@lifeomic/abac
Advanced tools
Comparing version 1.1.2 to 1.2.0
@@ -331,2 +331,26 @@ 'use strict'; | ||
/** | ||
* Performs a synchronous check for whether the given partially | ||
* evaluated policy allows the operation. It's intended use is for | ||
* client applications that need a simple check to disable UI elements. | ||
* @param {string} operation - the requested operation | ||
* @param {object} policy - the policy to use to check access | ||
* @returns {boolean} true iff access is allowed, and false otherwise | ||
* @throws {Error} Error if the policy is invalid | ||
*/ | ||
const enforceSync = (operation, policy) => { | ||
if (!ajv.validate('OperationNames', operation)) { | ||
return false; | ||
} | ||
// Before using the policy, make sure it's valid | ||
validate(policy); | ||
// TODO: Add support for supplying attributes for rule evaluation | ||
// It is safe to ignore the injection attach here because the operation name has been validated | ||
// against the allowed operation names | ||
// eslint-disable-next-line security/detect-object-injection | ||
return policy.rules && policy.rules[operation] === true; | ||
}; | ||
module.exports = { | ||
@@ -336,3 +360,4 @@ validate, | ||
reduce, | ||
enforce | ||
enforce, | ||
enforceSync | ||
}; |
{ | ||
"name": "@lifeomic/abac", | ||
"version": "1.1.2", | ||
"version": "1.2.0", | ||
"description": "Lifeomic Attribute Based Access Control Support Module", | ||
@@ -15,3 +15,3 @@ "main": "dist/index.js", | ||
"build": "babel src --out-dir dist --copy-files", | ||
"publish": "lifeomic-publish-npm-package --publish-tagged-commits-only" | ||
"lifeomic-publish-npm-package": "lifeomic-publish-npm-package --publish-tagged-commits-only" | ||
}, | ||
@@ -18,0 +18,0 @@ "devDependencies": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
238333
433