@mondaydotcomorg/monday-authorization 1.2.4 → 1.2.6

package/dist/lib/attributions-service.d.ts

@@ -0,0 +1,3 @@
+export declare function getAttributionsFromApi(): {
+    [key: string]: string;
+};

package/dist/lib/attributions-service.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAttributionsFromApi = void 0;
+const trident_backend_api_1 = require("@mondaydotcomorg/trident-backend-api");
+const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
+function getAttributionsFromApi() {
+    const tridentContext = trident_backend_api_1.Api.getPart('context');
+    if (!tridentContext) {
+        return {};
+    }
+    const { runtimeAttributions } = tridentContext;
+    const attributionsHeaders = Object.fromEntries(runtimeAttributions === null || runtimeAttributions === void 0 ? void 0 : runtimeAttributions.buildOutgoingHeaders('HTTP_INTERNAL'));
+    const attributionHeadersFromSdk = {};
+    Object.keys(attributionsHeaders).forEach(function (key) {
+        attributionHeadersFromSdk[`${key}${FROM_SDK_HEADER_SUFFIX}`] = attributionsHeaders[key];
+    });
+    return attributionHeadersFromSdk;
+}
+exports.getAttributionsFromApi = getAttributionsFromApi;

package/dist/lib/authorization-attributes-service.js

@@ -12,6 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthorizationAttributesService = void 0;
 const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
 const authorization_internal_service_1 = require("./authorization-internal-service");
+const attributions_service_1 = require("./attributions-service");
 class AuthorizationAttributesService {
     /**
      * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
@@ -24,9 +25,10 @@ class AuthorizationAttributesService {
     static upsertResourceAttributes(accountId, userId, resourceAttributeAssignments) {
         return __awaiter(this, void 0, void 0, function* () {
             const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
+            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
             const response = yield (0, monday_fetch_1.fetch)(this.getResourceAttributesUrl(accountId), {
                 method: 'POST',
-                headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
+                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
                 timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
                 body: JSON.stringify({ resourceAttributeAssignments }),
             }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
@@ -47,9 +49,10 @@ class AuthorizationAttributesService {
         return __awaiter(this, void 0, void 0, function* () {
             const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
             const url = `${this.getResourceAttributesUrl(accountId)}/${resource.type}/${resource.id}`;
+            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
             const response = yield (0, monday_fetch_1.fetch)(url, {
                 method: 'DELETE',
-                headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
+                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
                 timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
                 body: JSON.stringify({ keys: attributeKeys }),
             }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());

package/dist/lib/authorization-service.js

@@ -15,6 +15,7 @@ const perf_hooks_1 = require("perf_hooks");
 const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
 const prometheus_service_1 = require("./prometheus-service");
 const authorization_internal_service_1 = require("./authorization-internal-service");
+const attributions_service_1 = require("./attributions-service");
 const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
 function setRequestFetchOptions(customMondayFetchOptions) {
     authorization_internal_service_1.AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
@@ -90,9 +91,10 @@ class AuthorizationService {
             const scopedActionsPayload = scopedActions.map(scopedAction => {
                 return Object.assign(Object.assign({}, scopedAction), { scope: (0, lodash_1.mapKeys)(scopedAction.scope, (_, key) => (0, lodash_1.snakeCase)(key)) }); // for example: { workspaceId: 1 } => { workspace_id: 1 }
             });
+            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
             const response = yield (0, monday_fetch_1.fetch)(getCanActionsInScopesUrl(), {
                 method: 'POST',
-                headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
+                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
                 timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
                 body: JSON.stringify({
                     user_id: userId,
@@ -101,11 +103,11 @@ class AuthorizationService {
             }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
             authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
             const responseBody = yield response.json();
-            const camelCaseKeys = (obj) => Object.fromEntries(Object.entries(obj).map(([key, value]) => [(0, lodash_1.camelCase)(key), value]));
+            const camelCaseKeys = obj => Object.fromEntries(Object.entries(obj).map(([key, value]) => [(0, lodash_1.camelCase)(key), value]));
             const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
                 const { scopedAction, permit } = responseObject;
                 const { scope } = scopedAction;
-                const transformKeys = (obj) => camelCaseKeys(obj);
+                const transformKeys = obj => camelCaseKeys(obj);
                 return Object.assign(Object.assign({}, responseObject), { scopedAction: Object.assign(Object.assign({}, scopedAction), { scope: transformKeys(scope) }), permit: transformKeys(permit) });
             });
             return scopedActionsResponseObjects;
@@ -121,9 +123,10 @@ class AuthorizationService {
         return __awaiter(this, void 0, void 0, function* () {
             const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
             const startTime = perf_hooks_1.performance.now();
+            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
             const response = yield (0, monday_fetch_1.fetch)(getAuthorizeUrl(), {
                 method: 'POST',
-                headers: { Authorization: internalAuthToken, 'Content-Type': 'application/json' },
+                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
                 timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
                 body: JSON.stringify({
                     user_id: userId,

package/dist/lib/testKit/index.d.ts

@@ -1,5 +1,5 @@
 import { NextFunction } from "express";
-import { Action, BaseRequest, BaseResponse, ContextGetter, Resource, ResourceGetter } from "lib/types/general";
+import { Action, BaseRequest, BaseResponse, ContextGetter, Resource, ResourceGetter } from "../types/general";
 export type TestPermittedAction = {
     accountId: number;
     userId: number;

package/dist/lib/testKit/index.js

@@ -10,8 +10,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getTestAuthorizationMiddleware = exports.clearTestPermittedActions = exports.addTestPermittedAction = void 0;
-const authorization_middleware_1 = require("lib/authorization-middleware");
-const authorization_internal_service_1 = require("lib/authorization-internal-service");
+const authorization_middleware_1 = require("../authorization-middleware");
+const authorization_internal_service_1 = require("../authorization-internal-service");
 let testPermittedActions = [];
 const addTestPermittedAction = (accountId, userId, resources, action) => {
     testPermittedActions.push({ accountId, userId, resources, action });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mondaydotcomorg/monday-authorization",
-  "version": "1.2.4",
+  "version": "1.2.6",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "license": "BSD-3-Clause",
@@ -12,6 +12,7 @@
     "@mondaydotcomorg/monday-fetch": "^0.0.7",
     "@mondaydotcomorg/monday-jwt": "^3.0.10",
     "@mondaydotcomorg/monday-logger": "^3.0.10",
+    "@mondaydotcomorg/trident-backend-api": "^0.21.0",
     "node-fetch": "^2.6.7",
     "on-headers": "^1.0.2",
     "ts-node": "^10.0.0"
@@ -32,5 +33,5 @@
   "files": [
     "dist/"
   ],
-  "gitHead": "47bf6aa370ecde3f62e92667fab5767b5e8047b8"
+  "gitHead": "cbf1fb90ca3bda14aaf1581c05d3af92eb659e1d"
 }