npm - @mondaydotcomorg/monday-authorization - Versions diffs - 3.2.3-feature-bashanye-navigate-can-action-in-scope-to-graph-af77c6b → 3.2.4 - Mend

@mondaydotcomorg/monday-authorization 3.2.3-feature-bashanye-navigate-can-action-in-scope-to-graph-af77c6b → 3.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/attributions-service.d.ts +3 -2
package/dist/attributions-service.d.ts.map +1 -1
package/dist/attributions-service.js +1 -0
package/dist/authorization-service.d.ts +0 -8
package/dist/authorization-service.d.ts.map +1 -1
package/dist/authorization-service.js +20 -114
package/dist/esm/attributions-service.d.ts +3 -2
package/dist/esm/attributions-service.d.ts.map +1 -1
package/dist/esm/attributions-service.mjs +1 -0
package/dist/esm/authorization-service.d.ts +0 -8
package/dist/esm/authorization-service.d.ts.map +1 -1
package/dist/esm/authorization-service.mjs +20 -114
package/package.json +5 -3
package/src/attributions-service.ts +93 -0
package/src/authorization-attributes-service.ts +234 -0
package/src/authorization-internal-service.ts +129 -0
package/src/authorization-middleware.ts +51 -0
package/src/authorization-service.ts +365 -0
package/src/constants/sns.ts +5 -0
package/src/constants.ts +22 -0
package/src/index.ts +46 -0
package/src/prometheus-service.ts +48 -0
package/src/roles-service.ts +125 -0
package/src/testKit/index.ts +66 -0
package/src/types/authorization-attributes-contracts.ts +33 -0
package/src/types/express.ts +8 -0
package/src/types/general.ts +32 -0
package/src/types/roles.ts +42 -0
package/src/types/scoped-actions-contracts.ts +48 -0
package/CHANGELOG.md +0 -46

package/src/types/authorization-attributes-contracts.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { Resource } from './general';
+export interface ResourceAttributeAssignment {
+  resourceType: Resource['type'];
+  resourceId: Resource['id'];
+  key: string;
+  value: string;
+}
+export interface ResourceAttributeResponse {
+  attributes: ResourceAttributeAssignment[];
+}
+export interface ResourceAttributeDelete {
+  resourceType: Resource['type'];
+  resourceId: Resource['id'];
+  key: string;
+}
+export enum ResourceAttributeOperationEnum {
+  UPSERT = 'upsert',
+  DELETE = 'delete',
+}
+interface UpsertResourceAttributeOperation extends ResourceAttributeAssignment {
+  operationType: ResourceAttributeOperationEnum.UPSERT;
+}
+interface DeleteResourceAttributeOperation extends ResourceAttributeDelete {
+  operationType: ResourceAttributeOperationEnum.DELETE;
+}
+export type ResourceAttributesOperation = UpsertResourceAttributeOperation | DeleteResourceAttributeOperation;

package/src/types/express.ts ADDED Viewed

@@ -0,0 +1,8 @@
+// eslint-disable-next-line @typescript-eslint/no-namespace, @typescript-eslint/no-unused-vars
+declare namespace Express {
+  export interface Request {
+    payload: { accountId: number; userId: number };
+    authorizationCheckPerformed: boolean;
+    authorizationSkipPerformed: boolean;
+  }
+}

package/src/types/general.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import type { Request, Response } from 'express';
+export interface Resource {
+  id?: number;
+  type: string;
+  wrapperData?: object;
+}
+export type Action = string;
+export interface Context {
+  accountId: number;
+  userId: number;
+}
+export interface AuthorizationObject {
+  resource_id?: Resource['id'];
+  resource_type: Resource['type'];
+  wrapper_data?: Resource['wrapperData'];
+  action: Action;
+}
+export interface AuthorizationParams {
+  authorizationObjects: AuthorizationObject[];
+}
+type BasicObject = { [key: string]: unknown };
+export type BaseParameters = BasicObject;
+export type BaseResponseBody = BasicObject;
+export type BaseBodyParameters = BasicObject;
+export type BaseQueryParameters = BasicObject;
+export type BaseRequest = Request<BaseParameters, BaseResponseBody, BaseBodyParameters, BaseQueryParameters>;
+export type BaseResponse = Response<BaseResponseBody>;
+export type ResourceGetter = (request: BaseRequest) => Resource[];
+export type ContextGetter = (request: BaseRequest) => Context;

package/src/types/roles.ts ADDED Viewed

@@ -0,0 +1,42 @@
+export enum RoleType {
+  CUSTOM = 'custom_role',
+  BASIC = 'basic_role',
+}
+export interface CustomRole {
+  id?: number;
+  name: string;
+  resourceType: string;
+  resourceId: number;
+  basicRoleId: number;
+  basicRoleType: RoleType;
+}
+export interface BasicRole {
+  id: number;
+  resourceType: string;
+  roleType: string;
+  name: string;
+}
+export interface RolesResponse {
+  customRoles: CustomRole[];
+  basicRoles?: BasicRole[];
+}
+export interface RoleCreateRequest {
+  name: string;
+  resourceType: string;
+  resourceId: number;
+  sourceRole: {
+    id: number;
+    type: RoleType;
+  };
+}
+export interface RoleUpdateRequest {
+  id: number;
+  updateAttributes: {
+    name: string;
+  };
+}

package/src/types/scoped-actions-contracts.ts ADDED Viewed

@@ -0,0 +1,48 @@
+export interface WorkspaceScope {
+  workspaceId: number;
+}
+export interface BoardScope {
+  boardId: number;
+}
+export interface PulseScope {
+  pulseId: number;
+}
+export interface AccountProductScope {
+  accountProductId: number;
+}
+export interface AccountScope {
+  accountId: number;
+}
+export type ScopeOptions = WorkspaceScope | BoardScope | PulseScope | AccountProductScope | AccountScope;
+export interface Translation {
+  key: string;
+  [option: string]: string;
+}
+export enum PermitTechnicalReason {
+  NO_REASON = 0,
+  NOT_ELIGIBLE = 1,
+  BY_ROLE_IN_SCOPE = 2,
+}
+export interface ScopedActionPermit {
+  can: boolean;
+  reason: Translation;
+  technicalReason: PermitTechnicalReason;
+}
+export interface ScopedAction {
+  action: string;
+  scope: ScopeOptions;
+}
+export interface ScopedActionResponseObject {
+  scopedAction: ScopedAction;
+  permit: ScopedActionPermit;
+}

package/CHANGELOG.md DELETED Viewed

@@ -1,46 +0,0 @@
-# Change Log
-All notable changes to this project will be documented in this file.
-The format is based on [Keep a Changelog](http://keepachangelog.com/)
-and this project adheres to [Semantic Versioning](http://semver.org/).
-## [2.0.0] - 2025-04-07
-### ⚠ MAJOR CHANGE - PLEASE READ
-### Fixed
-- Calls to the monolith will be spread across the different profiles - `api-internal`, `slow` and `internal` (originally, all the calls to the platform went directly to `monday-app`)
-## [1.2.9] - 2024-10-06
-### Added
-- [`authz/bashanye/add-async-resource-attributes-support`](https://github.com/DaPulse/monday-npm-packages/pull/6859)
-  - `AuthorizationAttributesService` - now supports async upsert and delete - requests sent through SNS-SQS).
-## [1.2.3] - 2024-06-10
-### Added
-- [`feature/yarden/resource-attributes-api-support-authz-sdk (#5826)`](https://github.com/DaPulse/monday-npm-packages/pull/5826)
-  - `AuthorizationAttributesService` - now supports upsert (`upsertResourceAttributesSync`) and delete (`deleteResourceAttributesSync`) resource attributes in the authorization MS
-## [1.2.0] - 2024-01-05
-### Added
-- `isAuthorized` now return the unauthorized objects - regardless to the unauthorized ids (which may be missing resource ids if resource has no id, like `feature` e.g.)
-## [1.1.0] - 2023-08-09
-### ⚠ BREAKING CHANGES
-- `canActionInScope` now returns an object of type `{ can: boolean; reason: string; }` instead of `boolean`.
-  This version is considered minor because no one uses this function yet.
-### Changed
-- [`feature/idan/can-action-in-scope/change-behavior-on-error (#3689)`](https://github.com/DaPulse/monday-npm-packages/pull/3689)
-  - `canActionInScope`, `canActionInScopeMultiple` and `isAuthorized` are now throwing an error instead of returning `false` when an error occurs as part of the authorization http request (status code is not 2XX)