes-service.d.ts.map +1 -0
  21. package/dist/esm/authorization-internal-service.d.ts +5 -0
  22. package/dist/esm/authorization-internal-service.d.ts.map +1 -0
  23. package/dist/esm/authorization-internal-service.mjs +26 -3
  24. package/dist/esm/authorization-middleware.d.ts +1 -0
  25. package/dist/esm/authorization-middleware.d.ts.map +1 -0
  26. package/dist/esm/authorization-service.d.ts +1 -0
  27. package/dist/esm/authorization-service.d.ts.map +1 -0
  28. package/dist/esm/authorization-service.mjs +80 -44
  29. package/dist/esm/constants/sns.d.ts +1 -0
  30. package/dist/esm/constants/sns.d.ts.map +1 -0
  31. package/dist/esm/index.d.ts +1 -0
  32. package/dist/esm/index.d.ts.map +1 -0
  33. package/dist/esm/prometheus-service.d.ts +1 -1
  34. package/dist/esm/prometheus-service.d.ts.map +1 -0
  35. package/dist/esm/prometheus-service.mjs +1 -18
  36. package/dist/esm/testKit/index.d.ts +1 -0
  37. package/dist/esm/testKit/index.d.ts.map +1 -0
  38. package/dist/esm/types/authorization-attributes-contracts.d.ts +1 -0
  39. package/dist/esm/types/authorization-attributes-contracts.d.ts.map +1 -0
  40. package/dist/esm/types/express.d.ts +1 -0
  41. package/dist/esm/types/express.d.ts.map +1 -0
  42. package/dist/esm/types/general.d.ts +1 -0
  43. package/dist/esm/types/general.d.ts.map +1 -0
  44. package/dist/esm/types/scoped-actions-contracts.d.ts +1 -0
  45. package/dist/esm/types/scoped-actions-contracts.d.ts.map +1 -0
  46. package/dist/index.d.ts +1 -0
  47. package/dist/index.d.ts.map +1 -0
  48. package/dist/prometheus-service.d.ts +1 -1
  49. package/dist/prometheus-service.d.ts.map +1 -0
  50. package/dist/prometheus-service.js +0 -18
  51. package/dist/testKit/index.d.ts +1 -0
  52. package/dist/testKit/index.d.ts.map +1 -0
  53. package/dist/types/authorization-attributes-contracts.d.ts +1 -0
  54. package/dist/types/authorization-attributes-contracts.d.ts.map +1 -0
  55. package/dist/types/express.d.ts +1 -0
  56. package/dist/types/express.d.ts.map +1 -0
  57. package/dist/types/general.d.ts +1 -0
  58. package/dist/types/general.d.ts.map +1 -0
  59. package/dist/types/scoped-actions-contracts.d.ts +1 -0
  60. package/dist/types/scoped-actions-contracts.d.ts.map +1 -0
  61. package/package.json +4 -3
package/dist/attributions-service.d.ts CHANGED
@@ -1,3 +1,14 @@
1
+ import { Context, ExecutionContext } from '@mondaydotcomorg/trident-backend-api';
2
+ export declare enum PlatformProfile {
3
+ API = "api",
4
+ APP = "default",
5
+ SLOW = "slow",
6
+ INTERNAL = "internal",
7
+ SIDEKIQ = "sidekiq"
8
+ }
9
+ export declare function getProfile(): PlatformProfile.API | PlatformProfile.SLOW | PlatformProfile.INTERNAL;
10
+ export declare function getExecutionContext(context: Context): ExecutionContext;
1
11
  export declare function getAttributionsFromApi(): {
2
12
  [key: string]: string;
3
13
  };
14
+ //# sourceMappingURL=attributions-service.d.ts.map
package/dist/attributions-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,oBAAY,eAAe;IACzB,GAAG,QAAQ;IACX,GAAG,YAAY;IACf,IAAI,SAAS;IACb,QAAQ,aAAa;IACrB,OAAO,YAAY;CACpB;AAED,wBAAgB,UAAU,0EAmBzB;AAED,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,gBAAgB,CAEtE;AAED,wBAAgB,sBAAsB,IAAI;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAqClE"}
package/dist/attributions-service.js CHANGED
@@ -7,6 +7,36 @@ const APP_NAME_VARIABLE_KEY = 'APP_NAME';
7
7
  const APP_NAME_HEADER_NAME = 'x-caller-app-name-from-sdk';
8
8
  const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
9
9
  let didSendFailureLogOnce = false;
10
+ exports.PlatformProfile = void 0;
11
+ (function (PlatformProfile) {
12
+ PlatformProfile["API"] = "api";
13
+ PlatformProfile["APP"] = "default";
14
+ PlatformProfile["SLOW"] = "slow";
15
+ PlatformProfile["INTERNAL"] = "internal";
16
+ PlatformProfile["SIDEKIQ"] = "sidekiq";
17
+ })(exports.PlatformProfile || (exports.PlatformProfile = {}));
18
+ function getProfile() {
19
+ const tridentContext = tridentBackendApi.Api.getPart('context');
20
+ if (!tridentContext) {
21
+ return exports.PlatformProfile.INTERNAL;
22
+ }
23
+ const { mondayRequestSource } = getExecutionContext(tridentContext);
24
+ switch (mondayRequestSource) {
25
+ case exports.PlatformProfile.API: {
26
+ return exports.PlatformProfile.API;
27
+ }
28
+ case exports.PlatformProfile.SIDEKIQ:
29
+ case exports.PlatformProfile.SLOW: {
30
+ return exports.PlatformProfile.SLOW;
31
+ }
32
+ case exports.PlatformProfile.APP:
33
+ default:
34
+ return exports.PlatformProfile.INTERNAL;
35
+ }
36
+ }
37
+ function getExecutionContext(context) {
38
+ return context.execution.get();
39
+ }
10
40
  function getAttributionsFromApi() {
11
41
  const callerAppNameFromSdk = {
12
42
  [APP_NAME_HEADER_NAME]: tryJsonParse(getEnvVariable(APP_NAME_VARIABLE_KEY)),
@@ -53,3 +83,5 @@ function tryJsonParse(value) {
53
83
  }
54
84
 
55
85
  exports.getAttributionsFromApi = getAttributionsFromApi;
86
+ exports.getExecutionContext = getExecutionContext;
87
+ exports.getProfile = getProfile;
package/dist/authorization-attributes-service.d.ts CHANGED
@@ -42,3 +42,4 @@ export declare class AuthorizationAttributesService {
42
42
  */
43
43
  static asyncResourceAttributesHealthCheck(): Promise<boolean>;
44
44
  }
45
+ //# sourceMappingURL=authorization-attributes-service.d.ts.map
package/dist/authorization-attributes-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-service.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAU3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IAwBrC;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IAyBrC;;;;;;;UAOM;WACO,6BAA6B,CACxC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;mBAYpB,oBAAoB;IA4BzC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B,OAAO,CAAC,MAAM,CAAC,wBAAwB;IAIvC;;;;;;;OAOG;WACU,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAiBpE"}
package/dist/authorization-internal-service.d.ts CHANGED
@@ -1,13 +1,18 @@
1
1
  import { fetch, MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
2
+ import { OnRetryCallback, RetryPolicy } from '@mondaydotcomorg/monday-fetch-api';
2
3
  import type { Request } from 'express';
3
4
  export declare const logger: import("bunyan");
5
+ export declare const onRetryCallback: OnRetryCallback;
4
6
  export declare class AuthorizationInternalService {
5
7
  static skipAuthorization(requset: Request): void;
6
8
  static markAuthorized(request: Request): void;
7
9
  static failIfNotCoveredByAuthorization(request: Request): void;
8
10
  static throwOnHttpErrorIfNeeded(response: Awaited<ReturnType<typeof fetch>>, placement: string): void;
11
+ static throwOnHttpError(status: number, placement: string): void;
9
12
  static generateInternalAuthToken(accountId: number, userId: number): string;
10
13
  static setRequestFetchOptions(customMondayFetchOptions: MondayFetchOptions): void;
11
14
  static getRequestFetchOptions(): MondayFetchOptions;
12
15
  static getRequestTimeout(): 60000 | 2000;
16
+ static getRetriesPolicy(): RetryPolicy;
13
17
  }
18
+ //# sourceMappingURL=authorization-internal-service.d.ts.map
package/dist/authorization-internal-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-internal-service.d.ts","sourceRoot":"","sources":["../src/authorization-internal-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAE1E,OAAO,EAAyB,eAAe,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AACxG,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAKvC,eAAO,MAAM,MAAM,kBAA2B,CAAC;AAO/C,eAAO,MAAM,eAAe,EAAE,eAM7B,CAAC;AAYF,qBAAa,4BAA4B;IACvC,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAIhD,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAI7C,MAAM,CAAC,+BAA+B,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAM9D,MAAM,CAAC,wBAAwB,CAAC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,KAAK,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,GAAG,IAAI;IAcrG,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;IAQzD,MAAM,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAIlE,MAAM,CAAC,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB;IAO1E,MAAM,CAAC,sBAAsB,IAAI,kBAAkB;IAInD,MAAM,CAAC,iBAAiB;IAKxB,MAAM,CAAC,gBAAgB,IAAI,WAAW;CASvC"}
package/dist/authorization-internal-service.js CHANGED
@@ -24,11 +24,21 @@ return n;
24
24
  const MondayLogger__namespace = /*#__PURE__*/_interopNamespace(MondayLogger);
25
25
 
26
26
  const INTERNAL_APP_NAME = 'internal_ms';
27
+ const MAX_RETRIES = 3;
28
+ const RETRY_DELAY_MS = 10;
29
+ const logger = MondayLogger__namespace.getLogger();
27
30
  const defaultMondayFetchOptions = {
28
- retries: 3,
31
+ retries: MAX_RETRIES,
29
32
  callback: logOnFetchFail,
30
33
  };
31
- const logger = MondayLogger__namespace.getLogger();
34
+ const onRetryCallback = (attempt, error) => {
35
+ if (attempt == MAX_RETRIES) {
36
+ logger.error({ attempt, error }, 'Authorization attempt failed');
37
+ }
38
+ else {
39
+ logger.info({ attempt, error }, 'Authorization attempt failed, trying again');
40
+ }
41
+ };
32
42
  function logOnFetchFail(retriesLeft, error) {
33
43
  if (retriesLeft == 0) {
34
44
  logger.error({ retriesLeft, error }, 'Authorization attempt failed due to network issues');
@@ -58,6 +68,10 @@ class AuthorizationInternalService {
58
68
  logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
59
69
  throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
60
70
  }
71
+ static throwOnHttpError(status, placement) {
72
+ logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
73
+ throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
74
+ }
61
75
  static generateInternalAuthToken(accountId, userId) {
62
76
  return mondayJwt.signAuthorizationHeader({ appName: INTERNAL_APP_NAME, accountId, userId });
63
77
  }
@@ -74,7 +88,17 @@ class AuthorizationInternalService {
74
88
  const isDevEnv = process.env.NODE_ENV === 'development';
75
89
  return isDevEnv ? 60000 : 2000;
76
90
  }
91
+ static getRetriesPolicy() {
92
+ const fetchOptions = AuthorizationInternalService.getRequestFetchOptions();
93
+ return {
94
+ useRetries: fetchOptions.retries !== undefined,
95
+ maxRetries: fetchOptions.retries !== undefined ? fetchOptions.retries : 0,
96
+ onRetry: onRetryCallback,
97
+ retryDelayMS: fetchOptions.retryDelay ?? RETRY_DELAY_MS,
98
+ };
99
+ }
77
100
  }
78
101
 
79
102
  exports.AuthorizationInternalService = AuthorizationInternalService;
80
103
  exports.logger = logger;
104
+ exports.onRetryCallback = onRetryCallback;
package/dist/authorization-middleware.d.ts CHANGED
@@ -4,3 +4,4 @@ export declare function getAuthorizationMiddleware(action: Action, resourceGette
4
4
  export declare function skipAuthorizationMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
5
5
  export declare function authorizationCheckMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
6
6
  export declare function defaultContextGetter(request: BaseRequest): Context;
7
+ //# sourceMappingURL=authorization-middleware.d.ts.map
package/dist/authorization-middleware.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-middleware.d.ts","sourceRoot":"","sources":["../src/authorization-middleware.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,KAAK,EAAE,YAAY,EAAW,MAAM,SAAS,CAAC;AAIrD,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,cAAc,EAC9B,aAAa,CAAC,EAAE,aAAa,IAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAYjB;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CAGlH;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CASnH;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAElE"}
package/dist/authorization-service.d.ts CHANGED
@@ -31,3 +31,4 @@ export declare class AuthorizationService {
31
31
  private static isAuthorizedMultiple;
32
32
  }
33
33
  export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
34
+ //# sourceMappingURL=authorization-service.d.ts.map
package/dist/authorization-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAM1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAOD,qBAAa,oBAAoB;IAC/B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAEvD;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA6DnB,oBAAoB;mBAUpB,oBAAoB;CA6E1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F"}
package/dist/authorization-service.js CHANGED
@@ -4,7 +4,8 @@ const perf_hooks = require('perf_hooks');
4
4
  const snakeCase = require('lodash/snakeCase.js');
5
5
  const camelCase = require('lodash/camelCase.js');
6
6
  const mapKeys = require('lodash/mapKeys.js');
7
- const mondayFetch = require('@mondaydotcomorg/monday-fetch');
7
+ const tridentBackendApi = require('@mondaydotcomorg/trident-backend-api');
8
+ const mondayFetchApi = require('@mondaydotcomorg/monday-fetch-api');
8
9
  const prometheusService = require('./prometheus-service.js');
9
10
  const authorizationInternalService = require('./authorization-internal-service.js');
10
11
  const attributionsService = require('./attributions-service.js');
@@ -75,30 +76,49 @@ class AuthorizationService {
75
76
  return { ...scopedAction, scope: mapKeys__default.default(scopedAction.scope, (_, key) => snakeCase__default.default(key)) }; // for example: { workspaceId: 1 } => { workspace_id: 1 }
76
77
  });
77
78
  const attributionHeaders = attributionsService.getAttributionsFromApi();
78
- const response = await mondayFetch.fetch(getCanActionsInScopesUrl(), {
79
- method: 'POST',
80
- headers: {
81
- Authorization: internalAuthToken,
82
- 'Content-Type': 'application/json',
83
- ...attributionHeaders,
84
- },
85
- timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
86
- body: JSON.stringify({
87
- user_id: userId,
88
- scoped_actions: scopedActionsPayload,
89
- }),
90
- }, authorizationInternalService.AuthorizationInternalService.getRequestFetchOptions());
91
- authorizationInternalService.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
92
- const responseBody = await response.json();
93
- const camelCaseKeys = obj => Object.fromEntries(Object.entries(obj).map(([key, value]) => [camelCase__default.default(key), value]));
94
- const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
79
+ const httpClient = tridentBackendApi.Api.getPart('httpClient');
80
+ const profile = attributionsService.getProfile();
81
+ let response = [];
82
+ try {
83
+ response = await httpClient.fetch({
84
+ url: {
85
+ appName: 'platform',
86
+ path: getCanActionsInScopesUrl(),
87
+ profile,
88
+ },
89
+ method: 'POST',
90
+ headers: {
91
+ Authorization: internalAuthToken,
92
+ 'Content-Type': 'application/json',
93
+ ...attributionHeaders,
94
+ },
95
+ body: JSON.stringify({
96
+ user_id: userId,
97
+ scoped_actions: scopedActionsPayload,
98
+ }),
99
+ }, {
100
+ timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
101
+ retryPolicy: authorizationInternalService.AuthorizationInternalService.getRetriesPolicy(),
102
+ });
103
+ }
104
+ catch (err) {
105
+ if (err instanceof mondayFetchApi.HttpFetcherError) {
106
+ authorizationInternalService.AuthorizationInternalService.throwOnHttpError(err.status, 'canActionInScopeMultiple');
107
+ }
108
+ else {
109
+ throw err;
110
+ }
111
+ }
112
+ function toCamelCase(obj) {
113
+ return mapKeys__default.default(obj, (_, key) => camelCase__default.default(key));
114
+ }
115
+ const scopedActionsResponseObjects = response.map(responseObject => {
95
116
  const { scopedAction, permit } = responseObject;
96
117
  const { scope } = scopedAction;
97
- const transformKeys = obj => camelCaseKeys(obj);
98
118
  return {
99
119
  ...responseObject,
100
- scopedAction: { ...scopedAction, scope: transformKeys(scope) },
101
- permit: transformKeys(permit),
120
+ scopedAction: { ...scopedAction, scope: toCamelCase(scope) },
121
+ permit: toCamelCase(permit),
102
122
  };
103
123
  });
104
124
  return scopedActionsResponseObjects;
@@ -111,32 +131,48 @@ class AuthorizationService {
111
131
  const internalAuthToken = authorizationInternalService.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
112
132
  const startTime = perf_hooks.performance.now();
113
133
  const attributionHeaders = attributionsService.getAttributionsFromApi();
114
- const response = await mondayFetch.fetch(getAuthorizeUrl(), {
115
- method: 'POST',
116
- headers: {
117
- Authorization: internalAuthToken,
118
- 'Content-Type': 'application/json',
119
- ...attributionHeaders,
120
- },
121
- timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
122
- body: JSON.stringify({
123
- user_id: userId,
124
- authorize_request_objects: authorizationRequestObjects,
125
- }),
126
- }, authorizationInternalService.AuthorizationInternalService.getRequestFetchOptions());
134
+ const httpClient = tridentBackendApi.Api.getPart('httpClient');
135
+ const profile = attributionsService.getProfile();
136
+ let response = [];
137
+ try {
138
+ response = await httpClient.fetch({
139
+ url: {
140
+ appName: 'platform',
141
+ path: getAuthorizeUrl(),
142
+ profile,
143
+ },
144
+ method: 'POST',
145
+ headers: {
146
+ Authorization: internalAuthToken,
147
+ 'Content-Type': 'application/json',
148
+ ...attributionHeaders,
149
+ },
150
+ body: JSON.stringify({
151
+ user_id: userId,
152
+ authorize_request_objects: authorizationRequestObjects,
153
+ }),
154
+ }, {
155
+ timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
156
+ retryPolicy: authorizationInternalService.AuthorizationInternalService.getRetriesPolicy(),
157
+ });
158
+ }
159
+ catch (err) {
160
+ if (err instanceof httpClient.HttpFetcherError) {
161
+ authorizationInternalService.AuthorizationInternalService.throwOnHttpError(err.status, 'isAuthorizedMultiple');
162
+ }
163
+ else {
164
+ throw err;
165
+ }
166
+ }
127
167
  const endTime = perf_hooks.performance.now();
128
168
  const time = endTime - startTime;
129
- const responseStatus = response.status;
130
- prometheusService.sendAuthorizationChecksPerRequestMetric(responseStatus, authorizationRequestObjects.length);
131
- authorizationInternalService.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'isAuthorizedMultiple');
132
- const responseBody = await response.json();
133
169
  const unauthorizedObjects = [];
134
- responseBody.result.forEach(function (isAuthorized, index) {
170
+ response.forEach(function (isAuthorized, index) {
135
171
  const authorizationObject = authorizationRequestObjects[index];
136
172
  if (!isAuthorized) {
137
173
  unauthorizedObjects.push(authorizationObject);
138
174
  }
139
- prometheusService.sendAuthorizationCheckResponseTimeMetric(authorizationObject.resource_type, authorizationObject.action, isAuthorized, responseStatus, time);
175
+ prometheusService.sendAuthorizationCheckResponseTimeMetric(authorizationObject.resource_type, authorizationObject.action, isAuthorized, 200, time);
140
176
  });
141
177
  if (unauthorizedObjects.length > 0) {
142
178
  authorizationInternalService.logger.info({
@@ -177,10 +213,10 @@ function createAuthorizationParams(resources, action) {
177
213
  return params;
178
214
  }
179
215
  function getAuthorizeUrl() {
180
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
216
+ return '/internal_ms/authorization/authorize';
181
217
  }
182
218
  function getCanActionsInScopesUrl() {
183
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/can_actions_in_scopes`;
219
+ return '/internal_ms/authorization/can_actions_in_scopes';
184
220
  }
185
221
 
186
222
  exports.AuthorizationService = AuthorizationService;
package/dist/constants/sns.d.ts CHANGED
@@ -1,3 +1,4 @@
1
1
  export declare const RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME = "AUTHORIZATION_RESOURCE_ATTRIBUTES_SNS_TOPIC";
2
2
  export declare const RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = "resourceAttributeModification";
3
3
  export declare const ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
4
+ //# sourceMappingURL=sns.d.ts.map
package/dist/constants/sns.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"sns.d.ts","sourceRoot":"","sources":["../../src/constants/sns.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uCAAuC,gDAAgD,CAAC;AACrG,eAAO,MAAM,qDAAqD,kCAAkC,CAAC;AACrG,eAAO,MAAM,oDAAoD,MAAM,CAAC"}
package/dist/esm/attributions-service.d.ts CHANGED
@@ -1,3 +1,14 @@
1
+ import { Context, ExecutionContext } from '@mondaydotcomorg/trident-backend-api';
2
+ export declare enum PlatformProfile {
3
+ API = "api",
4
+ APP = "default",
5
+ SLOW = "slow",
6
+ INTERNAL = "internal",
7
+ SIDEKIQ = "sidekiq"
8
+ }
9
+ export declare function getProfile(): PlatformProfile.API | PlatformProfile.SLOW | PlatformProfile.INTERNAL;
10
+ export declare function getExecutionContext(context: Context): ExecutionContext;
1
11
  export declare function getAttributionsFromApi(): {
2
12
  [key: string]: string;
3
13
  };
14
+ //# sourceMappingURL=attributions-service.d.ts.map
package/dist/esm/attributions-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,oBAAY,eAAe;IACzB,GAAG,QAAQ;IACX,GAAG,YAAY;IACf,IAAI,SAAS;IACb,QAAQ,aAAa;IACrB,OAAO,YAAY;CACpB;AAED,wBAAgB,UAAU,0EAmBzB;AAED,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,gBAAgB,CAEtE;AAED,wBAAgB,sBAAsB,IAAI;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAqClE"}
package/dist/esm/attributions-service.mjs CHANGED
@@ -5,6 +5,36 @@ const APP_NAME_VARIABLE_KEY = 'APP_NAME';
5
5
  const APP_NAME_HEADER_NAME = 'x-caller-app-name-from-sdk';
6
6
  const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
7
7
  let didSendFailureLogOnce = false;
8
+ var PlatformProfile;
9
+ (function (PlatformProfile) {
10
+ PlatformProfile["API"] = "api";
11
+ PlatformProfile["APP"] = "default";
12
+ PlatformProfile["SLOW"] = "slow";
13
+ PlatformProfile["INTERNAL"] = "internal";
14
+ PlatformProfile["SIDEKIQ"] = "sidekiq";
15
+ })(PlatformProfile || (PlatformProfile = {}));
16
+ function getProfile() {
17
+ const tridentContext = Api.getPart('context');
18
+ if (!tridentContext) {
19
+ return PlatformProfile.INTERNAL;
20
+ }
21
+ const { mondayRequestSource } = getExecutionContext(tridentContext);
22
+ switch (mondayRequestSource) {
23
+ case PlatformProfile.API: {
24
+ return PlatformProfile.API;
25
+ }
26
+ case PlatformProfile.SIDEKIQ:
27
+ case PlatformProfile.SLOW: {
28
+ return PlatformProfile.SLOW;
29
+ }
30
+ case PlatformProfile.APP:
31
+ default:
32
+ return PlatformProfile.INTERNAL;
33
+ }
34
+ }
35
+ function getExecutionContext(context) {
36
+ return context.execution.get();
37
+ }
8
38
  function getAttributionsFromApi() {
9
39
  const callerAppNameFromSdk = {
10
40
  [APP_NAME_HEADER_NAME]: tryJsonParse(getEnvVariable(APP_NAME_VARIABLE_KEY)),
@@ -50,4 +80,4 @@ function tryJsonParse(value) {
50
80
  }
51
81
  }
52
82
 
53
- export { getAttributionsFromApi };
83
+ export { PlatformProfile, getAttributionsFromApi, getExecutionContext, getProfile };
package/dist/esm/authorization-attributes-service.d.ts CHANGED
@@ -42,3 +42,4 @@ export declare class AuthorizationAttributesService {
42
42
  */
43
43
  static asyncResourceAttributesHealthCheck(): Promise<boolean>;
44
44
  }
45
+ //# sourceMappingURL=authorization-attributes-service.d.ts.map
package/dist/esm/authorization-attributes-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../../src/authorization-attributes-service.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAU3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IAwBrC;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IAyBrC;;;;;;;UAOM;WACO,6BAA6B,CACxC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;mBAYpB,oBAAoB;IA4BzC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B,OAAO,CAAC,MAAM,CAAC,wBAAwB;IAIvC;;;;;;;OAOG;WACU,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAiBpE"}
package/dist/esm/authorization-internal-service.d.ts CHANGED
@@ -1,13 +1,18 @@
1
1
  import { fetch, MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
2
+ import { OnRetryCallback, RetryPolicy } from '@mondaydotcomorg/monday-fetch-api';
2
3
  import type { Request } from 'express';
3
4
  export declare const logger: import("bunyan");
5
+ export declare const onRetryCallback: OnRetryCallback;
4
6
  export declare class AuthorizationInternalService {
5
7
  static skipAuthorization(requset: Request): void;
6
8
  static markAuthorized(request: Request): void;
7
9
  static failIfNotCoveredByAuthorization(request: Request): void;
8
10
  static throwOnHttpErrorIfNeeded(response: Awaited<ReturnType<typeof fetch>>, placement: string): void;
11
+ static throwOnHttpError(status: number, placement: string): void;
9
12
  static generateInternalAuthToken(accountId: number, userId: number): string;
10
13
  static setRequestFetchOptions(customMondayFetchOptions: MondayFetchOptions): void;
11
14
  static getRequestFetchOptions(): MondayFetchOptions;
12
15
  static getRequestTimeout(): 60000 | 2000;
16
+ static getRetriesPolicy(): RetryPolicy;
13
17
  }
18
+ //# sourceMappingURL=authorization-internal-service.d.ts.map
package/dist/esm/authorization-internal-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-internal-service.d.ts","sourceRoot":"","sources":["../../src/authorization-internal-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAE1E,OAAO,EAAyB,eAAe,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AACxG,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAKvC,eAAO,MAAM,MAAM,kBAA2B,CAAC;AAO/C,eAAO,MAAM,eAAe,EAAE,eAM7B,CAAC;AAYF,qBAAa,4BAA4B;IACvC,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAIhD,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAI7C,MAAM,CAAC,+BAA+B,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAM9D,MAAM,CAAC,wBAAwB,CAAC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,KAAK,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,GAAG,IAAI;IAcrG,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;IAQzD,MAAM,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAIlE,MAAM,CAAC,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB;IAO1E,MAAM,CAAC,sBAAsB,IAAI,kBAAkB;IAInD,MAAM,CAAC,iBAAiB;IAKxB,MAAM,CAAC,gBAAgB,IAAI,WAAW;CASvC"}
package/dist/esm/authorization-internal-service.mjs CHANGED
@@ -2,11 +2,21 @@ import { signAuthorizationHeader } from '@mondaydotcomorg/monday-jwt';
2
2
  import * as MondayLogger from '@mondaydotcomorg/monday-logger';
3
3
 
4
4
  const INTERNAL_APP_NAME = 'internal_ms';
5
+ const MAX_RETRIES = 3;
6
+ const RETRY_DELAY_MS = 10;
7
+ const logger = MondayLogger.getLogger();
5
8
  const defaultMondayFetchOptions = {
6
- retries: 3,
9
+ retries: MAX_RETRIES,
7
10
  callback: logOnFetchFail,
8
11
  };
9
- const logger = MondayLogger.getLogger();
12
+ const onRetryCallback = (attempt, error) => {
13
+ if (attempt == MAX_RETRIES) {
14
+ logger.error({ attempt, error }, 'Authorization attempt failed');
15
+ }
16
+ else {
17
+ logger.info({ attempt, error }, 'Authorization attempt failed, trying again');
18
+ }
19
+ };
10
20
  function logOnFetchFail(retriesLeft, error) {
11
21
  if (retriesLeft == 0) {
12
22
  logger.error({ retriesLeft, error }, 'Authorization attempt failed due to network issues');
@@ -36,6 +46,10 @@ class AuthorizationInternalService {
36
46
  logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
37
47
  throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
38
48
  }
49
+ static throwOnHttpError(status, placement) {
50
+ logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
51
+ throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
52
+ }
39
53
  static generateInternalAuthToken(accountId, userId) {
40
54
  return signAuthorizationHeader({ appName: INTERNAL_APP_NAME, accountId, userId });
41
55
  }
@@ -52,6 +66,15 @@ class AuthorizationInternalService {
52
66
  const isDevEnv = process.env.NODE_ENV === 'development';
53
67
  return isDevEnv ? 60000 : 2000;
54
68
  }
69
+ static getRetriesPolicy() {
70
+ const fetchOptions = AuthorizationInternalService.getRequestFetchOptions();
71
+ return {
72
+ useRetries: fetchOptions.retries !== undefined,
73
+ maxRetries: fetchOptions.retries !== undefined ? fetchOptions.retries : 0,
74
+ onRetry: onRetryCallback,
75
+ retryDelayMS: fetchOptions.retryDelay ?? RETRY_DELAY_MS,
76
+ };
77
+ }
55
78
  }
56
79
 
57
- export { AuthorizationInternalService, logger };
80
+ export { AuthorizationInternalService, logger, onRetryCallback };
package/dist/esm/authorization-middleware.d.ts CHANGED
@@ -4,3 +4,4 @@ export declare function getAuthorizationMiddleware(action: Action, resourceGette
4
4
  export declare function skipAuthorizationMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
5
5
  export declare function authorizationCheckMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
6
6
  export declare function defaultContextGetter(request: BaseRequest): Context;
7
+ //# sourceMappingURL=authorization-middleware.d.ts.map
package/dist/esm/authorization-middleware.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-middleware.d.ts","sourceRoot":"","sources":["../../src/authorization-middleware.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,KAAK,EAAE,YAAY,EAAW,MAAM,SAAS,CAAC;AAIrD,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,cAAc,EAC9B,aAAa,CAAC,EAAE,aAAa,IAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAYjB;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CAGlH;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CASnH;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAElE"}
package/dist/esm/authorization-service.d.ts CHANGED
@@ -31,3 +31,4 @@ export declare class AuthorizationService {
31
31
  private static isAuthorizedMultiple;
32
32
  }
33
33
  export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
34
+ //# sourceMappingURL=authorization-service.d.ts.map
package/dist/esm/authorization-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAM1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAOD,qBAAa,oBAAoB;IAC/B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAEvD;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA6DnB,oBAAoB;mBAUpB,oBAAoB;CA6E1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F"}
package/dist/esm/authorization-service.mjs CHANGED
@@ -2,10 +2,11 @@ import { performance } from 'perf_hooks';
2
2
  import snakeCase from 'lodash/snakeCase.js';
3
3
  import camelCase from 'lodash/camelCase.js';
4
4
  import mapKeys from 'lodash/mapKeys.js';
5
- import { fetch } from '@mondaydotcomorg/monday-fetch';
6
- import { sendAuthorizationChecksPerRequestMetric, sendAuthorizationCheckResponseTimeMetric } from './prometheus-service.mjs';
5
+ import { Api } from '@mondaydotcomorg/trident-backend-api';
6
+ import { HttpFetcherError } from '@mondaydotcomorg/monday-fetch-api';
7
+ import { sendAuthorizationCheckResponseTimeMetric } from './prometheus-service.mjs';
7
8
  import { AuthorizationInternalService, logger } from './authorization-internal-service.mjs';
8
- import { getAttributionsFromApi } from './attributions-service.mjs';
9
+ import { getAttributionsFromApi, getProfile } from './attributions-service.mjs';
9
10
 
10
11
  const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
11
12
  function setRequestFetchOptions(customMondayFetchOptions) {
@@ -67,30 +68,49 @@ class AuthorizationService {
67
68
  return { ...scopedAction, scope: mapKeys(scopedAction.scope, (_, key) => snakeCase(key)) }; // for example: { workspaceId: 1 } => { workspace_id: 1 }
68
69
  });
69
70
  const attributionHeaders = getAttributionsFromApi();
70
- const response = await fetch(getCanActionsInScopesUrl(), {
71
- method: 'POST',
72
- headers: {
73
- Authorization: internalAuthToken,
74
- 'Content-Type': 'application/json',
75
- ...attributionHeaders,
76
- },
77
- timeout: AuthorizationInternalService.getRequestTimeout(),
78
- body: JSON.stringify({
79
- user_id: userId,
80
- scoped_actions: scopedActionsPayload,
81
- }),
82
- }, AuthorizationInternalService.getRequestFetchOptions());
83
- AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
84
- const responseBody = await response.json();
85
- const camelCaseKeys = obj => Object.fromEntries(Object.entries(obj).map(([key, value]) => [camelCase(key), value]));
86
- const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
71
+ const httpClient = Api.getPart('httpClient');
72
+ const profile = getProfile();
73
+ let response = [];
74
+ try {
75
+ response = await httpClient.fetch({
76
+ url: {
77
+ appName: 'platform',
78
+ path: getCanActionsInScopesUrl(),
79
+ profile,
80
+ },
81
+ method: 'POST',
82
+ headers: {
83
+ Authorization: internalAuthToken,
84
+ 'Content-Type': 'application/json',
85
+ ...attributionHeaders,
86
+ },
87
+ body: JSON.stringify({
88
+ user_id: userId,
89
+ scoped_actions: scopedActionsPayload,
90
+ }),
91
+ }, {
92
+ timeout: AuthorizationInternalService.getRequestTimeout(),
93
+ retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
94
+ });
95
+ }
96
+ catch (err) {
97
+ if (err instanceof HttpFetcherError) {
98
+ AuthorizationInternalService.throwOnHttpError(err.status, 'canActionInScopeMultiple');
99
+ }
100
+ else {
101
+ throw err;
102
+ }
103
+ }
104
+ function toCamelCase(obj) {
105
+ return mapKeys(obj, (_, key) => camelCase(key));
106
+ }
107
+ const scopedActionsResponseObjects = response.map(responseObject => {
87
108
  const { scopedAction, permit } = responseObject;
88
109
  const { scope } = scopedAction;
89
- const transformKeys = obj => camelCaseKeys(obj);
90
110
  return {
91
111
  ...responseObject,
92
- scopedAction: { ...scopedAction, scope: transformKeys(scope) },
93
- permit: transformKeys(permit),
112
+ scopedAction: { ...scopedAction, scope: toCamelCase(scope) },
113
+ permit: toCamelCase(permit),
94
114
  };
95
115
  });
96
116
  return scopedActionsResponseObjects;
@@ -103,32 +123,48 @@ class AuthorizationService {
103
123
  const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
104
124
  const startTime = performance.now();
105
125
  const attributionHeaders = getAttributionsFromApi();
106
- const response = await fetch(getAuthorizeUrl(), {
107
- method: 'POST',
108
- headers: {
109
- Authorization: internalAuthToken,
110
- 'Content-Type': 'application/json',
111
- ...attributionHeaders,
112
- },
113
- timeout: AuthorizationInternalService.getRequestTimeout(),
114
- body: JSON.stringify({
115
- user_id: userId,
116
- authorize_request_objects: authorizationRequestObjects,
117
- }),
118
- }, AuthorizationInternalService.getRequestFetchOptions());
126
+ const httpClient = Api.getPart('httpClient');
127
+ const profile = getProfile();
128
+ let response = [];
129
+ try {
130
+ response = await httpClient.fetch({
131
+ url: {
132
+ appName: 'platform',
133
+ path: getAuthorizeUrl(),
134
+ profile,
135
+ },
136
+ method: 'POST',
137
+ headers: {
138
+ Authorization: internalAuthToken,
139
+ 'Content-Type': 'application/json',
140
+ ...attributionHeaders,
141
+ },
142
+ body: JSON.stringify({
143
+ user_id: userId,
144
+ authorize_request_objects: authorizationRequestObjects,
145
+ }),
146
+ }, {
147
+ timeout: AuthorizationInternalService.getRequestTimeout(),
148
+ retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
149
+ });
150
+ }
151
+ catch (err) {
152
+ if (err instanceof httpClient.HttpFetcherError) {
153
+ AuthorizationInternalService.throwOnHttpError(err.status, 'isAuthorizedMultiple');
154
+ }
155
+ else {
156
+ throw err;
157
+ }
158
+ }
119
159
  const endTime = performance.now();
120
160
  const time = endTime - startTime;
121
- const responseStatus = response.status;
122
- sendAuthorizationChecksPerRequestMetric(responseStatus, authorizationRequestObjects.length);
123
- AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'isAuthorizedMultiple');
124
- const responseBody = await response.json();
125
161
  const unauthorizedObjects = [];
126
- responseBody.result.forEach(function (isAuthorized, index) {
162
+ response.forEach(function (isAuthorized, index) {
127
163
  const authorizationObject = authorizationRequestObjects[index];
128
164
  if (!isAuthorized) {
129
165
  unauthorizedObjects.push(authorizationObject);
130
166
  }
131
- sendAuthorizationCheckResponseTimeMetric(authorizationObject.resource_type, authorizationObject.action, isAuthorized, responseStatus, time);
167
+ sendAuthorizationCheckResponseTimeMetric(authorizationObject.resource_type, authorizationObject.action, isAuthorized, 200, time);
132
168
  });
133
169
  if (unauthorizedObjects.length > 0) {
134
170
  logger.info({
@@ -169,10 +205,10 @@ function createAuthorizationParams(resources, action) {
169
205
  return params;
170
206
  }
171
207
  function getAuthorizeUrl() {
172
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
208
+ return '/internal_ms/authorization/authorize';
173
209
  }
174
210
  function getCanActionsInScopesUrl() {
175
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/can_actions_in_scopes`;
211
+ return '/internal_ms/authorization/can_actions_in_scopes';
176
212
  }
177
213
 
178
214
  export { AuthorizationService, setRedisClient, setRequestFetchOptions };
package/dist/esm/constants/sns.d.ts CHANGED
@@ -1,3 +1,4 @@
1
1
  export declare const RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME = "AUTHORIZATION_RESOURCE_ATTRIBUTES_SNS_TOPIC";
2
2
  export declare const RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = "resourceAttributeModification";
3
3
  export declare const ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
4
+ //# sourceMappingURL=sns.d.ts.map
package/dist/esm/constants/sns.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"sns.d.ts","sourceRoot":"","sources":["../../../src/constants/sns.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uCAAuC,gDAAgD,CAAC;AACrG,eAAO,MAAM,qDAAqD,kCAAkC,CAAC;AACrG,eAAO,MAAM,oDAAoD,MAAM,CAAC"}
package/dist/esm/index.d.ts CHANGED
@@ -13,3 +13,4 @@ export { AuthorizationAttributesService } from './authorization-attributes-servi
13
13
  export { AuthorizationObject, Resource, BaseRequest, ResourceGetter, ContextGetter } from './types/general';
14
14
  export { Translation, ScopedAction, ScopedActionResponseObject, ScopedActionPermit, } from './types/scoped-actions-contracts';
15
15
  export { TestKit };
16
+ //# sourceMappingURL=index.d.ts.map
package/dist/esm/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;CACjD;AAED,wBAAgB,IAAI,CAAC,OAAO,GAAE,WAAgB,QAW7C;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,CAAC"}
package/dist/esm/prometheus-service.d.ts CHANGED
@@ -6,5 +6,5 @@ export declare const METRICS: {
6
6
  };
7
7
  export declare function setPrometheus(customPrometheus: any): void;
8
8
  export declare function getMetricsManager(): any;
9
- export declare function sendAuthorizationChecksPerRequestMetric(responseStatus: any, amountOfAuthorizationObjects: any): void;
10
9
  export declare function sendAuthorizationCheckResponseTimeMetric(resourceType: string, action: Action, isAuthorized: boolean, responseStatus: number, time: number): void;
10
+ //# sourceMappingURL=prometheus-service.d.ts.map
package/dist/esm/prometheus-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAKzC,eAAO,MAAM,OAAO;;;;CAInB,CAAC;AAQF,wBAAgB,aAAa,CAAC,gBAAgB,KAAA,QAU7C;AAED,wBAAgB,iBAAiB,QAEhC;AAED,wBAAgB,wCAAwC,CACtD,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,OAAO,EACrB,cAAc,EAAE,MAAM,EACtB,IAAI,EAAE,MAAM,QASb"}
package/dist/esm/prometheus-service.mjs CHANGED
@@ -1,16 +1,10 @@
1
1
  let prometheus = null;
2
- let authorizationChecksPerRequestMetric = null;
3
2
  let authorizationCheckResponseTimeMetric = null;
4
3
  const METRICS = {
5
4
  AUTHORIZATION_CHECK: 'authorization_check',
6
5
  AUTHORIZATION_CHECKS_PER_REQUEST: 'authorization_checks_per_request',
7
6
  AUTHORIZATION_CHECK_RESPONSE_TIME: 'authorization_check_response_time',
8
7
  };
9
- const authorizationChecksPerRequestMetricConfig = {
10
- name: METRICS.AUTHORIZATION_CHECKS_PER_REQUEST,
11
- labels: ['responseStatus'],
12
- description: 'Authorization checks per request summary',
13
- };
14
8
  const authorizationCheckResponseTimeMetricConfig = {
15
9
  name: METRICS.AUTHORIZATION_CHECK_RESPONSE_TIME,
16
10
  labels: ['resourceType', 'action', 'isAuthorized', 'responseStatus'],
@@ -19,22 +13,11 @@ const authorizationCheckResponseTimeMetricConfig = {
19
13
  function setPrometheus(customPrometheus) {
20
14
  prometheus = customPrometheus;
21
15
  const { METRICS_TYPES } = prometheus;
22
- authorizationChecksPerRequestMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationChecksPerRequestMetricConfig.name, authorizationChecksPerRequestMetricConfig.labels, authorizationChecksPerRequestMetricConfig.description);
23
16
  authorizationCheckResponseTimeMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationCheckResponseTimeMetricConfig.name, authorizationCheckResponseTimeMetricConfig.labels, authorizationCheckResponseTimeMetricConfig.description);
24
17
  }
25
18
  function getMetricsManager() {
26
19
  return prometheus?.metricsManager;
27
20
  }
28
- function sendAuthorizationChecksPerRequestMetric(responseStatus, amountOfAuthorizationObjects) {
29
- try {
30
- if (authorizationChecksPerRequestMetric) {
31
- authorizationChecksPerRequestMetric.labels(responseStatus).observe(amountOfAuthorizationObjects);
32
- }
33
- }
34
- catch (e) {
35
- // ignore
36
- }
37
- }
38
21
  function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthorized, responseStatus, time) {
39
22
  try {
40
23
  if (authorizationCheckResponseTimeMetric) {
@@ -46,4 +29,4 @@ function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthor
46
29
  }
47
30
  }
48
31
 
49
- export { METRICS, getMetricsManager, sendAuthorizationCheckResponseTimeMetric, sendAuthorizationChecksPerRequestMetric, setPrometheus };
32
+ export { METRICS, getMetricsManager, sendAuthorizationCheckResponseTimeMetric, setPrometheus };
package/dist/esm/testKit/index.d.ts CHANGED
@@ -9,3 +9,4 @@ export type TestPermittedAction = {
9
9
  export declare const addTestPermittedAction: (accountId: number, userId: number, resources: Resource[], action: Action) => void;
10
10
  export declare const clearTestPermittedActions: () => void;
11
11
  export declare const getTestAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
12
+ //# sourceMappingURL=index.d.ts.map
package/dist/esm/testKit/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAG9G,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF,eAAO,MAAM,sBAAsB,GAAI,WAAW,MAAM,EAAE,QAAQ,MAAM,EAAE,WAAW,QAAQ,EAAE,EAAE,QAAQ,MAAM,SAE9G,CAAC;AAEF,eAAO,MAAM,yBAAyB,YAErC,CAAC;AAyBF,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,gBAAgB,cAAc,EAC9B,gBAAgB,aAAa,MAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAYhB,CAAC"}
package/dist/esm/types/authorization-attributes-contracts.d.ts CHANGED
@@ -25,3 +25,4 @@ interface DeleteResourceAttributeOperation extends ResourceAttributeDelete {
25
25
  }
26
26
  export type ResourceAttributesOperation = UpsertResourceAttributeOperation | DeleteResourceAttributeOperation;
27
27
  export {};
28
+ //# sourceMappingURL=authorization-attributes-contracts.d.ts.map
package/dist/esm/types/authorization-attributes-contracts.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-attributes-contracts.d.ts","sourceRoot":"","sources":["../../../src/types/authorization-attributes-contracts.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,2BAA2B;IAC1C,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC/B,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,yBAAyB;IACxC,UAAU,EAAE,2BAA2B,EAAE,CAAC;CAC3C;AAED,MAAM,WAAW,uBAAuB;IACtC,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC/B,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3B,GAAG,EAAE,MAAM,CAAC;CACb;AAED,oBAAY,8BAA8B;IACxC,MAAM,WAAW;IACjB,MAAM,WAAW;CAClB;AAED,UAAU,gCAAiC,SAAQ,2BAA2B;IAC5E,aAAa,EAAE,8BAA8B,CAAC,MAAM,CAAC;CACtD;AAED,UAAU,gCAAiC,SAAQ,uBAAuB;IACxE,aAAa,EAAE,8BAA8B,CAAC,MAAM,CAAC;CACtD;AAED,MAAM,MAAM,2BAA2B,GAAG,gCAAgC,GAAG,gCAAgC,CAAC"}
package/dist/esm/types/express.d.ts CHANGED
@@ -8,3 +8,4 @@ declare namespace Express {
8
8
  authorizationSkipPerformed: boolean;
9
9
  }
10
10
  }
11
+ //# sourceMappingURL=express.d.ts.map
package/dist/esm/types/express.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"express.d.ts","sourceRoot":"","sources":["../../../src/types/express.ts"],"names":[],"mappings":"AACA,OAAO,WAAW,OAAO,CAAC;IACxB,UAAiB,OAAO;QACtB,OAAO,EAAE;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/C,2BAA2B,EAAE,OAAO,CAAC;QACrC,0BAA0B,EAAE,OAAO,CAAC;KACrC;CACF"}
package/dist/esm/types/general.d.ts CHANGED
@@ -30,3 +30,4 @@ export type BaseResponse = Response<BaseResponseBody>;
30
30
  export type ResourceGetter = (request: BaseRequest) => Resource[];
31
31
  export type ContextGetter = (request: BaseRequest) => Context;
32
32
  export {};
33
+ //# sourceMappingURL=general.d.ts.map
package/dist/esm/types/general.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEjD,MAAM,WAAW,QAAQ;IACvB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAChC,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAAC;AAE7C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAC9C,MAAM,MAAM,WAAW,GAAG,OAAO,CAAC,cAAc,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,mBAAmB,CAAC,CAAC;AAC7G,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AACtD,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,QAAQ,EAAE,CAAC;AAClE,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC"}
package/dist/esm/types/scoped-actions-contracts.d.ts CHANGED
@@ -36,3 +36,4 @@ export interface ScopedActionResponseObject {
36
36
  scopedAction: ScopedAction;
37
37
  permit: ScopedActionPermit;
38
38
  }
39
+ //# sourceMappingURL=scoped-actions-contracts.d.ts.map
package/dist/esm/types/scoped-actions-contracts.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"scoped-actions-contracts.d.ts","sourceRoot":"","sources":["../../../src/types/scoped-actions-contracts.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,YAAY,GAAG,cAAc,GAAG,UAAU,GAAG,UAAU,GAAG,mBAAmB,GAAG,YAAY,CAAC;AAEzG,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;CAC1B;AAED,oBAAY,qBAAqB;IAC/B,SAAS,IAAI;IACb,YAAY,IAAI;IAChB,gBAAgB,IAAI;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,OAAO,CAAC;IACb,MAAM,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,qBAAqB,CAAC;CACxC;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,YAAY,CAAC;CACrB;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,EAAE,YAAY,CAAC;IAC3B,MAAM,EAAE,kBAAkB,CAAC;CAC5B"}
package/dist/index.d.ts CHANGED
@@ -13,3 +13,4 @@ export { AuthorizationAttributesService } from './authorization-attributes-servi
13
13
  export { AuthorizationObject, Resource, BaseRequest, ResourceGetter, ContextGetter } from './types/general';
14
14
  export { Translation, ScopedAction, ScopedActionResponseObject, ScopedActionPermit, } from './types/scoped-actions-contracts';
15
15
  export { TestKit };
16
+ //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;CACjD;AAED,wBAAgB,IAAI,CAAC,OAAO,GAAE,WAAgB,QAW7C;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,CAAC"}
package/dist/prometheus-service.d.ts CHANGED
@@ -6,5 +6,5 @@ export declare const METRICS: {
6
6
  };
7
7
  export declare function setPrometheus(customPrometheus: any): void;
8
8
  export declare function getMetricsManager(): any;
9
- export declare function sendAuthorizationChecksPerRequestMetric(responseStatus: any, amountOfAuthorizationObjects: any): void;
10
9
  export declare function sendAuthorizationCheckResponseTimeMetric(resourceType: string, action: Action, isAuthorized: boolean, responseStatus: number, time: number): void;
10
+ //# sourceMappingURL=prometheus-service.d.ts.map
package/dist/prometheus-service.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAKzC,eAAO,MAAM,OAAO;;;;CAInB,CAAC;AAQF,wBAAgB,aAAa,CAAC,gBAAgB,KAAA,QAU7C;AAED,wBAAgB,iBAAiB,QAEhC;AAED,wBAAgB,wCAAwC,CACtD,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,OAAO,EACrB,cAAc,EAAE,MAAM,EACtB,IAAI,EAAE,MAAM,QASb"}
package/dist/prometheus-service.js CHANGED
@@ -1,18 +1,12 @@
1
1
  Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
2
2
 
3
3
  let prometheus = null;
4
- let authorizationChecksPerRequestMetric = null;
5
4
  let authorizationCheckResponseTimeMetric = null;
6
5
  const METRICS = {
7
6
  AUTHORIZATION_CHECK: 'authorization_check',
8
7
  AUTHORIZATION_CHECKS_PER_REQUEST: 'authorization_checks_per_request',
9
8
  AUTHORIZATION_CHECK_RESPONSE_TIME: 'authorization_check_response_time',
10
9
  };
11
- const authorizationChecksPerRequestMetricConfig = {
12
- name: METRICS.AUTHORIZATION_CHECKS_PER_REQUEST,
13
- labels: ['responseStatus'],
14
- description: 'Authorization checks per request summary',
15
- };
16
10
  const authorizationCheckResponseTimeMetricConfig = {
17
11
  name: METRICS.AUTHORIZATION_CHECK_RESPONSE_TIME,
18
12
  labels: ['resourceType', 'action', 'isAuthorized', 'responseStatus'],
@@ -21,22 +15,11 @@ const authorizationCheckResponseTimeMetricConfig = {
21
15
  function setPrometheus(customPrometheus) {
22
16
  prometheus = customPrometheus;
23
17
  const { METRICS_TYPES } = prometheus;
24
- authorizationChecksPerRequestMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationChecksPerRequestMetricConfig.name, authorizationChecksPerRequestMetricConfig.labels, authorizationChecksPerRequestMetricConfig.description);
25
18
  authorizationCheckResponseTimeMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationCheckResponseTimeMetricConfig.name, authorizationCheckResponseTimeMetricConfig.labels, authorizationCheckResponseTimeMetricConfig.description);
26
19
  }
27
20
  function getMetricsManager() {
28
21
  return prometheus?.metricsManager;
29
22
  }
30
- function sendAuthorizationChecksPerRequestMetric(responseStatus, amountOfAuthorizationObjects) {
31
- try {
32
- if (authorizationChecksPerRequestMetric) {
33
- authorizationChecksPerRequestMetric.labels(responseStatus).observe(amountOfAuthorizationObjects);
34
- }
35
- }
36
- catch (e) {
37
- // ignore
38
- }
39
- }
40
23
  function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthorized, responseStatus, time) {
41
24
  try {
42
25
  if (authorizationCheckResponseTimeMetric) {
@@ -51,5 +34,4 @@ function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthor
51
34
  exports.METRICS = METRICS;
52
35
  exports.getMetricsManager = getMetricsManager;
53
36
  exports.sendAuthorizationCheckResponseTimeMetric = sendAuthorizationCheckResponseTimeMetric;
54
- exports.sendAuthorizationChecksPerRequestMetric = sendAuthorizationChecksPerRequestMetric;
55
37
  exports.setPrometheus = setPrometheus;
package/dist/testKit/index.d.ts CHANGED
@@ -9,3 +9,4 @@ export type TestPermittedAction = {
9
9
  export declare const addTestPermittedAction: (accountId: number, userId: number, resources: Resource[], action: Action) => void;
10
10
  export declare const clearTestPermittedActions: () => void;
11
11
  export declare const getTestAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
12
+ //# sourceMappingURL=index.d.ts.map
package/dist/testKit/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAG9G,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF,eAAO,MAAM,sBAAsB,GAAI,WAAW,MAAM,EAAE,QAAQ,MAAM,EAAE,WAAW,QAAQ,EAAE,EAAE,QAAQ,MAAM,SAE9G,CAAC;AAEF,eAAO,MAAM,yBAAyB,YAErC,CAAC;AAyBF,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,gBAAgB,cAAc,EAC9B,gBAAgB,aAAa,MAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAYhB,CAAC"}
package/dist/types/authorization-attributes-contracts.d.ts CHANGED
@@ -25,3 +25,4 @@ interface DeleteResourceAttributeOperation extends ResourceAttributeDelete {
25
25
  }
26
26
  export type ResourceAttributesOperation = UpsertResourceAttributeOperation | DeleteResourceAttributeOperation;
27
27
  export {};
28
+ //# sourceMappingURL=authorization-attributes-contracts.d.ts.map
package/dist/types/authorization-attributes-contracts.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"authorization-attributes-contracts.d.ts","sourceRoot":"","sources":["../../src/types/authorization-attributes-contracts.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,2BAA2B;IAC1C,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC/B,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,yBAAyB;IACxC,UAAU,EAAE,2BAA2B,EAAE,CAAC;CAC3C;AAED,MAAM,WAAW,uBAAuB;IACtC,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC/B,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC3B,GAAG,EAAE,MAAM,CAAC;CACb;AAED,oBAAY,8BAA8B;IACxC,MAAM,WAAW;IACjB,MAAM,WAAW;CAClB;AAED,UAAU,gCAAiC,SAAQ,2BAA2B;IAC5E,aAAa,EAAE,8BAA8B,CAAC,MAAM,CAAC;CACtD;AAED,UAAU,gCAAiC,SAAQ,uBAAuB;IACxE,aAAa,EAAE,8BAA8B,CAAC,MAAM,CAAC;CACtD;AAED,MAAM,MAAM,2BAA2B,GAAG,gCAAgC,GAAG,gCAAgC,CAAC"}
package/dist/types/express.d.ts CHANGED
@@ -8,3 +8,4 @@ declare namespace Express {
8
8
  authorizationSkipPerformed: boolean;
9
9
  }
10
10
  }
11
+ //# sourceMappingURL=express.d.ts.map
package/dist/types/express.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"express.d.ts","sourceRoot":"","sources":["../../src/types/express.ts"],"names":[],"mappings":"AACA,OAAO,WAAW,OAAO,CAAC;IACxB,UAAiB,OAAO;QACtB,OAAO,EAAE;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/C,2BAA2B,EAAE,OAAO,CAAC;QACrC,0BAA0B,EAAE,OAAO,CAAC;KACrC;CACF"}
package/dist/types/general.d.ts CHANGED
@@ -30,3 +30,4 @@ export type BaseResponse = Response<BaseResponseBody>;
30
30
  export type ResourceGetter = (request: BaseRequest) => Resource[];
31
31
  export type ContextGetter = (request: BaseRequest) => Context;
32
32
  export {};
33
+ //# sourceMappingURL=general.d.ts.map
package/dist/types/general.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEjD,MAAM,WAAW,QAAQ;IACvB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAChC,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAAC;AAE7C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAC9C,MAAM,MAAM,WAAW,GAAG,OAAO,CAAC,cAAc,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,mBAAmB,CAAC,CAAC;AAC7G,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AACtD,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,QAAQ,EAAE,CAAC;AAClE,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC"}
package/dist/types/scoped-actions-contracts.d.ts CHANGED
@@ -36,3 +36,4 @@ export interface ScopedActionResponseObject {
36
36
  scopedAction: ScopedAction;
37
37
  permit: ScopedActionPermit;
38
38
  }
39
+ //# sourceMappingURL=scoped-actions-contracts.d.ts.map
package/dist/types/scoped-actions-contracts.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"scoped-actions-contracts.d.ts","sourceRoot":"","sources":["../../src/types/scoped-actions-contracts.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,YAAY,GAAG,cAAc,GAAG,UAAU,GAAG,UAAU,GAAG,mBAAmB,GAAG,YAAY,CAAC;AAEzG,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;CAC1B;AAED,oBAAY,qBAAqB;IAC/B,SAAS,IAAI;IACb,YAAY,IAAI;IAChB,gBAAgB,IAAI;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,OAAO,CAAC;IACb,MAAM,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,qBAAqB,CAAC;CACxC;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,YAAY,CAAC;CACrB;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,EAAE,YAAY,CAAC;IAC3B,MAAM,EAAE,kBAAkB,CAAC;CAC5B"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mondaydotcomorg/monday-authorization",
3
- "version": "1.2.18",
3
+ "version": "1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.d8b27e3",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "license": "BSD-3-Clause",
@@ -20,6 +20,7 @@
20
20
  },
21
21
  "dependencies": {
22
22
  "@mondaydotcomorg/monday-fetch": "^0.0.7",
23
+ "@mondaydotcomorg/monday-fetch-api": "^1.0.2",
23
24
  "@mondaydotcomorg/monday-jwt": "^3.0.14",
24
25
  "@mondaydotcomorg/monday-logger": "^4.0.11",
25
26
  "@mondaydotcomorg/monday-sns": "^1.0.6",
@@ -30,14 +31,14 @@
30
31
  "ts-node": "^10.0.0"
31
32
  },
32
33
  "devDependencies": {
33
- "@mondaydotcomorg/trident-library": "^0.6.53",
34
+ "@mondaydotcomorg/trident-library": "^1.1.44",
34
35
  "@types/express": "^4.17.20",
35
36
  "@types/lodash": "^4.17.10",
36
37
  "@types/on-headers": "^1.0.0",
37
38
  "@types/supertest": "^2.0.11",
38
39
  "express": "^4.17.1",
39
40
  "ioredis": "^5.2.4",
40
- "ioredis-mock": "^8.2.2",
41
+ "ioredis-mock": "^8.9.0",
41
42
  "sinon": "9.0.3",
42
43
  "supertest": "^6.1.3",
43
44
  "typescript": "^5.2.2"