@naturalcycles/backend-lib 9.23.0 → 9.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -17,6 +17,13 @@ export interface RequireAdminCfg {
|
|
|
17
17
|
* Set to `false` to debug login issues.
|
|
18
18
|
*/
|
|
19
19
|
autoLogin?: boolean;
|
|
20
|
+
/**
|
|
21
|
+
* Defaults to `true`.
|
|
22
|
+
*
|
|
23
|
+
* Set to `true` to require that the current user has "every" permission that is listed.
|
|
24
|
+
* Set to `false` to require only that the current user has at least one permission that is listed.
|
|
25
|
+
*/
|
|
26
|
+
andComparison?: boolean;
|
|
20
27
|
}
|
|
21
28
|
export type AdminMiddleware = (reqPermissions?: string[], cfg?: RequireAdminCfg) => BackendRequestHandler;
|
|
22
29
|
export declare function createAdminMiddleware(adminService: BaseAdminService, cfgDefaults?: RequireAdminCfg): AdminMiddleware;
|
|
@@ -15,12 +15,12 @@ export function createAdminMiddleware(adminService, cfgDefaults = {}) {
|
|
|
15
15
|
* Otherwise will just pass.
|
|
16
16
|
*/
|
|
17
17
|
export function requireAdminPermissions(adminService, reqPermissions = [], cfg = {}) {
|
|
18
|
-
const { loginHtmlPath = '/login.html', urlStartsWith, apiHost, autoLogin = true } = cfg;
|
|
18
|
+
const { loginHtmlPath = '/login.html', urlStartsWith, apiHost, autoLogin = true, andComparison = true, } = cfg;
|
|
19
19
|
return async function requireAdminPermissionsFn(req, res, next) {
|
|
20
20
|
if (urlStartsWith && !req.url.startsWith(urlStartsWith))
|
|
21
21
|
return next();
|
|
22
22
|
try {
|
|
23
|
-
await adminService.requirePermissions(req, reqPermissions);
|
|
23
|
+
await adminService.requirePermissions(req, reqPermissions, {}, andComparison);
|
|
24
24
|
return next();
|
|
25
25
|
}
|
|
26
26
|
catch (err) {
|
package/package.json
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@naturalcycles/backend-lib",
|
|
3
3
|
"type": "module",
|
|
4
|
-
"version": "9.
|
|
4
|
+
"version": "9.25.0",
|
|
5
5
|
"peerDependencies": {
|
|
6
|
-
"@sentry/node": "^
|
|
6
|
+
"@sentry/node": "^10"
|
|
7
7
|
},
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@naturalcycles/db-lib": "^10",
|
|
@@ -26,7 +26,7 @@
|
|
|
26
26
|
"tslib": "^2"
|
|
27
27
|
},
|
|
28
28
|
"devDependencies": {
|
|
29
|
-
"@sentry/node": "^
|
|
29
|
+
"@sentry/node": "^10",
|
|
30
30
|
"@types/ejs": "^3",
|
|
31
31
|
"fastify": "^5",
|
|
32
32
|
"@naturalcycles/dev-lib": "18.4.2"
|
|
@@ -25,6 +25,14 @@ export interface RequireAdminCfg {
|
|
|
25
25
|
* Set to `false` to debug login issues.
|
|
26
26
|
*/
|
|
27
27
|
autoLogin?: boolean
|
|
28
|
+
|
|
29
|
+
/**
|
|
30
|
+
* Defaults to `true`.
|
|
31
|
+
*
|
|
32
|
+
* Set to `true` to require that the current user has "every" permission that is listed.
|
|
33
|
+
* Set to `false` to require only that the current user has at least one permission that is listed.
|
|
34
|
+
*/
|
|
35
|
+
andComparison?: boolean
|
|
28
36
|
}
|
|
29
37
|
|
|
30
38
|
export type AdminMiddleware = (
|
|
@@ -54,13 +62,19 @@ export function requireAdminPermissions(
|
|
|
54
62
|
reqPermissions: string[] = [],
|
|
55
63
|
cfg: RequireAdminCfg = {},
|
|
56
64
|
): BackendRequestHandler {
|
|
57
|
-
const {
|
|
65
|
+
const {
|
|
66
|
+
loginHtmlPath = '/login.html',
|
|
67
|
+
urlStartsWith,
|
|
68
|
+
apiHost,
|
|
69
|
+
autoLogin = true,
|
|
70
|
+
andComparison = true,
|
|
71
|
+
} = cfg
|
|
58
72
|
|
|
59
73
|
return async function requireAdminPermissionsFn(req, res, next) {
|
|
60
74
|
if (urlStartsWith && !req.url.startsWith(urlStartsWith)) return next()
|
|
61
75
|
|
|
62
76
|
try {
|
|
63
|
-
await adminService.requirePermissions(req, reqPermissions)
|
|
77
|
+
await adminService.requirePermissions(req, reqPermissions, {}, andComparison)
|
|
64
78
|
return next()
|
|
65
79
|
} catch (err) {
|
|
66
80
|
if (err instanceof AppError && err.data.adminAuthRequired) {
|