@mondaydotcomorg/monday-authorization 3.7.3 → 3.7.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authorization-service.d.ts +3 -3
- package/dist/authorization-service.d.ts.map +1 -1
- package/dist/authorization-service.js +3 -1
- package/dist/esm/authorization-service.d.ts +3 -3
- package/dist/esm/authorization-service.d.ts.map +1 -1
- package/dist/esm/authorization-service.mjs +3 -1
- package/dist/esm/index.d.ts +1 -1
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/testKit/index.d.ts +3 -3
- package/dist/esm/testKit/index.d.ts.map +1 -1
- package/dist/esm/testKit/index.mjs +3 -1
- package/dist/esm/types/general.d.ts +8 -3
- package/dist/esm/types/general.d.ts.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/testKit/index.d.ts +3 -3
- package/dist/testKit/index.d.ts.map +1 -1
- package/dist/testKit/index.js +3 -1
- package/dist/types/general.d.ts +8 -3
- package/dist/types/general.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/authorization-service.ts +8 -6
- package/src/index.ts +8 -1
- package/src/testKit/index.ts +20 -5
- package/src/types/general.ts +10 -3
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
|
|
2
2
|
import { IgniteClient } from '@mondaydotcomorg/ignite-sdk';
|
|
3
|
-
import { Action, AuthorizationObject, AuthorizationParams,
|
|
3
|
+
import { Action, AuthorizationObject, AuthorizationParams, AuthorizationResource } from './types/general';
|
|
4
4
|
import { ScopedAction, ScopedActionPermit, ScopedActionResponseObject, ScopeOptions } from './types/scoped-actions-contracts';
|
|
5
5
|
export interface AuthorizeResponse {
|
|
6
6
|
isAuthorized: boolean;
|
|
@@ -21,7 +21,7 @@ export declare class AuthorizationService {
|
|
|
21
21
|
* @deprecated use the second form with authorizationRequestObjects instead,
|
|
22
22
|
* support of this function will be dropped gradually
|
|
23
23
|
*/
|
|
24
|
-
static isAuthorized(accountId: number, userId: number, resources:
|
|
24
|
+
static isAuthorized(accountId: number, userId: number, resources: AuthorizationResource[], action: Action): Promise<AuthorizeResponse>;
|
|
25
25
|
static isAuthorized(accountId: number, userId: number, authorizationRequestObjects: AuthorizationObject[]): Promise<AuthorizeResponse>;
|
|
26
26
|
/**
|
|
27
27
|
* @deprecated - Please use Ignite instead: https://github.com/DaPulse/ignite-monorepo/blob/master/packages/ignite-sdk/README.md
|
|
@@ -39,5 +39,5 @@ export declare class AuthorizationService {
|
|
|
39
39
|
}
|
|
40
40
|
export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
|
|
41
41
|
export declare function setIgniteClient(): Promise<void>;
|
|
42
|
-
export declare function createAuthorizationParams(resources:
|
|
42
|
+
export declare function createAuthorizationParams(resources: AuthorizationResource[], action: Action): AuthorizationParams;
|
|
43
43
|
//# sourceMappingURL=authorization-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAG1G,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAY1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,qBAAqB,EAAE,EAClC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA4CnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,qBAAqB,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAiBjH"}
|
|
@@ -205,10 +205,12 @@ function createAuthorizationParams(resources, action) {
|
|
|
205
205
|
const params = {
|
|
206
206
|
authorizationObjects: resources.map((resource) => {
|
|
207
207
|
const authorizationObject = {
|
|
208
|
-
resource_id: resource.id,
|
|
209
208
|
resource_type: resource.type,
|
|
210
209
|
action,
|
|
211
210
|
};
|
|
211
|
+
if (resource.id !== undefined) {
|
|
212
|
+
authorizationObject.resource_id = resource.id;
|
|
213
|
+
}
|
|
212
214
|
if (resource.wrapperData) {
|
|
213
215
|
authorizationObject.wrapper_data = resource.wrapperData;
|
|
214
216
|
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
|
|
2
2
|
import { IgniteClient } from '@mondaydotcomorg/ignite-sdk';
|
|
3
|
-
import { Action, AuthorizationObject, AuthorizationParams,
|
|
3
|
+
import { Action, AuthorizationObject, AuthorizationParams, AuthorizationResource } from './types/general';
|
|
4
4
|
import { ScopedAction, ScopedActionPermit, ScopedActionResponseObject, ScopeOptions } from './types/scoped-actions-contracts';
|
|
5
5
|
export interface AuthorizeResponse {
|
|
6
6
|
isAuthorized: boolean;
|
|
@@ -21,7 +21,7 @@ export declare class AuthorizationService {
|
|
|
21
21
|
* @deprecated use the second form with authorizationRequestObjects instead,
|
|
22
22
|
* support of this function will be dropped gradually
|
|
23
23
|
*/
|
|
24
|
-
static isAuthorized(accountId: number, userId: number, resources:
|
|
24
|
+
static isAuthorized(accountId: number, userId: number, resources: AuthorizationResource[], action: Action): Promise<AuthorizeResponse>;
|
|
25
25
|
static isAuthorized(accountId: number, userId: number, authorizationRequestObjects: AuthorizationObject[]): Promise<AuthorizeResponse>;
|
|
26
26
|
/**
|
|
27
27
|
* @deprecated - Please use Ignite instead: https://github.com/DaPulse/ignite-monorepo/blob/master/packages/ignite-sdk/README.md
|
|
@@ -39,5 +39,5 @@ export declare class AuthorizationService {
|
|
|
39
39
|
}
|
|
40
40
|
export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
|
|
41
41
|
export declare function setIgniteClient(): Promise<void>;
|
|
42
|
-
export declare function createAuthorizationParams(resources:
|
|
42
|
+
export declare function createAuthorizationParams(resources: AuthorizationResource[], action: Action): AuthorizationParams;
|
|
43
43
|
//# sourceMappingURL=authorization-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,
|
|
1
|
+
{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAG1G,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAY1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,qBAAqB,EAAE,EAClC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;WAMjB,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA4CnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,qBAAqB,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAiBjH"}
|
|
@@ -203,10 +203,12 @@ function createAuthorizationParams(resources, action) {
|
|
|
203
203
|
const params = {
|
|
204
204
|
authorizationObjects: resources.map((resource) => {
|
|
205
205
|
const authorizationObject = {
|
|
206
|
-
resource_id: resource.id,
|
|
207
206
|
resource_type: resource.type,
|
|
208
207
|
action,
|
|
209
208
|
};
|
|
209
|
+
if (resource.id !== undefined) {
|
|
210
|
+
authorizationObject.resource_id = resource.id;
|
|
211
|
+
}
|
|
210
212
|
if (resource.wrapperData) {
|
|
211
213
|
authorizationObject.wrapper_data = resource.wrapperData;
|
|
212
214
|
}
|
package/dist/esm/index.d.ts
CHANGED
|
@@ -25,7 +25,7 @@ export { ResourceAttributeAssignment } from './resource-attribute-assignment';
|
|
|
25
25
|
export { EntityAttributeAssignment } from './entity-attribute-assignment';
|
|
26
26
|
export { RolesService } from './roles-service';
|
|
27
27
|
export { MembershipsService } from './memberships';
|
|
28
|
-
export { AuthorizationObject, Resource, BaseRequest, ResourceGetter, ContextGetter } from './types/general';
|
|
28
|
+
export { AuthorizationObject, AuthorizationResource, Resource, BaseRequest, ResourceGetter, ContextGetter, } from './types/general';
|
|
29
29
|
export { Translation, ScopedAction, ScopedActionResponseObject, ScopedActionPermit, } from './types/scoped-actions-contracts';
|
|
30
30
|
export { CustomRole, BasicRole, RoleType, RoleCreateRequest, RoleUpdateRequest, RolesResponse } from './types/roles';
|
|
31
31
|
export { AttributeAssignment, AttributeOperation, ResourceAttributeDeleteAssignment, ResourceAttributeUpsertOperation, ResourceAttributeDeleteOperation, EntityAttributeDeleteAssignment, EntityAttributeUpsertOperation, EntityAttributeDeleteOperation, ResourceAttributeAssignment as ResourceAttributeAssignmentContract, EntityAttributeAssignment as EntityAttributeAssignmentContract, } from './types/authorization-attributes-contracts';
|
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAqB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACrE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,UAAU,kBAAkB;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBA6BnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,cAAc,iCAAiC,CAAC;AAChD,cAAc,+BAA+B,CAAC;AAC9C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAqB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACrE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,UAAU,kBAAkB;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBA6BnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,cAAc,iCAAiC,CAAC;AAChD,cAAc,+BAA+B,CAAC;AAC9C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,QAAQ,EACR,WAAW,EACX,cAAc,EACd,aAAa,GACd,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACrH,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,iCAAiC,EACjC,gCAAgC,EAChC,gCAAgC,EAChC,+BAA+B,EAC/B,8BAA8B,EAC9B,8BAA8B,EAC9B,2BAA2B,IAAI,mCAAmC,EAClE,yBAAyB,IAAI,iCAAiC,GAC/D,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,kCAAkC,IAAI,+BAA+B,EAAE,MAAM,yCAAyC,CAAC;AAEhI,OAAO,EAAE,OAAO,EAAE,CAAC"}
|
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { Action, BaseRequest, BaseResponse, ContextGetter,
|
|
1
|
+
import { Action, AuthorizationResource, BaseRequest, BaseResponse, ContextGetter, ResourceGetter } from '../types/general';
|
|
2
2
|
import type { NextFunction } from 'express';
|
|
3
3
|
export type TestPermittedAction = {
|
|
4
4
|
accountId: number;
|
|
5
5
|
userId: number;
|
|
6
|
-
resources:
|
|
6
|
+
resources: AuthorizationResource[];
|
|
7
7
|
action: Action;
|
|
8
8
|
};
|
|
9
|
-
export declare const addTestPermittedAction: (accountId: number, userId: number, resources:
|
|
9
|
+
export declare const addTestPermittedAction: (accountId: number, userId: number, resources: AuthorizationResource[], action: Action) => void;
|
|
10
10
|
export declare const clearTestPermittedActions: () => void;
|
|
11
11
|
export declare const getTestAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
|
|
12
12
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,MAAM,EACN,qBAAqB,EACrB,WAAW,EACX,YAAY,EACZ,aAAa,EACb,cAAc,EACf,MAAM,kBAAkB,CAAC;AAG1B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,qBAAqB,EAAE,CAAC;IACnC,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF,eAAO,MAAM,sBAAsB,GACjC,WAAW,MAAM,EACjB,QAAQ,MAAM,EACd,WAAW,qBAAqB,EAAE,EAClC,QAAQ,MAAM,SAGf,CAAC;AAEF,eAAO,MAAM,yBAAyB,YAErC,CAAC;AA+BF,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,gBAAgB,cAAc,EAC9B,gBAAgB,aAAa,MAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAYhB,CAAC"}
|
|
@@ -20,7 +20,9 @@ const isActionAuthorized = (accountId, userId, resources, action) => {
|
|
|
20
20
|
combination.userId === userId &&
|
|
21
21
|
combination.action === action &&
|
|
22
22
|
combination.resources.some(combinationResource => {
|
|
23
|
-
|
|
23
|
+
const idsMatch = combinationResource.id === resource.id ||
|
|
24
|
+
(combinationResource.id === undefined && resource.id === undefined);
|
|
25
|
+
return (idsMatch &&
|
|
24
26
|
combinationResource.type === resource.type &&
|
|
25
27
|
JSON.stringify(combinationResource.wrapperData) === JSON.stringify(resource.wrapperData));
|
|
26
28
|
}));
|
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
import type { Request, Response } from 'express';
|
|
2
2
|
import type { ResourceType } from '../resource-attributes-constants';
|
|
3
|
+
export interface AuthorizationResource {
|
|
4
|
+
id?: number;
|
|
5
|
+
type: string;
|
|
6
|
+
wrapperData?: object;
|
|
7
|
+
}
|
|
3
8
|
export interface Resource {
|
|
4
9
|
id: number;
|
|
5
10
|
type: ResourceType;
|
|
@@ -26,9 +31,9 @@ export type BaseParameters = BasicObject;
|
|
|
26
31
|
export type BaseResponseBody = BasicObject;
|
|
27
32
|
export type BaseBodyParameters = BasicObject;
|
|
28
33
|
export type BaseQueryParameters = BasicObject;
|
|
29
|
-
export type BaseRequest = Request
|
|
30
|
-
export type BaseResponse = Response
|
|
31
|
-
export type ResourceGetter = (request: BaseRequest) =>
|
|
34
|
+
export type BaseRequest = Request;
|
|
35
|
+
export type BaseResponse = Response;
|
|
36
|
+
export type ResourceGetter = (request: BaseRequest) => AuthorizationResource[];
|
|
32
37
|
export type ContextGetter = (request: BaseRequest) => Context;
|
|
33
38
|
export {};
|
|
34
39
|
//# sourceMappingURL=general.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kCAAkC,CAAC;AAErE,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,YAAY,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kCAAkC,CAAC;AAErE,MAAM,WAAW,qBAAqB;IACpC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,YAAY,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAE9C,MAAM,MAAM,WAAW,GAAG,OAAO,CAAC;AAClC,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAC;AACpC,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,qBAAqB,EAAE,CAAC;AAC/E,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -25,7 +25,7 @@ export { ResourceAttributeAssignment } from './resource-attribute-assignment';
|
|
|
25
25
|
export { EntityAttributeAssignment } from './entity-attribute-assignment';
|
|
26
26
|
export { RolesService } from './roles-service';
|
|
27
27
|
export { MembershipsService } from './memberships';
|
|
28
|
-
export { AuthorizationObject, Resource, BaseRequest, ResourceGetter, ContextGetter } from './types/general';
|
|
28
|
+
export { AuthorizationObject, AuthorizationResource, Resource, BaseRequest, ResourceGetter, ContextGetter, } from './types/general';
|
|
29
29
|
export { Translation, ScopedAction, ScopedActionResponseObject, ScopedActionPermit, } from './types/scoped-actions-contracts';
|
|
30
30
|
export { CustomRole, BasicRole, RoleType, RoleCreateRequest, RoleUpdateRequest, RolesResponse } from './types/roles';
|
|
31
31
|
export { AttributeAssignment, AttributeOperation, ResourceAttributeDeleteAssignment, ResourceAttributeUpsertOperation, ResourceAttributeDeleteOperation, EntityAttributeDeleteAssignment, EntityAttributeUpsertOperation, EntityAttributeDeleteOperation, ResourceAttributeAssignment as ResourceAttributeAssignmentContract, EntityAttributeAssignment as EntityAttributeAssignmentContract, } from './types/authorization-attributes-contracts';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAqB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACrE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,UAAU,kBAAkB;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBA6BnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,cAAc,iCAAiC,CAAC;AAChD,cAAc,+BAA+B,CAAC;AAC9C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAqB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACrE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,UAAU,kBAAkB;IAC1B,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBA6BnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,cAAc,iCAAiC,CAAC;AAChD,cAAc,+BAA+B,CAAC;AAC9C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,QAAQ,EACR,WAAW,EACX,cAAc,EACd,aAAa,GACd,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACrH,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,iCAAiC,EACjC,gCAAgC,EAChC,gCAAgC,EAChC,+BAA+B,EAC/B,8BAA8B,EAC9B,8BAA8B,EAC9B,2BAA2B,IAAI,mCAAmC,EAClE,yBAAyB,IAAI,iCAAiC,GAC/D,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,kCAAkC,IAAI,+BAA+B,EAAE,MAAM,yCAAyC,CAAC;AAEhI,OAAO,EAAE,OAAO,EAAE,CAAC"}
|
package/dist/testKit/index.d.ts
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { Action, BaseRequest, BaseResponse, ContextGetter,
|
|
1
|
+
import { Action, AuthorizationResource, BaseRequest, BaseResponse, ContextGetter, ResourceGetter } from '../types/general';
|
|
2
2
|
import type { NextFunction } from 'express';
|
|
3
3
|
export type TestPermittedAction = {
|
|
4
4
|
accountId: number;
|
|
5
5
|
userId: number;
|
|
6
|
-
resources:
|
|
6
|
+
resources: AuthorizationResource[];
|
|
7
7
|
action: Action;
|
|
8
8
|
};
|
|
9
|
-
export declare const addTestPermittedAction: (accountId: number, userId: number, resources:
|
|
9
|
+
export declare const addTestPermittedAction: (accountId: number, userId: number, resources: AuthorizationResource[], action: Action) => void;
|
|
10
10
|
export declare const clearTestPermittedActions: () => void;
|
|
11
11
|
export declare const getTestAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
|
|
12
12
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testKit/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,MAAM,EACN,qBAAqB,EACrB,WAAW,EACX,YAAY,EACZ,aAAa,EACb,cAAc,EACf,MAAM,kBAAkB,CAAC;AAG1B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,qBAAqB,EAAE,CAAC;IACnC,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF,eAAO,MAAM,sBAAsB,GACjC,WAAW,MAAM,EACjB,QAAQ,MAAM,EACd,WAAW,qBAAqB,EAAE,EAClC,QAAQ,MAAM,SAGf,CAAC;AAEF,eAAO,MAAM,yBAAyB,YAErC,CAAC;AA+BF,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,gBAAgB,cAAc,EAC9B,gBAAgB,aAAa,MAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAYhB,CAAC"}
|
package/dist/testKit/index.js
CHANGED
|
@@ -22,7 +22,9 @@ const isActionAuthorized = (accountId, userId, resources, action) => {
|
|
|
22
22
|
combination.userId === userId &&
|
|
23
23
|
combination.action === action &&
|
|
24
24
|
combination.resources.some(combinationResource => {
|
|
25
|
-
|
|
25
|
+
const idsMatch = combinationResource.id === resource.id ||
|
|
26
|
+
(combinationResource.id === undefined && resource.id === undefined);
|
|
27
|
+
return (idsMatch &&
|
|
26
28
|
combinationResource.type === resource.type &&
|
|
27
29
|
JSON.stringify(combinationResource.wrapperData) === JSON.stringify(resource.wrapperData));
|
|
28
30
|
}));
|
package/dist/types/general.d.ts
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
import type { Request, Response } from 'express';
|
|
2
2
|
import type { ResourceType } from '../resource-attributes-constants';
|
|
3
|
+
export interface AuthorizationResource {
|
|
4
|
+
id?: number;
|
|
5
|
+
type: string;
|
|
6
|
+
wrapperData?: object;
|
|
7
|
+
}
|
|
3
8
|
export interface Resource {
|
|
4
9
|
id: number;
|
|
5
10
|
type: ResourceType;
|
|
@@ -26,9 +31,9 @@ export type BaseParameters = BasicObject;
|
|
|
26
31
|
export type BaseResponseBody = BasicObject;
|
|
27
32
|
export type BaseBodyParameters = BasicObject;
|
|
28
33
|
export type BaseQueryParameters = BasicObject;
|
|
29
|
-
export type BaseRequest = Request
|
|
30
|
-
export type BaseResponse = Response
|
|
31
|
-
export type ResourceGetter = (request: BaseRequest) =>
|
|
34
|
+
export type BaseRequest = Request;
|
|
35
|
+
export type BaseResponse = Response;
|
|
36
|
+
export type ResourceGetter = (request: BaseRequest) => AuthorizationResource[];
|
|
32
37
|
export type ContextGetter = (request: BaseRequest) => Context;
|
|
33
38
|
export {};
|
|
34
39
|
//# sourceMappingURL=general.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kCAAkC,CAAC;AAErE,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,YAAY,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"general.d.ts","sourceRoot":"","sources":["../../src/types/general.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kCAAkC,CAAC;AAErE,MAAM,WAAW,qBAAqB;IACpC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,YAAY,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AACD,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAC5B,MAAM,WAAW,OAAO;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,WAAW,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IACvC,MAAM,EAAE,MAAM,CAAC;CAChB;AACD,MAAM,WAAW,mBAAmB;IAClC,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,KAAK,WAAW,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC;AACzC,MAAM,MAAM,gBAAgB,GAAG,WAAW,CAAC;AAC3C,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC7C,MAAM,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAE9C,MAAM,MAAM,WAAW,GAAG,OAAO,CAAC;AAClC,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAC;AACpC,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,qBAAqB,EAAE,CAAC;AAC/E,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC"}
|
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@ import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
|
|
|
3
3
|
import { Api } from '@mondaydotcomorg/trident-backend-api';
|
|
4
4
|
import { HttpFetcherError } from '@mondaydotcomorg/monday-fetch-api';
|
|
5
5
|
import { getIgniteClient, IgniteClient } from '@mondaydotcomorg/ignite-sdk';
|
|
6
|
-
import { Action, AuthorizationObject, AuthorizationParams,
|
|
6
|
+
import { Action, AuthorizationObject, AuthorizationParams, AuthorizationResource } from './types/general';
|
|
7
7
|
import { sendAuthorizationCheckResponseTimeMetric } from './prometheus-service';
|
|
8
8
|
import { recordAuthorizationTiming } from './metrics-service';
|
|
9
9
|
import {
|
|
@@ -70,7 +70,7 @@ export class AuthorizationService {
|
|
|
70
70
|
static async isAuthorized(
|
|
71
71
|
accountId: number,
|
|
72
72
|
userId: number,
|
|
73
|
-
resources:
|
|
73
|
+
resources: AuthorizationResource[],
|
|
74
74
|
action: Action
|
|
75
75
|
): Promise<AuthorizeResponse>;
|
|
76
76
|
|
|
@@ -197,7 +197,7 @@ export class AuthorizationService {
|
|
|
197
197
|
private static async isAuthorizedSingular(
|
|
198
198
|
accountId: number,
|
|
199
199
|
userId: number,
|
|
200
|
-
resources:
|
|
200
|
+
resources: AuthorizationResource[],
|
|
201
201
|
action: Action
|
|
202
202
|
): Promise<AuthorizeResponse> {
|
|
203
203
|
const { authorizationObjects } = createAuthorizationParams(resources, action);
|
|
@@ -313,14 +313,16 @@ export async function setIgniteClient() {
|
|
|
313
313
|
AuthorizationInternalService.setIgniteClient(igniteClient);
|
|
314
314
|
}
|
|
315
315
|
|
|
316
|
-
export function createAuthorizationParams(resources:
|
|
316
|
+
export function createAuthorizationParams(resources: AuthorizationResource[], action: Action): AuthorizationParams {
|
|
317
317
|
const params = {
|
|
318
|
-
authorizationObjects: resources.map((resource:
|
|
318
|
+
authorizationObjects: resources.map((resource: AuthorizationResource) => {
|
|
319
319
|
const authorizationObject: AuthorizationObject = {
|
|
320
|
-
resource_id: resource.id,
|
|
321
320
|
resource_type: resource.type,
|
|
322
321
|
action,
|
|
323
322
|
};
|
|
323
|
+
if (resource.id !== undefined) {
|
|
324
|
+
authorizationObject.resource_id = resource.id;
|
|
325
|
+
}
|
|
324
326
|
if (resource.wrapperData) {
|
|
325
327
|
authorizationObject.wrapper_data = resource.wrapperData;
|
|
326
328
|
}
|
package/src/index.ts
CHANGED
|
@@ -64,7 +64,14 @@ export { ResourceAttributeAssignment } from './resource-attribute-assignment';
|
|
|
64
64
|
export { EntityAttributeAssignment } from './entity-attribute-assignment';
|
|
65
65
|
export { RolesService } from './roles-service';
|
|
66
66
|
export { MembershipsService } from './memberships';
|
|
67
|
-
export {
|
|
67
|
+
export {
|
|
68
|
+
AuthorizationObject,
|
|
69
|
+
AuthorizationResource,
|
|
70
|
+
Resource,
|
|
71
|
+
BaseRequest,
|
|
72
|
+
ResourceGetter,
|
|
73
|
+
ContextGetter,
|
|
74
|
+
} from './types/general';
|
|
68
75
|
export {
|
|
69
76
|
Translation,
|
|
70
77
|
ScopedAction,
|
package/src/testKit/index.ts
CHANGED
|
@@ -1,4 +1,11 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import {
|
|
2
|
+
Action,
|
|
3
|
+
AuthorizationResource,
|
|
4
|
+
BaseRequest,
|
|
5
|
+
BaseResponse,
|
|
6
|
+
ContextGetter,
|
|
7
|
+
ResourceGetter,
|
|
8
|
+
} from '../types/general';
|
|
2
9
|
import { defaultContextGetter } from '../authorization-middleware';
|
|
3
10
|
import { AuthorizationInternalService } from '../authorization-internal-service';
|
|
4
11
|
import type { NextFunction } from 'express';
|
|
@@ -6,12 +13,17 @@ import type { NextFunction } from 'express';
|
|
|
6
13
|
export type TestPermittedAction = {
|
|
7
14
|
accountId: number;
|
|
8
15
|
userId: number;
|
|
9
|
-
resources:
|
|
16
|
+
resources: AuthorizationResource[];
|
|
10
17
|
action: Action;
|
|
11
18
|
};
|
|
12
19
|
|
|
13
20
|
let testPermittedActions: TestPermittedAction[] = [];
|
|
14
|
-
export const addTestPermittedAction = (
|
|
21
|
+
export const addTestPermittedAction = (
|
|
22
|
+
accountId: number,
|
|
23
|
+
userId: number,
|
|
24
|
+
resources: AuthorizationResource[],
|
|
25
|
+
action: Action
|
|
26
|
+
) => {
|
|
15
27
|
testPermittedActions.push({ accountId, userId, resources, action });
|
|
16
28
|
};
|
|
17
29
|
|
|
@@ -19,7 +31,7 @@ export const clearTestPermittedActions = () => {
|
|
|
19
31
|
testPermittedActions = [];
|
|
20
32
|
};
|
|
21
33
|
|
|
22
|
-
const isActionAuthorized = (accountId: number, userId: number, resources:
|
|
34
|
+
const isActionAuthorized = (accountId: number, userId: number, resources: AuthorizationResource[], action: Action) => {
|
|
23
35
|
// If no resources to check, deny access
|
|
24
36
|
if (resources.length === 0) {
|
|
25
37
|
return { isAuthorized: false };
|
|
@@ -33,8 +45,11 @@ const isActionAuthorized = (accountId: number, userId: number, resources: Resour
|
|
|
33
45
|
combination.userId === userId &&
|
|
34
46
|
combination.action === action &&
|
|
35
47
|
combination.resources.some(combinationResource => {
|
|
48
|
+
const idsMatch =
|
|
49
|
+
combinationResource.id === resource.id ||
|
|
50
|
+
(combinationResource.id === undefined && resource.id === undefined);
|
|
36
51
|
return (
|
|
37
|
-
|
|
52
|
+
idsMatch &&
|
|
38
53
|
combinationResource.type === resource.type &&
|
|
39
54
|
JSON.stringify(combinationResource.wrapperData) === JSON.stringify(resource.wrapperData)
|
|
40
55
|
);
|
package/src/types/general.ts
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
import type { Request, Response } from 'express';
|
|
2
2
|
import type { ResourceType } from '../resource-attributes-constants';
|
|
3
3
|
|
|
4
|
+
export interface AuthorizationResource {
|
|
5
|
+
id?: number;
|
|
6
|
+
type: string;
|
|
7
|
+
wrapperData?: object;
|
|
8
|
+
}
|
|
9
|
+
|
|
4
10
|
export interface Resource {
|
|
5
11
|
id: number;
|
|
6
12
|
type: ResourceType;
|
|
@@ -27,7 +33,8 @@ export type BaseParameters = BasicObject;
|
|
|
27
33
|
export type BaseResponseBody = BasicObject;
|
|
28
34
|
export type BaseBodyParameters = BasicObject;
|
|
29
35
|
export type BaseQueryParameters = BasicObject;
|
|
30
|
-
|
|
31
|
-
export type
|
|
32
|
-
export type
|
|
36
|
+
|
|
37
|
+
export type BaseRequest = Request;
|
|
38
|
+
export type BaseResponse = Response;
|
|
39
|
+
export type ResourceGetter = (request: BaseRequest) => AuthorizationResource[];
|
|
33
40
|
export type ContextGetter = (request: BaseRequest) => Context;
|