graphql-shield-node23 7.6.5

package/dist/cjs/rules.js

@@ -0,0 +1,402 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RuleFalse = exports.RuleTrue = exports.RuleNot = exports.RuleRace = exports.RuleChain = exports.RuleAnd = exports.RuleOr = exports.LogicRule = exports.InputRule = exports.Rule = void 0;
+const Yup = __importStar(require("yup"));
+const utils_js_1 = require("./utils.js");
+class Rule {
+    constructor(name, func, constructorOptions) {
+        const options = this.normalizeOptions(constructorOptions);
+        this.name = name;
+        this.func = func;
+        this.cache = options.cache;
+        this.fragment = options.fragment;
+    }
+    /**
+     *
+     * @param parent
+     * @param args
+     * @param ctx
+     * @param info
+     *
+     * Resolves rule and writes to cache its result.
+     *
+     */
+    async resolve(parent, args, ctx, info, options) {
+        try {
+            /* Resolve */
+            const res = await this.executeRule(parent, args, ctx, info, options);
+            if (res instanceof Error) {
+                return res;
+            }
+            else if (typeof res === 'string') {
+                return new Error(res);
+            }
+            else if (res === true) {
+                return true;
+            }
+            else {
+                return false;
+            }
+        }
+        catch (err) {
+            if (options.debug) {
+                throw err;
+            }
+            else {
+                return false;
+            }
+        }
+    }
+    /**
+     *
+     * @param rule
+     *
+     * Compares a given rule with the current one
+     * and checks whether their functions are equal.
+     *
+     */
+    equals(rule) {
+        return this.func === rule.func;
+    }
+    /**
+     *
+     * Extracts fragment from the rule.
+     *
+     */
+    extractFragment() {
+        return this.fragment;
+    }
+    /**
+     *
+     * @param options
+     *
+     * Sets default values for options.
+     *
+     */
+    normalizeOptions(options) {
+        return {
+            cache: options.cache !== undefined
+                ? this.normalizeCacheOption(options.cache)
+                : 'no_cache',
+            fragment: options.fragment !== undefined ? options.fragment : undefined,
+        };
+    }
+    /**
+     *
+     * @param cache
+     *
+     * This ensures backward capability of shield.
+     *
+     */
+    normalizeCacheOption(cache) {
+        switch (cache) {
+            case true: {
+                return 'strict';
+            }
+            case false: {
+                return 'no_cache';
+            }
+            default: {
+                return cache;
+            }
+        }
+    }
+    /**
+     * Executes a rule and writes to cache if needed.
+     *
+     * @param parent
+     * @param args
+     * @param ctx
+     * @param info
+     */
+    executeRule(parent, args, ctx, info, options) {
+        switch (typeof this.cache) {
+            case 'function': {
+                /* User defined cache function. */
+                const key = `${this.name}-${this.cache(parent, args, ctx, info)}`;
+                return this.writeToCache(key)(parent, args, ctx, info);
+            }
+            case 'string': {
+                /* Standard cache option. */
+                switch (this.cache) {
+                    case 'strict': {
+                        const key = options.hashFunction({ parent, args });
+                        return this.writeToCache(`${this.name}-${key}`)(parent, args, ctx, info);
+                    }
+                    case 'contextual': {
+                        return this.writeToCache(this.name)(parent, args, ctx, info);
+                    }
+                    case 'no_cache': {
+                        return this.func(parent, args, ctx, info);
+                    }
+                }
+            }
+            /* istanbul ignore next */
+            default: {
+                throw new Error(`Unsupported cache format: ${typeof this.cache}`);
+            }
+        }
+    }
+    /**
+     * Writes or reads result from cache.
+     *
+     * @param key
+     */
+    writeToCache(key) {
+        return (parent, args, ctx, info) => {
+            if (!ctx._shield.cache[key]) {
+                ctx._shield.cache[key] = this.func(parent, args, ctx, info);
+            }
+            return ctx._shield.cache[key];
+        };
+    }
+}
+exports.Rule = Rule;
+class InputRule extends Rule {
+    constructor(name, schema, options) {
+        const validationFunction = (parent, args, ctx) => schema(Yup, ctx)
+            .validate(args, options)
+            .then(() => true)
+            .catch((err) => err);
+        super(name, validationFunction, { cache: 'strict', fragment: undefined });
+    }
+}
+exports.InputRule = InputRule;
+class LogicRule {
+    constructor(rules) {
+        this.rules = rules;
+    }
+    /**
+     * By default logic rule resolves to false.
+     */
+    async resolve(parent, args, ctx, info, options) {
+        return false;
+    }
+    /**
+     * Evaluates all the rules.
+     */
+    async evaluate(parent, args, ctx, info, options) {
+        const rules = this.getRules();
+        const tasks = rules.map((rule) => rule.resolve(parent, args, ctx, info, options));
+        return Promise.all(tasks);
+    }
+    /**
+     * Returns rules in a logic rule.
+     */
+    getRules() {
+        return this.rules;
+    }
+    /**
+     * Extracts fragments from the defined rules.
+     */
+    extractFragments() {
+        const fragments = this.rules.reduce((fragments, rule) => {
+            if ((0, utils_js_1.isLogicRule)(rule)) {
+                return fragments.concat(...rule.extractFragments());
+            }
+            const fragment = rule.extractFragment();
+            if (fragment)
+                return fragments.concat(fragment);
+            return fragments;
+        }, []);
+        return fragments;
+    }
+}
+exports.LogicRule = LogicRule;
+// Extended Types
+class RuleOr extends LogicRule {
+    constructor(rules) {
+        super(rules);
+    }
+    /**
+     * Makes sure that at least one of them has evaluated to true.
+     */
+    async resolve(parent, args, ctx, info, options) {
+        const result = await this.evaluate(parent, args, ctx, info, options);
+        if (result.every((res) => res !== true)) {
+            const customError = result.find((res) => res instanceof Error);
+            return customError || false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+exports.RuleOr = RuleOr;
+class RuleAnd extends LogicRule {
+    constructor(rules) {
+        super(rules);
+    }
+    /**
+     * Makes sure that all of them have resolved to true.
+     */
+    async resolve(parent, args, ctx, info, options) {
+        const result = await this.evaluate(parent, args, ctx, info, options);
+        if (result.some((res) => res !== true)) {
+            const customError = result.find((res) => res instanceof Error);
+            return customError || false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+exports.RuleAnd = RuleAnd;
+class RuleChain extends LogicRule {
+    constructor(rules) {
+        super(rules);
+    }
+    /**
+     * Makes sure that all of them have resolved to true.
+     */
+    async resolve(parent, args, ctx, info, options) {
+        const result = await this.evaluate(parent, args, ctx, info, options);
+        if (result.some((res) => res !== true)) {
+            const customError = result.find((res) => res instanceof Error);
+            return customError || false;
+        }
+        else {
+            return true;
+        }
+    }
+    /**
+     * Evaluates all the rules.
+     */
+    async evaluate(parent, args, ctx, info, options) {
+        const rules = this.getRules();
+        return iterate(rules);
+        async function iterate([rule, ...otherRules]) {
+            if (rule === undefined)
+                return [];
+            return rule.resolve(parent, args, ctx, info, options).then((res) => {
+                if (res !== true) {
+                    return [res];
+                }
+                else {
+                    return iterate(otherRules).then((ress) => ress.concat(res));
+                }
+            });
+        }
+    }
+}
+exports.RuleChain = RuleChain;
+class RuleRace extends LogicRule {
+    constructor(rules) {
+        super(rules);
+    }
+    /**
+     * Makes sure that at least one of them resolved to true.
+     */
+    async resolve(parent, args, ctx, info, options) {
+        const result = await this.evaluate(parent, args, ctx, info, options);
+        if (result.some((res) => res === true)) {
+            return true;
+        }
+        else {
+            const customError = result.find((res) => res instanceof Error);
+            return customError || false;
+        }
+    }
+    /**
+     * Evaluates all the rules.
+     */
+    async evaluate(parent, args, ctx, info, options) {
+        const rules = this.getRules();
+        return iterate(rules);
+        async function iterate([rule, ...otherRules]) {
+            if (rule === undefined)
+                return [];
+            return rule.resolve(parent, args, ctx, info, options).then((res) => {
+                if (res === true) {
+                    return [res];
+                }
+                else {
+                    return iterate(otherRules).then((ress) => ress.concat(res));
+                }
+            });
+        }
+    }
+}
+exports.RuleRace = RuleRace;
+class RuleNot extends LogicRule {
+    constructor(rule, error) {
+        super([rule]);
+        this.error = error;
+    }
+    /**
+     *
+     * @param parent
+     * @param args
+     * @param ctx
+     * @param info
+     *
+     * Negates the result.
+     *
+     */
+    async resolve(parent, args, ctx, info, options) {
+        const [res] = await this.evaluate(parent, args, ctx, info, options);
+        if (res instanceof Error) {
+            return true;
+        }
+        else if (res !== true) {
+            return true;
+        }
+        else {
+            if (this.error)
+                return this.error;
+            return false;
+        }
+    }
+}
+exports.RuleNot = RuleNot;
+class RuleTrue extends LogicRule {
+    constructor() {
+        super([]);
+    }
+    /**
+     *
+     * Always true.
+     *
+     */
+    async resolve() {
+        return true;
+    }
+}
+exports.RuleTrue = RuleTrue;
+class RuleFalse extends LogicRule {
+    constructor() {
+        super([]);
+    }
+    /**
+     *
+     * Always false.
+     *
+     */
+    async resolve() {
+        return false;
+    }
+}
+exports.RuleFalse = RuleFalse;

package/dist/cjs/shield.js

@@ -0,0 +1,52 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.shield = void 0;
+const object_hash_1 = __importDefault(require("object-hash"));
+const graphql_middleware_1 = require("graphql-middleware");
+const validation_js_1 = require("./validation.js");
+const generator_js_1 = require("./generator.js");
+const constructors_js_1 = require("./constructors.js");
+const utils_js_1 = require("./utils.js");
+/**
+ *
+ * @param options
+ *
+ * Makes sure all of defined rules are in accord with the options
+ * shield can process.
+ *
+ */
+function normalizeOptions(options) {
+    if (typeof options.fallbackError === 'string') {
+        options.fallbackError = new Error(options.fallbackError);
+    }
+    return {
+        debug: options.debug !== undefined ? options.debug : false,
+        allowExternalErrors: (0, utils_js_1.withDefault)(false)(options.allowExternalErrors),
+        fallbackRule: (0, utils_js_1.withDefault)(constructors_js_1.allow)(options.fallbackRule),
+        fallbackError: (0, utils_js_1.withDefault)(new Error('Not Authorised!'))(options.fallbackError),
+        hashFunction: (0, utils_js_1.withDefault)(object_hash_1.default)(options.hashFunction),
+    };
+}
+/**
+ *
+ * @param ruleTree
+ * @param options
+ *
+ * Validates rules and generates middleware from defined rule tree.
+ *
+ */
+function shield(ruleTree, options = {}) {
+    const normalizedOptions = normalizeOptions(options);
+    const ruleTreeValidity = (0, validation_js_1.validateRuleTree)(ruleTree);
+    if (ruleTreeValidity.status === 'ok') {
+        const generatorFunction = (0, generator_js_1.generateMiddlewareGeneratorFromRuleTree)(ruleTree, normalizedOptions);
+        return (0, graphql_middleware_1.middleware)(generatorFunction);
+    }
+    else {
+        throw new validation_js_1.ValidationError(ruleTreeValidity.message);
+    }
+}
+exports.shield = shield;

package/dist/cjs/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/utils.js

@@ -0,0 +1,97 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.withDefault = exports.flattenObjectOf = exports.isRuleFieldMap = exports.isRuleFunction = exports.isLogicRule = exports.isRule = void 0;
+const rules_js_1 = require("./rules.js");
+/**
+ *
+ * @param x
+ *
+ * Makes sure that a certain field is a rule.
+ *
+ */
+function isRule(x) {
+    return (x instanceof rules_js_1.Rule || (x && x.constructor && x.constructor.name === 'Rule'));
+}
+exports.isRule = isRule;
+/**
+ *
+ * @param x
+ *
+ * Makes sure that a certain field is a logic rule.
+ *
+ */
+function isLogicRule(x) {
+    return (x instanceof rules_js_1.LogicRule ||
+        (x &&
+            x.constructor &&
+            (x.constructor.name === 'RuleOr' ||
+                x.constructor.name === 'RuleAnd' ||
+                x.constructor.name === 'RuleChain' ||
+                x.constructor.name === 'RuleRace' ||
+                x.constructor.name === 'RuleNot' ||
+                x.constructor.name === 'RuleTrue' ||
+                x.constructor.name === 'RuleFalse')));
+}
+exports.isLogicRule = isLogicRule;
+/**
+ *
+ * @param x
+ *
+ * Makes sure that a certain field is a rule or a logic rule.
+ *
+ */
+function isRuleFunction(x) {
+    return isRule(x) || isLogicRule(x);
+}
+exports.isRuleFunction = isRuleFunction;
+/**
+ *
+ * @param x
+ *
+ * Determines whether a certain field is rule field map or not.
+ *
+ */
+function isRuleFieldMap(x) {
+    return (typeof x === 'object' &&
+        Object.values(x).every((rule) => isRuleFunction(rule)));
+}
+exports.isRuleFieldMap = isRuleFieldMap;
+/**
+ *
+ * @param obj
+ * @param func
+ *
+ * Flattens object of particular type by checking if the leaf
+ * evaluates to true from particular function.
+ *
+ */
+function flattenObjectOf(obj, f) {
+    const values = Object.keys(obj).reduce((acc, key) => {
+        const val = obj[key];
+        if (f(val)) {
+            return [...acc, val];
+        }
+        else if (typeof val === 'object' && !f(val)) {
+            return [...acc, ...flattenObjectOf(val, f)];
+        }
+        else {
+            return acc;
+        }
+    }, []);
+    return values;
+}
+exports.flattenObjectOf = flattenObjectOf;
+/**
+ *
+ * Returns fallback is provided value is undefined
+ *
+ * @param fallback
+ */
+function withDefault(fallback) {
+    return (value) => {
+        if (value === undefined)
+            return fallback;
+        return value;
+    };
+}
+exports.withDefault = withDefault;

package/dist/cjs/validation.js

@@ -0,0 +1,84 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ValidationError = exports.validateRuleTree = void 0;
+const utils_js_1 = require("./utils.js");
+/**
+ *
+ * @param ruleTree
+ *
+ * Validates the rule tree declaration by checking references of rule
+ * functions. We deem rule tree valid if no two rules with the same name point
+ * to different rules.
+ *
+ */
+function validateRuleTree(ruleTree) {
+    const rules = extractRules(ruleTree);
+    const valid = rules.reduce(({ map, duplicates }, rule) => {
+        if (!map.has(rule.name)) {
+            return { map: map.set(rule.name, rule), duplicates };
+        }
+        else if (!map.get(rule.name).equals(rule) &&
+            !duplicates.includes(rule.name)) {
+            return {
+                map: map.set(rule.name, rule),
+                duplicates: [...duplicates, rule.name],
+            };
+        }
+        else {
+            return { map, duplicates };
+        }
+    }, { map: new Map(), duplicates: [] });
+    if (valid.duplicates.length === 0) {
+        return { status: 'ok' };
+    }
+    else {
+        const duplicates = valid.duplicates.join(', ');
+        return {
+            status: 'err',
+            message: `There seem to be multiple definitions of these rules: ${duplicates}`,
+        };
+    }
+    /* Helper functions */
+    /**
+     *
+     * @param ruleTree
+     *
+     * Extracts rules from rule tree.
+     *
+     */
+    function extractRules(ruleTree) {
+        const resolvers = (0, utils_js_1.flattenObjectOf)(ruleTree, utils_js_1.isRuleFunction);
+        const rules = resolvers.reduce((rules, rule) => {
+            if ((0, utils_js_1.isLogicRule)(rule)) {
+                return [...rules, ...extractLogicRules(rule)];
+            }
+            else {
+                return [...rules, rule];
+            }
+        }, []);
+        return rules;
+    }
+    /**
+     *
+     * Recursively extracts Rules from LogicRule
+     *
+     * @param rule
+     */
+    function extractLogicRules(rule) {
+        return rule.getRules().reduce((acc, shieldRule) => {
+            if ((0, utils_js_1.isLogicRule)(shieldRule)) {
+                return [...acc, ...extractLogicRules(shieldRule)];
+            }
+            else {
+                return [...acc, shieldRule];
+            }
+        }, []);
+    }
+}
+exports.validateRuleTree = validateRuleTree;
+class ValidationError extends Error {
+    constructor(message) {
+        super(message);
+    }
+}
+exports.ValidationError = ValidationError;