@keystonejs/access-control - npm Package Compare versions

Comparing version 5.1.0 to 5.2.0

CHANGELOG.md

 # @keystonejs/access-control
 
+## 5.2.0
+
+### Minor Changes
+
+- [`42497b8e`](https://github.com/keystonejs/keystone/commit/42497b8ebbaeaf0f4d7881dbb76c6abafde4cace) [#2456](https://github.com/keystonejs/keystone/pull/2456) Thanks [@timleslie](https://github.com/timleslie)! - Added `validateAuthAccessControl` as a special case for validating access control on authentication queries and mutations.
+
+### Patch Changes
+
+- [`5ba330b8`](https://github.com/keystonejs/keystone/commit/5ba330b8b2609ea0033a636daf9a215a5a192c20) [#2487](https://github.com/keystonejs/keystone/pull/2487) Thanks [@Noviny](https://github.com/Noviny)! - Small changes to package.json (mostly adding a repository field)
+
+- Updated dependencies [[`5ba330b8`](https://github.com/keystonejs/keystone/commit/5ba330b8b2609ea0033a636daf9a215a5a192c20)]:
+  - @keystonejs/utils@5.2.2
+
 ## 5.1.0
@@ -4,0 +17,0 @@

index.js

@@ -8,2 +8,3 @@ const {
   validateFieldAccessControl,
+  validateAuthAccessControl,
 } = require('./lib/access-control');
@@ -18,2 +19,3 @@
   validateFieldAccessControl,
+  validateAuthAccessControl,
 };

lib/access-control.js

@@ -255,2 +255,28 @@ const { getType, pick, defaultObj, intersection } = require('@keystonejs/utils');
   },
+
+  validateAuthAccessControl({ access, listKey, authentication = {}, gqlName }) {
+    const operation = 'auth';
+    // Either a boolean or an object describing a where clause
+    let result;
+    if (typeof access[operation] !== 'function') {
+      result = access[operation];
+    } else {
+      result = access[operation]({
+        authentication: authentication.item ? authentication : {},
+        listKey,
+        operation,
+        gqlName,
+      });
+    }
+
+    const type = getType(result);
+
+    if (!['Object', 'Boolean'].includes(type)) {
+      throw new Error(
+        `Must return an Object or Boolean from Imperative or Declarative access control function. Got ${type}`
+      );
+    }
+
+    return result;
+  },
 };

package.json

 {
   "name": "@keystonejs/access-control",
   "description": "KeystoneJS Access Control parsing and validating utilities.",
-  "version": "5.1.0",
+  "version": "5.2.0",
   "author": "The KeystoneJS Development Team",
@@ -11,4 +11,5 @@ "license": "MIT",
   "dependencies": {
-    "@keystonejs/utils": "^5.2.0"
-  }
+    "@keystonejs/utils": "^5.2.2"
+  },
+  "repository": "https://github.com/keystonejs/keystone/tree/master/packages/access-control"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

16708

increased by11.23%

Lines of code

272

increased by9.68%

Number of medium supply chain risk alerts

0

decreased by-100%

Dependency changes

• Updated@keystonejs/utils@^5.2.2