npm - @zenofolio/hyper-decor - Versions diffs - 1.0.56 → 1.0.58 - Mend

@zenofolio/hyper-decor 1.0.56 → 1.0.58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/__internals/transform/role.transform.js +7 -7
package/dist/__internals/transform/scope.transfrom.d.ts +1 -1
package/dist/__internals/transform/scope.transfrom.js +48 -36
package/package.json +2 -2

package/dist/__internals/transform/role.transform.js CHANGED Viewed

@@ -7,19 +7,19 @@ const constants_1 = require("../constants");
 function roleTransform(list, callback) {
     const { roles, names, isEmtpy } = resolveRoles(list);
     const middleware = (req, res, next) => {
-        // if scopes is empty, then we don't need to check for scopes
+        var _a;
         if (isEmtpy)
             return next();
-        // get the user scopes
-        const requestRoles = (0, helpers_1.getRoles)(req);
-        if (requestRoles === null || requestRoles === void 0 ? void 0 : requestRoles.includes(constants_1.FULL_ACCESS))
+        const requestRoles = new Set((_a = (0, helpers_1.getRoles)(req)) !== null && _a !== void 0 ? _a : []);
+        if (requestRoles.size === 0 && isEmtpy)
             return next();
-        // find the first scope that is not in the userScopes
-        const role = roles.find((scope) => requestRoles === null || requestRoles === void 0 ? void 0 : requestRoles.includes(scope.role));
+        if (requestRoles.has(constants_1.FULL_ACCESS))
+            return next();
+        const role = roles.some((scope) => requestRoles.has(scope.role));
         if (role) {
             return next();
         }
-        return next(new exeptions_1.NotRoleException(`Only ${Array.from(names).join(", ")} can access this resource`, requestRoles, Array.from(names)));
+        return next(new exeptions_1.NotRoleException(`Only ${Array.from(names).join(", ")} can access this resource`, Array.from(requestRoles), Array.from(names)));
     };
     if (names.size > 0 && callback) {
         callback(middleware, roles, names);

package/dist/__internals/transform/scope.transfrom.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { MiddlewareHandler } from "hyper-express";
+import { MiddlewareHandler } from "hyper-express/types";
 import { ScopeMap, ScopeType } from "../../decorators";
 type Callback = (middleware: MiddlewareHandler, scopes: ScopeMap[], names: Set<string>) => void;
 export default function scopeTransfrom(listScopes: ScopeType[], ...callback: Callback[]): MiddlewareHandler;

package/dist/__internals/transform/scope.transfrom.js CHANGED Viewed

@@ -5,25 +5,26 @@ const exeptions_1 = require("../../exeptions");
 const helpers_1 = require("../../common/helpers");
 const constants_1 = require("../constants");
 function scopeTransfrom(listScopes, ...callback) {
-    const { scopes, scopeNames, isEmtpy } = resolveScopes(listScopes);
+    const { scopes, scopeNames, isEmpty } = resolveScopes(listScopes);
     const middleware = (req, res, next) => {
         var _a;
-        // if scopes is empty, then we don't need to check for scopes
-        if (isEmtpy)
+        if (isEmpty)
             return next();
-        // get the user scopes
-        const userScopes = (0, helpers_1.getScopes)(req);
-        // hek if has global scope
-        if (userScopes === null || userScopes === void 0 ? void 0 : userScopes.includes(constants_1.FULL_ACCESS))
+        const userScopesRaw = (0, helpers_1.getScopes)(req);
+        if (!userScopesRaw || userScopesRaw.length === 0) {
+            return next(new exeptions_1.NotScopeException(`FORBIDDEN`, [], Array.from(scopeNames)));
+        }
+        const userScopes = new Set(userScopesRaw);
+        if (userScopes.has(constants_1.FULL_ACCESS))
             return next();
-        // find the first scope that is not in the userScopes
-        const error = scopes.find((scope) => !(userScopes === null || userScopes === void 0 ? void 0 : userScopes.includes(scope.scope)));
-        if (error) {
-            return next(new exeptions_1.NotScopeException((_a = error.message) !== null && _a !== void 0 ? _a : `You don't have the required scopes to access this resource`, userScopes, Array.from(scopeNames)));
+        for (const scope of scopes) {
+            if (!userScopes.has(scope.scope)) {
+                return next(new exeptions_1.NotScopeException((_a = scope.message) !== null && _a !== void 0 ? _a : `FORBIDDEN`, userScopesRaw, Array.from(scopeNames)));
+            }
         }
         return next();
     };
-    if (scopeNames.size > 0 && callback && callback.length > 0) {
+    if (!isEmpty && callback.length > 0) {
         for (const cb of callback)
             cb(middleware, scopes, scopeNames);
     }
@@ -40,36 +41,47 @@ const resolveScopes = (scopes) => {
     var _a, _b;
     const $scopes = {};
     for (const scope of scopes) {
-        if (typeof scope === "string") {
-            $scopes[scope] = {
-                scope,
-                description: "",
+        const list = parseScope(scope);
+        if (list.length === 0)
+            continue;
+        for (const s of list) {
+            $scopes[s.scope] = {
+                scope: s.scope,
+                description: (_a = s.description) !== null && _a !== void 0 ? _a : "",
+                message: (_b = s.message) !== null && _b !== void 0 ? _b : `You don't have the required scopes to access this resource`,
             };
         }
-        else if (Array.isArray(scope)) {
-            for (const s of scope) {
-                switch (typeof s) {
-                    case "string":
-                        $scopes[s] = {
-                            scope: s,
-                            description: "",
-                        };
-                        break;
-                    case "object":
-                        $scopes[s.scope] = {
-                            scope: s.scope,
-                            description: (_a = s.description) !== null && _a !== void 0 ? _a : "",
-                            message: (_b = s.message) !== null && _b !== void 0 ? _b : `You don't have the required scopes to access this resource`,
-                        };
-                        break;
-                }
-            }
-        }
     }
     const values = Object.values($scopes);
     return {
         scopes: values,
         scopeNames: new Set(Object.keys($scopes)),
-        isEmtpy: values.length === 0,
+        isEmpty: values.length === 0,
     };
 };
+/**
+ * Parse the scope to a standard format
+ *
+ * @param scope
+ * @returns
+ */
+const parseScope = (scope) => {
+    switch (typeof scope) {
+        case "string":
+            return [
+                {
+                    scope,
+                    description: "",
+                },
+            ];
+        case "object":
+            if (Array.isArray(scope)) {
+                if (scope.length === 0)
+                    return [];
+                return scope.map((s) => parseScope(s)).flat();
+            }
+            else {
+                return [scope];
+            }
+    }
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@zenofolio/hyper-decor",
-  "version": "1.0.56",
+  "version": "1.0.58",
   "description": "Project core with utilities and features",
   "main": "dist/index.js",
   "author": "zenozaga",
@@ -15,7 +15,7 @@
     "hyper-express": "^6.17.3"
   },
   "devDependencies": {
-    "@types/file-type": "^10.9.3",
+    "@types/file-type": "10.6.0",
     "@types/mocha": "^10.0.8",
     "chai": "^5.1.2",
     "mocha": "^10.7.3",