@plusscommunities/pluss-core-aws 2.0.25-auth.0 → 2.0.25-beta.0

package/helper/auth/validateMasterAuth.js

@@ -1,8 +1,8 @@
 const _ = require("lodash");
 const getSessionUser = require("./getSessionUser");
 const {
-  validKioskActions,
-  validFormKioskActions,
+	validKioskActions,
+	validFormKioskActions,
 } = require("./validKioskActions");
 const getUserAuth = require("../../db/auth/getUserAuth");
 const getSiteUserTypes = require("../../db/auth/getSiteUserTypes");
@@ -10,195 +10,195 @@ const { log, generateLogId } = require("../");
 const validateApiKey = require("./validateApiKey");
 
 const checkSite = (roles, site, actionType) => {
-  return new Promise((resolve) => {
-    const siteRole = _.find(roles, (r) => {
-      return r.site === site;
-    });
+	return new Promise((resolve) => {
+		const siteRole = _.find(roles, (r) => {
+			return r.site === site;
+		});
 
-    // Not attached to that site
-    if (!siteRole) {
-      log("validateMasterAuth", "Error:noSiteRole", "no role for that site");
-      return resolve(false);
-    }
+		// Not attached to that site
+		if (!siteRole) {
+			log("validateMasterAuth", "Error:noSiteRole", "no role for that site");
+			return resolve(false);
+		}
 
-    // has site role - check for generic site access
-    if (actionType === "any") {
-      return resolve(true);
-    }
+		// has site role - check for generic site access
+		if (actionType === "any") {
+			return resolve(true);
+		}
 
-    // If user is a KIOSK
-    if (siteRole.type === "KIOSK") {
-      log("validateMasterAuth", "KioskCheck", "user is kiosk");
-      console.log("user is kiosk");
-      return resolve(_.includes(validKioskActions, actionType));
-    }
-    // If user is a KIOSK
-    if (siteRole.type === "FORMKIOSK") {
-      log("validateMasterAuth", "KioskCheck", "user is kiosk");
-      return resolve(_.includes(validFormKioskActions, actionType));
-    }
+		// If user is a KIOSK
+		if (siteRole.type === "KIOSK") {
+			log("validateMasterAuth", "KioskCheck", "user is kiosk");
+			console.log("user is kiosk");
+			return resolve(_.includes(validKioskActions, actionType));
+		}
+		// If user is a KIOSK
+		if (siteRole.type === "FORMKIOSK") {
+			log("validateMasterAuth", "KioskCheck", "user is kiosk");
+			return resolve(_.includes(validFormKioskActions, actionType));
+		}
 
-    // get userType definitions for particular site
-    getSiteUserTypes(siteRole.site === "hq" ? "hq" : site)
-      .then((res) => {
-        const roleType = _.find(res, (userType, index) => {
-          return userType.typeName === siteRole.type;
-        });
+		// get userType definitions for particular site
+		getSiteUserTypes(siteRole.site === "hq" ? "hq" : site)
+			.then((res) => {
+				const roleType = _.find(res, (userType, index) => {
+					return userType.typeName === siteRole.type;
+				});
 
-        // Check permissions have been saved against that userType
-        if (!roleType || _.isEmpty(roleType.permissions)) {
-          log("validateMasterAuth", "Error:noUserType", roleType);
-          return resolve(false);
-        }
+				// Check permissions have been saved against that userType
+				if (!roleType || _.isEmpty(roleType.permissions)) {
+					log("validateMasterAuth", "Error:noUserType", roleType);
+					return resolve(false);
+				}
 
-        const hasAccess = _.some(roleType.permissions, function (o) {
-          return o === actionType;
-        });
-        log(
-          "validateMasterAuth",
-          `Permission:${siteRole.type}/${actionType}`,
-          hasAccess
-        );
-        return resolve(hasAccess);
-      })
-      .catch((error) => {
-        log("validateMasterAuth", "Error:getSiteUserTypes", error);
-        return resolve(false);
-      });
-  });
+				const hasAccess = _.some(roleType.permissions, function (o) {
+					return o === actionType;
+				});
+				log(
+					"validateMasterAuth",
+					`Permission:${siteRole.type}/${actionType}`,
+					hasAccess,
+				);
+				return resolve(hasAccess);
+			})
+			.catch((error) => {
+				log("validateMasterAuth", "Error:getSiteUserTypes", error);
+				return resolve(false);
+			});
+	});
 };
 
 const checkApiKey = async (
-  req,
-  actionType,
-  site,
-  plussStaffOnly,
-  options,
-  logId
+	req,
+	actionType,
+	site,
+	plussStaffOnly,
+	options,
+	logId,
 ) => {
-  return new Promise((resolve) => {
-    if (plussStaffOnly) {
-      return resolve(validateApiKey(req, actionType, "plussSpace"));
-    }
-    const promises = [];
-    site.forEach((s) => {
-      promises.push(validateApiKey(req, actionType, s));
-    });
+	return new Promise((resolve) => {
+		if (plussStaffOnly) {
+			return resolve(validateApiKey(req, actionType, "plussSpace"));
+		}
+		const promises = [];
+		site.forEach((s) => {
+			promises.push(validateApiKey(req, actionType, s));
+		});
 
-    Promise.all(promises).then((results) => {
-      log("validateMasterAuth", "ValidationResults", results, logId);
-      if (options && options.resolveAllSites) {
-        log("validateMasterAuth", "resolveAllSites", true, logId);
-        // check all sites individually
-        const authResult = site.map((s, i) => {
-          return { site: s, valid: results[i] };
-        });
-        log("validateMasterAuth", "AuthorisedAllSites", authResult, logId);
-        return resolve(authResult);
-      }
+		Promise.all(promises).then((results) => {
+			log("validateMasterAuth", "ValidationResults", results, logId);
+			if (options && options.resolveAllSites) {
+				log("validateMasterAuth", "resolveAllSites", true, logId);
+				// check all sites individually
+				const authResult = site.map((s, i) => {
+					return { site: s, valid: results[i] };
+				});
+				log("validateMasterAuth", "AuthorisedAllSites", authResult, logId);
+				return resolve(authResult);
+			}
 
-      // check if any site is valid
-      const authorised = _.includes(results, true);
-      log("validateMasterAuth", "Authorised", authorised, logId);
-      return resolve(authorised);
-    });
-  });
+			// check if any site is valid
+			const authorised = _.includes(results, true);
+			log("validateMasterAuth", "Authorised", authorised, logId);
+			return resolve(authorised);
+		});
+	});
 };
 
 module.exports = async (req, actionType, site, plussStaffOnly, options) => {
-  return new Promise(async (resolve) => {
-    const logId = generateLogId();
-    let uid = null;
-    let data = {};
-    if (!req) {
-      uid = options.userId; // allow for not using the request header
-    } else {
-      const data = JSON.parse(req.body);
-      if (!site) {
-        if (!data.site) {
-          log("validateMasterAuth", "Error:noSite", data, logId);
-          return resolve(false);
-        }
-        site = data.site;
-      }
-      if (req.headers.apikey) {
-        log("validateMasterAuth", "checkApiKey", req.headers.apikey, logId);
-        return resolve(
-          checkApiKey(
-            req,
-            actionType,
-            Array.isArray(site) ? site : [site],
-            plussStaffOnly,
-            options,
-            logId
-          )
-        );
-      }
-      if (!req.headers.authkey) {
-        log("validateMasterAuth", "Error:noAuthKey", req.headers, logId);
-        return resolve(false);
-      }
+	return new Promise(async (resolve) => {
+		const logId = generateLogId();
+		let uid = null;
+		let data = {};
+		if (!req) {
+			uid = options.userId; // allow for not using the request header
+		} else {
+			const data = JSON.parse(req.body);
+			if (!site) {
+				if (!data.site) {
+					log("validateMasterAuth", "Error:noSite", data, logId);
+					return resolve(false);
+				}
+				site = data.site;
+			}
+			if (req.headers.apikey) {
+				log("validateMasterAuth", "checkApiKey", req.headers.apikey, logId);
+				return resolve(
+					checkApiKey(
+						req,
+						actionType,
+						Array.isArray(site) ? site : [site],
+						plussStaffOnly,
+						options,
+						logId,
+					),
+				);
+			}
+			if (!req.headers.authkey) {
+				log("validateMasterAuth", "Error:noAuthKey", req.headers, logId);
+				return resolve(false);
+			}
 
-      uid = await getSessionUser(req.headers.authkey);
-    }
+			uid = await getSessionUser(req.headers.authkey);
+		}
 
-    if (actionType == null || _.isUndefined(actionType)) {
-      log("validateMasterAuth", "Error:noActionType", null, logId);
-      return resolve(false);
-    }
-    if (!Array.isArray(site)) {
-      // support array of sites
-      site = [site];
-    }
+		if (actionType == null || _.isUndefined(actionType)) {
+			log("validateMasterAuth", "Error:noActionType", null, logId);
+			return resolve(false);
+		}
+		if (!Array.isArray(site)) {
+			// support array of sites
+			site = [site];
+		}
 
-    log("validateMasterAuth", "SessionUser", uid);
-    getUserAuth(uid)
-      .then((roles) => {
-        // If user a master level admin
-        if (
-          _.some(roles, (r) => {
-            return r.type === "master";
-          })
-        ) {
-          if (
-            plussStaffOnly &&
-            !_.some(roles, (r) => {
-              return r.site === "plussSpace" && r.type === "master";
-            })
-          ) {
-            return resolve(false);
-          }
-          if (options && options.resolveAllSites) {
-            return resolve(
-              site.map((s, i) => {
-                return { site: s, valid: true };
-              })
-            );
-          }
-          return resolve(true);
-        }
+		log("validateMasterAuth", "SessionUser", uid);
+		getUserAuth(uid)
+			.then((roles) => {
+				// If user a master level admin
+				if (
+					_.some(roles, (r) => {
+						return r.type === "master";
+					})
+				) {
+					if (
+						plussStaffOnly &&
+						!_.some(roles, (r) => {
+							return r.site === "plussSpace" && r.type === "master";
+						})
+					) {
+						return resolve(false);
+					}
+					if (options && options.resolveAllSites) {
+						return resolve(
+							site.map((s, i) => {
+								return { site: s, valid: true };
+							}),
+						);
+					}
+					return resolve(true);
+				}
 
-        // allow for multiple sites to be checked
-        const promises = [];
-        site.forEach((s) => {
-          promises.push(checkSite(roles, s, actionType));
-        });
-        Promise.all(promises).then((results) => {
-          const authorised = _.includes(results, true);
-          if (options && options.resolveAllSites) {
-            return resolve(
-              site.map((s, i) => {
-                return { site: s, valid: results[i] };
-              })
-            );
-          }
-          log("validateMasterAuth", "Authorised", authorised);
-          return resolve(authorised);
-        });
-      })
-      .catch((error2) => {
-        log("validateMasterAuth", "Error:getUserAuth", error2);
-        return resolve(false);
-      });
-  });
+				// allow for multiple sites to be checked
+				const promises = [];
+				site.forEach((s) => {
+					promises.push(checkSite(roles, s, actionType));
+				});
+				Promise.all(promises).then((results) => {
+					const authorised = _.includes(results, true);
+					if (options && options.resolveAllSites) {
+						return resolve(
+							site.map((s, i) => {
+								return { site: s, valid: results[i] };
+							}),
+						);
+					}
+					log("validateMasterAuth", "Authorised", authorised);
+					return resolve(authorised);
+				});
+			})
+			.catch((error2) => {
+				log("validateMasterAuth", "Error:getUserAuth", error2);
+				return resolve(false);
+			});
+	});
 };

package/helper/auth/validateSiteAccess.js

@@ -2,16 +2,16 @@ const validateMasterAuth = require("./validateMasterAuth");
 const validateApiKey = require("./validateApiKey");
 
 module.exports = async (req, site) => {
-  return new Promise(async (resolve) => {
-    if (!site) {
-      return resolve(false);
-    }
-    if (req.headers.apikey) {
-      return resolve(validateApiKey(req, "any", site));
-    }
-    if (!req.headers.authkey) {
-      return resolve(false);
-    }
-    return resolve(validateMasterAuth(req, "any", site));
-  });
+	return new Promise(async (resolve) => {
+		if (!site) {
+			return resolve(false);
+		}
+		if (req.headers.apikey) {
+			return resolve(validateApiKey(req, "any", site));
+		}
+		if (!req.headers.authkey) {
+			return resolve(false);
+		}
+		return resolve(validateMasterAuth(req, "any", site));
+	});
 };

package/helper/auth/validateSiteSetting.js

@@ -1,11 +1,11 @@
 const getSiteSetting = require("../../db/auth/getSiteSetting");
 
 module.exports = async (site, key, expectedValue) => {
-  return new Promise(async (resolve) => {
-    if (!site) {
-      return resolve(false);
-    }
-    const siteSetting = await getSiteSetting(site, key);
-    return resolve(siteSetting === expectedValue);
-  });
+	return new Promise(async (resolve) => {
+		if (!site) {
+			return resolve(false);
+		}
+		const siteSetting = await getSiteSetting(site, key);
+		return resolve(siteSetting === expectedValue);
+	});
 };

package/helper/auth/validateUserLoggedIn.js

@@ -1,24 +1,24 @@
 const getSessionUserFromReqAuthKey = require("./getSessionUserFromReqAuthKey");
 
 module.exports = async (req, userId) => {
-  return new Promise((resolve) => {
-    if (!req.headers.authkey && !req.headers.apikey) {
-      resolve(false);
-      return;
-    }
+	return new Promise((resolve) => {
+		if (!req.headers.authkey && !req.headers.apikey) {
+			resolve(false);
+			return;
+		}
 
-    getSessionUserFromReqAuthKey(req)
-      .then((uid) => {
-        if (userId && uid !== userId) {
-          resolve(false);
-        } else {
-          resolve(true);
-        }
-      })
-      .catch((err) => {
-        console.log("authentication errored");
-        console.log(err);
-        resolve(false);
-      });
-  });
+		getSessionUserFromReqAuthKey(req)
+			.then((uid) => {
+				if (userId && uid !== userId) {
+					resolve(false);
+				} else {
+					resolve(true);
+				}
+			})
+			.catch((err) => {
+				console.log("authentication errored");
+				console.log(err);
+				resolve(false);
+			});
+	});
 };

package/helper/createGuid.js

@@ -1,7 +1,7 @@
 module.exports = () => {
-  return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
-    var r = (Math.random() * 16) | 0,
-      v = c === "x" ? r : (r & 0x3) | 0x8;
-    return v.toString(16);
-  });
+	return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
+		var r = (Math.random() * 16) | 0,
+			v = c === "x" ? r : (r & 0x3) | 0x8;
+		return v.toString(16);
+	});
 };

package/helper/generateJsonResponse.js

@@ -1,32 +1,32 @@
 const getCircularReplacer = () => {
-  const seen = new WeakSet();
-  return (key, value) => {
-    if (value instanceof Error) {
-      var error = {};
-      Object.getOwnPropertyNames(value).forEach((key) => {
-        error[key] = value[key];
-      });
-      return error;
-    } else if (typeof value === "object" && value !== null) {
-      if (seen.has(value)) return;
-      seen.add(value);
-    }
-    return value;
-  };
+	const seen = new WeakSet();
+	return (key, value) => {
+		if (value instanceof Error) {
+			var error = {};
+			Object.getOwnPropertyNames(value).forEach((key) => {
+				error[key] = value[key];
+			});
+			return error;
+		} else if (typeof value === "object" && value !== null) {
+			if (seen.has(value)) return;
+			seen.add(value);
+		}
+		return value;
+	};
 };
 
 module.exports = (statusCode, body) => {
-  if ([400, 402, 422].includes(statusCode)) console.error(body);
-  const jsonBody = JSON.stringify(
-    (body && body.error) || body,
-    getCircularReplacer()
-  );
-  return {
-    statusCode,
-    headers: {
-      "Content-Type": "application/json",
-      "Access-Control-Allow-Origin": "*",
-    },
-    body: jsonBody,
-  };
+	if ([400, 402, 422].includes(statusCode)) console.error(body);
+	const jsonBody = JSON.stringify(
+		(body && body.error) || body,
+		getCircularReplacer(),
+	);
+	return {
+		statusCode,
+		headers: {
+			"Content-Type": "application/json",
+			"Access-Control-Allow-Origin": "*",
+		},
+		body: jsonBody,
+	};
 };