@restorecommerce/acs-client 1.6.3 → 1.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/lib/acs/decorators.d.ts +6 -0
- package/lib/acs/decorators.js +10 -8
- package/lib/acs/decorators.js.map +1 -1
- package/package.json +3 -3
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,18 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
## [1.6.4](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@1.6.3...@restorecommerce/acs-client@1.6.4) (2024-04-25)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### Bug Fixes
|
|
10
|
+
|
|
11
|
+
* **acs:** regExp for deep obligations ([b4f1d6c](https://github.com/restorecommerce/libs/commit/b4f1d6cca3994975306aba2ebe2e51a38a286082))
|
|
12
|
+
* **template.proto:** add template resource ([fdc5dc2](https://github.com/restorecommerce/libs/commit/fdc5dc21e00f36b434b0fcb41276f674accb80fc))
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
|
|
6
18
|
## [1.6.3](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@1.6.2...@restorecommerce/acs-client@1.6.3) (2024-04-24)
|
|
7
19
|
|
|
8
20
|
|
package/lib/acs/decorators.d.ts
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { Client } from '@restorecommerce/grpc-client';
|
|
2
|
+
import { UserServiceDefinition } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/user';
|
|
1
3
|
import { ResourceList } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base';
|
|
2
4
|
import { Operation, Resource, AuthZAction, ACSClientContext } from './interfaces';
|
|
3
5
|
export type DatabaseProvider = 'arangoDB' | 'postgres';
|
|
@@ -5,6 +7,10 @@ export type ACSClientContextFactory<T extends ResourceList> = (self: any, reques
|
|
|
5
7
|
export type ResourceFactory<T extends ResourceList> = (self: any, request: T, ...args: any) => Promise<Resource[]>;
|
|
6
8
|
export type DatabaseSelector<T extends ResourceList> = (self: any, request: T, ...args: any) => Promise<DatabaseProvider>;
|
|
7
9
|
export type MetaDataInjector<T extends ResourceList> = (self: any, request: T, ...args: any) => Promise<T>;
|
|
10
|
+
export interface AccessControlledService {
|
|
11
|
+
readonly __userService: Client<UserServiceDefinition>;
|
|
12
|
+
readonly __acsDatabaseProvider: DatabaseProvider;
|
|
13
|
+
}
|
|
8
14
|
export declare const DefaultACSClientContextFactory: <T extends ResourceList>(self: any, request: T, context: any) => Promise<ACSClientContext>;
|
|
9
15
|
export declare function DefaultResourceFactory<T extends ResourceList>(resourceName: string): ResourceFactory<T>;
|
|
10
16
|
export declare const DefaultMetaDataInjector: <T extends ResourceList>(self: any, request: T, ...args: any) => Promise<T>;
|
package/lib/acs/decorators.js
CHANGED
|
@@ -102,8 +102,9 @@ function access_controlled_function(kwargs) {
|
|
|
102
102
|
return function (target, propertyName, descriptor) {
|
|
103
103
|
const method = descriptor.value;
|
|
104
104
|
descriptor.value = async function () {
|
|
105
|
+
const that = this;
|
|
105
106
|
try {
|
|
106
|
-
if (!
|
|
107
|
+
if (!that.__userService) {
|
|
107
108
|
throw new Error('An @access_controlled_function must be member of an @access_controlled_service class');
|
|
108
109
|
}
|
|
109
110
|
const request = arguments[0];
|
|
@@ -120,25 +121,26 @@ function access_controlled_function(kwargs) {
|
|
|
120
121
|
const subject = context?.subject;
|
|
121
122
|
subject.id = null;
|
|
122
123
|
if (subject?.token) {
|
|
123
|
-
const user = await
|
|
124
|
+
const user = await that.__userService.findByToken({ token: subject.token });
|
|
124
125
|
if (user?.payload?.id) {
|
|
125
126
|
subject.id = user.payload.id;
|
|
126
127
|
}
|
|
127
128
|
}
|
|
128
129
|
const acsResponse = await (0, resolver_1.accessRequest)(subject, resource ?? [], kwargs.action, context, {
|
|
129
|
-
operation: kwargs.operation, database: database ??
|
|
130
|
+
operation: kwargs.operation, database: database ?? that.__acsDatabaseProvider ?? 'arangoDB',
|
|
130
131
|
useCache: kwargs.useCache ?? false
|
|
131
132
|
});
|
|
132
133
|
if (acsResponse?.decision !== access_control_1.Response_Decision.PERMIT) {
|
|
133
134
|
return acsResponse;
|
|
134
135
|
}
|
|
135
|
-
if (
|
|
136
|
-
|
|
137
|
-
|
|
136
|
+
if (request) {
|
|
137
|
+
const arg = acsResponse?.custom_query_args?.find(arg => resource?.some(r => r.resource === arg.resource));
|
|
138
|
+
request.custom_queries = arg?.custom_queries;
|
|
139
|
+
request.custom_arguments = arg?.custom_arguments;
|
|
138
140
|
}
|
|
139
141
|
const appResponse = await method.apply(this, arguments);
|
|
140
|
-
const property = acsResponse.obligations?.flatMap(
|
|
141
|
-
return utils_1._.omitDeep(appResponse, property);
|
|
142
|
+
const property = acsResponse.obligations?.filter(o => resource.some(r => r.resource === o.resource)).flatMap(o => o.property).flatMap(p => [p, new RegExp(p)]);
|
|
143
|
+
return property?.length ? utils_1._.omitDeep(appResponse, property) : appResponse;
|
|
142
144
|
}
|
|
143
145
|
catch (err) {
|
|
144
146
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAC7B,qCAAiC;AACjC,iCAAkD;AAClD,8DAKsC;AACtC,yGAEwF;AACxF,6HAEkG;AAIlG,mCAEiB;AACjB,mCAEiB;AASjB,yCAEoB;AACpB,sCAAgC;AAChC,oCAA6B;
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAC7B,qCAAiC;AACjC,iCAAkD;AAClD,8DAKsC;AACtC,yGAEwF;AACxF,6HAEkG;AAIlG,mCAEiB;AACjB,mCAEiB;AASjB,yCAEoB;AACpB,sCAAgC;AAChC,oCAA6B;AActB,MAAM,8BAA8B,GAAG,KAAK,EACjD,IAAS,EACT,OAAU,EACV,OAAY,EACe,EAAE,CAAC,CAAC;IAC/B,GAAG,OAAO;IACV,OAAO,EAAE,OAAO,CAAC,OAAO;IACxB,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AARU,QAAA,8BAA8B,kCAQxC;AAEH,SAAgB,sBAAsB,CACpC,YAAoB;IAEpB,OAAO,KAAK,EACV,IAAS,EACT,OAAU,EACV,OAAY,EACZ,EAAE,CAAC,CAAC;YACJ,QAAQ,EAAE,YAAY;YACtB,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;SAC/C,CAAC,CAAC;AACL,CAAC;AAXD,wDAWC;AAEM,MAAM,uBAAuB,GAAG,KAAK,EAC1C,IAAS,EACT,OAAU,EACV,GAAG,IAAS,EACA,EAAE;IACd,MAAM,IAAI,GAAG,YAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC3C,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC;YACrB,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,GAAG;gBACV,GAAG,IAAI,CAAC,IAAI;gBACZ,MAAM,EAAE;oBACN,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;wBACvB,EAAE,EAAE,IAAI,CAAC,qBAAqB;wBAC9B,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE,8BAA8B;wBACxD,UAAU,EAAE,CAAC;gCACX,EAAE,EAAE,IAAI,CAAC,aAAa;gCACtB,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK;6BAC7B,CAAC;qBACH,CAAC,CAAC,CAAC,SAAS;oBACb,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;wBACpB,EAAE,EAAE,IAAI,CAAC,qBAAqB;wBAC9B,KAAK,EAAE,IAAI,CAAC,IAAI;wBAChB,UAAU,EAAE,CAAC;gCACX,EAAE,EAAE,IAAI,CAAC,aAAa;gCACtB,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;6BAC1B,CAAC;qBACH,CAAC,CAAC,CAAC,SAAS;iBACd,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;aACnB,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AApCW,QAAA,uBAAuB,2BAoClC;AAEF,SAAgB,yBAAyB,CAAsC,WAAc;IAC3F,OAAO,KAAM,SAAQ,WAAW;QAI9B,YAAY,GAAG,IAAS;YACtB,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;YACf,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,YAAY,gBAAa,CAAC,CAAkB,CAAC;YACrF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,YAAY,gBAAM,CAAC,CAAW,CAAC;YAC1E,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,GAAG,CAAC,wBAAwB,CAAC,IAAI,UAAU,CAAC;YAC7E,IAAI,CAAC,aAAa,GAAG,IAAA,0BAAY,EAC/B;gBACE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;gBACzB,MAAM;aACa,EACrB,4BAAqB,EACrB,IAAA,2BAAa,EAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAC9C,CAAC;YACF,IAAA,iBAAS,EAAC,GAAG,CAAC,CAAC;YACf,IAAA,uBAAe,GAAE,CAAC;QACpB,CAAC;KACF,CAAC;AACJ,CAAC;AAtBD,8DAsBC;AAED,SAAgB,0BAA0B,CAAyB,MAOlE;IACC,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAAwC;QAExC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAM,CAAC;QACjC,UAAU,CAAC,KAAK,GAAG,KAAK;YACtB,MAAM,IAAI,GAAG,IAA+B,CAAC;YAC7C,IAAI,CAAC;gBACH,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;oBACxB,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;gBAC1G,CAAC;gBACD,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC7B,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAErC,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU;oBACpD,CAAC,CAAC,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC9C,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;gBAEnB,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,UAAU;oBACtD,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;gBAEpB,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,UAAU;oBACtD,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;gBAEpB,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;gBACjC,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC;gBAClB,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;oBACnB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;oBAC5E,IAAI,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;wBACtB,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC/B,CAAC;gBACH,CAAC;gBAED,MAAM,WAAW,GAA2C,MAAM,IAAA,wBAAa,EAC7E,OAAO,EACP,QAAQ,IAAI,EAAE,EACd,MAAM,CAAC,MAAM,EACb,OAAO,EACP;oBACE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,IAAI,IAAI,CAAC,qBAAqB,IAAI,UAAU;oBAC3F,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,KAAK;iBACnC,CACF,CAAC;gBAEF,IAAI,WAAW,EAAE,QAAQ,KAAK,kCAAiB,CAAC,MAAM,EAAE,CAAC;oBACvD,OAAO,WAAW,CAAC;gBACrB,CAAC;gBAED,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,GAAG,GAAG,WAAW,EAAE,iBAAiB,EAAE,IAAI,CAC9C,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,CAAC,CACxD,CAAC;oBACF,OAAO,CAAC,cAAc,GAAG,GAAG,EAAE,cAAc,CAAC;oBAC7C,OAAO,CAAC,gBAAgB,GAAG,GAAG,EAAE,gBAAgB,CAAC;gBACnD,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;gBACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,WAAW,EAAE,MAAM,CAC9C,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,CAAC,CACnD,CAAC,OAAO,CACP,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAChB,CAAC,OAAO,CACP,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CACxB,CAAC;gBAEF,OAAO,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,SAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YAC5E,CAAC;YACD,OAAO,GAAQ,EAAE,CAAC;gBAChB,OAAO;oBACL,QAAQ,EAAE,kCAAiB,CAAC,IAAI;oBAChC,gBAAgB,EAAE;wBAChB,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,GAAG;wBACrB,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG;qBAC3C;iBACF,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAzFD,gEAyFC;AAED,SAAgB,iBAAiB,CAC/B,mBAAwC,CAAA,+BAA6B,CAAA;IAErE,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAAwC;QAExC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAM,CAAC;QACjC,UAAU,CAAC,KAAK,GAAG,KAAK;YACtB,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC;YACpE,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAfD,8CAeC;AAAA,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@restorecommerce/acs-client",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.4",
|
|
4
4
|
"description": "Access Control Service Client",
|
|
5
5
|
"author": "n-fuse GmbH",
|
|
6
6
|
"repository": {
|
|
@@ -31,7 +31,7 @@
|
|
|
31
31
|
},
|
|
32
32
|
"devDependencies": {
|
|
33
33
|
"@alenon/grpc-mock-server": "^3.1.7",
|
|
34
|
-
"@restorecommerce/protos": "^6.8.
|
|
34
|
+
"@restorecommerce/protos": "^6.8.4",
|
|
35
35
|
"@types/koa": "^2.13.11",
|
|
36
36
|
"@types/mocha": "^10.0.4",
|
|
37
37
|
"@types/node": "^20.8.2",
|
|
@@ -75,5 +75,5 @@
|
|
|
75
75
|
}
|
|
76
76
|
}
|
|
77
77
|
},
|
|
78
|
-
"gitHead": "
|
|
78
|
+
"gitHead": "030d775589522985f76cb4aab874c32f6277835b"
|
|
79
79
|
}
|