@envelop/generic-auth
Advanced tools
Comparing version 8.0.0-alpha-20240812120620-e6a7b402 to 8.0.0-alpha-20240812121725-c400329c
@@ -39,3 +39,3 @@ "use strict"; | ||
} | ||
return validateScopes(params); | ||
return validateScopesAndPolicies(params); | ||
} | ||
@@ -51,4 +51,4 @@ exports.defaultProtectAllValidateFn = defaultProtectAllValidateFn; | ||
} | ||
function validateScopes(params) { | ||
if (params.typeScopes && !areRolesValid(params.typeScopes, params.userScopes)) { | ||
function validateRoles(params, requiredRoles, userRoles) { | ||
if (!areRolesValid(requiredRoles, userRoles)) { | ||
return createUnauthenticatedError({ | ||
@@ -59,22 +59,28 @@ fieldNode: params.fieldNode, | ||
} | ||
if (params.fieldScopes && !areRolesValid(params.fieldScopes, params.userScopes)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
} | ||
} | ||
function validatePolicies(params) { | ||
if (params.typePolicies && !areRolesValid(params.typePolicies, params.userPolicies)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
function validateScopesAndPolicies(params) { | ||
if (params.typeScopes) { | ||
const error = validateRoles(params, params.typeScopes, params.userScopes); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldPolicies && !areRolesValid(params.fieldPolicies, params.userPolicies)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
if (params.typePolicies?.length) { | ||
const error = validateRoles(params, params.typePolicies, params.userPolicies); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldScopes?.length) { | ||
const error = validateRoles(params, params.fieldScopes, params.userScopes); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldPolicies?.length) { | ||
const error = validateRoles(params, params.fieldPolicies, params.userPolicies); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
} | ||
@@ -88,7 +94,3 @@ function defaultProtectSingleValidateFn(params) { | ||
} | ||
const error = validateScopes(params); | ||
if (error) { | ||
return error; | ||
} | ||
return validatePolicies(params); | ||
return validateScopesAndPolicies(params); | ||
} | ||
@@ -95,0 +97,0 @@ exports.defaultProtectSingleValidateFn = defaultProtectSingleValidateFn; |
@@ -35,3 +35,3 @@ import { getNamedType, isInterfaceType, isIntrospectionType, isObjectType, isUnionType, } from 'graphql'; | ||
} | ||
return validateScopes(params); | ||
return validateScopesAndPolicies(params); | ||
} | ||
@@ -46,4 +46,4 @@ function areRolesValid(requiredRoles, userRoles) { | ||
} | ||
function validateScopes(params) { | ||
if (params.typeScopes && !areRolesValid(params.typeScopes, params.userScopes)) { | ||
function validateRoles(params, requiredRoles, userRoles) { | ||
if (!areRolesValid(requiredRoles, userRoles)) { | ||
return createUnauthenticatedError({ | ||
@@ -54,22 +54,28 @@ fieldNode: params.fieldNode, | ||
} | ||
if (params.fieldScopes && !areRolesValid(params.fieldScopes, params.userScopes)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
} | ||
} | ||
function validatePolicies(params) { | ||
if (params.typePolicies && !areRolesValid(params.typePolicies, params.userPolicies)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
function validateScopesAndPolicies(params) { | ||
if (params.typeScopes) { | ||
const error = validateRoles(params, params.typeScopes, params.userScopes); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldPolicies && !areRolesValid(params.fieldPolicies, params.userPolicies)) { | ||
return createUnauthenticatedError({ | ||
fieldNode: params.fieldNode, | ||
path: params.path, | ||
}); | ||
if (params.typePolicies?.length) { | ||
const error = validateRoles(params, params.typePolicies, params.userPolicies); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldScopes?.length) { | ||
const error = validateRoles(params, params.fieldScopes, params.userScopes); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
if (params.fieldPolicies?.length) { | ||
const error = validateRoles(params, params.fieldPolicies, params.userPolicies); | ||
if (error) { | ||
return error; | ||
} | ||
} | ||
} | ||
@@ -83,7 +89,3 @@ export function defaultProtectSingleValidateFn(params) { | ||
} | ||
const error = validateScopes(params); | ||
if (error) { | ||
return error; | ||
} | ||
return validatePolicies(params); | ||
return validateScopesAndPolicies(params); | ||
} | ||
@@ -90,0 +92,0 @@ export function defaultExtractScopes(user) { |
{ | ||
"name": "@envelop/generic-auth", | ||
"version": "8.0.0-alpha-20240812120620-e6a7b402", | ||
"version": "8.0.0-alpha-20240812121725-c400329c", | ||
"sideEffects": false, | ||
@@ -10,3 +10,3 @@ "peerDependencies": { | ||
"dependencies": { | ||
"@envelop/extended-validation": "4.1.0-alpha-20240812120620-e6a7b402", | ||
"@envelop/extended-validation": "4.1.0-alpha-20240812121725-c400329c", | ||
"@graphql-tools/utils": "^10.5.1", | ||
@@ -13,0 +13,0 @@ "tslib": "^2.5.0" |
51688
638