@wxn0brp/gate-warden 0.5.1 → 0.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/check.js +6 -5
- package/dist/const.d.ts +7 -0
- package/dist/const.js +7 -0
- package/dist/log.d.ts +1 -1
- package/dist/mgr.d.ts +2 -2
- package/dist/mgr.js +10 -9
- package/dist/types/check.d.ts +1 -1
- package/dist/types/system.d.ts +1 -1
- package/dist/user.js +8 -7
- package/dist/warden.js +2 -1
- package/package.json +3 -3
package/dist/check.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import hasFieldsAdvanced from "@wxn0brp/db-core/utils/hasFieldsAdvanced";
|
|
2
2
|
import { COLORS } from "./log.js";
|
|
3
3
|
import { convertPath } from "./utils.js";
|
|
4
|
+
import { collections } from "./const.js";
|
|
4
5
|
/**
|
|
5
6
|
* Checks if a user has the given flag on the given entity by checking the entity's ACL.
|
|
6
7
|
* @param db The DB instance
|
|
@@ -13,9 +14,9 @@ import { convertPath } from "./utils.js";
|
|
|
13
14
|
* - -1 if the entity does not have an ACL
|
|
14
15
|
*/
|
|
15
16
|
export async function aclCheck({ db, entityId, flag, user }) {
|
|
16
|
-
if (!await db.issetCollection("
|
|
17
|
+
if (!await db.issetCollection(collections.acl + "/" + entityId))
|
|
17
18
|
return -1;
|
|
18
|
-
const rules = await db.find("
|
|
19
|
+
const rules = await db.find(collections.acl + "/" + entityId, {
|
|
19
20
|
$or: [
|
|
20
21
|
{ uid: user._id },
|
|
21
22
|
{
|
|
@@ -43,7 +44,7 @@ export async function aclCheck({ db, entityId, flag, user }) {
|
|
|
43
44
|
*/
|
|
44
45
|
export async function rbacCheck({ db, flag, user, entityId }) {
|
|
45
46
|
for (const role of user.roles) {
|
|
46
|
-
const rolesEntity = await db.find("
|
|
47
|
+
const rolesEntity = await db.find(collections.role + "/" + role, { _id: entityId });
|
|
47
48
|
for (const entity of rolesEntity) {
|
|
48
49
|
if (entity.p & flag)
|
|
49
50
|
return true;
|
|
@@ -61,9 +62,9 @@ export async function rbacCheck({ db, flag, user, entityId }) {
|
|
|
61
62
|
* @returns `true` if access is granted, `false` otherwise
|
|
62
63
|
*/
|
|
63
64
|
export async function abacCheck({ db, entityId, flag, user, debugLog }) {
|
|
64
|
-
if (!await db.issetCollection("
|
|
65
|
+
if (!await db.issetCollection(collections.abac + "/" + entityId))
|
|
65
66
|
return false;
|
|
66
|
-
const rules = await db.find("
|
|
67
|
+
const rules = await db.find(collections.abac + "/" + entityId, { flag });
|
|
67
68
|
if (rules.length === 0)
|
|
68
69
|
return false;
|
|
69
70
|
for (const rule of rules) {
|
package/dist/const.d.ts
ADDED
package/dist/const.js
ADDED
package/dist/log.d.ts
CHANGED
package/dist/mgr.d.ts
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
import { Id, ValtheraCompatible } from "@wxn0brp/db-core";
|
|
2
|
-
import { ABACRule, ACLRule, Role,
|
|
2
|
+
import { ABACRule, ACLRule, Role, RoleRule } from "./types/system.js";
|
|
3
3
|
export declare class WardenManager {
|
|
4
4
|
private db;
|
|
5
5
|
constructor(db: ValtheraCompatible);
|
|
6
6
|
changeRoleNameToId(name: string): Promise<Id>;
|
|
7
7
|
addRole(role: Role | Omit<Role, "_id">): Promise<Role>;
|
|
8
8
|
addACLRule(entityId: string, p: number, uid?: Id): Promise<ACLRule>;
|
|
9
|
-
addRBACRule(role_id: string, entity_id: string, p: number): Promise<
|
|
9
|
+
addRBACRule(role_id: string, entity_id: string, p: number): Promise<RoleRule>;
|
|
10
10
|
addABACRule(entity_id: string, flag: number, condition: ABACRule["condition"]): Promise<ABACRule>;
|
|
11
11
|
removeRole(roleId: string): Promise<boolean>;
|
|
12
12
|
removeACLRule(entityId: string, uid?: string): Promise<boolean>;
|
package/dist/mgr.js
CHANGED
|
@@ -1,39 +1,40 @@
|
|
|
1
|
+
import { collections } from "./const.js";
|
|
1
2
|
export class WardenManager {
|
|
2
3
|
db;
|
|
3
4
|
constructor(db) {
|
|
4
5
|
this.db = db;
|
|
5
6
|
}
|
|
6
7
|
async changeRoleNameToId(name) {
|
|
7
|
-
return await this.db.findOne(
|
|
8
|
+
return await this.db.findOne(collections.roles, { name }).then((r) => r._id);
|
|
8
9
|
}
|
|
9
10
|
// ADD
|
|
10
11
|
async addRole(role) {
|
|
11
|
-
return await this.db.add(
|
|
12
|
+
return await this.db.add(collections.roles, role);
|
|
12
13
|
}
|
|
13
14
|
async addACLRule(entityId, p, uid) {
|
|
14
15
|
const rule = { p };
|
|
15
16
|
if (uid)
|
|
16
17
|
rule.uid = uid;
|
|
17
|
-
return await this.db.add("
|
|
18
|
+
return await this.db.add(collections.acl + "/" + entityId, rule, false);
|
|
18
19
|
}
|
|
19
20
|
async addRBACRule(role_id, entity_id, p) {
|
|
20
|
-
return await this.db.add("
|
|
21
|
+
return await this.db.add(collections.role + "/" + role_id, { _id: entity_id, p }, false);
|
|
21
22
|
}
|
|
22
23
|
async addABACRule(entity_id, flag, condition) {
|
|
23
|
-
return await this.db.add("
|
|
24
|
+
return await this.db.add(collections.abac + "/" + entity_id, { flag, condition }, true);
|
|
24
25
|
}
|
|
25
26
|
// DELETE
|
|
26
27
|
async removeRole(roleId) {
|
|
27
|
-
return await this.db.removeOne(
|
|
28
|
+
return await this.db.removeOne(collections.roles, { _id: roleId });
|
|
28
29
|
}
|
|
29
30
|
async removeACLRule(entityId, uid) {
|
|
30
31
|
const q = uid ? { uid } : { $not: { $exists: { "uid": true } } };
|
|
31
|
-
return await this.db.removeOne("
|
|
32
|
+
return await this.db.removeOne(collections.acl + "/" + entityId, q);
|
|
32
33
|
}
|
|
33
34
|
async removeRBACRule(roleId, entityId) {
|
|
34
|
-
return await this.db.removeOne("
|
|
35
|
+
return await this.db.removeOne(collections.role + "/" + roleId, { _id: entityId });
|
|
35
36
|
}
|
|
36
37
|
async removeABACRule(entityId, flag) {
|
|
37
|
-
return await this.db.removeOne("
|
|
38
|
+
return await this.db.removeOne(collections.abac + "/" + entityId, { flag });
|
|
38
39
|
}
|
|
39
40
|
}
|
package/dist/types/check.d.ts
CHANGED
package/dist/types/system.d.ts
CHANGED
package/dist/user.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { collections } from "./const.js";
|
|
1
2
|
export class UserManager {
|
|
2
3
|
db;
|
|
3
4
|
constructor(db) {
|
|
@@ -13,7 +14,7 @@ export class UserManager {
|
|
|
13
14
|
roles: userData.roles || [],
|
|
14
15
|
attrib: userData.attrib || {},
|
|
15
16
|
};
|
|
16
|
-
return await this.db.add(
|
|
17
|
+
return await this.db.add(collections.users, newUser, false);
|
|
17
18
|
}
|
|
18
19
|
/**
|
|
19
20
|
* Retrieves a user by _id
|
|
@@ -21,7 +22,7 @@ export class UserManager {
|
|
|
21
22
|
* @returns User or null if it doesn't exist
|
|
22
23
|
*/
|
|
23
24
|
async getUser(user_id) {
|
|
24
|
-
return this.db.findOne(
|
|
25
|
+
return this.db.findOne(collections.users, { _id: user_id });
|
|
25
26
|
}
|
|
26
27
|
/**
|
|
27
28
|
* Updates a user's data
|
|
@@ -33,14 +34,14 @@ export class UserManager {
|
|
|
33
34
|
if (!existingUser)
|
|
34
35
|
throw new Error("User not found");
|
|
35
36
|
const updatedUser = { ...existingUser, ...updates };
|
|
36
|
-
await this.db.update(
|
|
37
|
+
await this.db.update(collections.users, { _id: user_id }, updatedUser);
|
|
37
38
|
}
|
|
38
39
|
/**
|
|
39
40
|
* Deletes a user
|
|
40
41
|
* @param user_id User _id
|
|
41
42
|
*/
|
|
42
43
|
async deleteUser(user_id) {
|
|
43
|
-
await this.db.removeOne(
|
|
44
|
+
await this.db.removeOne(collections.users, { _id: user_id });
|
|
44
45
|
}
|
|
45
46
|
/**
|
|
46
47
|
* Adds a role to a user
|
|
@@ -53,7 +54,7 @@ export class UserManager {
|
|
|
53
54
|
throw new Error("User not found");
|
|
54
55
|
if (!user.roles.includes(role_id)) {
|
|
55
56
|
user.roles.push(role_id);
|
|
56
|
-
await this.db.update(
|
|
57
|
+
await this.db.update(collections.users, { _id: user_id }, user);
|
|
57
58
|
}
|
|
58
59
|
}
|
|
59
60
|
/**
|
|
@@ -68,7 +69,7 @@ export class UserManager {
|
|
|
68
69
|
const index = user.roles.indexOf(role_id);
|
|
69
70
|
if (index !== -1) {
|
|
70
71
|
user.roles.splice(index, 1);
|
|
71
|
-
await this.db.update(
|
|
72
|
+
await this.db.update(collections.users, { _id: user_id }, user);
|
|
72
73
|
}
|
|
73
74
|
}
|
|
74
75
|
/**
|
|
@@ -81,6 +82,6 @@ export class UserManager {
|
|
|
81
82
|
if (!user)
|
|
82
83
|
throw new Error("User not found");
|
|
83
84
|
user.attrib = { ...user.attrib, ...attributes };
|
|
84
|
-
await this.db.update(
|
|
85
|
+
await this.db.update(collections.users, { _id: user_id }, user);
|
|
85
86
|
}
|
|
86
87
|
}
|
package/dist/warden.js
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { abacCheck, aclCheck, rbacCheck } from "./check.js";
|
|
2
2
|
import { COLORS, logAccess } from "./log.js";
|
|
3
|
+
import { collections } from "./const.js";
|
|
3
4
|
export async function fetchUser(db, userId) {
|
|
4
|
-
const user = await db.findOne(
|
|
5
|
+
const user = await db.findOne(collections.users, { _id: userId });
|
|
5
6
|
if (!user)
|
|
6
7
|
throw new Error("User not found");
|
|
7
8
|
return user;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@wxn0brp/gate-warden",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.3",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"author": "wxn0brP",
|
|
@@ -15,12 +15,12 @@
|
|
|
15
15
|
"devDependencies": {
|
|
16
16
|
"@types/bun": "*",
|
|
17
17
|
"@types/node": "*",
|
|
18
|
-
"@wxn0brp/db-core": "^0.
|
|
18
|
+
"@wxn0brp/db-core": "^0.4.0",
|
|
19
19
|
"tsc-alias": "*",
|
|
20
20
|
"typescript": "*"
|
|
21
21
|
},
|
|
22
22
|
"peerDependencies": {
|
|
23
|
-
"@wxn0brp/db-core": ">=0.
|
|
23
|
+
"@wxn0brp/db-core": ">=0.4.0"
|
|
24
24
|
},
|
|
25
25
|
"files": [
|
|
26
26
|
"dist"
|