@mondaydotcomorg/monday-authorization 1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.d8b27e3 → 1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.b83da61
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/attributions-service.d.ts +5 -6
- package/dist/attributions-service.d.ts.map +1 -1
- package/dist/attributions-service.js +9 -13
- package/dist/authorization-internal-service.js +2 -2
- package/dist/authorization-service.d.ts.map +1 -1
- package/dist/authorization-service.js +16 -12
- package/dist/esm/attributions-service.d.ts +5 -6
- package/dist/esm/attributions-service.d.ts.map +1 -1
- package/dist/esm/attributions-service.mjs +5 -9
- package/dist/esm/authorization-internal-service.mjs +2 -2
- package/dist/esm/authorization-service.d.ts.map +1 -1
- package/dist/esm/authorization-service.mjs +16 -12
- package/package.json +1 -1
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
import { Context, ExecutionContext } from '@mondaydotcomorg/trident-backend-api';
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
APP = "default",
|
|
2
|
+
declare enum PlatformProfile {
|
|
3
|
+
API_INTERNAL = "api-internal",
|
|
5
4
|
SLOW = "slow",
|
|
6
|
-
INTERNAL = "internal"
|
|
7
|
-
SIDEKIQ = "sidekiq"
|
|
5
|
+
INTERNAL = "internal"
|
|
8
6
|
}
|
|
9
|
-
export declare function getProfile(): PlatformProfile
|
|
7
|
+
export declare function getProfile(): PlatformProfile;
|
|
10
8
|
export declare function getExecutionContext(context: Context): ExecutionContext;
|
|
11
9
|
export declare function getAttributionsFromApi(): {
|
|
12
10
|
[key: string]: string;
|
|
13
11
|
};
|
|
12
|
+
export {};
|
|
14
13
|
//# sourceMappingURL=attributions-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,
|
|
1
|
+
{"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,aAAK,eAAe;IAClB,YAAY,iBAAiB;IAC7B,IAAI,SAAS;IACb,QAAQ,aAAa;CACtB;AAED,wBAAgB,UAAU,oBAiBzB;AAED,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,gBAAgB,CAEtE;AAED,wBAAgB,sBAAsB,IAAI;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAqClE"}
|
|
@@ -7,31 +7,27 @@ const APP_NAME_VARIABLE_KEY = 'APP_NAME';
|
|
|
7
7
|
const APP_NAME_HEADER_NAME = 'x-caller-app-name-from-sdk';
|
|
8
8
|
const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
|
|
9
9
|
let didSendFailureLogOnce = false;
|
|
10
|
-
|
|
10
|
+
var PlatformProfile;
|
|
11
11
|
(function (PlatformProfile) {
|
|
12
|
-
PlatformProfile["
|
|
13
|
-
PlatformProfile["APP"] = "default";
|
|
12
|
+
PlatformProfile["API_INTERNAL"] = "api-internal";
|
|
14
13
|
PlatformProfile["SLOW"] = "slow";
|
|
15
14
|
PlatformProfile["INTERNAL"] = "internal";
|
|
16
|
-
|
|
17
|
-
})(exports.PlatformProfile || (exports.PlatformProfile = {}));
|
|
15
|
+
})(PlatformProfile || (PlatformProfile = {}));
|
|
18
16
|
function getProfile() {
|
|
19
17
|
const tridentContext = tridentBackendApi.Api.getPart('context');
|
|
20
18
|
if (!tridentContext) {
|
|
21
|
-
return
|
|
19
|
+
return PlatformProfile.INTERNAL;
|
|
22
20
|
}
|
|
23
21
|
const { mondayRequestSource } = getExecutionContext(tridentContext);
|
|
24
22
|
switch (mondayRequestSource) {
|
|
25
|
-
case
|
|
26
|
-
return
|
|
23
|
+
case 'api': {
|
|
24
|
+
return PlatformProfile.API_INTERNAL;
|
|
27
25
|
}
|
|
28
|
-
case
|
|
29
|
-
|
|
30
|
-
return exports.PlatformProfile.SLOW;
|
|
26
|
+
case 'slow': {
|
|
27
|
+
return PlatformProfile.SLOW;
|
|
31
28
|
}
|
|
32
|
-
case exports.PlatformProfile.APP:
|
|
33
29
|
default:
|
|
34
|
-
return
|
|
30
|
+
return PlatformProfile.INTERNAL;
|
|
35
31
|
}
|
|
36
32
|
}
|
|
37
33
|
function getExecutionContext(context) {
|
|
@@ -33,10 +33,10 @@ const defaultMondayFetchOptions = {
|
|
|
33
33
|
};
|
|
34
34
|
const onRetryCallback = (attempt, error) => {
|
|
35
35
|
if (attempt == MAX_RETRIES) {
|
|
36
|
-
logger.error({ attempt, error }, 'Authorization attempt failed');
|
|
36
|
+
logger.error({ tag: 'authorization-service', attempt, error }, 'Authorization attempt failed');
|
|
37
37
|
}
|
|
38
38
|
else {
|
|
39
|
-
logger.info({ attempt, error }, 'Authorization attempt failed, trying again');
|
|
39
|
+
logger.info({ tag: 'authorization-service', attempt, error }, 'Authorization attempt failed, trying again');
|
|
40
40
|
}
|
|
41
41
|
};
|
|
42
42
|
function logOnFetchFail(retriesLeft, error) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAQ1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAeD,qBAAa,oBAAoB;IAC/B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAEvD;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBAkEnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F"}
|
|
@@ -17,6 +17,8 @@ const camelCase__default = /*#__PURE__*/_interopDefault(camelCase);
|
|
|
17
17
|
const mapKeys__default = /*#__PURE__*/_interopDefault(mapKeys);
|
|
18
18
|
|
|
19
19
|
const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
|
|
20
|
+
const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
|
|
21
|
+
const PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH = '/internal_ms/authorization/can_actions_in_scopes';
|
|
20
22
|
function setRequestFetchOptions(customMondayFetchOptions) {
|
|
21
23
|
authorizationInternalService.AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
|
|
22
24
|
}
|
|
@@ -78,12 +80,12 @@ class AuthorizationService {
|
|
|
78
80
|
const attributionHeaders = attributionsService.getAttributionsFromApi();
|
|
79
81
|
const httpClient = tridentBackendApi.Api.getPart('httpClient');
|
|
80
82
|
const profile = attributionsService.getProfile();
|
|
81
|
-
let response
|
|
83
|
+
let response;
|
|
82
84
|
try {
|
|
83
85
|
response = await httpClient.fetch({
|
|
84
86
|
url: {
|
|
85
87
|
appName: 'platform',
|
|
86
|
-
path:
|
|
88
|
+
path: PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH,
|
|
87
89
|
profile,
|
|
88
90
|
},
|
|
89
91
|
method: 'POST',
|
|
@@ -112,7 +114,11 @@ class AuthorizationService {
|
|
|
112
114
|
function toCamelCase(obj) {
|
|
113
115
|
return mapKeys__default.default(obj, (_, key) => camelCase__default.default(key));
|
|
114
116
|
}
|
|
115
|
-
|
|
117
|
+
if (!response) {
|
|
118
|
+
authorizationInternalService.logger.error({ tag: 'authorization-service', response }, 'AuthorizationService: missing response');
|
|
119
|
+
throw new Error('AuthorizationService: missing response');
|
|
120
|
+
}
|
|
121
|
+
const scopedActionsResponseObjects = response.result.map(responseObject => {
|
|
116
122
|
const { scopedAction, permit } = responseObject;
|
|
117
123
|
const { scope } = scopedAction;
|
|
118
124
|
return {
|
|
@@ -133,12 +139,12 @@ class AuthorizationService {
|
|
|
133
139
|
const attributionHeaders = attributionsService.getAttributionsFromApi();
|
|
134
140
|
const httpClient = tridentBackendApi.Api.getPart('httpClient');
|
|
135
141
|
const profile = attributionsService.getProfile();
|
|
136
|
-
let response
|
|
142
|
+
let response;
|
|
137
143
|
try {
|
|
138
144
|
response = await httpClient.fetch({
|
|
139
145
|
url: {
|
|
140
146
|
appName: 'platform',
|
|
141
|
-
path:
|
|
147
|
+
path: PLATFORM_AUTHORIZE_PATH,
|
|
142
148
|
profile,
|
|
143
149
|
},
|
|
144
150
|
method: 'POST',
|
|
@@ -167,7 +173,11 @@ class AuthorizationService {
|
|
|
167
173
|
const endTime = perf_hooks.performance.now();
|
|
168
174
|
const time = endTime - startTime;
|
|
169
175
|
const unauthorizedObjects = [];
|
|
170
|
-
|
|
176
|
+
if (!response) {
|
|
177
|
+
authorizationInternalService.logger.error({ tag: 'authorization-service', response }, 'AuthorizationService: missing response');
|
|
178
|
+
throw new Error('AuthorizationService: missing response');
|
|
179
|
+
}
|
|
180
|
+
response.result.forEach(function (isAuthorized, index) {
|
|
171
181
|
const authorizationObject = authorizationRequestObjects[index];
|
|
172
182
|
if (!isAuthorized) {
|
|
173
183
|
unauthorizedObjects.push(authorizationObject);
|
|
@@ -212,12 +222,6 @@ function createAuthorizationParams(resources, action) {
|
|
|
212
222
|
};
|
|
213
223
|
return params;
|
|
214
224
|
}
|
|
215
|
-
function getAuthorizeUrl() {
|
|
216
|
-
return '/internal_ms/authorization/authorize';
|
|
217
|
-
}
|
|
218
|
-
function getCanActionsInScopesUrl() {
|
|
219
|
-
return '/internal_ms/authorization/can_actions_in_scopes';
|
|
220
|
-
}
|
|
221
225
|
|
|
222
226
|
exports.AuthorizationService = AuthorizationService;
|
|
223
227
|
exports.setRedisClient = setRedisClient;
|
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
import { Context, ExecutionContext } from '@mondaydotcomorg/trident-backend-api';
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
APP = "default",
|
|
2
|
+
declare enum PlatformProfile {
|
|
3
|
+
API_INTERNAL = "api-internal",
|
|
5
4
|
SLOW = "slow",
|
|
6
|
-
INTERNAL = "internal"
|
|
7
|
-
SIDEKIQ = "sidekiq"
|
|
5
|
+
INTERNAL = "internal"
|
|
8
6
|
}
|
|
9
|
-
export declare function getProfile(): PlatformProfile
|
|
7
|
+
export declare function getProfile(): PlatformProfile;
|
|
10
8
|
export declare function getExecutionContext(context: Context): ExecutionContext;
|
|
11
9
|
export declare function getAttributionsFromApi(): {
|
|
12
10
|
[key: string]: string;
|
|
13
11
|
};
|
|
12
|
+
export {};
|
|
14
13
|
//# sourceMappingURL=attributions-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,
|
|
1
|
+
{"version":3,"file":"attributions-service.d.ts","sourceRoot":"","sources":["../../src/attributions-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAStF,aAAK,eAAe;IAClB,YAAY,iBAAiB;IAC7B,IAAI,SAAS;IACb,QAAQ,aAAa;CACtB;AAED,wBAAgB,UAAU,oBAiBzB;AAED,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,gBAAgB,CAEtE;AAED,wBAAgB,sBAAsB,IAAI;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAqClE"}
|
|
@@ -7,11 +7,9 @@ const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
|
|
|
7
7
|
let didSendFailureLogOnce = false;
|
|
8
8
|
var PlatformProfile;
|
|
9
9
|
(function (PlatformProfile) {
|
|
10
|
-
PlatformProfile["
|
|
11
|
-
PlatformProfile["APP"] = "default";
|
|
10
|
+
PlatformProfile["API_INTERNAL"] = "api-internal";
|
|
12
11
|
PlatformProfile["SLOW"] = "slow";
|
|
13
12
|
PlatformProfile["INTERNAL"] = "internal";
|
|
14
|
-
PlatformProfile["SIDEKIQ"] = "sidekiq";
|
|
15
13
|
})(PlatformProfile || (PlatformProfile = {}));
|
|
16
14
|
function getProfile() {
|
|
17
15
|
const tridentContext = Api.getPart('context');
|
|
@@ -20,14 +18,12 @@ function getProfile() {
|
|
|
20
18
|
}
|
|
21
19
|
const { mondayRequestSource } = getExecutionContext(tridentContext);
|
|
22
20
|
switch (mondayRequestSource) {
|
|
23
|
-
case
|
|
24
|
-
return PlatformProfile.
|
|
21
|
+
case 'api': {
|
|
22
|
+
return PlatformProfile.API_INTERNAL;
|
|
25
23
|
}
|
|
26
|
-
case
|
|
27
|
-
case PlatformProfile.SLOW: {
|
|
24
|
+
case 'slow': {
|
|
28
25
|
return PlatformProfile.SLOW;
|
|
29
26
|
}
|
|
30
|
-
case PlatformProfile.APP:
|
|
31
27
|
default:
|
|
32
28
|
return PlatformProfile.INTERNAL;
|
|
33
29
|
}
|
|
@@ -80,4 +76,4 @@ function tryJsonParse(value) {
|
|
|
80
76
|
}
|
|
81
77
|
}
|
|
82
78
|
|
|
83
|
-
export {
|
|
79
|
+
export { getAttributionsFromApi, getExecutionContext, getProfile };
|
|
@@ -11,10 +11,10 @@ const defaultMondayFetchOptions = {
|
|
|
11
11
|
};
|
|
12
12
|
const onRetryCallback = (attempt, error) => {
|
|
13
13
|
if (attempt == MAX_RETRIES) {
|
|
14
|
-
logger.error({ attempt, error }, 'Authorization attempt failed');
|
|
14
|
+
logger.error({ tag: 'authorization-service', attempt, error }, 'Authorization attempt failed');
|
|
15
15
|
}
|
|
16
16
|
else {
|
|
17
|
-
logger.info({ attempt, error }, 'Authorization attempt failed, trying again');
|
|
17
|
+
logger.info({ tag: 'authorization-service', attempt, error }, 'Authorization attempt failed, trying again');
|
|
18
18
|
}
|
|
19
19
|
};
|
|
20
20
|
function logOnFetchFail(retriesLeft, error) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAuB,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAQ1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAeD,qBAAa,oBAAoB;IAC/B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAEvD;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBAkEnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F"}
|
|
@@ -9,6 +9,8 @@ import { AuthorizationInternalService, logger } from './authorization-internal-s
|
|
|
9
9
|
import { getAttributionsFromApi, getProfile } from './attributions-service.mjs';
|
|
10
10
|
|
|
11
11
|
const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
|
|
12
|
+
const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
|
|
13
|
+
const PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH = '/internal_ms/authorization/can_actions_in_scopes';
|
|
12
14
|
function setRequestFetchOptions(customMondayFetchOptions) {
|
|
13
15
|
AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
|
|
14
16
|
}
|
|
@@ -70,12 +72,12 @@ class AuthorizationService {
|
|
|
70
72
|
const attributionHeaders = getAttributionsFromApi();
|
|
71
73
|
const httpClient = Api.getPart('httpClient');
|
|
72
74
|
const profile = getProfile();
|
|
73
|
-
let response
|
|
75
|
+
let response;
|
|
74
76
|
try {
|
|
75
77
|
response = await httpClient.fetch({
|
|
76
78
|
url: {
|
|
77
79
|
appName: 'platform',
|
|
78
|
-
path:
|
|
80
|
+
path: PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH,
|
|
79
81
|
profile,
|
|
80
82
|
},
|
|
81
83
|
method: 'POST',
|
|
@@ -104,7 +106,11 @@ class AuthorizationService {
|
|
|
104
106
|
function toCamelCase(obj) {
|
|
105
107
|
return mapKeys(obj, (_, key) => camelCase(key));
|
|
106
108
|
}
|
|
107
|
-
|
|
109
|
+
if (!response) {
|
|
110
|
+
logger.error({ tag: 'authorization-service', response }, 'AuthorizationService: missing response');
|
|
111
|
+
throw new Error('AuthorizationService: missing response');
|
|
112
|
+
}
|
|
113
|
+
const scopedActionsResponseObjects = response.result.map(responseObject => {
|
|
108
114
|
const { scopedAction, permit } = responseObject;
|
|
109
115
|
const { scope } = scopedAction;
|
|
110
116
|
return {
|
|
@@ -125,12 +131,12 @@ class AuthorizationService {
|
|
|
125
131
|
const attributionHeaders = getAttributionsFromApi();
|
|
126
132
|
const httpClient = Api.getPart('httpClient');
|
|
127
133
|
const profile = getProfile();
|
|
128
|
-
let response
|
|
134
|
+
let response;
|
|
129
135
|
try {
|
|
130
136
|
response = await httpClient.fetch({
|
|
131
137
|
url: {
|
|
132
138
|
appName: 'platform',
|
|
133
|
-
path:
|
|
139
|
+
path: PLATFORM_AUTHORIZE_PATH,
|
|
134
140
|
profile,
|
|
135
141
|
},
|
|
136
142
|
method: 'POST',
|
|
@@ -159,7 +165,11 @@ class AuthorizationService {
|
|
|
159
165
|
const endTime = performance.now();
|
|
160
166
|
const time = endTime - startTime;
|
|
161
167
|
const unauthorizedObjects = [];
|
|
162
|
-
|
|
168
|
+
if (!response) {
|
|
169
|
+
logger.error({ tag: 'authorization-service', response }, 'AuthorizationService: missing response');
|
|
170
|
+
throw new Error('AuthorizationService: missing response');
|
|
171
|
+
}
|
|
172
|
+
response.result.forEach(function (isAuthorized, index) {
|
|
163
173
|
const authorizationObject = authorizationRequestObjects[index];
|
|
164
174
|
if (!isAuthorized) {
|
|
165
175
|
unauthorizedObjects.push(authorizationObject);
|
|
@@ -204,11 +214,5 @@ function createAuthorizationParams(resources, action) {
|
|
|
204
214
|
};
|
|
205
215
|
return params;
|
|
206
216
|
}
|
|
207
|
-
function getAuthorizeUrl() {
|
|
208
|
-
return '/internal_ms/authorization/authorize';
|
|
209
|
-
}
|
|
210
|
-
function getCanActionsInScopesUrl() {
|
|
211
|
-
return '/internal_ms/authorization/can_actions_in_scopes';
|
|
212
|
-
}
|
|
213
217
|
|
|
214
218
|
export { AuthorizationService, setRedisClient, setRequestFetchOptions };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mondaydotcomorg/monday-authorization",
|
|
3
|
-
"version": "1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.
|
|
3
|
+
"version": "1.2.19-incr-moshesa-upgrade-to-httpclient-and-use-profile--stubisauthorizedfetch.b83da61",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"license": "BSD-3-Clause",
|