@colearn/microservices-kit
Advanced tools
Comparing version 0.0.24 to 0.0.25
@@ -22,4 +22,3 @@ import { AuthData } from './auth'; | ||
private static parseEntityRoles; | ||
private static parseSystemRole; | ||
} | ||
export {}; |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.AuthUser = void 0; | ||
const auth_1 = require("./auth"); | ||
class AuthUser { | ||
@@ -12,10 +13,10 @@ constructor(authData) { | ||
this.token = (_a = authData.getToken) === null || _a === void 0 ? void 0 : _a.call(authData); | ||
this.system = AuthUser.parseSystemRole(this.scopes); | ||
this.system = (0, auth_1.getSystemRole)(this.scopes); | ||
this.roles = AuthUser.parseEntityRoles(this.scopes); | ||
} | ||
isSystemAdmin() { | ||
return this.system === 'admin'; | ||
return this.system === auth_1.SystemRole.Admin; | ||
} | ||
isContentEditor() { | ||
return this.system === 'content'; | ||
return this.system === auth_1.SystemRole.ContentEditor; | ||
} | ||
@@ -54,8 +55,4 @@ isParent() { | ||
} | ||
static parseSystemRole(scopes) { | ||
const system = scopes.find((s) => s.startsWith('role:')); | ||
return system === null || system === void 0 ? void 0 : system.split(':')[1]; | ||
} | ||
} | ||
exports.AuthUser = AuthUser; | ||
//# sourceMappingURL=auth-user.js.map |
@@ -12,4 +12,9 @@ import type { Request, Response, NextFunction } from 'express'; | ||
} | ||
export declare function isAdmin(user?: AuthData): boolean; | ||
export declare enum SystemRole { | ||
Admin = "admin", | ||
User = "user", | ||
ContentEditor = "content-edtitor" | ||
} | ||
export declare function getSystemRole(scopes?: string[]): SystemRole | undefined; | ||
export declare function authorize(req: AuthorizedRequest, _: Response, next: NextFunction): void; | ||
export declare function authorizeAdmin(req: Request, _: Response, next: NextFunction): void; |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.authorizeAdmin = exports.authorize = exports.isAdmin = void 0; | ||
exports.authorizeAdmin = exports.authorize = exports.getSystemRole = exports.SystemRole = void 0; | ||
const errors_1 = require("./errors"); | ||
function isAdmin(user) { | ||
var _a, _b; | ||
return (_b = (_a = user === null || user === void 0 ? void 0 : user.scopes) === null || _a === void 0 ? void 0 : _a.includes('role:admin')) !== null && _b !== void 0 ? _b : false; | ||
var SystemRole; | ||
(function (SystemRole) { | ||
SystemRole["Admin"] = "admin"; | ||
SystemRole["User"] = "user"; | ||
SystemRole["ContentEditor"] = "content-edtitor"; | ||
})(SystemRole = exports.SystemRole || (exports.SystemRole = {})); | ||
function getSystemRole(scopes) { | ||
const system = scopes === null || scopes === void 0 ? void 0 : scopes.find((s) => s.startsWith('role:')); | ||
return system === null || system === void 0 ? void 0 : system.split(':')[1]; | ||
} | ||
exports.isAdmin = isAdmin; | ||
exports.getSystemRole = getSystemRole; | ||
function authorize(req, _, next) { | ||
@@ -23,6 +29,10 @@ var _a; | ||
function authorizeAdmin(req, _, next) { | ||
if (!isAdmin(req.user)) { | ||
var _a; | ||
const user = req.user; | ||
if (!user || getSystemRole(user === null || user === void 0 ? void 0 : user.scopes) !== SystemRole.Admin) { | ||
next(new errors_1.ForbiddenError('Access Forbidden')); | ||
} | ||
else { | ||
const token = (_a = req.header('Authorization')) === null || _a === void 0 ? void 0 : _a.slice(7); | ||
user.getToken = () => token; | ||
next(); | ||
@@ -29,0 +39,0 @@ } |
{ | ||
"name": "@colearn/microservices-kit", | ||
"version": "0.0.24", | ||
"version": "0.0.25", | ||
"description": "colearn microservice kit", | ||
@@ -5,0 +5,0 @@ "author": "Colearn", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
40077
636