@mondaydotcomorg/monday-authorization 3.6.2 → 3.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -1
- package/dist/authorization-service.d.ts +0 -1
- package/dist/authorization-service.d.ts.map +1 -1
- package/dist/authorization-service.js +2 -22
- package/dist/esm/authorization-service.d.ts +0 -1
- package/dist/esm/authorization-service.d.ts.map +1 -1
- package/dist/esm/authorization-service.mjs +3 -23
- package/package.json +1 -1
- package/src/authorization-service.ts +3 -28
package/README.md
CHANGED
|
@@ -127,6 +127,13 @@ const isAuthorizedResponse = await AuthorizationService.isAuthorized(accountId,
|
|
|
127
127
|
const isAuthorized = isAuthorizedResponse.isAuthorized;
|
|
128
128
|
```
|
|
129
129
|
|
|
130
|
+
**Platform Profile Routing (v3.7.0+)**
|
|
131
|
+
|
|
132
|
+
- **Simplified Routing**: Platform profile routing logic in `AuthorizationService.getProfile()` has been simplified
|
|
133
|
+
- **Context-Aware Profiles**: All authorization requests now use context-aware profiles (`API_INTERNAL`, `SLOW`, or `INTERNAL`) based on request context
|
|
134
|
+
- **Removed Conditional Logic**: Conditional logic that would route certain apps through `PlatformProfile.APP` has been removed
|
|
135
|
+
- **Feature Flags Removed**: Feature flag-controlled routing for `allowed-sdk-platform-profiles` and `in-release-sdk-platform-profile` configurations has been removed
|
|
136
|
+
|
|
130
137
|
### canActionInScope API
|
|
131
138
|
|
|
132
139
|
```ts
|
|
@@ -535,7 +542,6 @@ This package includes an `ignite-local-overrides.json` file for local developmen
|
|
|
535
542
|
|
|
536
543
|
The file enables feature flags for testing:
|
|
537
544
|
|
|
538
|
-
- `sdk-platform-profiles`: Platform profile routing
|
|
539
545
|
- `navigate-can-action-in-scope-to-graph`: Graph API routing for `canActionInScope` methods
|
|
540
546
|
|
|
541
547
|
Modify this file for different local test scenarios, but remember changes only affect this package's development/testing.
|
|
@@ -33,7 +33,6 @@ export declare class AuthorizationService {
|
|
|
33
33
|
private static fetchIsUserGrantedWithFeature;
|
|
34
34
|
private static getCachedKeyName;
|
|
35
35
|
static canActionInScope(accountId: number, userId: number, action: string, scope: ScopeOptions): Promise<ScopedActionPermit>;
|
|
36
|
-
private static getProfile;
|
|
37
36
|
static canActionInScopeMultiple(accountId: number, userId: number, scopedActions: ScopedAction[]): Promise<ScopedActionResponseObject[]>;
|
|
38
37
|
private static isAuthorizedSingular;
|
|
39
38
|
private static isAuthorizedMultiple;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAG7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAG7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAY1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA4CnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAepG"}
|
|
@@ -14,9 +14,6 @@ const utils_authorization_utils = require('./utils/authorization.utils.js');
|
|
|
14
14
|
|
|
15
15
|
const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
|
|
16
16
|
const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
|
|
17
|
-
const ALLOWED_SDK_PLATFORM_PROFILES_KEY = 'allowed-sdk-platform-profiles';
|
|
18
|
-
const IN_RELEASE_SDK_PLATFORM_PROFILES_KEY = 'in-release-sdk-platform-profile';
|
|
19
|
-
const PLATFORM_PROFILE_RELEASE_FF = 'sdk-platform-profiles';
|
|
20
17
|
const NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF = 'navigate-can-action-in-scope-to-graph';
|
|
21
18
|
function setRequestFetchOptions(customMondayFetchOptions) {
|
|
22
19
|
authorizationInternalService.AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
|
|
@@ -90,23 +87,6 @@ class AuthorizationService {
|
|
|
90
87
|
const scopedActionResponseObjects = await this.canActionInScopeMultiple(accountId, userId, scopedActions);
|
|
91
88
|
return scopedActionResponseObjects[0].permit;
|
|
92
89
|
}
|
|
93
|
-
static getProfile(accountId, userId) {
|
|
94
|
-
const appName = process.env.APP_NAME ?? 'INVALID_APP_NAME';
|
|
95
|
-
if (!this.igniteClient) {
|
|
96
|
-
authorizationInternalService.logger.error({ tag: 'authorization-service' }, 'AuthorizationService: igniteClient is not set, failing request');
|
|
97
|
-
throw new Error('AuthorizationService: igniteClient is not set, failing request');
|
|
98
|
-
}
|
|
99
|
-
if (this.igniteClient.configuration.getObjectValue(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []).includes(appName)) {
|
|
100
|
-
return attributionsService.getProfile();
|
|
101
|
-
}
|
|
102
|
-
if (this.igniteClient.configuration
|
|
103
|
-
.getObjectValue(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, [])
|
|
104
|
-
.includes(appName) &&
|
|
105
|
-
this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId })) {
|
|
106
|
-
return attributionsService.getProfile();
|
|
107
|
-
}
|
|
108
|
-
return attributionsService.PlatformProfile.APP;
|
|
109
|
-
}
|
|
110
90
|
static async canActionInScopeMultiple(accountId, userId, scopedActions) {
|
|
111
91
|
if (scopedActions.length === 0) {
|
|
112
92
|
return [];
|
|
@@ -121,7 +101,7 @@ class AuthorizationService {
|
|
|
121
101
|
}
|
|
122
102
|
else {
|
|
123
103
|
apiType = 'platform';
|
|
124
|
-
const profile =
|
|
104
|
+
const profile = attributionsService.getProfile();
|
|
125
105
|
const internalAuthToken = authorizationInternalService.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
126
106
|
scopedActionResponseObjects = await this.platformApi.checkPermissions(profile, internalAuthToken, userId, scopedActions);
|
|
127
107
|
}
|
|
@@ -142,7 +122,7 @@ class AuthorizationService {
|
|
|
142
122
|
return this.isAuthorizedMultiple(accountId, userId, authorizationObjects);
|
|
143
123
|
}
|
|
144
124
|
static async isAuthorizedMultiple(accountId, userId, authorizationRequestObjects) {
|
|
145
|
-
const profile =
|
|
125
|
+
const profile = attributionsService.getProfile();
|
|
146
126
|
const internalAuthToken = authorizationInternalService.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
147
127
|
const startTime = perf_hooks.performance.now();
|
|
148
128
|
const attributionHeaders = attributionsService.getAttributionsFromApi();
|
|
@@ -33,7 +33,6 @@ export declare class AuthorizationService {
|
|
|
33
33
|
private static fetchIsUserGrantedWithFeature;
|
|
34
34
|
private static getCachedKeyName;
|
|
35
35
|
static canActionInScope(accountId: number, userId: number, action: string, scope: ScopeOptions): Promise<ScopedActionPermit>;
|
|
36
|
-
private static getProfile;
|
|
37
36
|
static canActionInScopeMultiple(accountId: number, userId: number, scopedActions: ScopedAction[]): Promise<ScopedActionResponseObject[]>;
|
|
38
37
|
private static isAuthorizedSingular;
|
|
39
38
|
private static isAuthorizedMultiple;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAG7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAG7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAY1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA4CnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAepG"}
|
|
@@ -5,16 +5,13 @@ import { getIgniteClient } from '@mondaydotcomorg/ignite-sdk';
|
|
|
5
5
|
import { sendAuthorizationCheckResponseTimeMetric } from './prometheus-service.mjs';
|
|
6
6
|
import { recordAuthorizationTiming } from './metrics-service.mjs';
|
|
7
7
|
import { AuthorizationInternalService, logger } from './authorization-internal-service.mjs';
|
|
8
|
-
import { getProfile,
|
|
8
|
+
import { getProfile, getAttributionsFromApi } from './attributions-service.mjs';
|
|
9
9
|
import { GraphApi } from './clients/graph-api.mjs';
|
|
10
10
|
import { PlatformApi } from './clients/platform-api.mjs';
|
|
11
11
|
import { scopeToResource } from './utils/authorization.utils.mjs';
|
|
12
12
|
|
|
13
13
|
const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
|
|
14
14
|
const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
|
|
15
|
-
const ALLOWED_SDK_PLATFORM_PROFILES_KEY = 'allowed-sdk-platform-profiles';
|
|
16
|
-
const IN_RELEASE_SDK_PLATFORM_PROFILES_KEY = 'in-release-sdk-platform-profile';
|
|
17
|
-
const PLATFORM_PROFILE_RELEASE_FF = 'sdk-platform-profiles';
|
|
18
15
|
const NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF = 'navigate-can-action-in-scope-to-graph';
|
|
19
16
|
function setRequestFetchOptions(customMondayFetchOptions) {
|
|
20
17
|
AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
|
|
@@ -88,23 +85,6 @@ class AuthorizationService {
|
|
|
88
85
|
const scopedActionResponseObjects = await this.canActionInScopeMultiple(accountId, userId, scopedActions);
|
|
89
86
|
return scopedActionResponseObjects[0].permit;
|
|
90
87
|
}
|
|
91
|
-
static getProfile(accountId, userId) {
|
|
92
|
-
const appName = process.env.APP_NAME ?? 'INVALID_APP_NAME';
|
|
93
|
-
if (!this.igniteClient) {
|
|
94
|
-
logger.error({ tag: 'authorization-service' }, 'AuthorizationService: igniteClient is not set, failing request');
|
|
95
|
-
throw new Error('AuthorizationService: igniteClient is not set, failing request');
|
|
96
|
-
}
|
|
97
|
-
if (this.igniteClient.configuration.getObjectValue(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []).includes(appName)) {
|
|
98
|
-
return getProfile();
|
|
99
|
-
}
|
|
100
|
-
if (this.igniteClient.configuration
|
|
101
|
-
.getObjectValue(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, [])
|
|
102
|
-
.includes(appName) &&
|
|
103
|
-
this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId })) {
|
|
104
|
-
return getProfile();
|
|
105
|
-
}
|
|
106
|
-
return PlatformProfile.APP;
|
|
107
|
-
}
|
|
108
88
|
static async canActionInScopeMultiple(accountId, userId, scopedActions) {
|
|
109
89
|
if (scopedActions.length === 0) {
|
|
110
90
|
return [];
|
|
@@ -119,7 +99,7 @@ class AuthorizationService {
|
|
|
119
99
|
}
|
|
120
100
|
else {
|
|
121
101
|
apiType = 'platform';
|
|
122
|
-
const profile =
|
|
102
|
+
const profile = getProfile();
|
|
123
103
|
const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
124
104
|
scopedActionResponseObjects = await this.platformApi.checkPermissions(profile, internalAuthToken, userId, scopedActions);
|
|
125
105
|
}
|
|
@@ -140,7 +120,7 @@ class AuthorizationService {
|
|
|
140
120
|
return this.isAuthorizedMultiple(accountId, userId, authorizationObjects);
|
|
141
121
|
}
|
|
142
122
|
static async isAuthorizedMultiple(accountId, userId, authorizationRequestObjects) {
|
|
143
|
-
const profile =
|
|
123
|
+
const profile = getProfile();
|
|
144
124
|
const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
145
125
|
const startTime = performance.now();
|
|
146
126
|
const attributionHeaders = getAttributionsFromApi();
|
package/package.json
CHANGED
|
@@ -13,7 +13,7 @@ import {
|
|
|
13
13
|
ScopeOptions,
|
|
14
14
|
} from './types/scoped-actions-contracts';
|
|
15
15
|
import { AuthorizationInternalService, logger } from './authorization-internal-service';
|
|
16
|
-
import { getAttributionsFromApi, getProfile
|
|
16
|
+
import { getAttributionsFromApi, getProfile } from './attributions-service';
|
|
17
17
|
import { GraphApi } from './clients/graph-api';
|
|
18
18
|
import { PlatformApi } from './clients/platform-api';
|
|
19
19
|
import { scopeToResource } from './utils/authorization.utils';
|
|
@@ -21,9 +21,6 @@ import { scopeToResource } from './utils/authorization.utils';
|
|
|
21
21
|
const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
|
|
22
22
|
const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
|
|
23
23
|
|
|
24
|
-
const ALLOWED_SDK_PLATFORM_PROFILES_KEY = 'allowed-sdk-platform-profiles';
|
|
25
|
-
const IN_RELEASE_SDK_PLATFORM_PROFILES_KEY = 'in-release-sdk-platform-profile';
|
|
26
|
-
const PLATFORM_PROFILE_RELEASE_FF = 'sdk-platform-profiles';
|
|
27
24
|
const NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF = 'navigate-can-action-in-scope-to-graph';
|
|
28
25
|
|
|
29
26
|
export interface AuthorizeResponse {
|
|
@@ -149,28 +146,6 @@ export class AuthorizationService {
|
|
|
149
146
|
return scopedActionResponseObjects[0].permit;
|
|
150
147
|
}
|
|
151
148
|
|
|
152
|
-
private static getProfile(accountId: number, userId: number): PlatformProfile {
|
|
153
|
-
const appName: string = process.env.APP_NAME ?? 'INVALID_APP_NAME';
|
|
154
|
-
if (!this.igniteClient) {
|
|
155
|
-
logger.error({ tag: 'authorization-service' }, 'AuthorizationService: igniteClient is not set, failing request');
|
|
156
|
-
throw new Error('AuthorizationService: igniteClient is not set, failing request');
|
|
157
|
-
}
|
|
158
|
-
if (
|
|
159
|
-
this.igniteClient.configuration.getObjectValue<string[]>(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []).includes(appName)
|
|
160
|
-
) {
|
|
161
|
-
return getProfile();
|
|
162
|
-
}
|
|
163
|
-
if (
|
|
164
|
-
this.igniteClient.configuration
|
|
165
|
-
.getObjectValue<string[]>(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, [])
|
|
166
|
-
.includes(appName) &&
|
|
167
|
-
this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId })
|
|
168
|
-
) {
|
|
169
|
-
return getProfile();
|
|
170
|
-
}
|
|
171
|
-
return PlatformProfile.APP;
|
|
172
|
-
}
|
|
173
|
-
|
|
174
149
|
static async canActionInScopeMultiple(
|
|
175
150
|
accountId: number,
|
|
176
151
|
userId: number,
|
|
@@ -193,7 +168,7 @@ export class AuthorizationService {
|
|
|
193
168
|
scopedActionResponseObjects = await this.graphApi.checkPermissions(accountId, userId, scopedActions);
|
|
194
169
|
} else {
|
|
195
170
|
apiType = 'platform';
|
|
196
|
-
const profile =
|
|
171
|
+
const profile = getProfile();
|
|
197
172
|
const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
198
173
|
|
|
199
174
|
scopedActionResponseObjects = await this.platformApi.checkPermissions(
|
|
@@ -234,7 +209,7 @@ export class AuthorizationService {
|
|
|
234
209
|
userId: number,
|
|
235
210
|
authorizationRequestObjects: AuthorizationObject[]
|
|
236
211
|
): Promise<AuthorizeResponse> {
|
|
237
|
-
const profile =
|
|
212
|
+
const profile = getProfile();
|
|
238
213
|
const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
|
|
239
214
|
const startTime = performance.now();
|
|
240
215
|
const attributionHeaders = getAttributionsFromApi();
|