npm - @universis/janitor - Versions diffs - 1.6.1 → 1.6.3 - Mend

@universis/janitor 1.6.1 → 1.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +39 -0
package/dist/ScopeAccessConfiguration.js +39 -2
package/dist/ScopeAccessConfiguration.js.map +1 -1
package/package.json +1 -1
package/src/ScopeAccessConfiguration.js +40 -2

package/README.md CHANGED Viewed

@@ -296,6 +296,45 @@ app.use('/api', passport.authenticate('bearer', {session: false}), validateScope
 A `403 - Access denied due to authorization scopes` error will be thrown if the user does not have access to the resource.
+## ExtendScopeAccessConfiguration
+`ExtendScopeAccessConfiguration` is a configurable application service for extending scope access configuration with additional scopes.
+Register service under application services:
+```json
+{
+    "services": [
+        {
+            "serviceType": "@universis/janitor#ExtendScopeAccessConfiguration"
+        }
+    ]
+}
+```
+add `scopeAccess` section under `settings/universis/janitor` configuration and start configuring scope access extension:
+```json
+{
+    "settings": {
+        "universis": {
+            "janitor": {
+                "scopeAccess": {
+                    "imports": [
+                        "./custom.scope.access.json"
+                    ],
+                }
+            }
+        }
+    }
+}
+```
+`ExtendScopeAccessConfiguration` service will import additional scope access configuration from the files listed in the `imports` array. The file path is relative to the application configuration directory e.g. `server/config/` where the main configuration file is located.
+The given files should contain an array of scope access configuration elements as described in the `ScopeAccessConfiguration` section.
 ## RemoteAddressValidator
 `RemoteAddressValidator` is a configurable application service for validating access to service endpoints based on remote address provided by OAuth2 token.

package/dist/ScopeAccessConfiguration.js CHANGED Viewed

@@ -1,4 +1,4 @@
-"use strict";Object.defineProperty(exports, "__esModule", { value: true });exports.ScopeString = exports.ScopeAccessConfiguration = exports.DefaultScopeAccessConfiguration = void 0;var _common = require("@themost/common");
+"use strict";Object.defineProperty(exports, "__esModule", { value: true });exports.ScopeString = exports.ScopeAccessConfiguration = exports.ExtendScopeAccessConfiguration = exports.DefaultScopeAccessConfiguration = void 0;var _common = require("@themost/common");
 var _path = _interopRequireDefault(require("path"));
 var _url = _interopRequireDefault(require("url"));function _interopRequireDefault(obj) {return obj && obj.__esModule ? obj : { default: obj };}
@@ -119,5 +119,42 @@ class DefaultScopeAccessConfiguration extends ScopeAccessConfiguration {
     }
     this.elements.push.apply(this.elements, defaults);
   }
-}exports.DefaultScopeAccessConfiguration = DefaultScopeAccessConfiguration;
+}
+/**
+ * @class
+ */exports.DefaultScopeAccessConfiguration = DefaultScopeAccessConfiguration;
+class ExtendScopeAccessConfiguration extends _common.ApplicationService {
+  constructor(app) {var _app$getConfiguration, _app$getConfiguration2;
+    super(app);
+    // Get the additional scope access extensions from the configuration
+    const scopeAccessExtensions = (_app$getConfiguration = app.getConfiguration().settings.universis) === null || _app$getConfiguration === void 0 ? void 0 : (_app$getConfiguration2 = _app$getConfiguration.janitor) === null || _app$getConfiguration2 === void 0 ? void 0 : _app$getConfiguration2.scopeAccess["imports"];
+    if (app && app.container && scopeAccessExtensions != null) {
+      app.container.subscribe((container) => {
+        if (container) {
+          const scopeAccess = app.getConfiguration().getStrategy(function ScopeAccessConfiguration() {});
+          if (scopeAccess != null) {
+            for (const scopeAccessExtension of scopeAccessExtensions) {
+              try {
+                const element = require(_path.default.resolve(app.getConfiguration().getConfigurationPath(), scopeAccessExtension));
+                if (element) {
+                  // add extra scope access elements
+                  scopeAccess.elements.push.apply(scopeAccess.elements, element);
+                }
+              }
+              catch (err) {
+                // if an error occurred other than module not found (there are no default access policies)
+                if (err.code !== 'MODULE_NOT_FOUND') {
+                  // throw error
+                  throw err;
+                }
+              }
+            }
+          }
+        }
+      });
+    }
+  }
+}exports.ExtendScopeAccessConfiguration = ExtendScopeAccessConfiguration;
 //# sourceMappingURL=ScopeAccessConfiguration.js.map

package/dist/ScopeAccessConfiguration.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ScopeAccessConfiguration.js","names":["_common","require","_path","_interopRequireDefault","_url","obj","__esModule","default","HTTP_METHOD_REGEXP","ScopeString","constructor","str","value","toString","split","re","results","match","exec","push","exports","ScopeAccessConfiguration","ConfigurationStrategy","configuration","elements","Object","defineProperty","get","enumerable","verify","req","Promise","resolve","reject","Args","notNull","context","user","authenticationScope","length","reqUrl","url","parse","originalUrl","pathname","reqScopes","reqAccess","test","method","result","find","x","access","indexOf","RegExp","resource","scope","y","err","DefaultScopeAccessConfiguration","defaults","path","getConfigurationPath","code","apply"],"sources":["../src/ScopeAccessConfiguration.js"],"sourcesContent":["import {ConfigurationStrategy, Args} from '@themost/common';\nimport path from 'path';\nimport url from 'url';\n\nconst HTTP_METHOD_REGEXP = /^\\b(POST\|PUT\|PATCH\|DELETE)\\b$/i;\n\nclass ScopeString {\n constructor(str) {\n this.value = str;\n }\n toString() {\n return this.value;\n }\n /*\n Splits a comma-separated or space-separated scope string e.g. \"profile email\" or \"profile,email\"\n \n Important note: https://www.rfc-editor.org/rfc/rfc6749#section-3.3 defines the regular expression of access token scopes\n * which is a space separated string. Several OAuth2 servers use a comma-separated list instead.\n \n The operation will try to use both implementations by excluding comma ',' from access token regular expressions\n * @returns {Array<string>}\n /\n split() {\n // the default regular expression includes comma /([\\x21\\x23-\\x5B\\x5D-\\x7E]+)/g\n // the modified regular expression excludes comma /x2C /([\\x21\\x23-\\x2B\\x2D-\\x5B\\x5D-\\x7E]+)/g\n const re = /([\\x21\\x23-\\x2B\\x2D-\\x5B\\x5D-\\x7E]+)/g\n const results = [];\n let match = re.exec(this.value);\n while(match !== null) {\n results.push(match[0]);\n match = re.exec(this.value);\n }\n return results;\n }\n}\n\nclass ScopeAccessConfiguration extends ConfigurationStrategy {\n /\n @param {import('@themost/common').ConfigurationBase} configuration\n /\n constructor(configuration) {\n super(configuration);\n let elements = [];\n // define property\n Object.defineProperty(this, 'elements', {\n get: () => {\n return elements;\n },\n enumerable: true\n });\n }\n\n /\n @param {Request} req\n * @returns Promise<ScopeAccessConfigurationElement>\n /\n verify(req) {\n return new Promise((resolve, reject) => {\n try {\n // validate request context\n Args.notNull(req.context,'Context');\n // validate request context user\n Args.notNull(req.context.user,'User');\n if (req.context.user.authenticationScope && req.context.user.authenticationScope.length>0) {\n // get original url\n let reqUrl = url.parse(req.originalUrl).pathname;\n // get user context scopes as array e.g, ['students', 'students:read']\n let reqScopes = new ScopeString(req.context.user.authenticationScope).split();\n // get user access based on HTTP method e.g. GET -> read access\n let reqAccess = HTTP_METHOD_REGEXP.test(req.method) ? 'write' : 'read';\n let result = this.elements.find(x => {\n // filter element by access level\n return x.access.indexOf(reqAccess)>=0\n // resource path\n && new RegExp( '^' + x.resource, 'i').test(reqUrl)\n // and scopes\n && x.scope.find(y => {\n // search user scopes (validate wildcard scope)\n return y === '' \|\| reqScopes.indexOf(y)>=0;\n });\n });\n return resolve(result);\n }\n return resolve();\n }\n catch(err) {\n return reject(err);\n }\n\n });\n }\n\n}\n\n/*\n @class\n /\nclass DefaultScopeAccessConfiguration extends ScopeAccessConfiguration {\n /\n @param {import('@themost/common').ConfigurationBase} configuration\n /\n constructor(configuration) {\n super(configuration);\n let defaults = [];\n // load scope access from configuration resource\n try {\n /\n @type {Array<ScopeAccessConfigurationElement>}\n */\n defaults = require(path.resolve(configuration.getConfigurationPath(), 'scope.access.json'));\n }\n catch(err) {\n // if an error occurred other than module not found (there are no default access policies)\n if (err.code !== 'MODULE_NOT_FOUND') {\n // throw error\n throw err;\n }\n // otherwise continue\n }\n this.elements.push.apply(this.elements, defaults);\n }\n}\n\nexport {\n ScopeString,\n ScopeAccessConfiguration,\n DefaultScopeAccessConfiguration\n}\n"],"mappings":"qLAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,IAAA,GAAAD,sBAAA,CAAAF,OAAA,SAAsB,SAAAE,uBAAAE,GAAA,UAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;;AAEtB,MAAMG,kBAAkB,GAAG,gCAAgC;;AAE3D,MAAMC,WAAW,CAAC;EACdC,WAAWA,CAACC,GAAG,EAAE;IACb,IAAI,CAACC,KAAK,GAAGD,GAAG;EACpB;EACAE,QAAQA,CAAA,EAAG;IACP,OAAO,IAAI,CAACD,KAAK;EACrB;EACA;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACIE,KAAKA,CAAA,EAAG;IACJ;IACA;IACA,MAAMC,EAAE,GAAG,uCAAuC;IAClD,MAAMC,OAAO,GAAG,EAAE;IAClB,IAAIC,KAAK,GAAGF,EAAE,CAACG,IAAI,CAAC,IAAI,CAACN,KAAK,CAAC;IAC/B,OAAMK,KAAK,KAAK,IAAI,EAAE;MAClBD,OAAO,CAACG,IAAI,CAACF,KAAK,CAAC,CAAC,CAAC,CAAC;MACtBA,KAAK,GAAGF,EAAE,CAACG,IAAI,CAAC,IAAI,CAACN,KAAK,CAAC;IAC/B;IACA,OAAOI,OAAO;EAClB;AACJ,CAACI,OAAA,CAAAX,WAAA,GAAAA,WAAA;;AAED,MAAMY,wBAAwB,SAASC,6BAAqB,CAAC;EACzD;AACJ;AACA;EACIZ,WAAWA,CAACa,aAAa,EAAE;IACvB,KAAK,CAACA,aAAa,CAAC;IACpB,IAAIC,QAAQ,GAAG,EAAE;IACjB;IACAC,MAAM,CAACC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE;MACpCC,GAAG,EAAEA,CAAA,KAAM;QACP,OAAOH,QAAQ;MACnB,CAAC;MACDI,UAAU,EAAE;IAChB,CAAC,CAAC;EACN;;EAEA;AACJ;AACA;AACA;EACIC,MAAMA,CAACC,GAAG,EAAE;IACR,OAAO,IAAIC,OAAO,CAAC,CAACC,OAAO,EAAEC,MAAM,KAAK;MACpC,IAAI;QACA;QACAC,YAAI,CAACC,OAAO,CAACL,GAAG,CAACM,OAAO,EAAC,SAAS,CAAC;QACnC;QACAF,YAAI,CAACC,OAAO,CAACL,GAAG,CAACM,OAAO,CAACC,IAAI,EAAC,MAAM,CAAC;QACrC,IAAIP,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,IAAIR,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,CAACC,MAAM,GAAC,CAAC,EAAE;UACvF;UACA,IAAIC,MAAM,GAAGC,YAAG,CAACC,KAAK,CAACZ,GAAG,CAACa,WAAW,CAAC,CAACC,QAAQ;UAChD;UACA,IAAIC,SAAS,GAAG,IAAIpC,WAAW,CAACqB,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,CAAC,CAACxB,KAAK,EAAE;UAC7E;UACA,IAAIgC,SAAS,GAAGtC,kBAAkB,CAACuC,IAAI,CAACjB,GAAG,CAACkB,MAAM,CAAC,GAAG,OAAO,GAAG,MAAM;UACtE,IAAIC,MAAM,GAAG,IAAI,CAACzB,QAAQ,CAAC0B,IAAI,CAAC,CAAAC,CAAC,KAAI;YACjC;YACA,OAAOA,CAAC,CAACC,MAAM,CAACC,OAAO,CAACP,SAAS,CAAC,IAAE;YAChC;YAAA,GACG,IAAIQ,MAAM,CAAE,GAAG,GAAGH,CAAC,CAACI,QAAQ,EAAE,GAAG,CAAC,CAACR,IAAI,CAACP,MAAM;YACjD;YAAA,GACGW,CAAC,CAACK,KAAK,CAACN,IAAI,CAAC,CAAAO,CAAC,KAAI;cACjB;cACA,OAAOA,CAAC,KAAK,GAAG,IAAIZ,SAAS,CAACQ,OAAO,CAACI,CAAC,CAAC,IAAE,CAAC;YAC/C,CAAC,CAAC;UACV,CAAC,CAAC;UACF,OAAOzB,OAAO,CAACiB,MAAM,CAAC;QAC1B;QACA,OAAOjB,OAAO,EAAE;MACpB;MACA,OAAM0B,GAAG,EAAE;QACP,OAAOzB,MAAM,CAACyB,GAAG,CAAC;MACtB;;IAEJ,CAAC,CAAC;EACN;;AAEJ;;AAEA;AACA;AACA,GAFAtC,OAAA,CAAAC,wBAAA,GAAAA,wBAAA;AAGA,MAAMsC,+BAA+B,SAAStC,wBAAwB,CAAC;EACnE;AACJ;AACA;EACIX,WAAWA,CAACa,aAAa,EAAE;IACxB,KAAK,CAACA,aAAa,CAAC;IACnB,IAAIqC,QAAQ,GAAG,EAAE;IAClB;IACC,IAAI;MACA;AACZ;AACA;MACYA,QAAQ,GAAG3D,OAAO,CAAC4D,aAAI,CAAC7B,OAAO,CAACT,aAAa,CAACuC,oBAAoB,EAAE,EAAE,mBAAmB,CAAC,CAAC;IAC/F;IACA,OAAMJ,GAAG,EAAE;MACP;MACA,IAAIA,GAAG,CAACK,IAAI,KAAK,kBAAkB,EAAE;QACjC;QACA,MAAML,GAAG;MACb;MACA;IACJ;IACA,IAAI,CAAClC,QAAQ,CAACL,IAAI,CAAC6C,KAAK,CAAC,IAAI,CAACxC,QAAQ,EAAEoC,QAAQ,CAAC;EACrD;AACJ,CAACxC,OAAA,CAAAuC,+BAAA,GAAAA,+BAAA"}
1	+ {"version":3,"file":"ScopeAccessConfiguration.js","names":["_common","require","_path","_interopRequireDefault","_url","obj","__esModule","default","HTTP_METHOD_REGEXP","ScopeString","constructor","str","value","toString","split","re","results","match","exec","push","exports","ScopeAccessConfiguration","ConfigurationStrategy","configuration","elements","Object","defineProperty","get","enumerable","verify","req","Promise","resolve","reject","Args","notNull","context","user","authenticationScope","length","reqUrl","url","parse","originalUrl","pathname","reqScopes","reqAccess","test","method","result","find","x","access","indexOf","RegExp","resource","scope","y","err","DefaultScopeAccessConfiguration","defaults","path","getConfigurationPath","code","apply","ExtendScopeAccessConfiguration","ApplicationService","app","_app$getConfiguration","_app$getConfiguration2","scopeAccessExtensions","getConfiguration","settings","universis","janitor","scopeAccess","container","subscribe","getStrategy","scopeAccessExtension","element"],"sources":["../src/ScopeAccessConfiguration.js"],"sourcesContent":["import {ConfigurationStrategy, Args, ApplicationService} from '@themost/common';\nimport path from 'path';\nimport url from 'url';\n\nconst HTTP_METHOD_REGEXP = /^\\b(POST\|PUT\|PATCH\|DELETE)\\b$/i;\n\nclass ScopeString {\n constructor(str) {\n this.value = str;\n }\n toString() {\n return this.value;\n }\n /*\n Splits a comma-separated or space-separated scope string e.g. \"profile email\" or \"profile,email\"\n \n Important note: https://www.rfc-editor.org/rfc/rfc6749#section-3.3 defines the regular expression of access token scopes\n * which is a space separated string. Several OAuth2 servers use a comma-separated list instead.\n \n The operation will try to use both implementations by excluding comma ',' from access token regular expressions\n * @returns {Array<string>}\n /\n split() {\n // the default regular expression includes comma /([\\x21\\x23-\\x5B\\x5D-\\x7E]+)/g\n // the modified regular expression excludes comma /x2C /([\\x21\\x23-\\x2B\\x2D-\\x5B\\x5D-\\x7E]+)/g\n const re = /([\\x21\\x23-\\x2B\\x2D-\\x5B\\x5D-\\x7E]+)/g\n const results = [];\n let match = re.exec(this.value);\n while(match !== null) {\n results.push(match[0]);\n match = re.exec(this.value);\n }\n return results;\n }\n}\n\nclass ScopeAccessConfiguration extends ConfigurationStrategy {\n /\n @param {import('@themost/common').ConfigurationBase} configuration\n /\n constructor(configuration) {\n super(configuration);\n let elements = [];\n // define property\n Object.defineProperty(this, 'elements', {\n get: () => {\n return elements;\n },\n enumerable: true\n });\n }\n\n /\n @param {Request} req\n * @returns Promise<ScopeAccessConfigurationElement>\n /\n verify(req) {\n return new Promise((resolve, reject) => {\n try {\n // validate request context\n Args.notNull(req.context,'Context');\n // validate request context user\n Args.notNull(req.context.user,'User');\n if (req.context.user.authenticationScope && req.context.user.authenticationScope.length>0) {\n // get original url\n let reqUrl = url.parse(req.originalUrl).pathname;\n // get user context scopes as array e.g, ['students', 'students:read']\n let reqScopes = new ScopeString(req.context.user.authenticationScope).split();\n // get user access based on HTTP method e.g. GET -> read access\n let reqAccess = HTTP_METHOD_REGEXP.test(req.method) ? 'write' : 'read';\n let result = this.elements.find(x => {\n // filter element by access level\n return x.access.indexOf(reqAccess)>=0\n // resource path\n && new RegExp( '^' + x.resource, 'i').test(reqUrl)\n // and scopes\n && x.scope.find(y => {\n // search user scopes (validate wildcard scope)\n return y === '' \|\| reqScopes.indexOf(y)>=0;\n });\n });\n return resolve(result);\n }\n return resolve();\n }\n catch(err) {\n return reject(err);\n }\n\n });\n }\n\n}\n\n/*\n @class\n /\nclass DefaultScopeAccessConfiguration extends ScopeAccessConfiguration {\n /\n @param {import('@themost/common').ConfigurationBase} configuration\n /\n constructor(configuration) {\n super(configuration);\n let defaults = [];\n // load scope access from configuration resource\n try {\n /\n @type {Array<ScopeAccessConfigurationElement>}\n /\n defaults = require(path.resolve(configuration.getConfigurationPath(), 'scope.access.json'));\n }\n catch(err) {\n // if an error occurred other than module not found (there are no default access policies)\n if (err.code !== 'MODULE_NOT_FOUND') {\n // throw error\n throw err;\n }\n // otherwise continue\n }\n this.elements.push.apply(this.elements, defaults);\n }\n}\n\n\n/\n @class\n */\nclass ExtendScopeAccessConfiguration extends ApplicationService {\n constructor(app) {\n super(app);\n // Get the additional scope access extensions from the configuration\n const scopeAccessExtensions = app.getConfiguration().settings.universis?.janitor?.scopeAccess[\"imports\"];\n if (app && app.container && scopeAccessExtensions != null) {\n app.container.subscribe((container) => {\n if (container) {\n const scopeAccess = app.getConfiguration().getStrategy(function ScopeAccessConfiguration() { });\n if (scopeAccess != null) {\n for (const scopeAccessExtension of scopeAccessExtensions) {\n try {\n const element = require(path.resolve(app.getConfiguration().getConfigurationPath(), scopeAccessExtension));\n if (element) {\n // add extra scope access elements\n scopeAccess.elements.push.apply(scopeAccess.elements, element);\n }\n }\n catch(err) {\n // if an error occurred other than module not found (there are no default access policies)\n if (err.code !== 'MODULE_NOT_FOUND') {\n // throw error\n throw err;\n }\n }\n }\n }\n }\n });\n }\n }\n}\n\nexport {\n ScopeString,\n ScopeAccessConfiguration,\n DefaultScopeAccessConfiguration,\n ExtendScopeAccessConfiguration\n}\n"],"mappings":"8NAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,IAAA,GAAAD,sBAAA,CAAAF,OAAA,SAAsB,SAAAE,uBAAAE,GAAA,UAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;;AAEtB,MAAMG,kBAAkB,GAAG,gCAAgC;;AAE3D,MAAMC,WAAW,CAAC;EACdC,WAAWA,CAACC,GAAG,EAAE;IACb,IAAI,CAACC,KAAK,GAAGD,GAAG;EACpB;EACAE,QAAQA,CAAA,EAAG;IACP,OAAO,IAAI,CAACD,KAAK;EACrB;EACA;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACIE,KAAKA,CAAA,EAAG;IACJ;IACA;IACA,MAAMC,EAAE,GAAG,uCAAuC;IAClD,MAAMC,OAAO,GAAG,EAAE;IAClB,IAAIC,KAAK,GAAGF,EAAE,CAACG,IAAI,CAAC,IAAI,CAACN,KAAK,CAAC;IAC/B,OAAMK,KAAK,KAAK,IAAI,EAAE;MAClBD,OAAO,CAACG,IAAI,CAACF,KAAK,CAAC,CAAC,CAAC,CAAC;MACtBA,KAAK,GAAGF,EAAE,CAACG,IAAI,CAAC,IAAI,CAACN,KAAK,CAAC;IAC/B;IACA,OAAOI,OAAO;EAClB;AACJ,CAACI,OAAA,CAAAX,WAAA,GAAAA,WAAA;;AAED,MAAMY,wBAAwB,SAASC,6BAAqB,CAAC;EACzD;AACJ;AACA;EACIZ,WAAWA,CAACa,aAAa,EAAE;IACvB,KAAK,CAACA,aAAa,CAAC;IACpB,IAAIC,QAAQ,GAAG,EAAE;IACjB;IACAC,MAAM,CAACC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE;MACpCC,GAAG,EAAEA,CAAA,KAAM;QACP,OAAOH,QAAQ;MACnB,CAAC;MACDI,UAAU,EAAE;IAChB,CAAC,CAAC;EACN;;EAEA;AACJ;AACA;AACA;EACIC,MAAMA,CAACC,GAAG,EAAE;IACR,OAAO,IAAIC,OAAO,CAAC,CAACC,OAAO,EAAEC,MAAM,KAAK;MACpC,IAAI;QACA;QACAC,YAAI,CAACC,OAAO,CAACL,GAAG,CAACM,OAAO,EAAC,SAAS,CAAC;QACnC;QACAF,YAAI,CAACC,OAAO,CAACL,GAAG,CAACM,OAAO,CAACC,IAAI,EAAC,MAAM,CAAC;QACrC,IAAIP,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,IAAIR,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,CAACC,MAAM,GAAC,CAAC,EAAE;UACvF;UACA,IAAIC,MAAM,GAAGC,YAAG,CAACC,KAAK,CAACZ,GAAG,CAACa,WAAW,CAAC,CAACC,QAAQ;UAChD;UACA,IAAIC,SAAS,GAAG,IAAIpC,WAAW,CAACqB,GAAG,CAACM,OAAO,CAACC,IAAI,CAACC,mBAAmB,CAAC,CAACxB,KAAK,EAAE;UAC7E;UACA,IAAIgC,SAAS,GAAGtC,kBAAkB,CAACuC,IAAI,CAACjB,GAAG,CAACkB,MAAM,CAAC,GAAG,OAAO,GAAG,MAAM;UACtE,IAAIC,MAAM,GAAG,IAAI,CAACzB,QAAQ,CAAC0B,IAAI,CAAC,CAAAC,CAAC,KAAI;YACjC;YACA,OAAOA,CAAC,CAACC,MAAM,CAACC,OAAO,CAACP,SAAS,CAAC,IAAE;YAChC;YAAA,GACG,IAAIQ,MAAM,CAAE,GAAG,GAAGH,CAAC,CAACI,QAAQ,EAAE,GAAG,CAAC,CAACR,IAAI,CAACP,MAAM;YACjD;YAAA,GACGW,CAAC,CAACK,KAAK,CAACN,IAAI,CAAC,CAAAO,CAAC,KAAI;cACjB;cACA,OAAOA,CAAC,KAAK,GAAG,IAAIZ,SAAS,CAACQ,OAAO,CAACI,CAAC,CAAC,IAAE,CAAC;YAC/C,CAAC,CAAC;UACV,CAAC,CAAC;UACF,OAAOzB,OAAO,CAACiB,MAAM,CAAC;QAC1B;QACA,OAAOjB,OAAO,EAAE;MACpB;MACA,OAAM0B,GAAG,EAAE;QACP,OAAOzB,MAAM,CAACyB,GAAG,CAAC;MACtB;;IAEJ,CAAC,CAAC;EACN;;AAEJ;;AAEA;AACA;AACA,GAFAtC,OAAA,CAAAC,wBAAA,GAAAA,wBAAA;AAGA,MAAMsC,+BAA+B,SAAStC,wBAAwB,CAAC;EACnE;AACJ;AACA;EACIX,WAAWA,CAACa,aAAa,EAAE;IACxB,KAAK,CAACA,aAAa,CAAC;IACnB,IAAIqC,QAAQ,GAAG,EAAE;IAClB;IACC,IAAI;MACA;AACZ;AACA;MACYA,QAAQ,GAAG3D,OAAO,CAAC4D,aAAI,CAAC7B,OAAO,CAACT,aAAa,CAACuC,oBAAoB,EAAE,EAAE,mBAAmB,CAAC,CAAC;IAC/F;IACA,OAAMJ,GAAG,EAAE;MACP;MACA,IAAIA,GAAG,CAACK,IAAI,KAAK,kBAAkB,EAAE;QACjC;QACA,MAAML,GAAG;MACb;MACA;IACJ;IACA,IAAI,CAAClC,QAAQ,CAACL,IAAI,CAAC6C,KAAK,CAAC,IAAI,CAACxC,QAAQ,EAAEoC,QAAQ,CAAC;EACrD;AACJ;;;AAGA;AACA;AACA,GAFAxC,OAAA,CAAAuC,+BAAA,GAAAA,+BAAA;AAGA,MAAMM,8BAA8B,SAASC,0BAAkB,CAAC;EAC5DxD,WAAWA,CAACyD,GAAG,EAAE,KAAAC,qBAAA,EAAAC,sBAAA;IACb,KAAK,CAACF,GAAG,CAAC;IACV;IACA,MAAMG,qBAAqB,IAAAF,qBAAA,GAAGD,GAAG,CAACI,gBAAgB,EAAE,CAACC,QAAQ,CAACC,SAAS,cAAAL,qBAAA,wBAAAC,sBAAA,GAAzCD,qBAAA,CAA2CM,OAAO,cAAAL,sBAAA,uBAAlDA,sBAAA,CAAoDM,WAAW,CAAC,SAAS,CAAC;IACxG,IAAIR,GAAG,IAAIA,GAAG,CAACS,SAAS,IAAIN,qBAAqB,IAAI,IAAI,EAAE;MACvDH,GAAG,CAACS,SAAS,CAACC,SAAS,CAAC,CAACD,SAAS,KAAK;QACnC,IAAIA,SAAS,EAAE;UACX,MAAMD,WAAW,GAAGR,GAAG,CAACI,gBAAgB,EAAE,CAACO,WAAW,CAAC,SAASzD,wBAAwBA,CAAA,EAAG,CAAE,CAAC,CAAC;UAC/F,IAAIsD,WAAW,IAAI,IAAI,EAAE;YACrB,KAAK,MAAMI,oBAAoB,IAAIT,qBAAqB,EAAE;cACtD,IAAI;gBACA,MAAMU,OAAO,GAAG/E,OAAO,CAAC4D,aAAI,CAAC7B,OAAO,CAACmC,GAAG,CAACI,gBAAgB,EAAE,CAACT,oBAAoB,EAAE,EAAEiB,oBAAoB,CAAC,CAAC;gBAC1G,IAAIC,OAAO,EAAE;kBACT;kBACAL,WAAW,CAACnD,QAAQ,CAACL,IAAI,CAAC6C,KAAK,CAACW,WAAW,CAACnD,QAAQ,EAAEwD,OAAO,CAAC;gBAClE;cACJ;cACA,OAAMtB,GAAG,EAAE;gBACP;gBACA,IAAIA,GAAG,CAACK,IAAI,KAAK,kBAAkB,EAAE;kBACjC;kBACA,MAAML,GAAG;gBACb;cACJ;YACJ;UACJ;QACJ;MACJ,CAAC,CAAC;IACN;EACJ;AACJ,CAACtC,OAAA,CAAA6C,8BAAA,GAAAA,8BAAA"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@universis/janitor",
-  "version": "1.6.1",
+  "version": "1.6.3",
   "description": "Universis api plugin for rate limiting requests",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/ScopeAccessConfiguration.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import {ConfigurationStrategy, Args} from '@themost/common';
+import {ConfigurationStrategy, Args, ApplicationService} from '@themost/common';
 import path from 'path';
 import url from 'url';
@@ -121,8 +121,46 @@ class DefaultScopeAccessConfiguration extends ScopeAccessConfiguration {
     }
 }
+/**
+ * @class
+ */
+class ExtendScopeAccessConfiguration extends ApplicationService {
+    constructor(app) {
+        super(app);
+        // Get the additional scope access extensions from the configuration
+        const scopeAccessExtensions = app.getConfiguration().settings.universis?.janitor?.scopeAccess["imports"];
+        if (app && app.container && scopeAccessExtensions != null) {
+            app.container.subscribe((container) => {
+                if (container) {
+                    const scopeAccess = app.getConfiguration().getStrategy(function ScopeAccessConfiguration() { });
+                    if (scopeAccess != null) {
+                        for (const scopeAccessExtension of scopeAccessExtensions) {
+                            try {
+                                const element = require(path.resolve(app.getConfiguration().getConfigurationPath(), scopeAccessExtension));
+                                if (element) {
+                                    // add extra scope access elements
+                                    scopeAccess.elements.push.apply(scopeAccess.elements, element);
+                                }
+                            }
+                            catch(err) {
+                                // if an error occurred other than module not found (there are no default access policies)
+                                if (err.code !== 'MODULE_NOT_FOUND') {
+                                    // throw error
+                                    throw err;
+                                }
+                            }
+                        }
+                    }
+                }
+            });
+        }
+    }
+}
 export {
     ScopeString,
     ScopeAccessConfiguration,
-    DefaultScopeAccessConfiguration
+    DefaultScopeAccessConfiguration,
+    ExtendScopeAccessConfiguration
 }