New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@contrail/policies

Package Overview
Dependencies
Maintainers
10
Versions
67
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@contrail/policies - npm Package Compare versions

Comparing version 2.0.4 to 2.0.5

1

lib/policies/policies.d.ts

@@ -36,1 +36,2 @@ export declare enum Operation {

export declare function getPermissionsOnResource(principalReferences: string[], policies: Policy[], resource: string): Array<Operation>;
export declare function addReadIfNeeded(permittedOperations: any, deniedOperations: any): void;

22

lib/policies/policies.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getPermissionsOnResource = exports.checkPermission = exports.Policy = exports.Version = exports.Effect = exports.Operation = void 0;
exports.addReadIfNeeded = exports.getPermissionsOnResource = exports.checkPermission = exports.Policy = exports.Version = exports.Effect = exports.Operation = void 0;
var Operation;

@@ -26,2 +26,3 @@ (function (Operation) {

;
const implicitReadPermissions = [Operation.create, Operation.update, Operation.delete];
function checkPermission(principalReferences, policy, operation) {

@@ -35,2 +36,3 @@ if (policy.version === Version.V1) {

if (statement.principal === principalReference || statement.principal === '*') {
const hasImplicitReadPermission = statement.action.some(action => implicitReadPermissions.includes(action));
if (statement.action.includes(operation)) {

@@ -44,2 +46,7 @@ if (statement.effect === Effect.allow) {

}
if (operation === Operation.read && !denied && hasImplicitReadPermission) {
if (statement.effect === Effect.allow || !statement.action.includes(Operation.read)) {
permitted = true;
}
}
}

@@ -65,3 +72,3 @@ }

for (const principalReference of principalReferences) {
if (statement.principal === principalReference &&
if ((statement.principal === principalReference || statement.principal === '*') &&
(statement.resource === "*" || statement.resource === resource)) {

@@ -76,2 +83,3 @@ for (const action of statement.action) {

}
addReadIfNeeded(permittedOperations, deniedOperations);
}

@@ -85,1 +93,11 @@ }

exports.getPermissionsOnResource = getPermissionsOnResource;
function addReadIfNeeded(permittedOperations, deniedOperations) {
if ((permittedOperations.includes(Operation.create) ||
permittedOperations.includes(Operation.update) ||
permittedOperations.includes(Operation.delete)) &&
!permittedOperations.includes(Operation.read) &&
!deniedOperations.includes(Operation.read)) {
permittedOperations.push(Operation.read);
}
}
exports.addReadIfNeeded = addReadIfNeeded;

2

package.json
{
"name": "@contrail/policies",
"version": "2.0.4",
"version": "2.0.5",
"description": "Library for managing and enforing policies",

@@ -5,0 +5,0 @@ "main": "lib/index.js",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc