@icgc-argo/ego-token-utils
Advanced tools
Comparing version
@@ -15,2 +15,15 @@ export declare const DCC_ADMIN_PERMISSION = "PROGRAMSERVICE.WRITE"; | ||
/** | ||
* check if a given set of permissions has rdpc write access | ||
* @param permissions | ||
*/ | ||
export declare const isRdpcAdmin: (permissions: string[]) => boolean; | ||
/** | ||
* check if given permissions has write access to specific RDPC | ||
* @param args | ||
*/ | ||
export declare const canWriteToRdpc: (args: { | ||
permissions: string[]; | ||
rdpcCode: string; | ||
}) => boolean; | ||
/** | ||
* check if a given set of permissions has daco admin access | ||
@@ -17,0 +30,0 @@ * @param permissions |
@@ -1,2 +0,2 @@ | ||
export declare type Permission = 'READ' | 'WRITE' | 'ADMIN' | 'DENY'; | ||
export declare type Permission = 'READ' | 'WRITE' | 'DENY'; | ||
export declare const PERMISSIONS: { | ||
@@ -3,0 +3,0 @@ [k in Permission]: Permission; |
@@ -16,2 +16,3 @@ import { PermissionScopeObj } from './common'; | ||
isRdpcMember: (permissions: string[]) => boolean; | ||
isRdpcAdmin: (permissions: string[]) => boolean; | ||
isDacoAdmin: (permissions: string[]) => boolean; | ||
@@ -18,0 +19,0 @@ getPermissionsFromToken: (egoJwt: string) => string[]; |
@@ -44,3 +44,3 @@ "use strict"; | ||
var isMember = rdpcPermissions.some(function (p) { | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(p.split('.')[1]); | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE].includes(p.split('.')[1]); | ||
}) && | ||
@@ -57,2 +57,18 @@ !rdpcPermissions.some(function (p) { | ||
/** | ||
* check if a given set of permissions has rdpc write access | ||
* @param permissions | ||
*/ | ||
exports.isRdpcAdmin = function (permissions) { | ||
return permissions | ||
.filter(function (policy) { return policy && policy.startsWith(exports.RDPC_PREFIX); }) | ||
.some(function (code) { return code.includes(common_1.PERMISSIONS.WRITE); }); | ||
}; | ||
/** | ||
* check if given permissions has write access to specific RDPC | ||
* @param args | ||
*/ | ||
exports.canWriteToRdpc = function (args) { | ||
return args.permissions.some(function (code) { return code === "" + exports.RDPC_PREFIX + args.rdpcCode + "." + common_1.PERMISSIONS.WRITE; }); | ||
}; | ||
/** | ||
* check if a given set of permissions has daco admin access | ||
@@ -59,0 +75,0 @@ * @param permissions |
@@ -26,3 +26,2 @@ "use strict"; | ||
WRITE: 'WRITE', | ||
ADMIN: 'ADMIN', | ||
DENY: 'DENY', | ||
@@ -29,0 +28,0 @@ }; |
@@ -83,3 +83,3 @@ "use strict"; | ||
.filter(function (scopeObj) { | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(scopeObj.permission) && | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE].includes(scopeObj.permission) && | ||
![common_1.PERMISSIONS.DENY].includes(scopeObj.permission); | ||
@@ -102,3 +102,3 @@ }); | ||
.filter(function (scopeObj) { | ||
return [common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(scopeObj.permission) && | ||
return [common_1.PERMISSIONS.WRITE].includes(scopeObj.permission) && | ||
![common_1.PERMISSIONS.DENY].includes(scopeObj.permission); | ||
@@ -151,3 +151,3 @@ }); | ||
var programId = policy.replace(common_1.PROGRAM_PREFIX, ''); | ||
return (programId === args.programId && [common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(permission)); | ||
return programId === args.programId && [common_1.PERMISSIONS.WRITE].includes(permission); | ||
})); | ||
@@ -174,3 +174,3 @@ }; | ||
var isProgramAdmin = function (args) { | ||
return canWriteProgram(args); | ||
return args.permissions.some(function (code) { return code === "" + common_1.PROGRAM_PREFIX + args.programId + "." + common_1.PERMISSIONS.WRITE; }); | ||
}; | ||
@@ -228,2 +228,3 @@ var UserProgramMembershipAccessLevel; | ||
isRdpcMember: argoRoleChecks_1.isRdpcMember, | ||
isRdpcAdmin: argoRoleChecks_1.isRdpcAdmin, | ||
isDacoAdmin: argoRoleChecks_1.isDacoAdmin, | ||
@@ -230,0 +231,0 @@ getPermissionsFromToken: getPermissionsFromToken(egoPublicKey), |
@@ -33,3 +33,3 @@ "use strict"; | ||
.filter(function (scopeObj) { | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(scopeObj.permission) && | ||
return [common_1.PERMISSIONS.READ, common_1.PERMISSIONS.WRITE].includes(scopeObj.permission) && | ||
![common_1.PERMISSIONS.DENY].includes(scopeObj.permission); | ||
@@ -39,3 +39,5 @@ }); | ||
exports.getReadableProgramDataNames = function (permissions) { | ||
return exports.getReadableProgramDataScopes(permissions).map(function (s) { return s.policy.replace(common_1.PROGRAM_DATA_PREFIX, ''); }); | ||
return Array.from( | ||
// Build from a Set to force unique values. | ||
new Set(exports.getReadableProgramDataScopes(permissions).map(function (s) { return s.policy.replace(common_1.PROGRAM_DATA_PREFIX, ''); }))); | ||
}; | ||
@@ -51,3 +53,3 @@ exports.getWritableProgramDataScopes = function (permissions) { | ||
.filter(function (scopeObj) { | ||
return [common_1.PERMISSIONS.WRITE, common_1.PERMISSIONS.ADMIN].includes(scopeObj.permission) && | ||
return [common_1.PERMISSIONS.WRITE].includes(scopeObj.permission) && | ||
![common_1.PERMISSIONS.DENY].includes(scopeObj.permission); | ||
@@ -57,3 +59,5 @@ }); | ||
exports.getWritableProgramDataNames = function (permissions) { | ||
return exports.getWritableProgramDataScopes(permissions).map(function (s) { return s.policy.replace(common_1.PROGRAM_DATA_PREFIX, ''); }); | ||
return Array.from( | ||
// Build from a Set to force unique values. | ||
new Set(exports.getWritableProgramDataScopes(permissions).map(function (s) { return s.policy.replace(common_1.PROGRAM_DATA_PREFIX, ''); }))); | ||
}; | ||
@@ -60,0 +64,0 @@ exports.canReadSomeProgramData = function (permissions) { |
@@ -15,2 +15,15 @@ export declare const DCC_ADMIN_PERMISSION = "PROGRAMSERVICE.WRITE"; | ||
/** | ||
* check if a given set of permissions has rdpc write access | ||
* @param permissions | ||
*/ | ||
export declare const isRdpcAdmin: (permissions: string[]) => boolean; | ||
/** | ||
* check if given permissions has write access to specific RDPC | ||
* @param args | ||
*/ | ||
export declare const canWriteToRdpc: (args: { | ||
permissions: string[]; | ||
rdpcCode: string; | ||
}) => boolean; | ||
/** | ||
* check if a given set of permissions has daco admin access | ||
@@ -17,0 +30,0 @@ * @param permissions |
@@ -1,2 +0,2 @@ | ||
export declare type Permission = 'READ' | 'WRITE' | 'ADMIN' | 'DENY'; | ||
export declare type Permission = 'READ' | 'WRITE' | 'DENY'; | ||
export declare const PERMISSIONS: { | ||
@@ -3,0 +3,0 @@ [k in Permission]: Permission; |
@@ -16,2 +16,3 @@ import { PermissionScopeObj } from './common'; | ||
isRdpcMember: (permissions: string[]) => boolean; | ||
isRdpcAdmin: (permissions: string[]) => boolean; | ||
isDacoAdmin: (permissions: string[]) => boolean; | ||
@@ -18,0 +19,0 @@ getPermissionsFromToken: (egoJwt: string) => string[]; |
{ | ||
"name": "@icgc-argo/ego-token-utils", | ||
"version": "8.2.0", | ||
"version": "8.3.0", | ||
"description": "", | ||
@@ -5,0 +5,0 @@ "keywords": [], |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
891907
0.41%10094
0.74%