Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@contember/authorization
Advanced tools
@contember/authorization - npm Package Compare versions
Comparing version 1.2.0-alpha.8 to 1.2.0-alpha.9
@@ -1,4 +0,4 @@ | ||
| import Permissions from './Permissions'; | ||
| import AccessNode from './AccessNode'; | ||
| import Authorizator from './Authorizator'; | ||
| import { Permissions } from './Permissions'; | ||
| import { AccessNode } from './AccessNode'; | ||
| import { Authorizator } from './Authorizator'; | ||
| interface AccessEvaluator { | ||
@@ -11,6 +11,6 @@ evaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>; | ||
| constructor(permissions: Permissions); | ||
| evaluate(accessNode: AccessNode, { resource, privilege }: Authorizator.Action): Promise<boolean>; | ||
| evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean>; | ||
| } | ||
| } | ||
| export default AccessEvaluator; | ||
| export { AccessEvaluator }; | ||
| //# sourceMappingURL=AccessEvaluator.d.ts.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.AccessEvaluator = void 0; | ||
| const AccessNode_1 = require("./AccessNode"); | ||
@@ -10,8 +11,8 @@ var AccessEvaluator; | ||
| } | ||
| async evaluate(accessNode, { resource, privilege }) { | ||
| if (!(accessNode instanceof AccessNode_1.default.Roles)) { | ||
| async evaluate(accessNode, { resource, privilege, meta }) { | ||
| if (!(accessNode instanceof AccessNode_1.AccessNode.Roles)) { | ||
| throw new UnsupportedAccessNodeError(); | ||
| } | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege)) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true; | ||
@@ -27,3 +28,3 @@ } | ||
| })(AccessEvaluator || (AccessEvaluator = {})); | ||
| exports.default = AccessEvaluator; | ||
| exports.AccessEvaluator = AccessEvaluator; | ||
| //# sourceMappingURL=AccessEvaluator.js.map |
@@ -1,3 +0,3 @@ | ||
| import AccessEvaluator from './AccessEvaluator'; | ||
| import Authorizator from './Authorizator'; | ||
| import { AccessEvaluator } from './AccessEvaluator'; | ||
| import { Authorizator } from './Authorizator'; | ||
| interface AccessNode { | ||
@@ -41,3 +41,3 @@ isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| export default AccessNode; | ||
| export { AccessNode }; | ||
| //# sourceMappingURL=AccessNode.d.ts.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.AccessNode = void 0; | ||
| var AccessNode; | ||
@@ -76,3 +77,3 @@ (function (AccessNode) { | ||
| })(AccessNode || (AccessNode = {})); | ||
| exports.default = AccessNode; | ||
| exports.AccessNode = AccessNode; | ||
| //# sourceMappingURL=AccessNode.js.map |
@@ -1,2 +0,2 @@ | ||
| import AccessNode from './AccessNode'; | ||
| import { AccessNode } from './AccessNode'; | ||
| interface AuthorizationScope<Identity> { | ||
@@ -25,3 +25,3 @@ getIdentityAccess(identity: Identity): Promise<AccessNode>; | ||
| } | ||
| export default AuthorizationScope; | ||
| export { AuthorizationScope }; | ||
| //# sourceMappingURL=AuthorizationScope.d.ts.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.AuthorizationScope = void 0; | ||
| const AccessNode_1 = require("./AccessNode"); | ||
@@ -17,3 +18,3 @@ var AuthorizationScope; | ||
| async getIdentityAccess(identity) { | ||
| return AccessNode_1.default.Fixed.denied(); | ||
| return AccessNode_1.AccessNode.Fixed.denied(); | ||
| } | ||
@@ -31,3 +32,3 @@ } | ||
| } | ||
| return new AccessNode_1.default.Intersection(await Promise.all(nodes)); | ||
| return new AccessNode_1.AccessNode.Intersection(await Promise.all(nodes)); | ||
| } | ||
@@ -45,3 +46,3 @@ } | ||
| } | ||
| return new AccessNode_1.default.Union(await Promise.all(nodes)); | ||
| return new AccessNode_1.AccessNode.Union(await Promise.all(nodes)); | ||
| } | ||
@@ -51,3 +52,3 @@ } | ||
| })(AuthorizationScope || (AuthorizationScope = {})); | ||
| exports.default = AuthorizationScope; | ||
| exports.AuthorizationScope = AuthorizationScope; | ||
| //# sourceMappingURL=AuthorizationScope.js.map |
@@ -1,3 +0,3 @@ | ||
| import AuthorizationScope from './AuthorizationScope'; | ||
| import AccessEvaluator from './AccessEvaluator'; | ||
| import { AuthorizationScope } from './AuthorizationScope'; | ||
| import { AccessEvaluator } from './AccessEvaluator'; | ||
| interface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> { | ||
@@ -9,12 +9,13 @@ isAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>; | ||
| type Privilege = string; | ||
| type Action<Meta = undefined> = Meta extends undefined ? { | ||
| type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {} ? { | ||
| resource: Resource; | ||
| privilege: Privilege; | ||
| meta: Meta; | ||
| } : { | ||
| resource: Resource; | ||
| privilege: Privilege; | ||
| meta: Meta; | ||
| meta?: Meta; | ||
| }; | ||
| function createAction(resource: Resource, privilege: Privilege): Action<undefined>; | ||
| function createAction<Meta>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>; | ||
| function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>; | ||
| class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> { | ||
@@ -29,3 +30,3 @@ private readonly accessEvaluator; | ||
| } | ||
| export default Authorizator; | ||
| export { Authorizator }; | ||
| //# sourceMappingURL=Authorizator.d.ts.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.Authorizator = void 0; | ||
| const AccessNode_1 = require("./AccessNode"); | ||
@@ -20,4 +21,4 @@ var Authorizator; | ||
| const scopeNode = await scope.getIdentityAccess(identity); | ||
| const globalNode = new AccessNode_1.default.Roles(identity.roles); | ||
| const node = new AccessNode_1.default.Union([scopeNode, globalNode]); | ||
| const globalNode = new AccessNode_1.AccessNode.Roles(identity.roles); | ||
| const node = new AccessNode_1.AccessNode.Union([scopeNode, globalNode]); | ||
| return await node.isAllowed(this.accessEvaluator, action); | ||
@@ -28,3 +29,3 @@ } | ||
| })(Authorizator || (Authorizator = {})); | ||
| exports.default = Authorizator; | ||
| exports.Authorizator = Authorizator; | ||
| //# sourceMappingURL=Authorizator.js.map |
@@ -1,6 +0,6 @@ | ||
| export { default as Authorizator } from './Authorizator'; | ||
| export { default as AccessEvaluator } from './AccessEvaluator'; | ||
| export { default as AccessNode } from './AccessNode'; | ||
| export { default as AuthorizationScope } from './AuthorizationScope'; | ||
| export { default as Permissions } from './Permissions'; | ||
| export * from './Authorizator'; | ||
| export * from './AccessEvaluator'; | ||
| export * from './AccessNode'; | ||
| export * from './AuthorizationScope'; | ||
| export * from './Permissions'; | ||
| //# sourceMappingURL=index.d.ts.map |
| "use strict"; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| var desc = Object.getOwnPropertyDescriptor(m, k); | ||
| if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
| desc = { enumerable: true, get: function() { return m[k]; } }; | ||
| } | ||
| Object.defineProperty(o, k2, desc); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __exportStar = (this && this.__exportStar) || function(m, exports) { | ||
| for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p); | ||
| }; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.Permissions = exports.AuthorizationScope = exports.AccessNode = exports.AccessEvaluator = exports.Authorizator = void 0; | ||
| var Authorizator_1 = require("./Authorizator"); | ||
| Object.defineProperty(exports, "Authorizator", { enumerable: true, get: function () { return Authorizator_1.default; } }); | ||
| var AccessEvaluator_1 = require("./AccessEvaluator"); | ||
| Object.defineProperty(exports, "AccessEvaluator", { enumerable: true, get: function () { return AccessEvaluator_1.default; } }); | ||
| var AccessNode_1 = require("./AccessNode"); | ||
| Object.defineProperty(exports, "AccessNode", { enumerable: true, get: function () { return AccessNode_1.default; } }); | ||
| var AuthorizationScope_1 = require("./AuthorizationScope"); | ||
| Object.defineProperty(exports, "AuthorizationScope", { enumerable: true, get: function () { return AuthorizationScope_1.default; } }); | ||
| var Permissions_1 = require("./Permissions"); | ||
| Object.defineProperty(exports, "Permissions", { enumerable: true, get: function () { return Permissions_1.default; } }); | ||
| __exportStar(require("./Authorizator"), exports); | ||
| __exportStar(require("./AccessEvaluator"), exports); | ||
| __exportStar(require("./AccessNode"), exports); | ||
| __exportStar(require("./AuthorizationScope"), exports); | ||
| __exportStar(require("./Permissions"), exports); | ||
| //# sourceMappingURL=index.js.map |
@@ -1,6 +0,6 @@ | ||
| import Authorizator from './Authorizator'; | ||
| import { Authorizator } from './Authorizator'; | ||
| declare class Permissions { | ||
| private permissions; | ||
| allow(role: string, { resource, privilege }: Authorizator.Action): void; | ||
| isAllowed(role: string, resource: string, action: string): boolean; | ||
| allow<Meta extends {} | undefined = undefined>(role: string, { resource, privilege }: Authorizator.Action<Meta>, verifier?: (meta: Meta) => boolean): void; | ||
| isAllowed(role: string, resource: string, action: string, meta: any): boolean; | ||
| } | ||
@@ -12,3 +12,3 @@ declare namespace Permissions { | ||
| [resource: string]: { | ||
| [privilege: string]: true; | ||
| [privilege: string]: (meta: any) => boolean; | ||
| }; | ||
@@ -18,3 +18,3 @@ }; | ||
| } | ||
| export default Permissions; | ||
| export { Permissions }; | ||
| //# sourceMappingURL=Permissions.d.ts.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.Permissions = void 0; | ||
| class Permissions { | ||
@@ -7,12 +8,11 @@ constructor() { | ||
| } | ||
| allow(role, { resource, privilege }) { | ||
| if (!this.permissions[role]) { | ||
| this.permissions[role] = {}; | ||
| } | ||
| if (!this.permissions[role][resource]) { | ||
| this.permissions[role][resource] = {}; | ||
| } | ||
| this.permissions[role][resource][privilege] = true; | ||
| allow(role, { resource, privilege }, verifier = () => true) { | ||
| var _a, _b; | ||
| var _c, _d; | ||
| (_a = (_c = this.permissions)[role]) !== null && _a !== void 0 ? _a : (_c[role] = {}); | ||
| (_b = (_d = this.permissions[role])[resource]) !== null && _b !== void 0 ? _b : (_d[resource] = {}); | ||
| this.permissions[role][resource][privilege] = verifier; | ||
| } | ||
| isAllowed(role, resource, action) { | ||
| isAllowed(role, resource, action, meta) { | ||
| var _a, _b; | ||
| const rolePermissions = this.permissions[role]; | ||
@@ -24,3 +24,3 @@ if (!rolePermissions) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource] && rolePermissions[tmpResource][tmpAction] === true) { | ||
| if (((_b = (_a = rolePermissions[tmpResource]) === null || _a === void 0 ? void 0 : _a[tmpAction]) === null || _b === void 0 ? void 0 : _b.call(_a, meta)) === true) { | ||
| return true; | ||
@@ -33,6 +33,7 @@ } | ||
| } | ||
| exports.Permissions = Permissions; | ||
| (function (Permissions) { | ||
| Permissions.ALL = '*'; | ||
| })(Permissions || (Permissions = {})); | ||
| exports.default = Permissions; | ||
| exports.Permissions = Permissions; | ||
| //# sourceMappingURL=Permissions.js.map |
| { | ||
| "name": "@contember/authorization", | ||
| "version": "v1.2.0-alpha.8", | ||
| "version": "1.2.0-alpha.9", | ||
| "license": "Apache-2.0", | ||
@@ -5,0 +5,0 @@ "main": "dist/src/index.js", |
@@ -1,4 +0,4 @@ | ||
| import Permissions from './Permissions' | ||
| import AccessNode from './AccessNode' | ||
| import Authorizator from './Authorizator' | ||
| import { Permissions } from './Permissions' | ||
| import { AccessNode } from './AccessNode' | ||
| import { Authorizator } from './Authorizator' | ||
@@ -13,3 +13,3 @@ interface AccessEvaluator { | ||
| async evaluate(accessNode: AccessNode, { resource, privilege }: Authorizator.Action): Promise<boolean> { | ||
| async evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean> { | ||
| if (!(accessNode instanceof AccessNode.Roles)) { | ||
@@ -19,3 +19,3 @@ throw new UnsupportedAccessNodeError() | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege)) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true | ||
@@ -31,2 +31,2 @@ } | ||
| export default AccessEvaluator | ||
| export { AccessEvaluator } |
@@ -1,3 +0,3 @@ | ||
| import AccessEvaluator from './AccessEvaluator' | ||
| import Authorizator from './Authorizator' | ||
| import { AccessEvaluator } from './AccessEvaluator' | ||
| import { Authorizator } from './Authorizator' | ||
@@ -83,2 +83,2 @@ interface AccessNode { | ||
| export default AccessNode | ||
| export { AccessNode } |
@@ -1,2 +0,2 @@ | ||
| import AccessNode from './AccessNode' | ||
| import { AccessNode } from './AccessNode' | ||
@@ -47,2 +47,2 @@ interface AuthorizationScope<Identity> { | ||
| export default AuthorizationScope | ||
| export { AuthorizationScope } |
@@ -1,4 +0,4 @@ | ||
| import AuthorizationScope from './AuthorizationScope' | ||
| import AccessEvaluator from './AccessEvaluator' | ||
| import AccessNode from './AccessNode' | ||
| import { AuthorizationScope } from './AuthorizationScope' | ||
| import { AccessEvaluator } from './AccessEvaluator' | ||
| import { AccessNode } from './AccessNode' | ||
@@ -12,12 +12,12 @@ interface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> { | ||
| export type Privilege = string | ||
| export type Action<Meta = undefined> = Meta extends undefined | ||
| ? { resource: Resource; privilege: Privilege } | ||
| : { resource: Resource; privilege: Privilege; meta: Meta } | ||
| export type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {} | ||
| ? { resource: Resource; privilege: Privilege; meta: Meta } | ||
| : { resource: Resource; privilege: Privilege; meta?: Meta } | ||
| type ActionCreator = | ||
| | ((resource: Resource, privilege: Privilege) => Action) | ||
| | (<Meta>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>) | ||
| | (<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>) | ||
| export function createAction(resource: Resource, privilege: Privilege): Action<undefined> | ||
| export function createAction<Meta>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta> | ||
| export function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta> | ||
| export function createAction<Meta>(resource: Resource, privilege: Privilege, meta?: Meta) { | ||
@@ -51,2 +51,2 @@ return { | ||
| export default Authorizator | ||
| export { Authorizator } |
@@ -1,5 +0,5 @@ | ||
| export { default as Authorizator } from './Authorizator' | ||
| export { default as AccessEvaluator } from './AccessEvaluator' | ||
| export { default as AccessNode } from './AccessNode' | ||
| export { default as AuthorizationScope } from './AuthorizationScope' | ||
| export { default as Permissions } from './Permissions' | ||
| export * from './Authorizator' | ||
| export * from './AccessEvaluator' | ||
| export * from './AccessNode' | ||
| export * from './AuthorizationScope' | ||
| export * from './Permissions' |
@@ -1,2 +0,2 @@ | ||
| import Authorizator from './Authorizator' | ||
| import { Authorizator } from './Authorizator' | ||
@@ -6,13 +6,13 @@ class Permissions { | ||
| public allow(role: string, { resource, privilege }: Authorizator.Action) { | ||
| if (!this.permissions[role]) { | ||
| this.permissions[role] = {} | ||
| } | ||
| if (!this.permissions[role][resource]) { | ||
| this.permissions[role][resource] = {} | ||
| } | ||
| this.permissions[role][resource][privilege] = true | ||
| public allow<Meta extends {} | undefined = undefined>( | ||
| role: string, | ||
| { resource, privilege }: Authorizator.Action<Meta>, | ||
| verifier: (meta: Meta) => boolean = () => true, | ||
| ) { | ||
| this.permissions[role] ??= {} | ||
| this.permissions[role][resource] ??= {} | ||
| this.permissions[role][resource][privilege] = verifier | ||
| } | ||
| public isAllowed(role: string, resource: string, action: string): boolean { | ||
| public isAllowed(role: string, resource: string, action: string, meta: any): boolean { | ||
| const rolePermissions = this.permissions[role] | ||
@@ -24,3 +24,3 @@ if (!rolePermissions) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource] && rolePermissions[tmpResource][tmpAction] === true) { | ||
| if (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) { | ||
| return true | ||
@@ -36,5 +36,11 @@ } | ||
| export const ALL = '*' | ||
| export type PermissionsMap = { [role: string]: { [resource: string]: { [privilege: string]: true } } } | ||
| export type PermissionsMap = { | ||
| [role: string]: { | ||
| [resource: string]: { | ||
| [privilege: string]: (meta: any) => boolean | ||
| } | ||
| } | ||
| } | ||
| } | ||
| export default Permissions | ||
| export { Permissions } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.42%
65316
- Lines of code
- increased by3.48%
595
- Number of medium supply chain risk alerts
- decreased by-100%
0
No dependency changes