npm - better-auth - Versions diffs - 0.2.3-beta.7 → 0.2.3 - Mend

better-auth 0.2.3-beta.7 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/dist/access.js CHANGED Viewed

@@ -1 +1,125 @@
-var a=class extends Error{path;constructor(e,n){super(e),this.path=n}},c=class{constructor(e){this.s=e;this.statements=e}statements;newRole(e){return new i(e)}},i=class s{statements;constructor(e){this.statements=e}authorize(e,n){for(let[t,o]of Object.entries(e)){let r=this.statements[t];if(!r)return{success:!1,error:`You are not allowed to access resource: ${t}`};let p=n==="OR"?o.some(m=>r.includes(m)):o.every(m=>r.includes(m));return p?{success:p}:{success:!1,error:`unauthorized to access resource "${t}"`}}return{success:!1,error:"Not authorized"}}static fromString(e){let n=JSON.parse(e);if(typeof n!="object")throw new a("statements is not an object",".");for(let[t,o]of Object.entries(n)){if(typeof t!="string")throw new a("invalid resource identifier",t);if(!Array.isArray(o))throw new a("actions is not an array",t);for(let r=0;r<o.length;r++)if(typeof o[r]!="string")throw new a("action is not a string",`${t}[${r}]`)}return new s(n)}toString(){return JSON.stringify(this.statements)}};var l=s=>new c(s),d={organization:["update","delete"],member:["create","update","delete"],invitation:["create","cancel"]},u=l(d),S=u.newRole({organization:["update"],invitation:["create","cancel"],member:["create","update","delete"]}),f=u.newRole({organization:["update","delete"],member:["create","update","delete"],invitation:["create","cancel"]}),x=u.newRole({organization:[],member:[],invitation:[]}),b={admin:S,owner:f,member:x};var T=s=>i.fromString(s??"");export{c as AccessControl,a as ParsingError,i as Role,S as adminAc,l as createAccessControl,u as defaultAc,b as defaultRoles,d as defaultStatements,x as memberAc,f as ownerAc,T as permissionFromString};
+// src/plugins/organization/access/src/access.ts
+var ParsingError = class extends Error {
+  path;
+  constructor(message, path) {
+    super(message);
+    this.path = path;
+  }
+};
+var AccessControl = class {
+  constructor(s) {
+    this.s = s;
+    this.statements = s;
+  }
+  statements;
+  newRole(statements) {
+    return new Role(statements);
+  }
+};
+var Role = class _Role {
+  statements;
+  constructor(statements) {
+    this.statements = statements;
+  }
+  authorize(request, connector) {
+    for (const [requestedResource, requestedActions] of Object.entries(
+      request
+    )) {
+      const allowedActions = this.statements[requestedResource];
+      if (!allowedActions) {
+        return {
+          success: false,
+          error: `You are not allowed to access resource: ${requestedResource}`
+        };
+      }
+      const success = connector === "OR" ? requestedActions.some(
+        (requestedAction) => allowedActions.includes(requestedAction)
+      ) : requestedActions.every(
+        (requestedAction) => allowedActions.includes(requestedAction)
+      );
+      if (success) {
+        return { success };
+      }
+      return {
+        success: false,
+        error: `unauthorized to access resource "${requestedResource}"`
+      };
+    }
+    return {
+      success: false,
+      error: "Not authorized"
+    };
+  }
+  static fromString(s) {
+    const statements = JSON.parse(s);
+    if (typeof statements !== "object") {
+      throw new ParsingError("statements is not an object", ".");
+    }
+    for (const [resource, actions] of Object.entries(statements)) {
+      if (typeof resource !== "string") {
+        throw new ParsingError("invalid resource identifier", resource);
+      }
+      if (!Array.isArray(actions)) {
+        throw new ParsingError("actions is not an array", resource);
+      }
+      for (let i = 0; i < actions.length; i++) {
+        if (typeof actions[i] !== "string") {
+          throw new ParsingError("action is not a string", `${resource}[${i}]`);
+        }
+      }
+    }
+    return new _Role(statements);
+  }
+  toString() {
+    return JSON.stringify(this.statements);
+  }
+};
+// src/plugins/organization/access/statement.ts
+var createAccessControl = (statements) => {
+  return new AccessControl(statements);
+};
+var defaultStatements = {
+  organization: ["update", "delete"],
+  member: ["create", "update", "delete"],
+  invitation: ["create", "cancel"]
+};
+var defaultAc = createAccessControl(defaultStatements);
+var adminAc = defaultAc.newRole({
+  organization: ["update"],
+  invitation: ["create", "cancel"],
+  member: ["create", "update", "delete"]
+});
+var ownerAc = defaultAc.newRole({
+  organization: ["update", "delete"],
+  member: ["create", "update", "delete"],
+  invitation: ["create", "cancel"]
+});
+var memberAc = defaultAc.newRole({
+  organization: [],
+  member: [],
+  invitation: []
+});
+var defaultRoles = {
+  admin: adminAc,
+  owner: ownerAc,
+  member: memberAc
+};
+// src/plugins/organization/access/utils.ts
+var permissionFromString = (permission) => {
+  return Role.fromString(permission ?? "");
+};
+export {
+  AccessControl,
+  ParsingError,
+  Role,
+  adminAc,
+  createAccessControl,
+  defaultAc,
+  defaultRoles,
+  defaultStatements,
+  memberAc,
+  ownerAc,
+  permissionFromString
+};