@opuscapita/bouncer
Advanced tools
Comparing version 1.0.41 to 1.0.42
27
index.js
@@ -17,2 +17,9 @@ const extend = require('extend'); | ||
| /** | ||
| * Object providing a tenant split into supplier and customer. | ||
| * @typedef {object} TenantSplit | ||
| * @property {string} supplierId A supplier ID. | ||
| * @property {string} customerId A customer ID. | ||
| */ | ||
| /** | ||
| * Class for applying security to services and additional security APIs. | ||
@@ -299,2 +306,20 @@ * Depending on which parts of this class are used, it requires access to consul, RabbitMQ and acl service. | ||
| /** | ||
| * Splits an array of tenant IDs into an array of objects containing a supplierId and a customerId. Whenever a | ||
| * tenant is a supplier or a customer, the corresponding field is set. | ||
| * | ||
| * @param {array} tenants - An array containng tenant IDs. | ||
| * @returns {TenantSplit} An array of TenantSplit objects. | ||
| */ | ||
| splitUserTenants(tenants) | ||
| { | ||
| if(!Array.isArray(tenants)) | ||
| return [ ]; | ||
| return tenants.map(tenantId => ({ | ||
| supplierId : tenantId.startsWith('s_') ? tenantId.substr(2) : null, | ||
| customerId : tenantId.startsWith('c_') ? tenantId.substr(2) : null | ||
| })); | ||
| } | ||
| /** | ||
| * Returns a boolean telling whenever a URL is considered a public resource. | ||
@@ -449,2 +474,3 @@ * @returns {boolean} Returns true or false. | ||
| req.opuscapita.getUserTenantsByUrl = () => [ ]; | ||
| req.opuscapita.splitUserTenants = (tenants) => this.splitUserTenants(tenants); | ||
@@ -471,2 +497,3 @@ next(); | ||
| req.opuscapita.getUserTenantsByUrl = (url, serviceName = null) => this.getUserTenantsByUrl(url, req.opuscapita.userData(), serviceClient, method, serviceName); | ||
| req.opuscapita.splitUserTenants = (tenants) => this.splitUserTenants(tenants); | ||
@@ -473,0 +500,0 @@ req.body = req.body && this.filterObject(req.body, allow, remove); |
| { | ||
| "name": "@opuscapita/bouncer", | ||
| "version": "1.0.41", | ||
| "version": "1.0.42", | ||
| "description": "API and express middleware for OpusCapita ACl service based access security.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -23,12 +23,52 @@ # @opuscapita/bouncer | ||
| **Attention**: *Bouncer requires the *opuscapita* namespace to be available inside the request object passed to the middleware by express. It ueses opuscapita.logger, opuscapita.serviceClient and opuscapita.userData() which, if used, also require [useridentity-middleware](https://github.com/OpusCapita/useridentity-middleware).* | ||
| > *Bouncer requires the *opuscapita* namespace to be available inside the request object passed to the middleware by express. It ueses opuscapita.logger, opuscapita.serviceClient and opuscapita.userData() which, if used, also require [useridentity-middleware](https://github.com/OpusCapita/useridentity-middleware).* | ||
| --- | ||
| ## req.opuscapita methods | ||
| Bouncer extends the **req.opuscapita** namespace with several, request bound methods where some of which can only be used if [useridentity-middleware](https://github.com/OpusCapita/useridentity-middleware) is available. | ||
| * req.opuscapita.**getUserTenants()** | ||
| * *Returns an array of tenants a user has access to on the current endpoint.* | ||
| * req.opuscapita.**getUserTenantsByUrl(url, serviceName = null)** | ||
| * *Returns an array of tenants a user has access to on a specific endpoint.* | ||
| ##### getUserTenants / getUserTenantsByUrl / splitUserTenants | ||
| Returns an array of tenants a user has access to on the current endpoint. | ||
| `req.opuscapita.getUserTenants() : Promise` | ||
| Returns an array of tenants a user has access to on a specific endpoint even in a foreign service. | ||
| `req.opuscapita.getUserTenantsByUrl(url, serviceName = null)` | ||
| Returns an array of objects containing either a supplierId or a customerId field depending on whenever | ||
| a tenant is a supplier or a customer. | ||
| `req.opuscapita.splitUserTenants(tenants)` | ||
| ##### Usage example | ||
| ```JS | ||
| async function myEndpoint(req, res) | ||
| { | ||
| // Get all user tenants for the current endpoint. | ||
| const tenants = await req.opuscapita.getUserTenants(); | ||
| // If the tenants array contains a *, access to all tenants is granted. | ||
| if(tenants.includes('*')) | ||
| { | ||
| res.json({ message : 'Wildcard access granted.' }); | ||
| } | ||
| else | ||
| { | ||
| // Split the list of tenants into customer and supplier IDs. | ||
| // Returns [ { supplierId, customerId }, { supplierId, customerId }, ... ] | ||
| const split = req.opuscapita.splitUserTenants(tenants); | ||
| // Filter and map down to the raw IDs. | ||
| const supplierIds = split.filter(split => split.supplierId).map(split => split.supplierId); | ||
| const customerIds = split.filter(split => split.customerId).map(split => split.customerId); | ||
| res.json({ supplierIds, customerIds }); | ||
| } | ||
| } | ||
| ``` | ||
| --- | ||
| ## Defining REST resource groups for Bouncer. | ||
@@ -35,0 +75,0 @@ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by7.3%
32617
- Lines of code
- increased by5.43%
466
- Number of lines in readme file
- increased by23.39%
211
No dependency changes