npm - k2hr3-api - Versions diffs - 1.0.42 → 2.0.1 - Mend

k2hr3-api 1.0.42 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/config/k2hr3-init.sh.templ +4 -4
package/dist/.gitkeep +0 -0
package/dist/src/app.js +262 -0
package/{bin → dist/src/bin}/run.sh +1 -1
package/dist/src/bin/watcher.js +113 -0
package/dist/src/bin/www.js +217 -0
package/dist/src/lib/basicipcheck.js +392 -0
package/dist/src/lib/cacerts.js +106 -0
package/dist/src/lib/dbglogging.js +190 -0
package/dist/src/lib/dummyuserapi.js +719 -0
package/dist/src/lib/ipwatch.js +354 -0
package/dist/src/lib/k2hr3acrutil.js +532 -0
package/dist/src/lib/k2hr3apiutil.js +1444 -0
package/dist/src/lib/k2hr3cliutil.js +183 -0
package/dist/src/lib/k2hr3config.js +832 -0
package/dist/src/lib/k2hr3cryptutil.js +258 -0
package/dist/src/lib/k2hr3dkc.js +12121 -0
package/dist/src/lib/k2hr3extdata.js +198 -0
package/dist/src/lib/k2hr3keys.js +207 -0
package/dist/src/lib/k2hr3resutil.js +111 -0
package/dist/src/lib/k2hr3template.js +6546 -0
package/dist/src/lib/k2hr3tokens.js +2643 -0
package/dist/src/lib/k2hr3userdata.js +296 -0
package/dist/src/lib/k8soidc.js +1000 -0
package/dist/src/lib/openstackapiv2.js +695 -0
package/dist/src/lib/openstackapiv3.js +932 -0
package/dist/src/lib/openstackep.js +667 -0
package/{tests/auto_common.js → dist/src/lib/types.js} +4 -38
package/dist/src/routes/acr.js +704 -0
package/dist/src/routes/debugVerify.js +294 -0
package/dist/src/routes/extdata.js +219 -0
package/dist/src/routes/list.js +264 -0
package/dist/src/routes/policy.js +840 -0
package/dist/src/routes/resource.js +1489 -0
package/dist/src/routes/role.js +2627 -0
package/dist/src/routes/service.js +908 -0
package/dist/src/routes/tenant.js +1141 -0
package/dist/src/routes/userTokens.js +482 -0
package/dist/src/routes/userdata.js +212 -0
package/dist/src/routes/version.js +103 -0
package/package.json +152 -121
package/ChangeLog +0 -378
package/app.js +0 -292
package/bin/watcher +0 -122
package/bin/www +0 -180
package/eslint.config.mjs +0 -68
package/lib/basicipcheck.js +0 -376
package/lib/cacerts.js +0 -71
package/lib/dbglogging.js +0 -151
package/lib/dummyuserapi.js +0 -766
package/lib/ipwatch.js +0 -379
package/lib/k2hr3acrutil.js +0 -516
package/lib/k2hr3apiutil.js +0 -1494
package/lib/k2hr3cliutil.js +0 -191
package/lib/k2hr3config.js +0 -826
package/lib/k2hr3cryptutil.js +0 -254
package/lib/k2hr3dkc.js +0 -12632
package/lib/k2hr3extdata.js +0 -198
package/lib/k2hr3keys.js +0 -234
package/lib/k2hr3resutil.js +0 -100
package/lib/k2hr3template.js +0 -6925
package/lib/k2hr3tokens.js +0 -2799
package/lib/k2hr3userdata.js +0 -312
package/lib/k8soidc.js +0 -1012
package/lib/openstackapiv2.js +0 -764
package/lib/openstackapiv3.js +0 -1032
package/lib/openstackep.js +0 -553
package/routes/acr.js +0 -738
package/routes/debugVerify.js +0 -263
package/routes/extdata.js +0 -232
package/routes/list.js +0 -270
package/routes/policy.js +0 -869
package/routes/resource.js +0 -1441
package/routes/role.js +0 -2664
package/routes/service.js +0 -894
package/routes/tenant.js +0 -1095
package/routes/userTokens.js +0 -511
package/routes/userdata.js +0 -218
package/routes/version.js +0 -108
package/templ/Dockerfile.templ +0 -71
package/tests/auto_acr.js +0 -1101
package/tests/auto_acr_spec.js +0 -79
package/tests/auto_all_spec.js +0 -142
package/tests/auto_control_subprocess.sh +0 -243
package/tests/auto_extdata.js +0 -220
package/tests/auto_extdata_spec.js +0 -79
package/tests/auto_init_config_json.sh +0 -275
package/tests/auto_k2hdkc_server.ini +0 -109
package/tests/auto_k2hdkc_slave.ini +0 -83
package/tests/auto_list.js +0 -439
package/tests/auto_list_spec.js +0 -79
package/tests/auto_policy.js +0 -1579
package/tests/auto_policy_spec.js +0 -79
package/tests/auto_resource.js +0 -10956
package/tests/auto_resource_spec.js +0 -79
package/tests/auto_role.js +0 -6150
package/tests/auto_role_spec.js +0 -79
package/tests/auto_service.js +0 -770
package/tests/auto_service_spec.js +0 -79
package/tests/auto_subprocesses.js +0 -114
package/tests/auto_template.sh +0 -126
package/tests/auto_tenant.js +0 -1100
package/tests/auto_tenant_spec.js +0 -79
package/tests/auto_token_util.js +0 -219
package/tests/auto_userdata.js +0 -292
package/tests/auto_userdata_spec.js +0 -79
package/tests/auto_usertokens.js +0 -565
package/tests/auto_usertokens_spec.js +0 -79
package/tests/auto_version.js +0 -127
package/tests/auto_version_spec.js +0 -79
package/tests/auto_watcher.js +0 -157
package/tests/auto_watcher_spec.js +0 -79
package/tests/k2hdkc_test.data +0 -986
package/tests/k2hdkc_test_load.sh +0 -255
package/tests/k2hr3template_test.js +0 -187
package/tests/k2hr3template_test.sh +0 -339
package/tests/k2hr3template_test_async.js +0 -216
package/tests/k2hr3template_test_template.result +0 -7117
package/tests/k2hr3template_test_template.txt +0 -3608
package/tests/k2hr3template_test_vars.js +0 -194
package/tests/manual_acr_delete.js +0 -143
package/tests/manual_acr_get.js +0 -297
package/tests/manual_acr_postput.js +0 -215
package/tests/manual_allusertenant_get.js +0 -113
package/tests/manual_extdata_get.js +0 -191
package/tests/manual_k2hr3keys_get.js +0 -84
package/tests/manual_list_gethead.js +0 -230
package/tests/manual_policy_delete.js +0 -132
package/tests/manual_policy_gethead.js +0 -275
package/tests/manual_policy_postput.js +0 -297
package/tests/manual_resource_delete.js +0 -433
package/tests/manual_resource_gethead.js +0 -423
package/tests/manual_resource_postput.js +0 -487
package/tests/manual_role_delete.js +0 -404
package/tests/manual_role_gethead.js +0 -547
package/tests/manual_role_postput.js +0 -544
package/tests/manual_service_delete.js +0 -153
package/tests/manual_service_gethead.js +0 -178
package/tests/manual_service_postput.js +0 -348
package/tests/manual_tenant_delete.js +0 -186
package/tests/manual_tenant_gethead.js +0 -268
package/tests/manual_tenant_postput.js +0 -293
package/tests/manual_test.sh +0 -352
package/tests/manual_userdata_get.js +0 -173
package/tests/manual_usertoken_gethead.js +0 -136
package/tests/manual_usertoken_postput.js +0 -310
package/tests/manual_version_get.js +0 -127
package/tests/run_local_test_k2hdkc.sh +0 -174
package/tests/test.sh +0 -333

package/lib/k2hr3extdata.js DELETED Viewed

@@ -1,198 +0,0 @@
-/*
- * K2HR3 REST API
- *
- * Copyright 2018 Yahoo Japan Corporation.
- *
- * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
- * common management information for the cloud.
- * K2HR3 can dynamically manage information as "who", "what", "operate".
- * These are stored as roles, resources, policies in K2hdkc, and the
- * client system can dynamically read and modify these information.
- *
- * For the full copyright and license information, please view
- * the license file that was distributed with this source code.
- *
- * AUTHOR:   Takeshi Nakatani
- * CREATE:   Tue May 13 2020
- * REVISION:
- *
- */
-'use strict';
-var	apiutil		= require('./k2hr3apiutil');
-var	cryptutil	= require('./k2hr3cryptutil');
-var	r3Conf		= require('./k2hr3config').r3ApiConfig;
-var	r3keys		= require('./k2hr3keys').getK2hr3Keys;
-var	apiConf		= new r3Conf();
-// Debug logging objects
-var r3logger	= require('./dbglogging');
-//---------------------------------------------------------
-// load userdata templates from config directory
-//---------------------------------------------------------
-var	LoadedExtdataObjs = (function()
-{
-	var	extdataobjs = {
-		configs:		{},
-		cryptconfig:	null,
-		kw_role_name:	/{{= %K2HR3_ROLE_NAME% }}/g,		// Role YRN full path
-		kw_role_tenant:	/{{= %K2HR3_ROLE_TENANT% }}/g,		// Tenant YRN full path
-		kw_role_token:	/{{= %K2HR3_ROLE_TOKEN% }}/g,		// Role Token
-		kw_api_uri:		/{{= %K2HR3_API_HOST_URI% }}/g,		// K2HR3 API server URI(ex. https://localhost:3000)
-		kw_err_msg:		/{{= %K2HR3_ERROR_MSG% }}/g			// Error message string when something error occured
-	};
-	if(0 < apiConf.getExtdataConfigCount()){
-		extdataobjs.configs	= apiConf.getAllExtdataConfig();
-		Object.keys(extdataobjs.configs).forEach(function(key){
-			extdataobjs.configs[key].contents = apiutil.readFileContents(extdataobjs.configs[key].template);
-		});
-	}
-	extdataobjs.cryptconfig	= apiConf.getUserdataCryptConfig();
-	return extdataobjs;
-}());
-//---------------------------------------------------------
-// Userdata Processing Class
-//---------------------------------------------------------
-var ExtdataProcess = (function()
-{
-	//
-	// Constructor
-	//
-	var ExtdataProcess = function()
-	{
-		this._extdataObjs = LoadedExtdataObjs;
-	};
-	var proto = ExtdataProcess.prototype;
-	//
-	// Methods
-	//
-	proto.checkSuburi = function(key)
-	{
-		if(!apiutil.isSafeString(key)){
-			r3logger.elog('key parameter is empty.');
-			return false;
-		}
-		return apiutil.isSafeEntity(this._extdataObjs.configs[key]);
-	};
-	proto.checkUserAgent = function(agent, key)
-	{
-		if(!apiutil.isSafeString(agent)){
-			r3logger.elog('agent parameter is empty.');
-			return false;
-		}
-		if(!apiutil.isSafeEntity(this._extdataObjs.configs[key])){
-			r3logger.elog('unkown key(suburi): ' + JSON.stringify(key));
-			return false;
-		}
-		if(!apiutil.isSafeString(this._extdataObjs.configs[key].useragent)){
-			// allow any useragent
-			return true;
-		}
-		return apiutil.compareCaseString(agent, this._extdataObjs.configs[key].useragent);
-	};
-	proto.getContentType = function(key)
-	{
-		if(!apiutil.isSafeEntity(this._extdataObjs.configs[key])){
-			r3logger.elog('unkown key(suburi): ' + JSON.stringify(key));
-			return null;
-		}
-		if(!apiutil.isSafeString(this._extdataObjs.configs[key].contenttype)){
-			return 'text/plain';
-		}
-		return apiutil.getSafeString(this._extdataObjs.configs[key].contenttype);
-	};
-	// [NOTE]
-	// For the encryption of Role information, the passphrase and the
-	// algorithm set in userdata are used in common.
-	// Therefore, Extdata-only encryption is not required, and the
-	// composite uses the configuratino information of userdata.
-	//
-	proto.decryptRoleInfo = function(str)
-	{
-		if(!apiutil.isSafeString(str)){
-			r3logger.elog('string parameter is empty.');
-			return null;
-		}
-		return cryptutil.r3DecryptJSON(str, this._extdataObjs.cryptconfig.passphrase, this._extdataObjs.cryptconfig.algorithm);
-	};
-	proto.getExtdata = function(roleobj, key)
-	{
-		var	rolename	= '';
-		var	roletenant	= '';
-		var	roletoken	= '';
-		var	config		= null;
-		var	errorMsg	= null;
-		if(!apiutil.isSafeEntity(roleobj)){
-			r3logger.elog('role object(role name, role token) parameter is empty.');
-			errorMsg	= 'k2hr3 role information is wrong';
-		}else if(!apiutil.isSafeString(roleobj.role)){
-			r3logger.elog('role name parameter is empty.');
-			errorMsg	= 'k2hr3 role name is empty';
-		}else if(!apiutil.isSafeString(roleobj.token)){
-			r3logger.elog('role token parameter is empty.');
-			errorMsg	= 'k2hr3 role token is empty';
-		}else{
-			rolename	= roleobj.role;
-			roletoken	= roleobj.token;
-			// Extract tenant yrn full path from role yrn full path
-			var	keys	= r3keys();
-			var	roleptn	= new RegExp('^' + keys.MATCH_ANY_TENANT_ROLE);		// regex = /^yrn:yahoo:(.*)::(.*):role:(.*)/
-			var	matches	= rolename.match(roleptn);
-			if(!apiutil.isEmptyArray(matches) && 4 <= matches.length && apiutil.isSafeString(matches[2])){
-				roletenant = keys.NO_SERVICE_KEY + apiutil.getSafeString(matches[1]) + '::' + apiutil.getSafeString(matches[2]);
-			}
-		}
-		if(apiutil.isSafeEntity(this._extdataObjs.configs[key])){
-			config		= this._extdataObjs.configs[key];
-		}
-		//-----------------
-		// expands templates
-		//-----------------
-		var	result = null;
-		if(apiutil.isSafeString(config.contents)){
-			result = config.contents.replace(this._extdataObjs.kw_role_name, rolename);
-			result = result.replace(this._extdataObjs.kw_role_tenant, roletenant);
-			result = result.replace(this._extdataObjs.kw_role_token, roletoken);
-			result = result.replace(this._extdataObjs.kw_api_uri, config.baseuri);
-			result = result.replace(this._extdataObjs.kw_err_msg, errorMsg);
-		}
-		return result;
-	};
-	proto.getGzipExtdata = function(roleobj, key)
-	{
-		// get expanded data
-		var	expanded = this.getExtdata(roleobj, key);
-		return cryptutil.r3Gzip(expanded);
-	};
-	return ExtdataProcess;
-})();
-//---------------------------------------------------------
-// Exports
-//---------------------------------------------------------
-exports.extdataProcess = ExtdataProcess;
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: noexpandtab sw=4 ts=4 fdm=marker
- * vim<600: noexpandtab sw=4 ts=4
- */

package/lib/k2hr3keys.js DELETED Viewed

@@ -1,234 +0,0 @@
-/*
- * K2HR3 REST API
- *
- * Copyright 2017 Yahoo Japan Corporation.
- *
- * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
- * common management information for the cloud.
- * K2HR3 can dynamically manage information as "who", "what", "operate".
- * These are stored as roles, resources, policies in K2hdkc, and the
- * client system can dynamically read and modify these information.
- *
- * For the full copyright and license information, please view
- * the license file that was distributed with this source code.
- *
- * AUTHOR:   Takeshi Nakatani
- * CREATE:   Wed Jun 8 2017
- * REVISION:
- *
- */
-'use strict';
-var	apiutil	= require('./k2hr3apiutil');
-//---------------------------------------------------------
-// key path/value/keywords in k2hdkc
-//---------------------------------------------------------
-//
-// YRN Format
-//
-// yrn:<partition or domain>:<service>:<region>:<tenant or account id>:<type>{:<paths>}>
-//
-//	arn						: Tag for Yahoo Resource Name
-//	partition or domain		: Partition or Domain name(ex. "yahoo")
-//	service					: Service name(ex. "myservice")
-//	region					: Region name(ex. "west-east-region")
-//	tenant or account id	: Tenant name or Account id(ex, "1234" or "myname")
-//	type					: YRN type, "user", "token", "action", "keystone", "service", "role", "policy", "resource".
-//	paths					: Path(separator is "/") under YRN type
-//
-exports.getK2hr3Keys = function(user, tenant, service)
-{
-	var	keywords = {
-		// common types
-		'TYPE_ROLE':					'role',
-		'TYPE_RESOURCE':				'resource',
-		'TYPE_POLICY':					'policy',
-		'TYPE_SERVICE':					'service',															// Using in list API
-		// common values
-		'VALUE_WILDCARD':				'*',
-		'VALUE_TRUE':					'true',
-		'VALUE_FALSE':					'false',
-		'VALUE_ENABLE':					'enable',
-		'VALUE_DISABLE':				'disable',
-		'VALUE_ALLOW':					'allow',
-		'VALUE_DENY':					'deny',
-		'VALUE_READ':					'read',
-		'VALUE_WRITE':					'write',
-		'VALUE_ANY_PORT':				'*',
-		'VALUE_HOST_SEP':				' ',
-		'VALUE_HOST_REGSEP':			':',
-		'VALUE_HOST_DETAILSEP':			',',
-		'VALUE_ANYDATA_TYPE':			'anytype',
-		'VALUE_STRING_TYPE':			'string',
-		'VALUE_OBJECT_TYPE':			'object',
-		'VALUE_KEYS_TYPE':				'keys',
-		'VALUE_ALIAS_TYPE':				'aliases',
-		'VALUE_EXPIRE_TYPE':			'expire',
-		'VALUE_POLICIES_TYPE':			'policies',
-		'VALUE_HOSTS_TYPE':				'hosts',
-		'VALUE_HOSTNAMES_TYPE':			'hostnames',
-		'VALUE_IPS_TYPE':				'ips',
-		'VALUE_KEYSTONE_NORMAL':		'kstype_normal',
-		'VALUE_KEYSTONE_NOPASS':		'kstype_nopasswd',
-		'VALUE_KEYSTONE_SUB':			'kstype_substitute',
-		'VALUE_OPENSTACK_V1':			'openstack-auto-v1',												// used/set from k2hr3-init.sh
-		'VALUE_K8S_V1':					'k8s-auto-v1',														// used/set from k2hr3-kube-init.sh
-		'VALUE_PREFIX_LOCAL_TENANT':	'local@',
-		// common keywords( part of keyname )
-		'POLICIES_KW':					'policies',
-		'SERVICE_KW':					'service',
-		'HOSTS_KW':						'hosts',
-		'HOSTS_NAME_KW':				'name',
-		'HOSTS_IP_KW':					'ip',
-		'KEYS_KW':						'keys',
-		'TYPE_KW':						'type',
-		'EXPIRE_KW':					'expire',
-		'EFFECT_KW':					'effect',
-		'ACTION_KW':					'action',
-		'RESOURCE_KW':					'resource',
-		'CONDITION_KW':					'condition',
-		'REFERENCE_KW':					'reference',
-		'ID_KW':						'id',
-		'ALIAS_KW':						'@',
-		'URL_KW':						'url',
-		'STATUS_KW':					'status',
-		'DATE_KW':						'date',
-		'SEED_KW':						'seed',
-		'ROLE_TOKEN_KW':				'tokens',
-		// ACR keywords
-		'ACR_POLICY_KW':				'acr-policy',
-		'ACR_ROLE_KW':					'acr-role',
-		'ACR_RESOURCE_NAME_KEY':		'name',
-		'ACR_RESOURCE_EXPIRE_KEY':		'expire',
-		'ACR_RESOURCE_TYPE_KEY':		'type',
-		'ACR_RESOURCE_DATA_KEY':		'data',
-		'ACR_RESOURCE_KEYS_KEY':		'keys',
-		// kubernetes cuk keywords
-		'K8S_NAMESPACE_INCUK_KEY':		'k8s_namespace',
-		'K8S_SA_INCUK_KEY':				'k8s_service_account',
-		'K8S_NODENAME_INCUK_KEY':		'k8s_node_name',
-		'K8S_NODEIP_INCUK_KEY':			'k8s_node_ip',
-		'K8S_PODNAME_INCUK_KEY':		'k8s_pod_name',
-		'K8S_PODID_INCUK_KEY':			'k8s_pod_id',
-		'K8S_PODIP_INCUK_KEY':			'k8s_pod_ip',
-		'K8S_CONTAINERID_INCUK_KEY':	'k8s_container_id',
-		'K8S_RAND_INCUK_KEY':			'k8s_k2hr3_rand',
-		// common key names
-		'YRN_KEY':						'yrn',
-		'DOMAIN_KEY':					'yrn:yahoo',
-		'NO_SERVICE_KEY':				'yrn:yahoo:',
-		'NO_SERVICE_REGION_KEY':		'yrn:yahoo::',
-		'NO_SERVICE_TENANT_KEY':		'yrn:yahoo:::',
-		'USER_TOP_KEY':					'yrn:yahoo::::user',
-		'TOKEN_TOP_KEY':				'yrn:yahoo::::token',
-		'TOKEN_USER_TOP_KEY':			'yrn:yahoo::::token:user',
-		'TOKEN_ROLE_TOP_KEY':			'yrn:yahoo::::token:role',
-		'ACTION_TOP_KEY':				'yrn:yahoo::::action',
-		'ACTION_READ_KEY':				'yrn:yahoo::::action:read',
-		'ACTION_WRITE_KEY':				'yrn:yahoo::::action:write',
-		'KEYSTONE_TOP_KEY':				'yrn:yahoo::::keystone',
-		'IAAS_TOP_KEY':					'yrn:yahoo::::iaas',
-		'IAAS_OS_TOP_KEY':				'yrn:yahoo::::iaas:openstack',
-		'IAAS_K8S_TOP_KEY':				'yrn:yahoo::::iaas:k8s',
-		'MASTER_SERVICE_TOP_KEY':		'yrn:yahoo::::service',
-		'ANYTENANT_SERVICE_TOP_KEY':	'yrn:yahoo::::service:',
-		'ANYTENANT_SERVICE_KEY':		'yrn:yahoo::::service::anytenant',
-		// match regex
-		'MATCH_ANY_SERVICE_MASTER':		'yrn:yahoo::::service:(.*)',
-		'MATCH_ANY_IAAS':				'yrn:yahoo::::iaas:(.*)',
-		'MATCH_ANY_IAAS_OS':			'yrn:yahoo::::iaas:openstack:(.*)',
-		'MATCH_ANY_IAAS_K8S':			'yrn:yahoo::::iaas:k8s:(.*)',
-		'MATCH_ANY_SERVICE_TENANT':		'yrn:yahoo:(.*)::(.*):(.*)',
-		'MATCH_ANY_TENANT_MAIN':		'yrn:yahoo:(.*)::(.*)',
-		'MATCH_ANY_TENANT_ROLE':		'yrn:yahoo:(.*)::(.*):role:(.*)',
-		'MATCH_ANY_TENANT_POLICY':		'yrn:yahoo:(.*)::(.*):policy:(.*)',
-		'MATCH_ANY_TENANT_RESOURCE':	'yrn:yahoo:(.*)::(.*):resource:(.*)',
-		'MATCH_ANY_TENANT_RES_DATA':	'yrn:yahoo:(.*)::(.*):resource:(.*)',								// end of resource name
-		'MATCH_NOT_TENANT_RES_DATA':	'( |\t|\r|\n|:)',													// not match resource data key name
-		'MATCH_ANY_TENANT_RES_KEY':		'yrn:yahoo:(.*)::(.*):resource:(.*)/keys/(.*)',						// end of resource name/keys/<keyname>
-		'MATCH_ANY_HOSTNAME_PORT':		'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/name/(.*) (.*) (.*)',
-		'MATCH_ANY_HOSTNAME_KEYS':		'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/name',
-		'MATCH_ANY_IP_PORT':			'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/ip/(.*) (.*) (.*)',
-		'MATCH_ANY_IP_KEYS':			'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/ip',
-		'MATCH_ANY_ALLHOST_KEYS':		'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/all',							// This is only used in template variable names, not key name
-		'MATCH_ANY_KS_REGION':			'yrn:yahoo::::keystone:(.*)',
-		'MATCH_ANY_USER_TOKEN':			'yrn:yahoo::::user:(.*):tenant/(.*)/token/(.*)',
-		'MATCH_ANY_ROLE_TOKEN':			'yrn:yahoo::::token:role/(.*)',
-		'MATCH_URI_GET_ROLE_DATA':		'^/v1/role/(.*)',
-		'MATCH_URI_GET_RTOKEN':			'^/v1/role/token/(.*)',
-		'MATCH_URI_GET_RTOKEN_LIST':	'^/v1/role/token/list/(.*)'
-	};
-	var	_user	= apiutil.getSafeString(user).toLowerCase();
-	var	_tenant	= apiutil.getSafeString(tenant).toLowerCase();
-	var	_service= apiutil.getSafeString(service).toLowerCase();
-	keywords.SERVICE_TOP_KEY						= keywords.NO_SERVICE_KEY			+ _service;			// "yrn:yahoo:<service>"
-	keywords.SERVICE_NO_REGION_KEY					= keywords.SERVICE_TOP_KEY			+ ':';				// "yrn:yahoo:<service>:"
-	if(apiutil.isSafeString(_service)){
-		keywords.MASTER_SERVICE_KEY					= keywords.MASTER_SERVICE_TOP_KEY	+ ':' + _service;	// "yrn:yahoo::::service:<service>"
-		keywords.SERVICE_OWNER_KEY					= keywords.MASTER_SERVICE_KEY		+ ':owner';			// "yrn:yahoo::::service:<service>:owner"
-		keywords.SERVICE_TENANT_KEY					= keywords.MASTER_SERVICE_KEY		+ ':tenant';		// "yrn:yahoo::::service:<service>:tenant"
-		keywords.SERVICE_VERIFY_TENANT_KEY			= keywords.MASTER_SERVICE_KEY		+ ':verify';		// "yrn:yahoo::::service:<service>:verify"
-	}
-	if(apiutil.isSafeString(_tenant)){
-		// tenant key with service(allowed null)
-		keywords.TENANT_TOP_KEY						= keywords.SERVICE_NO_REGION_KEY	+ ':' + _tenant;	// "yrn:yahoo:<service>::<tenant>"
-		// tenant master key(service is null)
-		keywords.MASTER_TENANT_TOP_KEY				= keywords.NO_SERVICE_REGION_KEY	+ ':' + _tenant;	// "yrn:yahoo:::<tenant>"
-		// tenant description keys(service is null)
-		keywords.TENANT_ID_KEY						= keywords.MASTER_TENANT_TOP_KEY	+ ':id';			// "yrn:yahoo:::<tenant>:id"
-		keywords.TENANT_DESC_KEY					= keywords.MASTER_TENANT_TOP_KEY	+ ':desc';			// "yrn:yahoo:::<tenant>:desc"
-		keywords.TENANT_DISP_KEY					= keywords.MASTER_TENANT_TOP_KEY	+ ':display';		// "yrn:yahoo:::<tenant>:display"
-		keywords.TENANT_USER_KEY					= keywords.MASTER_TENANT_TOP_KEY	+ ':user';			// "yrn:yahoo:::<tenant>:user"
-		keywords.TENANT_SERVICE_KEY					= keywords.MASTER_TENANT_TOP_KEY	+ ':service';		// "yrn:yahoo:::<tenant>:service"
-		// role, resource, policy under tenant with service
-		keywords.ROLE_TOP_KEY						= keywords.TENANT_TOP_KEY			+ ':' + 'role';		// "yrn:yahoo:<service>::<tenant>:role"
-		keywords.POLICY_TOP_KEY						= keywords.TENANT_TOP_KEY			+ ':' + 'policy';	// "yrn:yahoo:<service>::<tenant>:policy"
-		keywords.RESOURCE_TOP_KEY					= keywords.TENANT_TOP_KEY			+ ':' + 'resource';	// "yrn:yahoo:<service>::<tenant>:resource"
-	}
-	if(apiutil.isSafeString(_user)){
-		keywords.USER_KEY							= keywords.USER_TOP_KEY				+ ':' + _user;		// "yrn:yahoo::::user:<user>"
-		keywords.USER_ID_KEY						= keywords.USER_KEY					+ ':id';			// "yrn:yahoo::::user:<user>:id"
-		keywords.USER_TENANT_TOP_KEY				= keywords.USER_KEY					+ ':tenant';		// "yrn:yahoo::::user:<user>:tenant"
-		keywords.USER_TENANT_COMMON_KEY				= keywords.USER_TENANT_TOP_KEY		+ '/';				// "yrn:yahoo::::user:<user>:tenant/"
-		keywords.USER_TENANT_UNSCOPE_TOKEN_KEY		= keywords.USER_TENANT_COMMON_KEY	+ '/token';			// "yrn:yahoo::::user:<user>:tenant//token"
-		if(apiutil.isSafeString(tenant)){
-			keywords.USER_TENANT_KEY				= keywords.USER_TENANT_COMMON_KEY	+ _tenant;			// "yrn:yahoo::::user:<user>:tenant/<tenant>"
-			keywords.USER_TENANT_SCOPE_TOKEN_KEY	= keywords.USER_TENANT_KEY			+ '/token';			// "yrn:yahoo::::user:<user>:tenant/<tenant>/token"
-			// ambiguous key whether tenant exists or not
-			keywords.USER_TENANT_AMBIGUOUS_KEY		= keywords.USER_TENANT_KEY;								// "yrn:yahoo::::user:<user>:tenant/<tenant>"
-			keywords.USER_TENANT_AMBIGUOUS_TOKEN_KEY= keywords.USER_TENANT_SCOPE_TOKEN_KEY;					// "yrn:yahoo::::user:<user>:tenant/<tenant>/token"
-		}else{
-			keywords.USER_TENANT_KEY				= '';													// ""
-			keywords.USER_TENANT_SCOPE_TOKEN_KEY	= '';													// ""
-			// ambiguous key whether tenant exists or not
-			keywords.USER_TENANT_AMBIGUOUS_KEY		= keywords.USER_TENANT_COMMON_KEY;						// "yrn:yahoo::::user:<user>:tenant/"
-			keywords.USER_TENANT_AMBIGUOUS_TOKEN_KEY= keywords.USER_TENANT_UNSCOPE_TOKEN_KEY;				// "yrn:yahoo::::user:<user>:tenant//token"
-		}
-	}
-	return keywords;
-};
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: noexpandtab sw=4 ts=4 fdm=marker
- * vim<600: noexpandtab sw=4 ts=4
- */

package/lib/k2hr3resutil.js DELETED Viewed

@@ -1,100 +0,0 @@
-/*
- * K2HR3 REST API
- *
- * Copyright 2017 Yahoo Japan Corporation.
- *
- * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
- * common management information for the cloud.
- * K2HR3 can dynamically manage information as "who", "what", "operate".
- * These are stored as roles, resources, policies in K2hdkc, and the
- * client system can dynamically read and modify these information.
- *
- * For the full copyright and license information, please view
- * the license file that was distributed with this source code.
- *
- * AUTHOR:   Takeshi Nakatani
- * CREATE:   Fri Sep 8 2017
- * REVISION:
- *
- */
-'use strict';
-var	apiutil	= require('./k2hr3apiutil');
-function rawSendErrorResponse(req, res, status, msgbody, strType)
-{
-	if(!apiutil.isSafeEntity(res) || !apiutil.isSafeEntity(status) || isNaN(status)){
-		if(!apiutil.isSafeEntity(res)){
-			// can do nothing
-			return false;
-		}
-		status	= 500;										// 500: Internal Error
-		msgbody	= 'Wrong parameters are got.';
-	}
-	// set response type
-	if(apiutil.isSafeString(strType)){
-		res.type(strType);
-	}
-	// set response status
-	res.status(status);
-	// body message to JSON
-	var	jsonbody;
-	if(apiutil.isSafeEntity(msgbody)){
-		if(!apiutil.checkSimpleJSON(msgbody)){
-			jsonbody = JSON.stringify(msgbody);
-		}else{
-			jsonbody = msgbody;
-		}
-	}
-	// set 'x-k2hr3-error' header
-	if(	apiutil.isSafeEntity(req)							&&
-		apiutil.isSafeEntity(req.headers)					&&
-		apiutil.isSafeEntity(req.headers['x-k2hr3-debug'])	&&
-		(	apiutil.compareCaseString('ON',		req.headers['x-k2hr3-debug'])		||
-			apiutil.compareCaseString('OK',		req.headers['x-k2hr3-debug'])		||
-			apiutil.compareCaseString('debug',	req.headers['x-k2hr3-debug'])		||
-			apiutil.compareCaseString('dbg',	req.headers['x-k2hr3-debug'])		||
-			apiutil.compareCaseString('1',		String(req.headers['x-k2hr3-debug']))
-		)
-	){
-		var	errheader;
-		if(apiutil.isSafeString(jsonbody)){
-			errheader = jsonbody;
-		}else{
-			errheader = JSON.stringify({ status: status });
-		}
-		res.header('x-k2hr3-error', errheader);
-	}
-	// send body
-	res.send(jsonbody);
-	return true;
-}
-//
-// <argument>	<default>	<note>
-//	req						request object
-//	res						response object
-//	status					status code for error, must be number
-//	msgbody		null		response error body if need
-//	strType		null		response type if need
-//
-exports.errResponse = function(req, res, status, msgbody, strType)
-{
-	return rawSendErrorResponse(req, res, status, msgbody, strType);
-};
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: noexpandtab sw=4 ts=4 fdm=marker
- * vim<600: noexpandtab sw=4 ts=4
- */