@lifeomic/abac
Advanced tools
Comparing version 4.10.3 to 5.0.0
{ | ||
"name": "@lifeomic/abac", | ||
"version": "4.10.3", | ||
"version": "5.0.0", | ||
"description": "LifeOmic Attribute Based Access Control Support Module", | ||
@@ -45,4 +45,3 @@ "main": "src/index.js", | ||
"pretest": "yarn lint", | ||
"test": "nyc ava --verbose", | ||
"jenkins-test": "ENV=ava ava --tap | tap-xunit --package unit > test-report.xml" | ||
"test": "jest" | ||
}, | ||
@@ -54,10 +53,11 @@ "dependencies": { | ||
"devDependencies": { | ||
"@lifeomic/eslint-config-standards": "^3.0.0", | ||
"@lifeomic/typescript-config": "^2.0.0", | ||
"@jest/types": "^29.6.1", | ||
"@lifeomic/eslint-config-standards": "^3.1.0", | ||
"@lifeomic/typescript-config": "^3.0.0", | ||
"@types/deep-equal": "^1.0.1", | ||
"@types/jest": "^29.5.2", | ||
"@types/lodash": "^4.5.7", | ||
"@types/node": "^18", | ||
"@types/semver": "^7.5.0", | ||
"ajv": "^6.5.0", | ||
"ava": "^3.15.0", | ||
"ajv": "^8.12.0", | ||
"browserslist": "^4.21.5", | ||
@@ -71,10 +71,10 @@ "conventional-changelog-conventionalcommits": "^5.0.0", | ||
"glob": "^10.2.3", | ||
"nyc": "^11.8.0", | ||
"jest": "^29.6.1", | ||
"prettier": "^2.7.1", | ||
"semantic-release": "^19.0.3", | ||
"semver": "^7.5.0", | ||
"sinon": "^5.0.7", | ||
"tap-xunit": "^2.3.0", | ||
"ts-jest": "^29.1.1", | ||
"ts-node": "^10.9.1", | ||
"typescript": "^4.9.5" | ||
"typescript": "^5.1.6" | ||
}, | ||
@@ -87,26 +87,5 @@ "peerDependencies": { | ||
}, | ||
"ava": { | ||
"timeout": "30s", | ||
"files": [ | ||
"test/**/*.test.ts" | ||
], | ||
"require": [ | ||
"ts-node/register/transpile-only" | ||
], | ||
"extensions": [ | ||
"ts", | ||
"js" | ||
], | ||
"failWithoutAssertions": false, | ||
"verbose": true, | ||
"concurrency": 1, | ||
"failFast": true | ||
}, | ||
"nyc": { | ||
"check-coverage": true, | ||
"lines": 100, | ||
"statements": 100, | ||
"functions": 100, | ||
"branches": 100 | ||
"resolutions": { | ||
"jackspeak": "2.1.1" | ||
} | ||
} |
@@ -1,3 +0,4 @@ | ||
import type { AbacComparison, AbacPolicy } from './types'; | ||
export * from './types'; | ||
import * as schemas from './schemas'; | ||
import type { AbacPolicy, AbacReduceOptions } from './schemas'; | ||
export type * from './schemas'; | ||
export declare const COMPARISON_REVERSION_MAP: { | ||
@@ -33,3 +34,3 @@ readonly endsWith: "suffixOf"; | ||
export declare const merge: (policies: AbacPolicy[]) => AbacPolicy; | ||
export declare const extract: (policy: AbacPolicy, privileges: string[], attribute: string) => (AbacComparison | undefined)[]; | ||
export declare const extract: (policy: AbacPolicy, privileges: string[], attribute: string) => (schemas.AbacComparison | undefined)[]; | ||
/** | ||
@@ -52,9 +53,6 @@ * Performs a synchronous reduction for whether the given policy might | ||
* known value in-line. | ||
* @returns {object} the policy reduced to conditions involving attributes not | ||
* not given | ||
* @returns {object} the policy reduced to conditions involving attributes not given | ||
* @throws {Error} if the policy is invalid | ||
*/ | ||
export declare const reduce: (policy: AbacPolicy, attributes?: Record<string, any>, options?: { | ||
inlineTargets?: string[]; | ||
}) => AbacPolicy; | ||
export declare const reduce: (policy: AbacPolicy, attributes?: Record<string, any>, options?: AbacReduceOptions) => AbacPolicy; | ||
/** | ||
@@ -61,0 +59,0 @@ * Check whether the given policy allows the operation with the given attributes. |
@@ -20,3 +20,2 @@ "use strict"; | ||
}; | ||
var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default")); | ||
var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( | ||
@@ -50,3 +49,2 @@ // If the importer is in node compatibility mode or this is not an ESM | ||
var import_deep_clone = __toESM(require("deep-clone")); | ||
__reExport(src_exports, require("./types"), module.exports); | ||
const ajv = new import_ajv.default({ | ||
@@ -176,5 +174,2 @@ schemas: Object.values(schemas) | ||
const compare = (condition, value, attributes) => { | ||
if (!condition) { | ||
return false; | ||
} | ||
const compareValue = getCompareValue(condition, attributes); | ||
@@ -229,10 +224,7 @@ if (compareValue === void 0 && condition.comparison !== "exists") { | ||
if ((condition == null ? void 0 : condition.target) && inlineTargets && inlineTargets.some( | ||
(inlineTarget) => ( | ||
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion | ||
isSubpath(condition.target, inlineTarget) | ||
) | ||
(inlineTarget) => isSubpath(condition.target, inlineTarget) | ||
)) { | ||
const inLineTargetValue = getAttribute(attributes, condition.target); | ||
if (inLineTargetValue) { | ||
newCondition.value = inLineTargetValue; | ||
condition.value = inLineTargetValue; | ||
delete condition.target; | ||
@@ -266,4 +258,2 @@ } | ||
return rules; | ||
} else if (rules === void 0) { | ||
return false; | ||
} | ||
@@ -368,4 +358,3 @@ for (const rule of (0, import_deep_clone.default)(rules)) { | ||
reduce, | ||
validate, | ||
...require("./types") | ||
validate | ||
}); |
@@ -0,1 +1,37 @@ | ||
export interface StringOrNumberArrayComparison { | ||
comparison: 'superset' | 'subset' | 'in' | 'notIn' | 'equals' | 'notEquals'; | ||
value: (string | number)[]; | ||
target?: undefined; | ||
} | ||
export interface StringOrNumberDirectComparison { | ||
comparison: 'includes' | 'notIncludes' | 'equals' | 'notEquals'; | ||
value: number | string; | ||
target?: undefined; | ||
} | ||
export interface StringPrePostFixComparison { | ||
comparison: 'startsWith' | 'prefixOf' | 'suffixOf' | 'endsWith'; | ||
value?: string; | ||
target?: string; | ||
} | ||
export interface BoolComparison { | ||
comparison: 'equals' | 'notEquals'; | ||
value: boolean; | ||
target?: undefined; | ||
} | ||
export interface TargetStringComparison { | ||
comparison: 'superset' | 'subset' | 'in' | 'equals' | 'includes' | 'notIncludes' | 'notEquals' | 'notIn'; | ||
target: string; | ||
value?: undefined; | ||
} | ||
export interface UnknownComparisonType extends Record<string, any> { | ||
comparison: Omit<'superset' | 'subset' | 'in' | 'equals' | 'includes' | 'notIncludes' | 'notEquals' | 'notIn' | 'startsWith' | 'prefixOf' | 'endsWith' | 'suffixOf', string>; | ||
target?: string; | ||
value?: string; | ||
} | ||
export interface ExistsComparison { | ||
comparison: 'exists'; | ||
value?: string; | ||
target?: undefined; | ||
} | ||
export type AbacComparison = StringOrNumberArrayComparison | StringOrNumberDirectComparison | StringPrePostFixComparison | BoolComparison | TargetStringComparison | UnknownComparisonType | ExistsComparison; | ||
export declare const Comparison: { | ||
@@ -14,79 +50,79 @@ readonly $schema: "http://json-schema.org/draft-07/schema#"; | ||
readonly oneOf: readonly [{ | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly enum: readonly ["superset", "subset", "in", "notIn", "equals", "notEquals"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
enum: string[]; | ||
}; | ||
readonly value: { | ||
readonly type: "array"; | ||
readonly items: { | ||
readonly type: readonly ["number", "string"]; | ||
value: { | ||
type: string; | ||
items: { | ||
type: string[]; | ||
}; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison", "value"]; | ||
readonly additionalProperties: false; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}, { | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly enum: readonly ["includes", "notIncludes", "equals", "notEquals"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
enum: string[]; | ||
}; | ||
readonly value: { | ||
readonly type: readonly ["number", "string"]; | ||
value: { | ||
type: string[]; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison", "value"]; | ||
readonly additionalProperties: false; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}, { | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly enum: readonly ["startsWith", "prefixOf", "suffixOf", "endsWith"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
enum: string[]; | ||
}; | ||
readonly value: { | ||
readonly type: readonly ["string"]; | ||
value: { | ||
type: string; | ||
}; | ||
readonly target: { | ||
readonly $ref: "#/definitions/ValidTargetString"; | ||
target: { | ||
$ref: string; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison"]; | ||
readonly additionalProperties: false; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}, { | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly enum: readonly ["equals", "notEquals"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
enum: string[]; | ||
}; | ||
readonly value: { | ||
readonly type: "boolean"; | ||
value: { | ||
type: string; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison", "value"]; | ||
readonly additionalProperties: false; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}, { | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly enum: readonly ["superset", "subset", "in", "equals", "includes", "notIncludes", "notEquals", "notIn"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
enum: string[]; | ||
}; | ||
readonly target: { | ||
readonly $ref: "#/definitions/ValidTargetString"; | ||
target: { | ||
$ref: string; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison", "target"]; | ||
readonly additionalProperties: false; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}, { | ||
readonly properties: { | ||
readonly comparison: { | ||
readonly type: "string"; | ||
readonly not: { | ||
readonly enum: readonly ["superset", "subset", "in", "equals", "includes", "notIncludes", "notEquals", "notIn", "startsWith", "prefixOf", "endsWith", "suffixOf"]; | ||
properties: { | ||
comparison: { | ||
type: string; | ||
not: { | ||
enum: string[]; | ||
}; | ||
}; | ||
}; | ||
readonly required: readonly ["comparison"]; | ||
readonly additionalProperties: true; | ||
required: string[]; | ||
additionalProperties: boolean; | ||
}]; | ||
}; |
@@ -24,2 +24,107 @@ "use strict"; | ||
module.exports = __toCommonJS(Comparison_exports); | ||
const stringOrNumberArrayComparison = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["superset", "subset", "in", "notIn", "equals", "notEquals"] | ||
}, | ||
value: { | ||
type: "array", | ||
items: { | ||
type: ["number", "string"] | ||
} | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}; | ||
const stringOrNumberDirectComparison = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["includes", "notIncludes", "equals", "notEquals"] | ||
}, | ||
value: { | ||
type: ["number", "string"] | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}; | ||
const stringPrePostFix = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["startsWith", "prefixOf", "suffixOf", "endsWith"] | ||
}, | ||
value: { | ||
type: "string" | ||
}, | ||
target: { | ||
$ref: "#/definitions/ValidTargetString" | ||
} | ||
}, | ||
required: ["comparison"], | ||
additionalProperties: false | ||
}; | ||
const boolComparison = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["equals", "notEquals"] | ||
}, | ||
value: { | ||
type: "boolean" | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}; | ||
const targetStringComparison = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: [ | ||
"superset", | ||
"subset", | ||
"in", | ||
"equals", | ||
"includes", | ||
"notIncludes", | ||
"notEquals", | ||
"notIn" | ||
] | ||
}, | ||
target: { | ||
$ref: "#/definitions/ValidTargetString" | ||
} | ||
}, | ||
required: ["comparison", "target"], | ||
additionalProperties: false | ||
}; | ||
const invalidComparisonType = { | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
not: { | ||
enum: [ | ||
"superset", | ||
"subset", | ||
"in", | ||
"equals", | ||
"includes", | ||
"notIncludes", | ||
"notEquals", | ||
"notIn", | ||
"startsWith", | ||
"prefixOf", | ||
"endsWith", | ||
"suffixOf" | ||
] | ||
} | ||
} | ||
}, | ||
required: ["comparison"], | ||
additionalProperties: true | ||
}; | ||
const Comparison = { | ||
@@ -38,107 +143,8 @@ $schema: "http://json-schema.org/draft-07/schema#", | ||
oneOf: [ | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["superset", "subset", "in", "notIn", "equals", "notEquals"] | ||
}, | ||
value: { | ||
type: "array", | ||
items: { | ||
type: ["number", "string"] | ||
} | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}, | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["includes", "notIncludes", "equals", "notEquals"] | ||
}, | ||
value: { | ||
type: ["number", "string"] | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}, | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["startsWith", "prefixOf", "suffixOf", "endsWith"] | ||
}, | ||
value: { | ||
type: ["string"] | ||
}, | ||
target: { | ||
$ref: "#/definitions/ValidTargetString" | ||
} | ||
}, | ||
required: ["comparison"], | ||
additionalProperties: false | ||
}, | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: ["equals", "notEquals"] | ||
}, | ||
value: { | ||
type: "boolean" | ||
} | ||
}, | ||
required: ["comparison", "value"], | ||
additionalProperties: false | ||
}, | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
enum: [ | ||
"superset", | ||
"subset", | ||
"in", | ||
"equals", | ||
"includes", | ||
"notIncludes", | ||
"notEquals", | ||
"notIn" | ||
] | ||
}, | ||
target: { | ||
$ref: "#/definitions/ValidTargetString" | ||
} | ||
}, | ||
required: ["comparison", "target"], | ||
additionalProperties: false | ||
}, | ||
{ | ||
properties: { | ||
comparison: { | ||
type: "string", | ||
not: { | ||
enum: [ | ||
"superset", | ||
"subset", | ||
"in", | ||
"equals", | ||
"includes", | ||
"notIncludes", | ||
"notEquals", | ||
"notIn", | ||
"startsWith", | ||
"prefixOf", | ||
"endsWith", | ||
"suffixOf" | ||
] | ||
} | ||
} | ||
}, | ||
required: ["comparison"], | ||
additionalProperties: true | ||
} | ||
stringOrNumberArrayComparison, | ||
stringOrNumberDirectComparison, | ||
stringPrePostFix, | ||
boolComparison, | ||
targetStringComparison, | ||
invalidComparisonType | ||
] | ||
@@ -145,0 +151,0 @@ }; |
@@ -1,6 +0,6 @@ | ||
export { Comparison } from './Comparison'; | ||
export { Policy } from './Policy'; | ||
export { Rule } from './Rule'; | ||
export { Rules } from './Rules'; | ||
export { OperationNames } from './OperationNames'; | ||
export { ReduceOptions } from './ReduceOptions'; | ||
export * from './Comparison'; | ||
export * from './Policy'; | ||
export * from './Rule'; | ||
export * from './Rules'; | ||
export * from './OperationNames'; | ||
export * from './ReduceOptions'; |
@@ -6,6 +6,2 @@ "use strict"; | ||
var __hasOwnProp = Object.prototype.hasOwnProperty; | ||
var __export = (target, all) => { | ||
for (var name in all) | ||
__defProp(target, name, { get: all[name], enumerable: true }); | ||
}; | ||
var __copyProps = (to, from, except, desc) => { | ||
@@ -19,27 +15,20 @@ if (from && typeof from === "object" || typeof from === "function") { | ||
}; | ||
var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default")); | ||
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); | ||
var schemas_exports = {}; | ||
__export(schemas_exports, { | ||
Comparison: () => import_Comparison.Comparison, | ||
OperationNames: () => import_OperationNames.OperationNames, | ||
Policy: () => import_Policy.Policy, | ||
ReduceOptions: () => import_ReduceOptions.ReduceOptions, | ||
Rule: () => import_Rule.Rule, | ||
Rules: () => import_Rules.Rules | ||
}); | ||
module.exports = __toCommonJS(schemas_exports); | ||
var import_Comparison = require("./Comparison"); | ||
var import_Policy = require("./Policy"); | ||
var import_Rule = require("./Rule"); | ||
var import_Rules = require("./Rules"); | ||
var import_OperationNames = require("./OperationNames"); | ||
var import_ReduceOptions = require("./ReduceOptions"); | ||
__reExport(schemas_exports, require("./Comparison"), module.exports); | ||
__reExport(schemas_exports, require("./Policy"), module.exports); | ||
__reExport(schemas_exports, require("./Rule"), module.exports); | ||
__reExport(schemas_exports, require("./Rules"), module.exports); | ||
__reExport(schemas_exports, require("./OperationNames"), module.exports); | ||
__reExport(schemas_exports, require("./ReduceOptions"), module.exports); | ||
// Annotate the CommonJS export names for ESM import in node: | ||
0 && (module.exports = { | ||
Comparison, | ||
OperationNames, | ||
Policy, | ||
ReduceOptions, | ||
Rule, | ||
Rules | ||
...require("./Comparison"), | ||
...require("./Policy"), | ||
...require("./Rule"), | ||
...require("./Rules"), | ||
...require("./OperationNames"), | ||
...require("./ReduceOptions") | ||
}); |
@@ -0,1 +1,5 @@ | ||
import { AbacRules } from './Rules'; | ||
export interface AbacPolicy { | ||
rules: Record<string, AbacRules>; | ||
} | ||
export declare const Policy: { | ||
@@ -2,0 +6,0 @@ readonly $schema: "http://json-schema.org/draft-07/schema#"; |
@@ -0,1 +1,4 @@ | ||
export interface AbacReduceOptions { | ||
inlineTargets?: [string, ...string[]]; | ||
} | ||
export declare const ReduceOptions: { | ||
@@ -2,0 +5,0 @@ readonly $schema: "http://json-schema.org/draft-07/schema#"; |
@@ -0,1 +1,3 @@ | ||
import { AbacComparison } from './Comparison'; | ||
export type AbacRule = Record<string, AbacComparison>; | ||
export declare const Rule: { | ||
@@ -2,0 +4,0 @@ readonly $schema: "http://json-schema.org/draft-07/schema#"; |
@@ -0,1 +1,3 @@ | ||
import { AbacRule } from './Rule'; | ||
export type AbacRules = AbacRule[] | boolean; | ||
export declare const Rules: { | ||
@@ -2,0 +4,0 @@ readonly $schema: "http://json-schema.org/draft-07/schema#"; |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
12228
451975
25
28