@r2d2bzh/moleculer-authz-helpers 2.0.5 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@r2d2bzh/moleculer-authz-helpers",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.1",
|
|
4
4
|
"description": "Moleculer mixin to implement preflight runner",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"type": "module",
|
|
@@ -9,6 +9,10 @@
|
|
|
9
9
|
"test": "c8 ava -v",
|
|
10
10
|
"lint": "eslint ."
|
|
11
11
|
},
|
|
12
|
+
"repository": {
|
|
13
|
+
"type": "git",
|
|
14
|
+
"url": "git+https://github.com/r2d2bzh/moleculer-authz-helpers.git"
|
|
15
|
+
},
|
|
12
16
|
"keywords": [],
|
|
13
17
|
"author": "",
|
|
14
18
|
"license": "ISC",
|
|
@@ -16,12 +20,13 @@
|
|
|
16
20
|
"access": "public"
|
|
17
21
|
},
|
|
18
22
|
"devDependencies": {
|
|
19
|
-
"@r2d2bzh/
|
|
20
|
-
"
|
|
21
|
-
"
|
|
22
|
-
"
|
|
23
|
-
"
|
|
24
|
-
"
|
|
23
|
+
"@r2d2bzh/eslint-config": "^3.0.1",
|
|
24
|
+
"@r2d2bzh/js-rules": "^2.0.2",
|
|
25
|
+
"ava": "^8.0.1",
|
|
26
|
+
"c8": "^11.0.0",
|
|
27
|
+
"eslint": "^10.5.0",
|
|
28
|
+
"moleculer": "^0.14.35",
|
|
29
|
+
"uuid": "^14.0.1"
|
|
25
30
|
},
|
|
26
31
|
"c8": {
|
|
27
32
|
"check-coverage": true,
|
|
@@ -33,16 +38,21 @@
|
|
|
33
38
|
"reporter": [
|
|
34
39
|
"lcov",
|
|
35
40
|
"text"
|
|
41
|
+
],
|
|
42
|
+
"exclude": [
|
|
43
|
+
"eslint.config.js",
|
|
44
|
+
"test/",
|
|
45
|
+
"coverage/"
|
|
36
46
|
]
|
|
37
47
|
},
|
|
38
48
|
"engines": {
|
|
39
|
-
"node": ">=
|
|
49
|
+
"node": ">=20.0.0"
|
|
40
50
|
},
|
|
41
51
|
"peerDependencies": {
|
|
42
|
-
"moleculer": "^0.14.
|
|
52
|
+
"moleculer": "^0.14.35"
|
|
43
53
|
},
|
|
44
54
|
"dependencies": {
|
|
45
|
-
"@r2d2bzh/moleculer-event-callback": "^
|
|
46
|
-
"lodash": "^4.
|
|
55
|
+
"@r2d2bzh/moleculer-event-callback": "^2.0.0",
|
|
56
|
+
"lodash": "^4.18.1"
|
|
47
57
|
}
|
|
48
58
|
}
|
|
@@ -8,14 +8,14 @@ const {
|
|
|
8
8
|
|
|
9
9
|
export const unsafeAddPreflightMixin = (serviceSchema, { timeout }) => {
|
|
10
10
|
const actionsWithPreflight = Object.entries(serviceSchema.actions || {}).filter(
|
|
11
|
-
([, actionSpecification]) => actionSpecification?.preflight
|
|
11
|
+
([, actionSpecification]) => actionSpecification?.preflight,
|
|
12
12
|
);
|
|
13
13
|
|
|
14
14
|
const preflightActions = actionsWithPreflight.map(([actionName, { params, preflight } = {}]) => [
|
|
15
15
|
`${actionName}-preflight`,
|
|
16
16
|
{
|
|
17
|
-
handler: preflight
|
|
18
|
-
...(params
|
|
17
|
+
handler: typeof preflight === 'function' ? preflight : preflight.handler,
|
|
18
|
+
...(params && { params }),
|
|
19
19
|
},
|
|
20
20
|
]);
|
|
21
21
|
|
|
@@ -37,10 +37,10 @@ export const unsafeAddPreflightMixin = (serviceSchema, { timeout }) => {
|
|
|
37
37
|
|
|
38
38
|
export default (serviceSchema, { timeout = 200 } = {}) => {
|
|
39
39
|
const authorizedActions = Object.entries(serviceSchema.actions || {}).filter(
|
|
40
|
-
([, actionSpecification]) => actionSpecification?.rest && actionSpecification.rest?.authorization !== false
|
|
40
|
+
([, actionSpecification]) => actionSpecification?.rest && actionSpecification.rest?.authorization !== false,
|
|
41
41
|
);
|
|
42
42
|
for (const [actionName, actionSpecification] of authorizedActions) {
|
|
43
|
-
if (!(actionSpecification?.preflight
|
|
43
|
+
if (!(typeof actionSpecification?.preflight === 'function' || actionSpecification?.preflight?.handler)) {
|
|
44
44
|
throw new MoleculerError('missing preflight handler', 500, 'MISSING_PREFLIGHT', { actionName });
|
|
45
45
|
}
|
|
46
46
|
}
|
package/src/is-authorized.js
CHANGED
|
@@ -27,11 +27,11 @@ const onMultipleAuthorizations =
|
|
|
27
27
|
|
|
28
28
|
const processAndCountManyAnswers = (warn) => {
|
|
29
29
|
const warnOnMultipleAuthorizations = onMultipleAuthorizations((authorizationsCount) =>
|
|
30
|
-
warn(`multiple answers to the same authorization request`, { authorizationsCount })
|
|
30
|
+
warn(`multiple answers to the same authorization request`, { authorizationsCount }),
|
|
31
31
|
);
|
|
32
32
|
return (answers, authorizationStatus) => {
|
|
33
33
|
const newRequestIsAuthorized = warnOnMultipleAuthorizations(
|
|
34
|
-
reduceAnswers(removeUnanswered(answers), processAndCountAnswer(warn))
|
|
34
|
+
reduceAnswers(removeUnanswered(answers), processAndCountAnswer(warn)),
|
|
35
35
|
);
|
|
36
36
|
return authorizationStatus && newRequestIsAuthorized;
|
|
37
37
|
};
|
|
@@ -39,15 +39,15 @@ const processAndCountManyAnswers = (warn) => {
|
|
|
39
39
|
|
|
40
40
|
const processAndCountAnswer = (warn) => {
|
|
41
41
|
const doAnswersAuthorize = processAndCountManyAnswers(warn);
|
|
42
|
-
return function (answer,
|
|
42
|
+
return function (answer, isAuthorized = true, authorizationsCount = 0) {
|
|
43
43
|
switch (Object.prototype.toString.call(answer)) {
|
|
44
44
|
case '[object Boolean]': {
|
|
45
|
-
return [
|
|
45
|
+
return [isAuthorized && answer, authorizationsCount + 1];
|
|
46
46
|
}
|
|
47
47
|
case '[object Array]': {
|
|
48
48
|
// A new array means a new authorization request with its own
|
|
49
49
|
// answers count that does not reflect on the current one
|
|
50
|
-
return [doAnswersAuthorize(answer,
|
|
50
|
+
return [doAnswersAuthorize(answer, isAuthorized), authorizationsCount];
|
|
51
51
|
}
|
|
52
52
|
case '[object Undefined]': {
|
|
53
53
|
return [false, authorizationsCount];
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export default (context) => (requests) =>
|
|
2
2
|
Promise.all(
|
|
3
3
|
requests.map(({ eventName, parameters, options }) =>
|
|
4
|
-
context.service.$$callEvent(context, { eventName, payload: parameters, options })
|
|
5
|
-
)
|
|
4
|
+
context.service.$$callEvent(context, { eventName, payload: parameters, options }),
|
|
5
|
+
),
|
|
6
6
|
);
|