@thzero/library_server 0.17.10 → 0.17.12

package/service/baseSecurity.js

@@ -1,44 +1,172 @@
-import rbac from 'easy-rbac'
-
-import Service from './index.js';
-
-class BaseSecurityService extends Service {
-	constructor() {
-		super();
-
-		this._enforcer = null;
-	}
-
-	async init(injector) {
-		await super.init(injector);
-
-		const model = this._initModel();
-		if (!model)
-			return;
-
-		this._enforcer = new rbac(model)
-	}
-
-	// eslint-disable-next-line
-	async validate(correlationId, sub, dom, obj, act) {
-		if (!this._enforcer)
-			throw Error('No enforcer found');
-
-		const array = [];
-		if (dom)
-			array.push(dom);
-		array.push(obj)
-		if (act)
-			array.push(act);
-
-		const role = array.join(':');
-		const results = await this._enforcer.can(sub, role);
-		return results;
-	}
-
-	_initModel() {
-		return null;
-	}
-}
-
-export default BaseSecurityService;
+import rbac from 'easy-rbac'
+
+import Service from './index.js';
+
+class BaseSecurityService extends Service {
+	constructor() {
+		super();
+
+		this._enforcer = null;
+	}
+
+	async init(injector) {
+		await super.init(injector);
+
+		const model = this._initModel();
+		if (!model)
+			return;
+
+		this._enforcer = new rbac(model)
+	}
+	
+	async authorizationCheckClaims(correlationId, claims, roles, logical) {
+		if (!claims)
+			return false;
+		if (!(claims && Array.isArray(claims)))
+			return false;
+		if (!roles)
+			return true;
+
+		if (String.isNullOrEmpty(logical) || (logical !== BaseSecurityService.logicalAnd) || (logical !== BaseSecurityService.logicalOr))
+			logical = BaseSecurityService.logicalOr;
+
+		let success = (logical === BaseSecurityService.logicalOr ? false : true);
+
+		let result;
+		let roleAct;
+		let roleObj;
+		let roleParts;
+		for (const claim of claims) {
+			this._logger.debug('BaseSecurityService', 'authorizationCheckClaims', 'authorization.claim', claim, correlationId);
+
+			for (const role of roles) {
+				this._logger.debug('BaseSecurityService', 'authorizationCheckClaims', 'role', role, correlationId);
+
+				roleParts = role.split('.');
+				if (roleParts && roleParts.length < 1)
+					success = false;
+
+				roleObj = roleParts[0];
+				roleAct = roleParts.length >= 2 ? roleParts[1] : null
+
+				result = await this.validate(claim, null, roleObj, roleAct);
+				this._logger.debug('BaseSecurityService', 'authorizationCheckClaims', 'result', result, correlationId);
+				if (logical === BaseSecurityService.logicalOr)
+					success = success || result;
+				else
+					success = success && result;
+			}
+		}
+
+		return success;
+	}
+
+	async authorizationCheckRoles(correlationId, user, roles, logical) {
+		if (!user)
+			return false;
+		if (!roles)
+			return true;
+
+		this._logger.debug('BaseSecurityService', 'authorizationCheckRoles', 'user', user, correlationId);
+		if (!(user && user.roles && Array.isArray(user.roles)))
+			return false;
+
+		this._logger.debug('BaseSecurityService', 'authorizationCheckRoles', 'logical', logical, correlationId);
+
+		if (String.isNullOrEmpty(logical) || (logical !== BaseSecurityService.logicalAnd) || (logical !== BaseSecurityService.logicalOr))
+			logical = BaseSecurityService.logicalOr;
+
+		let success = (logical === BaseSecurityService.logicalOr ? false : true);
+
+		let result;
+		let roleAct;
+		let roleObj;
+		let roleParts;
+		for (const userRole of user.roles) {
+			this._logger.debug('BaseSecurityService', 'authorizationCheckRoles', 'userRole', userRole, correlationId);
+
+			for (const role of roles) {
+				this._logger.debug('BaseSecurityService', 'authorizationCheckRoles', 'role', role, correlationId);
+
+				roleParts = role.split('.');
+				if (roleParts && roleParts.length < 1)
+					success = false;
+
+				roleObj = roleParts[0];
+				roleAct = roleParts.length >= 2 ? roleParts[1] : null
+
+				result = await this.validate(userRole, null, roleObj, roleAct);
+				this._logger.debug('BaseSecurityService', 'authorizationCheckRoles', 'result', result, correlationId);
+				if (logical === BaseSecurityService.logicalOr) {
+					if (result)
+						return result;
+
+					success = false;
+				}
+				else
+					success = success && result;
+			}
+		}
+
+		return success;
+	}
+
+	initializeRoles(correlationId, requestRoles, roles) {
+		if (Array.isArray(roles)) {
+			this._logger.debug('BaseSecurityService', 'initalizeRoles', 'roles1a', roles, correlationId);
+			requestRoles = roles;
+			return requestRoles;
+		}
+		
+		if ((typeof(roles) === 'string') || (roles instanceof String)) {
+			// this._logger.debug('BaseSecurityService', 'initalizeRoles', 'roles1b', roles, correlationId);
+			requestRoles = roles.split(',');
+			requestRoles.map(item => item ? item.trim() : item);
+			return requestRoles;
+		}
+	}
+
+	initializeOptionsLogical(correlationId, options) {
+		if (!options)
+			return logicalOr;
+
+		let logical = options.logical;
+		if (String.isNullOrEmpty(logical) || (logical !== logicalAnd) || (logical !== logicalOr))
+			logical = logicalOr;
+
+		return logical;
+	}
+
+	initializeOptionsRoles(correlationId, options) {
+		let roles = [];
+		if (options.roles && Array.isArray(options.roles) && (options.roles.length > 0))
+			roles = options.roles;
+		return roles;
+	}
+
+	// eslint-disable-next-line
+	async validate(correlationId, sub, dom, obj, act) {
+		if (!this._enforcer)
+			throw Error('No enforcer found');
+
+		const array = [];
+		if (dom)
+			array.push(dom);
+		array.push(obj)
+		if (act)
+			array.push(act);
+
+		const role = array.join(':');
+		const results = await this._enforcer.can(sub, role);
+		return results;
+	}
+
+	_initModel() {
+		return null;
+	}
+
+	static logicalAnd = 'and';
+	static logicalOr = 'or';
+}
+
+export default BaseSecurityService;

package/service/baseUser.js

@@ -1,122 +1,122 @@
-import Service from './index.js';
-
-import NotImplementedError from '@thzero/library_common/errors/notImplemented.js';
-
-class BaseUserService extends Service {
-	async fetch(correlationId, userId) {
-		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalIdSchema, userId);
-		if (this._hasFailed(validationCheckExternalIdResponse))
-			return validationCheckExternalIdResponse;
-
-		const respositoryResponse = await this._repositoryUser.fetch(correlationId, userId);
-		return respositoryResponse;
-	}
-
-	async fetchByExternalId(correlationId, externalUserId) {
-		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalIdSchema, externalUserId);
-		if (this._hasFailed(validationCheckExternalIdResponse))
-			return validationCheckExternalIdResponse;
-
-		const respositoryResponse = await this._repositoryUser.fetchByExternalId(correlationId, externalUserId);
-		return respositoryResponse;
-	}
-
-	async fetchByGamerId(correlationId, requestedGamerId) {
-		const validationRequestedGamerIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.gamerIdSchema, requestedGamerId);
-		if (this._hasFailed(validationRequestedGamerIdResponse))
-			return validationRequestedGamerIdResponse;
-
-		const respositoryResponse = await this._repositoryUser.fetchByGamerId(correlationId, requestedGamerId);
-		return respositoryResponse;
-	}
-
-	async fetchByGamerTag(correlationId, requestedUserGamerTag) {
-		const validationRequestedGamerTagResponse = this._serviceValidation.check(correlationId, this._serviceValidation.gamerTagSchema, requestedUserGamerTag);
-		if (this._hasFailed(validationRequestedGamerTagResponse))
-			return validationRequestedGamerTagResponse;
-
-		const respositoryResponse = await this._repositoryUser.fetchByGamerTag(correlationId, requestedUserGamerTag);
-		return respositoryResponse;
-	}
-
-	async refreshSettings(correlationId, params) {
-		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.settingsRefreshSchema, params);
-		if (this._hasFailed(validationCheckExternalIdResponse))
-			return validationCheckExternalIdResponse;
-
-		const respositoryResponse = await this._repositoryUser.refreshSettings(correlationId, params.userId);
-		return respositoryResponse;
-	}
-
-	async update(correlationId, externalUser) {
-		const validationCheckExternalUserResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalUserSchema, externalUser);
-		if (this._hasFailed(validationCheckExternalUserResponse))
-			return validationCheckExternalUserResponse;
-
-		let user = null;
-		const respositoryResponse = await this._repositoryUser.fetchByExternalId(correlationId, externalUser.id, true);
-		if (this._hasSucceeded(respositoryResponse))
-			user = respositoryResponse.results;
-
-		if (!user) {
-			user = this._initiateUser();
-			user.id = externalUser.id;
-			user.planId = this._getDefaultPlan();
-			user.roles.push(this._getDefaultUserRole());
-			this._initializeUser(user);
-		}
-		user.external = externalUser;
-		if (externalUser) {
-			if (String.isNullOrEmpty(user.email)) {
-				if (!String.isNullOrEmpty(externalUser.email)) {
-					user.email = externalUser.email;
-				}
-			}
-		}
-
-		const respositoryExternalResponse = await this._repositoryUser.updateFromExternal(correlationId, user.id, user);
-		return respositoryExternalResponse;
-	}
-
-	async updateSettings(correlationId, requestedSettings) {
-		const validationCheckSettingsResponse = this._serviceValidation.check(correlationId, this._serviceValidation.settingRequestSchema(), requestedSettings);
-		if (this._hasFailed(validationCheckSettingsResponse))
-			return validationCheckSettingsResponse;
-
-		const validationSettingsResponse = await this._updateSettingsValidation(correlationId, requestedSettings);
-		if (this._hasFailed(validationSettingsResponse))
-			return validationSettingsResponse;
-
-		const updateSettingsResponse = await this._updateSettings(correlationId, requestedSettings);
-		if (this._hasFailed(updateSettingsResponse))
-			return updateSettingsResponse;
-
-		const respositoryResponse = await this._repositoryUser.updateSettings(correlationId, requestedSettings.userId, requestedSettings.settings);
-		return respositoryResponse;
-	}
-
-	_updateSettings(correlationId, requestedSettings) {
-		return this._success(correlationId);
-	}
-
-	_updateSettingsValidation(correlationId, requestedSettings) {
-		return this._success(correlationId);
-	}
-
-	_getDefaultPlan() {
-		return new NotImplementedError();
-	}
-
-	_getDefaultUserRole() {
-		return new NotImplementedError();
-	}
-
-	_initializeUser(user) {
-	}
-
-	get _repositoryUser() {
-		return new NotImplementedError();
-	}
-}
-
-export default BaseUserService;
+import Service from './index.js';
+
+import NotImplementedError from '@thzero/library_common/errors/notImplemented.js';
+
+class BaseUserService extends Service {
+	async fetch(correlationId, userId) {
+		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalIdSchema, userId);
+		if (this._hasFailed(validationCheckExternalIdResponse))
+			return validationCheckExternalIdResponse;
+
+		const respositoryResponse = await this._repositoryUser.fetch(correlationId, userId);
+		return respositoryResponse;
+	}
+
+	async fetchByExternalId(correlationId, externalUserId) {
+		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalIdSchema, externalUserId);
+		if (this._hasFailed(validationCheckExternalIdResponse))
+			return validationCheckExternalIdResponse;
+
+		const respositoryResponse = await this._repositoryUser.fetchByExternalId(correlationId, externalUserId);
+		return respositoryResponse;
+	}
+
+	async fetchByGamerId(correlationId, requestedGamerId) {
+		const validationRequestedGamerIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.gamerIdSchema, requestedGamerId);
+		if (this._hasFailed(validationRequestedGamerIdResponse))
+			return validationRequestedGamerIdResponse;
+
+		const respositoryResponse = await this._repositoryUser.fetchByGamerId(correlationId, requestedGamerId);
+		return respositoryResponse;
+	}
+
+	async fetchByGamerTag(correlationId, requestedUserGamerTag) {
+		const validationRequestedGamerTagResponse = this._serviceValidation.check(correlationId, this._serviceValidation.gamerTagSchema, requestedUserGamerTag);
+		if (this._hasFailed(validationRequestedGamerTagResponse))
+			return validationRequestedGamerTagResponse;
+
+		const respositoryResponse = await this._repositoryUser.fetchByGamerTag(correlationId, requestedUserGamerTag);
+		return respositoryResponse;
+	}
+
+	async refreshSettings(correlationId, params) {
+		const validationCheckExternalIdResponse = this._serviceValidation.check(correlationId, this._serviceValidation.settingsRefreshSchema, params);
+		if (this._hasFailed(validationCheckExternalIdResponse))
+			return validationCheckExternalIdResponse;
+
+		const respositoryResponse = await this._repositoryUser.refreshSettings(correlationId, params.userId);
+		return respositoryResponse;
+	}
+
+	async update(correlationId, externalUser) {
+		const validationCheckExternalUserResponse = this._serviceValidation.check(correlationId, this._serviceValidation.externalUserSchema, externalUser);
+		if (this._hasFailed(validationCheckExternalUserResponse))
+			return validationCheckExternalUserResponse;
+
+		let user = null;
+		const respositoryResponse = await this._repositoryUser.fetchByExternalId(correlationId, externalUser.id, true);
+		if (this._hasSucceeded(respositoryResponse))
+			user = respositoryResponse.results;
+
+		if (!user) {
+			user = this._initiateUser();
+			user.id = externalUser.id;
+			user.planId = this._getDefaultPlan();
+			user.roles.push(this._getDefaultUserRole());
+			this._initializeUser(user);
+		}
+		user.external = externalUser;
+		if (externalUser) {
+			if (String.isNullOrEmpty(user.email)) {
+				if (!String.isNullOrEmpty(externalUser.email)) {
+					user.email = externalUser.email;
+				}
+			}
+		}
+
+		const respositoryExternalResponse = await this._repositoryUser.updateFromExternal(correlationId, user.id, user);
+		return respositoryExternalResponse;
+	}
+
+	async updateSettings(correlationId, requestedSettings) {
+		const validationCheckSettingsResponse = this._serviceValidation.check(correlationId, this._serviceValidation.settingRequestSchema(), requestedSettings);
+		if (this._hasFailed(validationCheckSettingsResponse))
+			return validationCheckSettingsResponse;
+
+		const validationSettingsResponse = await this._updateSettingsValidation(correlationId, requestedSettings);
+		if (this._hasFailed(validationSettingsResponse))
+			return validationSettingsResponse;
+
+		const updateSettingsResponse = await this._updateSettings(correlationId, requestedSettings);
+		if (this._hasFailed(updateSettingsResponse))
+			return updateSettingsResponse;
+
+		const respositoryResponse = await this._repositoryUser.updateSettings(correlationId, requestedSettings.userId, requestedSettings.settings);
+		return respositoryResponse;
+	}
+
+	_updateSettings(correlationId, requestedSettings) {
+		return this._success(correlationId);
+	}
+
+	_updateSettingsValidation(correlationId, requestedSettings) {
+		return this._success(correlationId);
+	}
+
+	_getDefaultPlan() {
+		return new NotImplementedError();
+	}
+
+	_getDefaultUserRole() {
+		return new NotImplementedError();
+	}
+
+	_initializeUser(user) {
+	}
+
+	get _repositoryUser() {
+		return new NotImplementedError();
+	}
+}
+
+export default BaseUserService;

package/service/communication.js

@@ -1,6 +1,6 @@
-import Service from './index.js';
-
-class CommunicationService extends Service {
-}
-
-export default CommunicationService;
+import Service from './index.js';
+
+class CommunicationService extends Service {
+}
+
+export default CommunicationService;

package/service/config.js

@@ -1,32 +1,32 @@
-import ConfigService from '@thzero/library_common_service/service/config.js';
-
-class ServerConfigService extends ConfigService {
-	constructor(config) {
-		super(config);
-	}
-
-	getBackend(key) {
-		if (String.isNullOrEmpty(key))
-			return null;
-
-		if (!this._config)
-			return null;
-
-		const configBackend = this._config.get('backend', null);
-		if (!configBackend)
-			return null;
-
-		if (!Array.isArray(configBackend))
-			return null;
-
-		key = key.toLowerCase();
-		for (const item of configBackend) {
-			if (item.key.toLowerCase() === key)
-				return item;
-		}
-
-		return null;
-	}
-}
-
-export default ServerConfigService;
+import ConfigService from '@thzero/library_common_service/service/config.js';
+
+class ServerConfigService extends ConfigService {
+	constructor(config) {
+		super(config);
+	}
+
+	getBackend(key) {
+		if (String.isNullOrEmpty(key))
+			return null;
+
+		if (!this._config)
+			return null;
+
+		const configBackend = this._config.get('backend', null);
+		if (!configBackend)
+			return null;
+
+		if (!Array.isArray(configBackend))
+			return null;
+
+		key = key.toLowerCase();
+		for (const item of configBackend) {
+			if (item.key.toLowerCase() === key)
+				return item;
+		}
+
+		return null;
+	}
+}
+
+export default ServerConfigService;

package/service/crypto.js

@@ -1,16 +1,16 @@
-import crypto from 'crypto';
-
-import Service from './index.js';
-
-const encoder = new TextEncoder();
-
-class CryptoService extends Service {
-	async checksum(input, algorithm, encoding) {
-		return crypto
-			.createHash(algorithm || 'sha256')
-			.update(encoder.encode(input), 'utf8')
-			.digest(encoding || 'hex');
-	}
-}
-
-export default CryptoService;
+import crypto from 'crypto';
+
+import Service from './index.js';
+
+const encoder = new TextEncoder();
+
+class CryptoService extends Service {
+	async checksum(input, algorithm, encoding) {
+		return crypto
+			.createHash(algorithm || 'sha256')
+			.update(encoder.encode(input), 'utf8')
+			.digest(encoding || 'hex');
+	}
+}
+
+export default CryptoService;

package/service/discovery/index.js

@@ -1,6 +1,6 @@
-import BaseService from '@thzero/library_server/service/index.js';
-
-class DiscoveryService extends BaseService {
-}
-
-export default DiscoveryService;
+import BaseService from '@thzero/library_server/service/index.js';
+
+class DiscoveryService extends BaseService {
+}
+
+export default DiscoveryService;