not-node 6.3.7 → 6.3.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/package.json +1 -1
  2. package/src/auth/const.js +6 -1
  3. package/src/generic/form.list.js +4 -2
  4. package/src/generic/form.listAndCount.js +4 -2
  5. package/src/identity/identity.js +10 -1
  6. package/src/identity/index.js +2 -1
  7. package/src/identity/providers/session.js +21 -1
  8. package/src/identity/providers/token.js +16 -1
  9. package/src/types.js +13 -0
  10. package/test/auth/roles.js +14 -15
  11. package/test/auth/routes.js +5 -4
  12. package/test/fakes.js +4 -0
  13. package/test/identity/providers/session.js +23 -15
  14. package/test/notApp.js +1 -0
  15. package/test/notRoute.js +11 -11
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "not-node",
3
- "version": "6.3.7",
3
+ "version": "6.3.9",
4
4
  "description": "node complimentary part for client side notFramework.",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/src/auth/const.js CHANGED
@@ -1,4 +1,8 @@
1
- const DEFAULT_USER_ROLE_FOR_ADMIN = "root";
1
+ /** @type {string} system administrator, cant change system's content */
2
+ const DEFAULT_USER_ROLE_FOR_ROOT = "root";
3
+ /** @type {string} content administrator, cant change system's configuration */
4
+ const DEFAULT_USER_ROLE_FOR_ADMIN = "admin";
5
+ /** @type {string} unknown user */
2
6
  const DEFAULT_USER_ROLE_FOR_GUEST = "guest";
3
7
 
4
8
  const ACTION_SIGNATURE_CREATE = "create";
@@ -24,6 +28,7 @@ module.exports = {
24
28
  TOKEN_TTL,
25
29
  OBJECT_STRING,
26
30
  DEFAULT_USER_ROLE_FOR_GUEST,
31
+ DEFAULT_USER_ROLE_FOR_ROOT,
27
32
  DEFAULT_USER_ROLE_FOR_ADMIN,
28
33
  DOCUMENT_OWNER_FIELD_NAME,
29
34
  ACTION_SIGNATURES,
package/src/generic/form.list.js CHANGED
@@ -1,6 +1,7 @@
1
1
  const Form = require("../form/form");
2
2
  const { firstLetterToUpper } = require("../common");
3
3
  const notFilter = require("not-filter");
4
+ const notAppIdentity = require("../identity");
4
5
 
5
6
  const FIELDS = [
6
7
  ["query", `not-filter//_filterQuery`],
@@ -36,11 +37,12 @@ const FactoryFormList = ({ MODULE_NAME, MODEL_NAME, actionName }) => {
36
37
  */
37
38
  async extract(req) {
38
39
  const envs = this.extractRequestEnvs(req);
39
- if (!req.user.isRoot() && !req.user.isAdmin()) {
40
+ const user = notAppIdentity.extractAuthData(req);
41
+ if (!user.root && !user.admin) {
40
42
  envs.query.filter = notFilter.filter.modifyRules(
41
43
  envs.query.filter,
42
44
  {
43
- owner: req.user._id,
45
+ owner: user.uid,
44
46
  }
45
47
  );
46
48
  }
package/src/generic/form.listAndCount.js CHANGED
@@ -1,6 +1,7 @@
1
1
  const Form = require("../form/form");
2
2
  const { firstLetterToUpper } = require("../common");
3
3
  const notFilter = require("not-filter");
4
+ const notAppIdentity = require("../identity");
4
5
 
5
6
  const FIELDS = [
6
7
  ["query", `not-filter//_filterQuery`],
@@ -36,11 +37,12 @@ const FactoryFormListAndCount = ({ MODULE_NAME, MODEL_NAME, actionName }) => {
36
37
  */
37
38
  async extract(req) {
38
39
  const envs = this.extractRequestEnvs(req);
39
- if (!req.user.isRoot() && !req.user.isAdmin()) {
40
+ const user = notAppIdentity.extractAuthData(req);
41
+ if (!user.root && !user.admin) {
40
42
  envs.query.filter = notFilter.filter.modifyRules(
41
43
  envs.query.filter,
42
44
  {
43
- owner: req.user._id,
45
+ owner: user.uid,
44
46
  }
45
47
  );
46
48
  }
package/src/identity/identity.js CHANGED
@@ -1,3 +1,8 @@
1
+ const {
2
+ DEFAULT_USER_ROLE_FOR_ROOT,
3
+ DEFAULT_USER_ROLE_FOR_ADMIN,
4
+ DEFAULT_USER_ROLE_FOR_GUEST,
5
+ } = require("../auth/const");
1
6
  const { copyObj, objHas } = require("../common");
2
7
  const IdentityProviderSession = require("./providers/session");
3
8
  const IdentityProviderToken = require("./providers/token");
@@ -17,7 +22,11 @@ class Identity {
17
22
  token: IdentityProviderToken,
18
23
  };
19
24
 
20
- static #primaryRoles = [];
25
+ static #primaryRoles = [
26
+ DEFAULT_USER_ROLE_FOR_ROOT,
27
+ DEFAULT_USER_ROLE_FOR_ADMIN,
28
+ DEFAULT_USER_ROLE_FOR_GUEST,
29
+ ];
21
30
  static #secondaryRoles = [];
22
31
 
23
32
  static setPrimaryRoles(list = []) {
package/src/identity/index.js CHANGED
@@ -15,12 +15,13 @@ module.exports = class notAppIdentity {
15
15
  /**
16
16
  * Collects various authentification and authorization data from request object
17
17
  * @param {import('../types').notNodeExpressRequest} req ExpressRequest
18
- * @return {object} various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
18
+ * @return {import('../types').notAppIdentityData} various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
19
19
  */
20
20
  static extractAuthData(req) {
21
21
  const identity = this.#identity.of(req);
22
22
  return {
23
23
  root: identity.isRoot(),
24
+ admin: identity.isAdmin(),
24
25
  auth: identity.isUser(),
25
26
  role: identity.getRole(),
26
27
  primaryRole: identity.getPrimaryRole(),
package/src/identity/providers/session.js CHANGED
@@ -98,11 +98,31 @@ module.exports = class IdentityProviderSession {
98
98
  }
99
99
  }
100
100
 
101
+ /**
102
+ * Root is for system configaration
103
+ *
104
+ * @return {boolean}
105
+ */
101
106
  isRoot() {
102
107
  return (
103
108
  this.isUser() &&
104
109
  ROLES.compareRoles(
105
- this.getRole(),
110
+ this.getPrimaryRole(),
111
+ CONST.DEFAULT_USER_ROLE_FOR_ROOT
112
+ )
113
+ );
114
+ }
115
+
116
+ /**
117
+ * Admin is for system content management
118
+ *
119
+ * @return {boolean}
120
+ */
121
+ isAdmin() {
122
+ return (
123
+ this.isUser() &&
124
+ ROLES.compareRoles(
125
+ this.getPrimaryRole(),
106
126
  CONST.DEFAULT_USER_ROLE_FOR_ADMIN
107
127
  )
108
128
  );
package/src/identity/providers/token.js CHANGED
@@ -239,7 +239,22 @@ module.exports = class IdentityProviderToken {
239
239
  return (
240
240
  this.isUser() &&
241
241
  ROLES.compareRoles(
242
- this.getRole(),
242
+ this.getPrimaryRole(),
243
+ CONST.DEFAULT_USER_ROLE_FOR_ROOT
244
+ )
245
+ );
246
+ }
247
+
248
+ /**
249
+ * Admin is for system content management
250
+ *
251
+ * @return {boolean}
252
+ */
253
+ isAdmin() {
254
+ return (
255
+ this.isUser() &&
256
+ ROLES.compareRoles(
257
+ this.getPrimaryRole(),
243
258
  CONST.DEFAULT_USER_ROLE_FOR_ADMIN
244
259
  )
245
260
  );
package/src/types.js CHANGED
@@ -80,4 +80,17 @@
80
80
  * @typedef {import('express').Request & notNodeExpressRequestProperties} notNodeExpressRequest
81
81
  */
82
82
 
83
+ /**
84
+ *
85
+ * @typedef {object} notAppIdentityData
86
+ * @property {boolean} root //system configuration administrator
87
+ * @property {boolean} admin //system content administrator
88
+ * @property {boolean} auth //authenticated user
89
+ * @property {Array<string>} role //list of roles, exactly one should be primary role
90
+ * @property {string} primaryRole //primary role
91
+ * @property {string} uid //user identificator
92
+ * @property {string} sid //user session identificator
93
+ * @property {string} ip //request source ip
94
+ */
95
+
83
96
  module.exports = {};
package/test/auth/roles.js CHANGED
@@ -1,17 +1,16 @@
1
- module.exports = ({
2
- Auth,
3
- expect
4
- }) => {
5
- describe('Roles', () => {
6
- describe('compareRolesArrayAgainstArray', ()=>{
7
- it('userRoles: Array, actionRoles: Array, strict = true', ()=>{
8
- const userRoles = ['user', 'manager', 'comfirmed'];
9
- const actionRoles = ['user','comfirmed'];
10
- let result = Auth.compareRolesArrayAgainstArray(userRoles, actionRoles, false);
11
- expect(result).to.deep.equal(true);
12
- });
1
+ module.exports = ({ Auth, expect }) => {
2
+ describe("Roles", () => {
3
+ describe("compareRolesArrayAgainstArray", () => {
4
+ it("userRoles: Array, actionRoles: Array, strict = true", () => {
5
+ const userRoles = ["user", "manager", "comfirmed"];
6
+ const actionRoles = ["user", "comfirmed"];
7
+ let result = Auth.compareRolesArrayAgainstArray(
8
+ userRoles,
9
+ actionRoles,
10
+ false
11
+ );
12
+ expect(result).to.deep.equal(true);
13
+ });
14
+ });
13
15
  });
14
-
15
- });
16
-
17
16
  };
package/test/auth/routes.js CHANGED
@@ -67,6 +67,7 @@ module.exports = ({ Auth, expect }) => {
67
67
  let result = Auth.extractAuthData(req);
68
68
  expect(result).to.deep.equal({
69
69
  root: false,
70
+ admin: false,
70
71
  auth: false,
71
72
  role: [Auth.DEFAULT_USER_ROLE_FOR_GUEST],
72
73
  primaryRole: Auth.DEFAULT_USER_ROLE_FOR_GUEST,
@@ -108,12 +109,12 @@ module.exports = ({ Auth, expect }) => {
108
109
  });
109
110
 
110
111
  describe("checkRoot", function () {
111
- it("check if admin exists and continues", function () {
112
+ it("check if root exists and continues", function () {
112
113
  const req = {
113
114
  get() {},
114
115
  session: {
115
116
  user: true,
116
- role: [Auth.DEFAULT_USER_ROLE_FOR_ADMIN],
117
+ role: [Auth.DEFAULT_USER_ROLE_FOR_ROOT],
117
118
  },
118
119
  },
119
120
  next = function (val) {
@@ -123,7 +124,7 @@ module.exports = ({ Auth, expect }) => {
123
124
  expect(result).to.deep.equal();
124
125
  });
125
126
 
126
- it("check if admin exists and throw exception", function () {
127
+ it("check if root exists and throw exception", function () {
127
128
  const req = {
128
129
  session: {
129
130
  user: true,
@@ -144,7 +145,7 @@ module.exports = ({ Auth, expect }) => {
144
145
  const req = {
145
146
  session: {
146
147
  user: true,
147
- role: [Auth.DEFAULT_USER_ROLE_FOR_ADMIN],
148
+ role: [Auth.DEFAULT_USER_ROLE_FOR_ROOT],
148
149
  },
149
150
  get() {},
150
151
  },
package/test/fakes.js CHANGED
@@ -13,6 +13,7 @@ module.exports = {
13
13
  fakeIdentity: (
14
14
  id = {
15
15
  root: false,
16
+ admin: false,
16
17
  auth: false,
17
18
  role: [DEFAULT_USER_ROLE_FOR_GUEST],
18
19
  primaryRole: DEFAULT_USER_ROLE_FOR_GUEST,
@@ -27,6 +28,9 @@ module.exports = {
27
28
  static isRoot() {
28
29
  return id.root;
29
30
  }
31
+ static isAdmin() {
32
+ return id.admin;
33
+ }
30
34
  static isUser() {
31
35
  return id.auth;
32
36
  }
package/test/identity/providers/session.js CHANGED
@@ -1,7 +1,15 @@
1
1
  const Provider = require("../../../src/identity/providers/session");
2
- const { DEFAULT_USER_ROLE_FOR_GUEST } = require("../../../src/auth/const");
2
+ const {
3
+ DEFAULT_USER_ROLE_FOR_GUEST,
4
+ DEFAULT_USER_ROLE_FOR_ADMIN,
5
+ DEFAULT_USER_ROLE_FOR_ROOT,
6
+ } = require("../../../src/auth/const");
3
7
  const mongoose = require("mongoose");
4
-
8
+ Provider.setPrimaryRoles([
9
+ DEFAULT_USER_ROLE_FOR_ROOT,
10
+ DEFAULT_USER_ROLE_FOR_ADMIN,
11
+ DEFAULT_USER_ROLE_FOR_GUEST,
12
+ ]);
5
13
  const SESSION_NOT_EXISTS = "session not exists";
6
14
 
7
15
  module.exports = ({ expect }) => {
@@ -26,17 +34,17 @@ module.exports = ({ expect }) => {
26
34
  });
27
35
 
28
36
  describe("isRoot", function () {
29
- it("check if user admin - true", function () {
37
+ it("check if user root - true", function () {
30
38
  var t = {
31
39
  session: {
32
40
  user: mongoose.Types.ObjectId(),
33
- role: "root",
41
+ role: ["root"],
34
42
  },
35
43
  };
36
- var res = new Provider(t).isRoot();
44
+ const res = new Provider(t).isRoot();
37
45
  expect(res).to.eql(true);
38
46
  });
39
- it("check if user admin - false", function () {
47
+ it("check if user root - false", function () {
40
48
  var t = {
41
49
  session: {
42
50
  user: mongoose.Types.ObjectId(),
@@ -53,12 +61,12 @@ module.exports = ({ expect }) => {
53
61
  var t = {
54
62
  session: {
55
63
  user: mongoose.Types.ObjectId(),
56
- role: "root",
64
+ role: ["root"],
57
65
  save() {},
58
66
  },
59
67
  };
60
- var res = new Provider(t).getRole();
61
- expect(res).to.eql("root");
68
+ const res = new Provider(t).getRole();
69
+ expect(res).to.be.deep.eql(["root"]);
62
70
  });
63
71
  it("get role - undefined", function () {
64
72
  var t = {
@@ -77,7 +85,7 @@ module.exports = ({ expect }) => {
77
85
  var t = {
78
86
  session: {
79
87
  user: mongoose.Types.ObjectId(),
80
- role: "user",
88
+ role: ["user"],
81
89
  save() {},
82
90
  },
83
91
  };
@@ -96,7 +104,7 @@ module.exports = ({ expect }) => {
96
104
  it("session exist, set _id", function () {
97
105
  const t = {
98
106
  session: {
99
- role: "user",
107
+ role: ["user"],
100
108
  save() {},
101
109
  },
102
110
  };
@@ -118,7 +126,7 @@ module.exports = ({ expect }) => {
118
126
  const t = {
119
127
  session: {
120
128
  user: mongoose.Types.ObjectId(),
121
- role: "user",
129
+ role: ["user"],
122
130
  save() {},
123
131
  },
124
132
  };
@@ -138,7 +146,7 @@ module.exports = ({ expect }) => {
138
146
  const t = {
139
147
  session: {
140
148
  id: mongoose.Types.ObjectId(),
141
- role: "user",
149
+ role: ["user"],
142
150
  save() {},
143
151
  },
144
152
  };
@@ -199,7 +207,7 @@ module.exports = ({ expect }) => {
199
207
  const t = {
200
208
  session: {
201
209
  user: id,
202
- role: "admin",
210
+ role: ["admin"],
203
211
  save() {},
204
212
  destroy() {
205
213
  destroyed = true;
@@ -217,7 +225,7 @@ module.exports = ({ expect }) => {
217
225
  const t = {
218
226
  session: {
219
227
  user: id,
220
- role: "admin",
228
+ role: ["admin"],
221
229
  save() {},
222
230
  },
223
231
  };
package/test/notApp.js CHANGED
@@ -26,6 +26,7 @@ describe("noApp", function () {
26
26
  static of() {
27
27
  return class {
28
28
  static isRoot() {}
29
+ static isAdmin() {}
29
30
  static isUser() {}
30
31
  static getRole() {}
31
32
  static getPrimaryRole() {}
package/test/notRoute.js CHANGED
@@ -1,4 +1,4 @@
1
- const { DEFAULT_USER_ROLE_FOR_ADMIN } = require("../src/auth");
1
+ const { DEFAULT_USER_ROLE_FOR_ROOT } = require("../src/auth");
2
2
  const notAppIdentity = require("../src/identity");
3
3
 
4
4
  const HttpError = require("../src/error").Http,
@@ -146,8 +146,8 @@ describe("notRoute", function () {
146
146
  notAppIdentity.identity = require("./fakes").fakeIdentity({
147
147
  auth: true,
148
148
  root: true,
149
- primaryRole: DEFAULT_USER_ROLE_FOR_ADMIN,
150
- role: [DEFAULT_USER_ROLE_FOR_ADMIN],
149
+ primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
150
+ role: [DEFAULT_USER_ROLE_FOR_ROOT],
151
151
  });
152
152
  let req = {},
153
153
  actionData = {
@@ -278,8 +278,8 @@ describe("notRoute", function () {
278
278
  notAppIdentity.identity = require("./fakes").fakeIdentity({
279
279
  auth: true,
280
280
  root: true,
281
- primaryRole: DEFAULT_USER_ROLE_FOR_ADMIN,
282
- role: [DEFAULT_USER_ROLE_FOR_ADMIN],
281
+ primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
282
+ role: [DEFAULT_USER_ROLE_FOR_ROOT],
283
283
  });
284
284
  let req = {
285
285
  get() {},
@@ -436,8 +436,8 @@ describe("notRoute", function () {
436
436
  notAppIdentity.identity = require("./fakes").fakeIdentity({
437
437
  auth: true,
438
438
  root: true,
439
- primaryRole: DEFAULT_USER_ROLE_FOR_ADMIN,
440
- role: [DEFAULT_USER_ROLE_FOR_ADMIN],
439
+ primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
440
+ role: [DEFAULT_USER_ROLE_FOR_ROOT],
441
441
  });
442
442
  let req = {
443
443
  get() {},
@@ -494,8 +494,8 @@ describe("notRoute", function () {
494
494
  notAppIdentity.identity = require("./fakes").fakeIdentity({
495
495
  auth: true,
496
496
  root: true,
497
- primaryRole: DEFAULT_USER_ROLE_FOR_ADMIN,
498
- role: [DEFAULT_USER_ROLE_FOR_ADMIN],
497
+ primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
498
+ role: [DEFAULT_USER_ROLE_FOR_ROOT],
499
499
  });
500
500
  let req = {
501
501
  get() {},
@@ -553,8 +553,8 @@ describe("notRoute", function () {
553
553
  notAppIdentity.identity = require("./fakes").fakeIdentity({
554
554
  auth: true,
555
555
  root: true,
556
- primaryRole: DEFAULT_USER_ROLE_FOR_ADMIN,
557
- role: [DEFAULT_USER_ROLE_FOR_ADMIN],
556
+ primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
557
+ role: [DEFAULT_USER_ROLE_FOR_ROOT],
558
558
  });
559
559
  let req = {
560
560
  get() {},