@esri/hub-discussions - npm Package Compare versions

Comparing version 18.1.2 to 18.2.0

dist/esm/utils/channels/can-create-channel.js

@@ -1,9 +0,10 @@
-import { AclCategory, SharingAccess, } from "../../types";
+import { SharingAccess, } from "../../types";
+import { ChannelPermission } from "../channel-permission";
 import { CANNOT_DISCUSS } from "../constants";
 import { isOrgAdmin } from "../platform";
-const ALLOWED_GROUP_ROLES = Object.freeze(["owner", "admin", "member"]);
 export function canCreateChannel(channel, user) {
     const { channelAcl, access, groups, orgs } = channel;
     if (channelAcl) {
-        return isAuthorizedToCreateByChannelAcl(user, channelAcl);
+        const channelPermission = new ChannelPermission(channelAcl);
+        return channelPermission.canCreateChannel(user);
     }
@@ -16,69 +17,2 @@ return isAuthorizedToCreateByLegacyPermissions(user, {
 }
-function isAuthorizedToCreateByChannelAcl(user, channelAcl) {
-    const { username } = user;
-    if (username === null || channelAcl.length === 0) {
-        return false;
-    }
-    const permissions = mapByCategory(channelAcl);
-    return (canAllowAnonymous(user, permissions[AclCategory.ANONYMOUS_USER]) &&
-        canAllowAuthenticated(user, permissions[AclCategory.AUTHENTICATED_USER]) &&
-        canAllowGroups(user, permissions[AclCategory.GROUP]) &&
-        canAllowOrgs(user, permissions[AclCategory.ORG]) &&
-        canAllowUsers(user, permissions[AclCategory.USER]));
-}
-function mapByCategory(channelAcl) {
-    return channelAcl.reduce((accum, permission) => {
-        var _a;
-        const { category } = permission;
-        ((_a = accum[category]) === null || _a === void 0 ? void 0 : _a.push(permission)) || (accum[category] = [permission]);
-        return accum;
-    }, {});
-}
-function canAllowAnonymous(user, anonPermissions) {
-    if (!anonPermissions) {
-        return true;
-    }
-    return isOrgAdmin(user);
-}
-function canAllowAuthenticated(user, authenticatedPermissions) {
-    if (!authenticatedPermissions) {
-        return true;
-    }
-    return isOrgAdmin(user);
-}
-function canAllowGroups(user, groupPermissions) {
-    if (!groupPermissions) {
-        return true;
-    }
-    return groupPermissions.every((groupPermission) => {
-        const { key: channelGroupId } = groupPermission;
-        const userGroup = user.groups.find((group) => group.id === channelGroupId);
-        return (userGroup &&
-            isMemberTypeAuthorized(userGroup.userMembership.memberType) &&
-            isGroupDiscussable(userGroup.typeKeywords));
-    });
-}
-function isMemberTypeAuthorized(memberType) {
-    return ALLOWED_GROUP_ROLES.includes(memberType);
-}
-function isGroupDiscussable(typeKeywords = []) {
-    return !typeKeywords.includes(CANNOT_DISCUSS);
-}
-function canAllowOrgs(user, orgPermissions) {
-    if (!orgPermissions) {
-        return true;
-    }
-    return (isOrgAdmin(user) && isEveryPermissionForUserOrg(user.orgId, orgPermissions));
-}
-function isEveryPermissionForUserOrg(userOrgId, orgPermissions) {
-    return orgPermissions.every((permission) => {
-        const { key: orgId } = permission;
-        return userOrgId === orgId;
-    });
-}
-// for now user permissions are disabled on channel create
-// since users are not notified and cannot opt out
-function canAllowUsers(user, userPermissions) {
-    return !userPermissions;
-}
 // Once ACL usage is enforced, we will remove authorization by legacy permissions
@@ -102,6 +36,14 @@ function isAuthorizedToCreateByLegacyPermissions(user, channelParams) {
         return (userGroup &&
-            isMemberTypeAuthorized(userGroup.userMembership.memberType) &&
-            isGroupDiscussable(userGroup.typeKeywords));
+            isMemberTypeAuthorized(userGroup) &&
+            isGroupDiscussable(userGroup));
     });
 }
+function isMemberTypeAuthorized(userGroup) {
+    const { userMembership: { memberType }, } = userGroup;
+    return ["owner", "admin", "member"].includes(memberType);
+}
+function isGroupDiscussable(userGroup) {
+    const { typeKeywords = [] } = userGroup;
+    return !typeKeywords.includes(CANNOT_DISCUSS);
+}
 function isOrgAdminAndInChannelOrgs(user, channelOrgs) {
@@ -108,0 +50,0 @@ return isOrgAdmin(user) && channelOrgs.includes(user.orgId);

dist/esm/utils/channels/can-post-to-channel.js

 import { Role, SharingAccess, } from "../../types";
+import { ChannelPermission } from "../channel-permission";
 import { CANNOT_DISCUSS } from "../constants";
@@ -12,7 +13,11 @@ const ALLOWED_GROUP_ROLES = Object.freeze(["owner", "admin", "member"]);
 export function canPostToChannel(channel, user) {
-    const { acl, access, groups, orgs, allowAnonymous } = channel;
+    const { acl, channelAcl, access, groups, orgs, allowAnonymous } = channel;
     if (acl) {
         return isAuthorizedToPostByAcl(user, acl);
     }
-    // Once ACL usage is enforced, we will remove authorization by legacy permissions
+    if (channelAcl) {
+        const channelPermission = new ChannelPermission(channelAcl);
+        return channelPermission.canPostToChannel(user);
+    }
+    // Once channelAcl usage is enforced, we will remove authorization by legacy permissions
     return isAuthorizedToPostByLegacyPermissions(user, {
@@ -26,3 +31,3 @@ access,
 function isAuthorizedToPostByAcl(user, acl) {
-    if (channelAllowsAnyUserToPost(acl)) {
+    if (channelAllowsAnyUserToPostAcl(acl)) {
         return true;
@@ -33,14 +38,14 @@ }
     }
-    return (channelAllowsAnyAuthenticatedUserToPost(acl) ||
-        channelAllowsThisUserToPost(user, acl) ||
-        channelAllowsPostsByThisUsersGroups(user, acl) ||
-        channelAllowsPostsByThisUsersOrg(user, acl));
+    return (channelAllowsAnyAuthenticatedUserToPostAcl(acl) ||
+        channelAllowsThisUserToPostAcl(user, acl) ||
+        channelAllowsPostsByThisUsersGroupsAcl(user, acl) ||
+        channelAllowsPostsByThisUsersOrgAcl(user, acl));
 }
-function channelAllowsAnyUserToPost(channelAcl) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelAcl.anonymous);
+function channelAllowsAnyUserToPostAcl(acl) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, acl.anonymous);
 }
-function channelAllowsAnyAuthenticatedUserToPost(channelAcl) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelAcl.authenticated);
+function channelAllowsAnyAuthenticatedUserToPostAcl(acl) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, acl.authenticated);
 }
-function channelAllowsThisUserToPost(user, acl) {
+function channelAllowsThisUserToPostAcl(user, acl) {
     // TODO: migrate to userId instead of username
@@ -50,5 +55,5 @@ const { username } = user;
     const userPermission = userLookup[username];
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, userPermission);
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, userPermission);
 }
-function channelAllowsPostsByThisUsersGroups(user, acl) {
+function channelAllowsPostsByThisUsersGroupsAcl(user, acl) {
     if (!acl.groups) {
@@ -63,3 +68,3 @@ return false;
         }
-        if (canGroupMembersPost(aclGroup)) {
+        if (canGroupMembersPostAcl(aclGroup)) {
             return true;
@@ -71,12 +76,12 @@ }
 }
-function canGroupMembersPost(aclGroup) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, aclGroup.member);
+function canGroupMembersPostAcl(aclGroup) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, aclGroup.member);
 }
 function canGroupAdminsPost(aclGroup) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, aclGroup.admin);
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, aclGroup.admin);
 }
-function isAuthorized(allowedRoles, permission) {
+function isAuthorizedAcl(allowedRoles, permission) {
     return permission && allowedRoles.includes(permission.role);
 }
-function channelAllowsPostsByThisUsersOrg(user, acl) {
+function channelAllowsPostsByThisUsersOrgAcl(user, acl) {
     const { orgId, role: orgRole } = user;
@@ -91,4 +96,4 @@ if (!acl.orgs) {
     return ((orgRole === "org_admin" &&
-        isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.admin)) ||
-        isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.member));
+        isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.admin)) ||
+        isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.member));
 }
@@ -95,0 +100,0 @@ function isAuthorizedToPostByLegacyPermissions(user, channelParams) {

dist/node/utils/channels/can-create-channel.js

@@ -5,9 +5,10 @@ "use strict";
 const types_1 = require("../../types");
+const channel_permission_1 = require("../channel-permission");
 const constants_1 = require("../constants");
 const platform_1 = require("../platform");
-const ALLOWED_GROUP_ROLES = Object.freeze(["owner", "admin", "member"]);
 function canCreateChannel(channel, user) {
     const { channelAcl, access, groups, orgs } = channel;
     if (channelAcl) {
-        return isAuthorizedToCreateByChannelAcl(user, channelAcl);
+        const channelPermission = new channel_permission_1.ChannelPermission(channelAcl);
+        return channelPermission.canCreateChannel(user);
     }
@@ -21,69 +22,2 @@ return isAuthorizedToCreateByLegacyPermissions(user, {
 exports.canCreateChannel = canCreateChannel;
-function isAuthorizedToCreateByChannelAcl(user, channelAcl) {
-    const { username } = user;
-    if (username === null || channelAcl.length === 0) {
-        return false;
-    }
-    const permissions = mapByCategory(channelAcl);
-    return (canAllowAnonymous(user, permissions[types_1.AclCategory.ANONYMOUS_USER]) &&
-        canAllowAuthenticated(user, permissions[types_1.AclCategory.AUTHENTICATED_USER]) &&
-        canAllowGroups(user, permissions[types_1.AclCategory.GROUP]) &&
-        canAllowOrgs(user, permissions[types_1.AclCategory.ORG]) &&
-        canAllowUsers(user, permissions[types_1.AclCategory.USER]));
-}
-function mapByCategory(channelAcl) {
-    return channelAcl.reduce((accum, permission) => {
-        var _a;
-        const { category } = permission;
-        ((_a = accum[category]) === null || _a === void 0 ? void 0 : _a.push(permission)) || (accum[category] = [permission]);
-        return accum;
-    }, {});
-}
-function canAllowAnonymous(user, anonPermissions) {
-    if (!anonPermissions) {
-        return true;
-    }
-    return platform_1.isOrgAdmin(user);
-}
-function canAllowAuthenticated(user, authenticatedPermissions) {
-    if (!authenticatedPermissions) {
-        return true;
-    }
-    return platform_1.isOrgAdmin(user);
-}
-function canAllowGroups(user, groupPermissions) {
-    if (!groupPermissions) {
-        return true;
-    }
-    return groupPermissions.every((groupPermission) => {
-        const { key: channelGroupId } = groupPermission;
-        const userGroup = user.groups.find((group) => group.id === channelGroupId);
-        return (userGroup &&
-            isMemberTypeAuthorized(userGroup.userMembership.memberType) &&
-            isGroupDiscussable(userGroup.typeKeywords));
-    });
-}
-function isMemberTypeAuthorized(memberType) {
-    return ALLOWED_GROUP_ROLES.includes(memberType);
-}
-function isGroupDiscussable(typeKeywords = []) {
-    return !typeKeywords.includes(constants_1.CANNOT_DISCUSS);
-}
-function canAllowOrgs(user, orgPermissions) {
-    if (!orgPermissions) {
-        return true;
-    }
-    return (platform_1.isOrgAdmin(user) && isEveryPermissionForUserOrg(user.orgId, orgPermissions));
-}
-function isEveryPermissionForUserOrg(userOrgId, orgPermissions) {
-    return orgPermissions.every((permission) => {
-        const { key: orgId } = permission;
-        return userOrgId === orgId;
-    });
-}
-// for now user permissions are disabled on channel create
-// since users are not notified and cannot opt out
-function canAllowUsers(user, userPermissions) {
-    return !userPermissions;
-}
 // Once ACL usage is enforced, we will remove authorization by legacy permissions
@@ -107,6 +41,14 @@ function isAuthorizedToCreateByLegacyPermissions(user, channelParams) {
         return (userGroup &&
-            isMemberTypeAuthorized(userGroup.userMembership.memberType) &&
-            isGroupDiscussable(userGroup.typeKeywords));
+            isMemberTypeAuthorized(userGroup) &&
+            isGroupDiscussable(userGroup));
     });
 }
+function isMemberTypeAuthorized(userGroup) {
+    const { userMembership: { memberType }, } = userGroup;
+    return ["owner", "admin", "member"].includes(memberType);
+}
+function isGroupDiscussable(userGroup) {
+    const { typeKeywords = [] } = userGroup;
+    return !typeKeywords.includes(constants_1.CANNOT_DISCUSS);
+}
 function isOrgAdminAndInChannelOrgs(user, channelOrgs) {
@@ -113,0 +55,0 @@ return platform_1.isOrgAdmin(user) && channelOrgs.includes(user.orgId);

dist/node/utils/channels/can-post-to-channel.js

@@ -5,2 +5,3 @@ "use strict";
 const types_1 = require("../../types");
+const channel_permission_1 = require("../channel-permission");
 const constants_1 = require("../constants");
@@ -16,7 +17,11 @@ const ALLOWED_GROUP_ROLES = Object.freeze(["owner", "admin", "member"]);
 function canPostToChannel(channel, user) {
-    const { acl, access, groups, orgs, allowAnonymous } = channel;
+    const { acl, channelAcl, access, groups, orgs, allowAnonymous } = channel;
     if (acl) {
         return isAuthorizedToPostByAcl(user, acl);
     }
-    // Once ACL usage is enforced, we will remove authorization by legacy permissions
+    if (channelAcl) {
+        const channelPermission = new channel_permission_1.ChannelPermission(channelAcl);
+        return channelPermission.canPostToChannel(user);
+    }
+    // Once channelAcl usage is enforced, we will remove authorization by legacy permissions
     return isAuthorizedToPostByLegacyPermissions(user, {
@@ -31,3 +36,3 @@ access,
 function isAuthorizedToPostByAcl(user, acl) {
-    if (channelAllowsAnyUserToPost(acl)) {
+    if (channelAllowsAnyUserToPostAcl(acl)) {
         return true;
@@ -38,14 +43,14 @@ }
     }
-    return (channelAllowsAnyAuthenticatedUserToPost(acl) ||
-        channelAllowsThisUserToPost(user, acl) ||
-        channelAllowsPostsByThisUsersGroups(user, acl) ||
-        channelAllowsPostsByThisUsersOrg(user, acl));
+    return (channelAllowsAnyAuthenticatedUserToPostAcl(acl) ||
+        channelAllowsThisUserToPostAcl(user, acl) ||
+        channelAllowsPostsByThisUsersGroupsAcl(user, acl) ||
+        channelAllowsPostsByThisUsersOrgAcl(user, acl));
 }
-function channelAllowsAnyUserToPost(channelAcl) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelAcl.anonymous);
+function channelAllowsAnyUserToPostAcl(acl) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, acl.anonymous);
 }
-function channelAllowsAnyAuthenticatedUserToPost(channelAcl) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelAcl.authenticated);
+function channelAllowsAnyAuthenticatedUserToPostAcl(acl) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, acl.authenticated);
 }
-function channelAllowsThisUserToPost(user, acl) {
+function channelAllowsThisUserToPostAcl(user, acl) {
     // TODO: migrate to userId instead of username
@@ -55,5 +60,5 @@ const { username } = user;
     const userPermission = userLookup[username];
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, userPermission);
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, userPermission);
 }
-function channelAllowsPostsByThisUsersGroups(user, acl) {
+function channelAllowsPostsByThisUsersGroupsAcl(user, acl) {
     if (!acl.groups) {
@@ -68,3 +73,3 @@ return false;
         }
-        if (canGroupMembersPost(aclGroup)) {
+        if (canGroupMembersPostAcl(aclGroup)) {
             return true;
@@ -76,12 +81,12 @@ }
 }
-function canGroupMembersPost(aclGroup) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, aclGroup.member);
+function canGroupMembersPostAcl(aclGroup) {
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, aclGroup.member);
 }
 function canGroupAdminsPost(aclGroup) {
-    return isAuthorized(ALLOWED_ROLES_FOR_POSTING, aclGroup.admin);
+    return isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, aclGroup.admin);
 }
-function isAuthorized(allowedRoles, permission) {
+function isAuthorizedAcl(allowedRoles, permission) {
     return permission && allowedRoles.includes(permission.role);
 }
-function channelAllowsPostsByThisUsersOrg(user, acl) {
+function channelAllowsPostsByThisUsersOrgAcl(user, acl) {
     const { orgId, role: orgRole } = user;
@@ -96,4 +101,4 @@ if (!acl.orgs) {
     return ((orgRole === "org_admin" &&
-        isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.admin)) ||
-        isAuthorized(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.member));
+        isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.admin)) ||
+        isAuthorizedAcl(ALLOWED_ROLES_FOR_POSTING, channelOrgPermission.member));
 }
@@ -100,0 +105,0 @@ function isAuthorizedToPostByLegacyPermissions(user, channelParams) {

package.json

 {
   "name": "@esri/hub-discussions",
-  "version": "18.1.2",
+  "version": "18.2.0",
   "description": "Module to interact with ArcGIS Hub Discussions API in Node.js and modern browsers.",
@@ -5,0 +5,0 @@ "main": "dist/node/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

184034

increased by12.3%

Number of package files

97

increased by5.43%

Lines of code

3768

increased by7.47%

No dependency changes