Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@metlo/testing

Package Overview
Dependencies
Maintainers
2
Versions
59
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@metlo/testing - npm Package Compare versions

Comparing version 0.3.12 to 0.3.13

10

dist/generate/permissions.d.ts

@@ -0,1 +1,2 @@

import { DataSection } from "./enums";
import { Permission, TemplateConfig } from "../types/resource_config";

@@ -8,6 +9,13 @@ import { GenTestEndpoint } from "./types";

}
interface ContainsResourceFilterKey {
type: "actor" | "resource";
name: string;
path: string;
dataPath: string;
dataSection: DataSection;
}
export type ResourcePerms = Record<string, string[]>;
export declare const getEndpointRequestEntities: (endpoint: GenTestEndpoint, config: TemplateConfig) => ResourceEntityKey[];
export declare const getEntityMap: (endpoint: GenTestEndpoint, config: TemplateConfig) => Record<string, any>;
export declare const getEndpointEntities: (endpoint: GenTestEndpoint, config: TemplateConfig) => ResourceEntityKey[];
export declare const getEndpointEntities: (endpoint: GenTestEndpoint, config: TemplateConfig) => ContainsResourceFilterKey[];
export declare const getEndpointPermissions: (endpoint: GenTestEndpoint, config: TemplateConfig) => Record<string, string[]>;

@@ -14,0 +22,0 @@ export interface AuthActor {

78

dist/generate/permissions.js

@@ -59,7 +59,16 @@ "use strict";

.filter(e => e.entity)
.map(e => e.entity)
.map(e => pathToEntity[e])
.filter(e => e);
.map(e => ({
entity: e.entity,
dataPath: e.dataPath,
dataSection: e.dataSection,
}))
.map(e => (Object.assign(Object.assign({}, pathToEntity[e.entity]), { dataPath: e.dataPath, dataSection: e.dataSection })))
.filter(e => e.name);
};
exports.getEndpointEntities = getEndpointEntities;
const checkContainsResource = (containsResource, defaultResource, filters) => {
return filters.some(e => ((containsResource.type && e.name === containsResource.type) ||
(!containsResource.type && e.name === defaultResource)) &&
`${DATA_SECTION_TO_PATH[e.dataSection]}${e.dataPath ? `.${e.dataPath}` : ""}`.startsWith(containsResource.path || ""));
};
const validateEndpointFilter = (endpoint, permFilter, endpointEntities, defaultResource) => {

@@ -86,11 +95,5 @@ if (permFilter.method) {

const contains_resource = permFilter.contains_resource;
if (contains_resource.type &&
!endpointEntities.find(e => e.type == contains_resource.type &&
e.path.startsWith(contains_resource.path))) {
if (!checkContainsResource(contains_resource, defaultResource, endpointEntities)) {
return false;
}
else if (!endpointEntities.find(e => e.type == defaultResource &&
e.path.startsWith(contains_resource.path))) {
return false;
}
}

@@ -262,3 +265,3 @@ return true;

const findEndpointResourcePermissions = (endpoint, config) => {
var _a, _b, _c;
var _a, _b;
const resources = Object.keys(config.resources);

@@ -269,50 +272,13 @@ if (resources.length === 0) {

const resourcePermissions = new Set();
const endpointEntities = [];
for (const dataField of endpoint.dataFields) {
if (dataField.entity) {
endpointEntities.push({
type: (_a = dataField.entity.split(".")) === null || _a === void 0 ? void 0 : _a[0],
path: DATA_SECTION_TO_PATH[dataField.dataSection],
});
}
}
const endpointEntities = (0, exports.getEndpointEntities)(endpoint, config);
for (const resource of resources) {
const permFilters = (_c = (_b = config.resources[resource]) === null || _b === void 0 ? void 0 : _b.endpoints) !== null && _c !== void 0 ? _c : [];
if ((permFilters === null || permFilters === void 0 ? void 0 : permFilters.length) > 0) {
const permFilters = (_b = (_a = config.resources[resource]) === null || _a === void 0 ? void 0 : _a.endpoints) !== null && _b !== void 0 ? _b : [];
if (permFilters.length > 0) {
for (const permFilter of permFilters) {
if (permFilter.contains_resource) {
const containsResource = permFilter.contains_resource;
if (endpointEntities.some(e => ((containsResource.type && e.type === containsResource.type) ||
(!containsResource.type && e.type === resource)) &&
e.path.startsWith(containsResource.path))) {
permFilter.permissions.forEach(perm => {
resourcePermissions.add(`${resource}.${perm}`);
});
}
if (!validateEndpointFilter(endpoint, permFilter, endpointEntities, resource)) {
continue;
}
else {
if (permFilter.method) {
if (typeof permFilter.method === "string") {
if (permFilter.method !== endpoint.method) {
continue;
}
}
else {
if (!permFilter.method.includes(endpoint.method)) {
continue;
}
}
}
if (permFilter.host &&
!endpoint.host.match(new RegExp(permFilter.host))) {
continue;
}
if (permFilter.path &&
!endpoint.path.match(new RegExp(permFilter.path))) {
continue;
}
permFilter.permissions.forEach(perm => {
resourcePermissions.add(`${resource}.${perm}`);
});
}
permFilter.permissions.forEach(perm => {
resourcePermissions.add(`${resource}.${perm}`);
});
}

@@ -319,0 +285,0 @@ }

2

package.json
{
"name": "@metlo/testing",
"version": "0.3.12",
"version": "0.3.13",
"license": "MIT",

@@ -5,0 +5,0 @@ "main": "dist/index.js",

dist/generate/permissions.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc