rbac 4.0.2 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/HISTORY.md +21 -3
- package/LICENSE +21 -0
- package/README.md +43 -104
- package/dist/Base.js +31 -65
- package/dist/Base.js.map +1 -0
- package/dist/Memory.js +139 -0
- package/dist/Memory.js.map +1 -0
- package/dist/Permission.js +99 -137
- package/dist/Permission.js.map +1 -0
- package/dist/RBAC.js +420 -798
- package/dist/RBAC.js.map +1 -0
- package/dist/Role.js +67 -142
- package/dist/Role.js.map +1 -0
- package/dist/Storage.js +160 -0
- package/dist/Storage.js.map +1 -0
- package/dist/index.js +45 -35
- package/dist/index.js.map +1 -0
- package/package.json +22 -45
- package/.babelrc +0 -9
- package/.eslintignore +0 -7
- package/.eslintrc +0 -5
- package/.npmignore +0 -4
- package/.travis.yml +0 -14
- package/__tests__/role.spec.js +0 -410
- package/controllers/express.js +0 -72
- package/coverage/clover.xml +0 -526
- package/coverage/coverage-final.json +0 -9
- package/coverage/lcov-report/base.css +0 -212
- package/coverage/lcov-report/index.html +0 -106
- package/coverage/lcov-report/prettify.css +0 -1
- package/coverage/lcov-report/prettify.js +0 -1
- package/coverage/lcov-report/sort-arrow-sprite.png +0 -0
- package/coverage/lcov-report/sorter.js +0 -158
- package/coverage/lcov-report/tests/index.html +0 -93
- package/coverage/lcov-report/tests/role.spec.js.html +0 -1316
- package/coverage/lcov.info +0 -1115
- package/dist/storages/Memory.js +0 -219
- package/dist/storages/Mongoose.js +0 -303
- package/dist/storages/index.js +0 -300
- package/example/simple.js +0 -25
- package/gulpfile.js +0 -16
- package/jsdocConfig.js +0 -20
package/HISTORY.md
CHANGED
|
@@ -1,4 +1,22 @@
|
|
|
1
|
-
#
|
|
1
|
+
# v6.0.0
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
3
|
+
- Zero production dependencies (removed lodash, keymirror)
|
|
4
|
+
- Minimum Node.js version: 18.0.0
|
|
5
|
+
- Updated build toolchain (Babel 7.26, Jest 29)
|
|
6
|
+
- Cleaned up development dependencies (48 to 7)
|
|
7
|
+
- Fixed LICENSE copyright
|
|
8
|
+
- Removed deprecated API usage (String.prototype.substr)
|
|
9
|
+
- Removed dead references to Mongoose, DynamoDB, Express middleware
|
|
10
|
+
|
|
11
|
+
# v5.0.3
|
|
12
|
+
|
|
13
|
+
- Added DynamoDB support via dynamoose
|
|
14
|
+
|
|
15
|
+
# v5.0.2
|
|
16
|
+
|
|
17
|
+
- Bug fix
|
|
18
|
+
|
|
19
|
+
# v5.0.1
|
|
20
|
+
|
|
21
|
+
- Async RBAC
|
|
22
|
+
- Updated tests
|
package/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
The MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2014-2026 Zlatko Fedor
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
|
13
|
+
all copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
21
|
+
THE SOFTWARE.
|
package/README.md
CHANGED
|
@@ -1,38 +1,9 @@
|
|
|
1
1
|
# RBAC
|
|
2
|
-
(Hierarchical Role Based Access Control)
|
|
3
2
|
|
|
4
|
-
|
|
5
|
-
[![build status][travis-image]][travis-url]
|
|
6
|
-
[![Test coverage][coveralls-image]][coveralls-url]
|
|
7
|
-
[](https://gitter.im/seeden/rbac)
|
|
8
|
-
[](https://gratipay.com/seeden/)
|
|
3
|
+
Hierarchical Role Based Access Control for Node.js
|
|
9
4
|
|
|
10
|
-
[
|
|
11
|
-
[
|
|
12
|
-
[travis-image]: https://img.shields.io/travis/seeden/rbac/master.svg?style=flat-square
|
|
13
|
-
[travis-url]: https://travis-ci.org/seeden/rbac
|
|
14
|
-
[coveralls-image]: https://img.shields.io/coveralls/seeden/rbac/master.svg?style=flat-square
|
|
15
|
-
[coveralls-url]: https://coveralls.io/r/seeden/rbac?branch=master
|
|
16
|
-
[github-url]: https://github.com/seeden/rbac
|
|
17
|
-
|
|
18
|
-
RBAC is the authorization library for NodeJS.
|
|
19
|
-
|
|
20
|
-
## Motivation
|
|
21
|
-
|
|
22
|
-
I needed hierarchical role based access control for my projects based on ExpressJS.
|
|
23
|
-
I had one requirement. This structure must be permanently stored in various storages.
|
|
24
|
-
For example in memory or Mongoose.
|
|
25
|
-
Because there is a lot of options for storing of data and many of them are asynchronous.
|
|
26
|
-
I created asynchronous API.
|
|
27
|
-
Please, if you found any bug or you need custom API, create an issue or pull request.
|
|
28
|
-
|
|
29
|
-
## Documentation
|
|
30
|
-
|
|
31
|
-
[Read more about API in documentation](http://cherryprojects.github.io/rbac/RBAC.html)
|
|
32
|
-
|
|
33
|
-
# Support us
|
|
34
|
-
|
|
35
|
-
Star this project on [GitHub][github-url].
|
|
5
|
+
[](https://www.npmjs.com/package/rbac)
|
|
6
|
+
[](https://opensource.org/licenses/MIT)
|
|
36
7
|
|
|
37
8
|
## Install
|
|
38
9
|
|
|
@@ -43,113 +14,81 @@ npm install rbac
|
|
|
43
14
|
## Usage
|
|
44
15
|
|
|
45
16
|
```js
|
|
46
|
-
import RBAC from 'rbac';
|
|
17
|
+
import { RBAC } from 'rbac';
|
|
18
|
+
|
|
47
19
|
const rbac = new RBAC({
|
|
48
20
|
roles: ['superadmin', 'admin', 'user', 'guest'],
|
|
49
21
|
permissions: {
|
|
50
22
|
user: ['create', 'delete'],
|
|
51
23
|
password: ['change', 'forgot'],
|
|
52
24
|
article: ['create'],
|
|
53
|
-
rbac: ['update']
|
|
25
|
+
rbac: ['update'],
|
|
54
26
|
},
|
|
55
27
|
grants: {
|
|
56
28
|
guest: ['create_user', 'forgot_password'],
|
|
57
29
|
user: ['change_password'],
|
|
58
30
|
admin: ['user', 'delete_user', 'update_rbac'],
|
|
59
|
-
superadmin: ['admin']
|
|
60
|
-
}
|
|
61
|
-
}, function(err, rbacInstance) {
|
|
62
|
-
if (err) {
|
|
63
|
-
throw err;
|
|
64
|
-
}
|
|
31
|
+
superadmin: ['admin'],
|
|
32
|
+
},
|
|
65
33
|
});
|
|
34
|
+
|
|
35
|
+
await rbac.init();
|
|
66
36
|
```
|
|
67
37
|
|
|
68
|
-
##
|
|
38
|
+
## Check permissions
|
|
69
39
|
|
|
70
40
|
```js
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
// your custom controller for express
|
|
76
|
-
function adminController(req, res, next) {
|
|
77
|
-
res.send('Hello admin');
|
|
41
|
+
const can = await rbac.can('admin', 'create', 'article');
|
|
42
|
+
if (can) {
|
|
43
|
+
console.log('Admin is able to create article');
|
|
78
44
|
}
|
|
45
|
+
```
|
|
79
46
|
|
|
80
|
-
|
|
81
|
-
const rbac = new RBAC({
|
|
82
|
-
roles: ['admin', 'user']
|
|
83
|
-
}, (err, rbac) => {
|
|
84
|
-
if (err) throw err;
|
|
85
|
-
|
|
86
|
-
// setup express routes
|
|
87
|
-
app.use('/admin', secure.hasRole(rbac, 'admin'), adminController);
|
|
88
|
-
});
|
|
89
|
-
```
|
|
90
|
-
|
|
91
|
-
## Check permissions
|
|
47
|
+
Or use a role instance:
|
|
92
48
|
|
|
93
49
|
```js
|
|
94
|
-
rbac.
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
50
|
+
const admin = await rbac.getRole('admin');
|
|
51
|
+
if (!admin) {
|
|
52
|
+
console.log('Role does not exist');
|
|
53
|
+
} else {
|
|
54
|
+
const can = await admin.can('create', 'article');
|
|
99
55
|
if (can) {
|
|
100
|
-
console.log('Admin is able create article');
|
|
101
|
-
}
|
|
102
|
-
});
|
|
103
|
-
|
|
104
|
-
// or you can use instance of admin role
|
|
105
|
-
|
|
106
|
-
rbac.getRole('admin', (err, admin) => {
|
|
107
|
-
if (err) {
|
|
108
|
-
throw err; // process error
|
|
56
|
+
console.log('Admin is able to create article');
|
|
109
57
|
}
|
|
110
|
-
|
|
111
|
-
if (!admin) {
|
|
112
|
-
return console.log('Role does not exists');
|
|
113
|
-
}
|
|
114
|
-
|
|
115
|
-
admin.can('create', 'article', (err2, can) => {
|
|
116
|
-
if (err2) throw err2; // process error
|
|
117
|
-
|
|
118
|
-
if (can) {
|
|
119
|
-
console.log('Admin is able create article');
|
|
120
|
-
}
|
|
121
|
-
});
|
|
122
|
-
});
|
|
58
|
+
}
|
|
123
59
|
```
|
|
124
60
|
|
|
125
|
-
##
|
|
126
|
-
|
|
127
|
-
Please take a look on plugin [mongoose-hrbac](http://github.com/seeden/mongoose-hrbac)
|
|
61
|
+
## Custom storage
|
|
128
62
|
|
|
129
|
-
|
|
63
|
+
RBAC uses in-memory storage by default. You can implement custom storage by extending the `Storage` class:
|
|
130
64
|
|
|
131
|
-
```
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
65
|
+
```js
|
|
66
|
+
import { Storage } from 'rbac';
|
|
67
|
+
|
|
68
|
+
class MyStorage extends Storage {
|
|
69
|
+
async add(item) { /* ... */ }
|
|
70
|
+
async remove(item) { /* ... */ }
|
|
71
|
+
async grant(role, child) { /* ... */ }
|
|
72
|
+
async revoke(role, child) { /* ... */ }
|
|
73
|
+
async get(name) { /* ... */ }
|
|
74
|
+
async getRoles() { /* ... */ }
|
|
75
|
+
async getPermissions() { /* ... */ }
|
|
76
|
+
async getGrants(role) { /* ... */ }
|
|
77
|
+
}
|
|
136
78
|
|
|
137
|
-
|
|
138
|
-
npm run test
|
|
79
|
+
const rbac = new RBAC({ storage: new MyStorage() });
|
|
139
80
|
```
|
|
140
81
|
|
|
141
|
-
##
|
|
82
|
+
## Running Tests
|
|
142
83
|
|
|
143
84
|
```sh
|
|
144
|
-
npm
|
|
85
|
+
npm test
|
|
145
86
|
```
|
|
146
87
|
|
|
147
88
|
## Credits
|
|
148
89
|
|
|
149
|
-
|
|
90
|
+
[Zlatko Fedor](https://github.com/seeden)
|
|
150
91
|
|
|
151
92
|
## License
|
|
152
93
|
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
Copyright (c) 2016 Zlatko Fedor zlatkofedor@cherrysro.com
|
|
94
|
+
MIT
|
package/dist/Base.js
CHANGED
|
@@ -1,82 +1,48 @@
|
|
|
1
|
-
|
|
1
|
+
"use strict";
|
|
2
2
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }
|
|
10
|
-
|
|
11
|
-
var Base = function () {
|
|
6
|
+
exports.default = void 0;
|
|
7
|
+
class Base {
|
|
12
8
|
/**
|
|
13
9
|
* Base constructor
|
|
14
10
|
* @constructor Base
|
|
15
11
|
* @param {RBAC} rbac Instance of the RBAC
|
|
16
12
|
* @param {String} name Name of the grant
|
|
17
|
-
* @param {Boolean} add True if you need to save it to storage
|
|
18
13
|
* @param {Function} cb Callback function after add
|
|
19
14
|
*/
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
_classCallCheck(this, Base);
|
|
24
|
-
|
|
25
|
-
if (!rbac || !name || typeof cb !== 'function') {
|
|
26
|
-
return cb(new Error('One of parameters is undefined'));
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
this._name = name;
|
|
30
|
-
this._rbac = rbac;
|
|
31
|
-
|
|
32
|
-
if (!add) {
|
|
33
|
-
return cb(null, this);
|
|
15
|
+
constructor(rbac, name) {
|
|
16
|
+
if (!rbac || !name) {
|
|
17
|
+
throw new Error('One of parameters is undefined');
|
|
34
18
|
}
|
|
35
|
-
|
|
36
|
-
rbac
|
|
37
|
-
return cb(err, _this);
|
|
38
|
-
});
|
|
19
|
+
this.name = name;
|
|
20
|
+
this.rbac = rbac;
|
|
39
21
|
}
|
|
40
22
|
|
|
41
23
|
/**
|
|
42
|
-
*
|
|
43
|
-
* @
|
|
24
|
+
* Add this to RBAC (storage)
|
|
25
|
+
* @method Base#remove
|
|
26
|
+
* @return {boolean}
|
|
44
27
|
*/
|
|
28
|
+
async add() {
|
|
29
|
+
const {
|
|
30
|
+
rbac
|
|
31
|
+
} = this;
|
|
32
|
+
return rbac.add(this);
|
|
33
|
+
}
|
|
45
34
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
}
|
|
61
|
-
}, {
|
|
62
|
-
key: 'name',
|
|
63
|
-
get: function get() {
|
|
64
|
-
return this._name;
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
/**
|
|
68
|
-
* Get instance of RBAC
|
|
69
|
-
* @member Base#rbac {RBAC|null} Instance of RBAC
|
|
70
|
-
*/
|
|
71
|
-
|
|
72
|
-
}, {
|
|
73
|
-
key: 'rbac',
|
|
74
|
-
get: function get() {
|
|
75
|
-
return this._rbac;
|
|
76
|
-
}
|
|
77
|
-
}]);
|
|
78
|
-
|
|
79
|
-
return Base;
|
|
80
|
-
}();
|
|
81
|
-
|
|
82
|
-
exports.default = Base;
|
|
35
|
+
/**
|
|
36
|
+
* Remove this from RBAC (storage)
|
|
37
|
+
* @method Base#remove
|
|
38
|
+
* @return {boolean}
|
|
39
|
+
*/
|
|
40
|
+
async remove() {
|
|
41
|
+
const {
|
|
42
|
+
rbac
|
|
43
|
+
} = this;
|
|
44
|
+
return rbac.remove(this);
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
exports.default = Base;
|
|
48
|
+
//# sourceMappingURL=Base.js.map
|
package/dist/Base.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Base.js","names":["Base","constructor","rbac","name","Error","add","remove","exports","default"],"sources":["../src/Base.js"],"sourcesContent":["// @flow\nimport type RBAC from './RBAC';\n\nexport default class Base {\n /**\n * Base constructor\n * @constructor Base\n * @param {RBAC} rbac Instance of the RBAC\n * @param {String} name Name of the grant\n * @param {Function} cb Callback function after add\n */\n constructor(rbac: RBAC, name: string) {\n if (!rbac || !name) {\n throw new Error('One of parameters is undefined');\n }\n\n this.name = name;\n this.rbac = rbac;\n }\n\n /**\n * Add this to RBAC (storage)\n * @method Base#remove\n * @return {boolean}\n */\n async add(): boolean {\n const { rbac } = this;\n return rbac.add(this);\n }\n\n /**\n * Remove this from RBAC (storage)\n * @method Base#remove\n * @return {boolean}\n */\n async remove(): boolean {\n const { rbac } = this;\n return rbac.remove(this);\n }\n}\n"],"mappings":";;;;;;AAGe,MAAMA,IAAI,CAAC;EACxB;AACF;AACA;AACA;AACA;AACA;AACA;EACEC,WAAWA,CAACC,IAAU,EAAEC,IAAY,EAAE;IACpC,IAAI,CAACD,IAAI,IAAI,CAACC,IAAI,EAAE;MAClB,MAAM,IAAIC,KAAK,CAAC,gCAAgC,CAAC;IACnD;IAEA,IAAI,CAACD,IAAI,GAAGA,IAAI;IAChB,IAAI,CAACD,IAAI,GAAGA,IAAI;EAClB;;EAEA;AACF;AACA;AACA;AACA;EACE,MAAMG,GAAGA,CAAA,EAAY;IACnB,MAAM;MAAEH;IAAK,CAAC,GAAG,IAAI;IACrB,OAAOA,IAAI,CAACG,GAAG,CAAC,IAAI,CAAC;EACvB;;EAEA;AACF;AACA;AACA;AACA;EACE,MAAMC,MAAMA,CAAA,EAAY;IACtB,MAAM;MAAEJ;IAAK,CAAC,GAAG,IAAI;IACrB,OAAOA,IAAI,CAACI,MAAM,CAAC,IAAI,CAAC;EAC1B;AACF;AAACC,OAAA,CAAAC,OAAA,GAAAR,IAAA","ignoreList":[]}
|
package/dist/Memory.js
ADDED
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.default = void 0;
|
|
7
|
+
var _Storage = _interopRequireDefault(require("./Storage"));
|
|
8
|
+
var _Permission = _interopRequireDefault(require("./Permission"));
|
|
9
|
+
var _Role = _interopRequireDefault(require("./Role"));
|
|
10
|
+
var _Base = _interopRequireDefault(require("./Base"));
|
|
11
|
+
function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
|
|
12
|
+
class Memory extends _Storage.default {
|
|
13
|
+
items = {};
|
|
14
|
+
async add(item) {
|
|
15
|
+
const {
|
|
16
|
+
name
|
|
17
|
+
} = item;
|
|
18
|
+
if (this.items[name]) {
|
|
19
|
+
throw new Error(`Item ${name} already exists`);
|
|
20
|
+
}
|
|
21
|
+
this.items[name] = {
|
|
22
|
+
instance: item,
|
|
23
|
+
grants: []
|
|
24
|
+
};
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
async remove(item) {
|
|
28
|
+
const {
|
|
29
|
+
items
|
|
30
|
+
} = this;
|
|
31
|
+
const {
|
|
32
|
+
name
|
|
33
|
+
} = item;
|
|
34
|
+
if (!items[name]) {
|
|
35
|
+
throw new Error(`Item ${name} is not presented in storage`);
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
// revoke from all instances
|
|
39
|
+
Object.keys(items).forEach(itemName => {
|
|
40
|
+
const {
|
|
41
|
+
grants
|
|
42
|
+
} = items[itemName];
|
|
43
|
+
items[itemName].grants = grants.filter(grant => grant !== name);
|
|
44
|
+
});
|
|
45
|
+
|
|
46
|
+
// delete from items
|
|
47
|
+
delete this.items[name];
|
|
48
|
+
return true;
|
|
49
|
+
}
|
|
50
|
+
async grant(role, child) {
|
|
51
|
+
const {
|
|
52
|
+
name
|
|
53
|
+
} = role;
|
|
54
|
+
const {
|
|
55
|
+
name: childName
|
|
56
|
+
} = child;
|
|
57
|
+
if (!this.items[name]) {
|
|
58
|
+
throw new Error(`Role ${name} is not exist`);
|
|
59
|
+
}
|
|
60
|
+
if (!this.items[childName]) {
|
|
61
|
+
throw new Error(`Base ${childName} is not exist`);
|
|
62
|
+
}
|
|
63
|
+
if (!(role instanceof _Role.default)) {
|
|
64
|
+
throw new Error('Role is not instance of Role');
|
|
65
|
+
}
|
|
66
|
+
if (name === childName) {
|
|
67
|
+
throw new Error(`You can grant yourself ${name}`);
|
|
68
|
+
}
|
|
69
|
+
const {
|
|
70
|
+
grants
|
|
71
|
+
} = this.items[name];
|
|
72
|
+
if (!grants.includes(childName)) {
|
|
73
|
+
grants.push(childName);
|
|
74
|
+
}
|
|
75
|
+
return true;
|
|
76
|
+
}
|
|
77
|
+
async revoke(role, child) {
|
|
78
|
+
const {
|
|
79
|
+
name
|
|
80
|
+
} = role;
|
|
81
|
+
const {
|
|
82
|
+
name: childName
|
|
83
|
+
} = child;
|
|
84
|
+
if (!this.items[name] || !this.items[childName]) {
|
|
85
|
+
throw new Error('Role is not exist');
|
|
86
|
+
}
|
|
87
|
+
const {
|
|
88
|
+
grants
|
|
89
|
+
} = this.items[name];
|
|
90
|
+
if (!grants.includes(childName)) {
|
|
91
|
+
throw new Error('Item is not associated to this item');
|
|
92
|
+
}
|
|
93
|
+
this.items[name].grants = grants.filter(grant => grant !== childName);
|
|
94
|
+
return true;
|
|
95
|
+
}
|
|
96
|
+
async get(name) {
|
|
97
|
+
if (name && this.items[name]) {
|
|
98
|
+
return this.items[name].instance;
|
|
99
|
+
}
|
|
100
|
+
return undefined;
|
|
101
|
+
}
|
|
102
|
+
async getRoles() {
|
|
103
|
+
return this.items.reduce((filtered, item) => {
|
|
104
|
+
const {
|
|
105
|
+
instance
|
|
106
|
+
} = item;
|
|
107
|
+
if (instance instanceof _Role.default) {
|
|
108
|
+
filtered.push(instance);
|
|
109
|
+
}
|
|
110
|
+
return filtered;
|
|
111
|
+
}, []);
|
|
112
|
+
}
|
|
113
|
+
async getPermissions() {
|
|
114
|
+
return this.items.reduce((filtered, item) => {
|
|
115
|
+
const {
|
|
116
|
+
instance
|
|
117
|
+
} = item;
|
|
118
|
+
if (instance instanceof _Permission.default) {
|
|
119
|
+
filtered.push(instance);
|
|
120
|
+
}
|
|
121
|
+
return filtered;
|
|
122
|
+
}, []);
|
|
123
|
+
}
|
|
124
|
+
async getGrants(role) {
|
|
125
|
+
if (role && this.items[role]) {
|
|
126
|
+
const currentGrants = this.items[role].grants;
|
|
127
|
+
return currentGrants.reduce((filtered, grantName) => {
|
|
128
|
+
const grant = this.items[grantName];
|
|
129
|
+
if (grant) {
|
|
130
|
+
filtered.push(grant.instance);
|
|
131
|
+
}
|
|
132
|
+
return filtered;
|
|
133
|
+
}, []);
|
|
134
|
+
}
|
|
135
|
+
return [];
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
exports.default = Memory;
|
|
139
|
+
//# sourceMappingURL=Memory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Memory.js","names":["_Storage","_interopRequireDefault","require","_Permission","_Role","_Base","e","__esModule","default","Memory","Storage","items","add","item","name","Error","instance","grants","remove","Object","keys","forEach","itemName","filter","grant","role","child","childName","Role","includes","push","revoke","get","undefined","getRoles","reduce","filtered","getPermissions","Permission","getGrants","currentGrants","grantName","exports"],"sources":["../src/Memory.js"],"sourcesContent":["// @flow\nimport Storage from './Storage';\nimport Permission from './Permission';\nimport Role from './Role';\nimport Base from './Base';\n\nexport default class Memory extends Storage {\n items: Object[] = {};\n\n async add(item: Base): boolean {\n const { name } = item;\n if (this.items[name]) {\n throw new Error(`Item ${name} already exists`);\n }\n\n this.items[name] = {\n instance: item,\n grants: [],\n };\n\n return true;\n }\n\n async remove(item: Base): boolean {\n const { items } = this;\n const { name } = item;\n if (!items[name]) {\n throw new Error(`Item ${name} is not presented in storage`);\n }\n\n // revoke from all instances\n Object.keys(items).forEach((itemName: string) => {\n const { grants } = items[itemName];\n items[itemName].grants = grants.filter(grant => grant !== name);\n });\n\n // delete from items\n delete this.items[name];\n return true;\n }\n\n async grant(role: Role, child: Base): boolean {\n const { name } = role;\n const { name: childName } = child;\n\n if (!this.items[name]) {\n throw new Error(`Role ${name} is not exist`);\n }\n\n if (!this.items[childName]) {\n throw new Error(`Base ${childName} is not exist`);\n }\n\n if (!(role instanceof Role)) {\n throw new Error('Role is not instance of Role');\n }\n\n if (name === childName) {\n throw new Error(`You can grant yourself ${name}`);\n }\n\n const { grants } = this.items[name];\n if (!grants.includes(childName)) {\n grants.push(childName);\n }\n\n return true;\n }\n\n async revoke(role: Role, child: Base): boolean {\n const { name } = role;\n const { name: childName } = child;\n\n if (!this.items[name] || !this.items[childName]) {\n throw new Error('Role is not exist');\n }\n\n const { grants } = this.items[name];\n if (!grants.includes(childName)) {\n throw new Error('Item is not associated to this item');\n }\n\n this.items[name].grants = grants.filter(grant => grant !== childName);\n\n return true;\n }\n\n async get(name: string): ?Base {\n if (name && this.items[name]) {\n return this.items[name].instance;\n }\n\n return undefined;\n }\n\n async getRoles(): Role[] {\n return this.items\n .reduce((filtered: Role[], item: Object) => {\n const { instance } = item;\n\n if (instance instanceof Role) {\n filtered.push(instance);\n }\n\n return filtered;\n }, []);\n }\n\n async getPermissions(): Permission[] {\n return this.items\n .reduce((filtered: Permission[], item: Object) => {\n const { instance } = item;\n\n if (instance instanceof Permission) {\n filtered.push(instance);\n }\n\n return filtered;\n }, []);\n }\n\n async getGrants(role: string): Base[] {\n if (role && this.items[role]) {\n const currentGrants = this.items[role].grants;\n\n return currentGrants.reduce((filtered: Object[], grantName: string) => {\n const grant = this.items[grantName];\n if (grant) {\n filtered.push(grant.instance);\n }\n\n return filtered;\n }, []);\n }\n\n return [];\n }\n}\n"],"mappings":";;;;;;AACA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,KAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,KAAA,GAAAJ,sBAAA,CAAAC,OAAA;AAA0B,SAAAD,uBAAAK,CAAA,WAAAA,CAAA,IAAAA,CAAA,CAAAC,UAAA,GAAAD,CAAA,KAAAE,OAAA,EAAAF,CAAA;AAEX,MAAMG,MAAM,SAASC,gBAAO,CAAC;EAC1CC,KAAK,GAAa,CAAC,CAAC;EAEpB,MAAMC,GAAGA,CAACC,IAAU,EAAW;IAC7B,MAAM;MAAEC;IAAK,CAAC,GAAGD,IAAI;IACrB,IAAI,IAAI,CAACF,KAAK,CAACG,IAAI,CAAC,EAAE;MACpB,MAAM,IAAIC,KAAK,CAAC,QAAQD,IAAI,iBAAiB,CAAC;IAChD;IAEA,IAAI,CAACH,KAAK,CAACG,IAAI,CAAC,GAAG;MACjBE,QAAQ,EAAEH,IAAI;MACdI,MAAM,EAAE;IACV,CAAC;IAED,OAAO,IAAI;EACb;EAEA,MAAMC,MAAMA,CAACL,IAAU,EAAW;IAChC,MAAM;MAAEF;IAAM,CAAC,GAAG,IAAI;IACtB,MAAM;MAAEG;IAAK,CAAC,GAAGD,IAAI;IACrB,IAAI,CAACF,KAAK,CAACG,IAAI,CAAC,EAAE;MAChB,MAAM,IAAIC,KAAK,CAAC,QAAQD,IAAI,8BAA8B,CAAC;IAC7D;;IAEA;IACAK,MAAM,CAACC,IAAI,CAACT,KAAK,CAAC,CAACU,OAAO,CAAEC,QAAgB,IAAK;MAC/C,MAAM;QAAEL;MAAO,CAAC,GAAGN,KAAK,CAACW,QAAQ,CAAC;MAClCX,KAAK,CAACW,QAAQ,CAAC,CAACL,MAAM,GAAGA,MAAM,CAACM,MAAM,CAACC,KAAK,IAAIA,KAAK,KAAKV,IAAI,CAAC;IACjE,CAAC,CAAC;;IAEF;IACA,OAAO,IAAI,CAACH,KAAK,CAACG,IAAI,CAAC;IACvB,OAAO,IAAI;EACb;EAEA,MAAMU,KAAKA,CAACC,IAAU,EAAEC,KAAW,EAAW;IAC5C,MAAM;MAAEZ;IAAK,CAAC,GAAGW,IAAI;IACrB,MAAM;MAAEX,IAAI,EAAEa;IAAU,CAAC,GAAGD,KAAK;IAEjC,IAAI,CAAC,IAAI,CAACf,KAAK,CAACG,IAAI,CAAC,EAAE;MACrB,MAAM,IAAIC,KAAK,CAAC,QAAQD,IAAI,eAAe,CAAC;IAC9C;IAEA,IAAI,CAAC,IAAI,CAACH,KAAK,CAACgB,SAAS,CAAC,EAAE;MAC1B,MAAM,IAAIZ,KAAK,CAAC,QAAQY,SAAS,eAAe,CAAC;IACnD;IAEA,IAAI,EAAEF,IAAI,YAAYG,aAAI,CAAC,EAAE;MAC3B,MAAM,IAAIb,KAAK,CAAC,8BAA8B,CAAC;IACjD;IAEA,IAAID,IAAI,KAAKa,SAAS,EAAE;MACtB,MAAM,IAAIZ,KAAK,CAAC,0BAA0BD,IAAI,EAAE,CAAC;IACnD;IAEA,MAAM;MAAEG;IAAO,CAAC,GAAG,IAAI,CAACN,KAAK,CAACG,IAAI,CAAC;IACnC,IAAI,CAACG,MAAM,CAACY,QAAQ,CAACF,SAAS,CAAC,EAAE;MAC/BV,MAAM,CAACa,IAAI,CAACH,SAAS,CAAC;IACxB;IAEA,OAAO,IAAI;EACb;EAEA,MAAMI,MAAMA,CAACN,IAAU,EAAEC,KAAW,EAAW;IAC7C,MAAM;MAAEZ;IAAK,CAAC,GAAGW,IAAI;IACrB,MAAM;MAAEX,IAAI,EAAEa;IAAU,CAAC,GAAGD,KAAK;IAEjC,IAAI,CAAC,IAAI,CAACf,KAAK,CAACG,IAAI,CAAC,IAAI,CAAC,IAAI,CAACH,KAAK,CAACgB,SAAS,CAAC,EAAE;MAC/C,MAAM,IAAIZ,KAAK,CAAC,mBAAmB,CAAC;IACtC;IAEA,MAAM;MAAEE;IAAO,CAAC,GAAG,IAAI,CAACN,KAAK,CAACG,IAAI,CAAC;IACnC,IAAI,CAACG,MAAM,CAACY,QAAQ,CAACF,SAAS,CAAC,EAAE;MAC/B,MAAM,IAAIZ,KAAK,CAAC,qCAAqC,CAAC;IACxD;IAEA,IAAI,CAACJ,KAAK,CAACG,IAAI,CAAC,CAACG,MAAM,GAAGA,MAAM,CAACM,MAAM,CAACC,KAAK,IAAIA,KAAK,KAAKG,SAAS,CAAC;IAErE,OAAO,IAAI;EACb;EAEA,MAAMK,GAAGA,CAAClB,IAAY,EAAS;IAC7B,IAAIA,IAAI,IAAI,IAAI,CAACH,KAAK,CAACG,IAAI,CAAC,EAAE;MAC5B,OAAO,IAAI,CAACH,KAAK,CAACG,IAAI,CAAC,CAACE,QAAQ;IAClC;IAEA,OAAOiB,SAAS;EAClB;EAEA,MAAMC,QAAQA,CAAA,EAAW;IACvB,OAAO,IAAI,CAACvB,KAAK,CACdwB,MAAM,CAAC,CAACC,QAAgB,EAAEvB,IAAY,KAAK;MAC1C,MAAM;QAAEG;MAAS,CAAC,GAAGH,IAAI;MAEzB,IAAIG,QAAQ,YAAYY,aAAI,EAAE;QAC5BQ,QAAQ,CAACN,IAAI,CAACd,QAAQ,CAAC;MACzB;MAEA,OAAOoB,QAAQ;IACjB,CAAC,EAAE,EAAE,CAAC;EACV;EAEA,MAAMC,cAAcA,CAAA,EAAiB;IACnC,OAAO,IAAI,CAAC1B,KAAK,CACdwB,MAAM,CAAC,CAACC,QAAsB,EAAEvB,IAAY,KAAK;MAChD,MAAM;QAAEG;MAAS,CAAC,GAAGH,IAAI;MAEzB,IAAIG,QAAQ,YAAYsB,mBAAU,EAAE;QAClCF,QAAQ,CAACN,IAAI,CAACd,QAAQ,CAAC;MACzB;MAEA,OAAOoB,QAAQ;IACjB,CAAC,EAAE,EAAE,CAAC;EACV;EAEA,MAAMG,SAASA,CAACd,IAAY,EAAU;IACpC,IAAIA,IAAI,IAAI,IAAI,CAACd,KAAK,CAACc,IAAI,CAAC,EAAE;MAC5B,MAAMe,aAAa,GAAG,IAAI,CAAC7B,KAAK,CAACc,IAAI,CAAC,CAACR,MAAM;MAE7C,OAAOuB,aAAa,CAACL,MAAM,CAAC,CAACC,QAAkB,EAAEK,SAAiB,KAAK;QACrE,MAAMjB,KAAK,GAAG,IAAI,CAACb,KAAK,CAAC8B,SAAS,CAAC;QACnC,IAAIjB,KAAK,EAAE;UACTY,QAAQ,CAACN,IAAI,CAACN,KAAK,CAACR,QAAQ,CAAC;QAC/B;QAEA,OAAOoB,QAAQ;MACjB,CAAC,EAAE,EAAE,CAAC;IACR;IAEA,OAAO,EAAE;EACX;AACF;AAACM,OAAA,CAAAlC,OAAA,GAAAC,MAAA","ignoreList":[]}
|