Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@rss/common
Advanced tools
@rss/common - npm Package Compare versions
Comparing version 0.0.20 to 0.0.21
@@ -24,42 +24,28 @@ 'use strict'; | ||
| // TODO: checking user.campusCode bc don't have group.owner | ||
| module.exports.isMemberOfGroup = function (groupId, user) { | ||
| return module.exports.isChemAdmin(user.campusCode, user) || user.groups.map(function (group) { | ||
| return group.id; | ||
| }).includes(groupId); | ||
| module.exports.isMemberOfInventory = function (inventory, user) { | ||
| return module.exports.isChemAdmin(user.campusCode, user) || user.groups.some(function (group) { | ||
| return inventory.groups.map(function (item) { | ||
| return item.id; | ||
| }).includes(group.id); | ||
| }); | ||
| }; | ||
| module.exports.isMemberOrColleagueOfGroup = function (groupId, user) { | ||
| return module.exports.isMemberOfGroup(groupId, user) || !!user.groups.find(function (group) { | ||
| return group.colleagues.map(function (item) { | ||
| return item.id; | ||
| }).includes(groupId); | ||
| module.exports.isMemberOrColleagueOfInventory = function (inventory, user) { | ||
| return module.exports.isMemberOfInventory(inventory, user) || !!inventory.colleagues.find(function (colleague) { | ||
| return user.inventories && user.inventories.some(function (inv) { | ||
| return inv._id.toString() === colleague._id.toString(); | ||
| }); | ||
| }); | ||
| }; | ||
| // TODO: pass in group to check CHEM_ADMIN against group campusCode | ||
| module.exports.hasWriteAccessToGroup = function (groupId, user) { | ||
| module.exports.hasWriteAccessToInventory = function (inventory, user) { | ||
| return module.exports.isChemAdmin(user.campusCode, user) || user.groups.filter(function (group) { | ||
| return group.roles.includes(ROLES.RESPONSIBLE_PERSON) || group.roles.includes(ROLES.DELEGATE) || group.roles.includes(ROLES.LAB_MANAGER); | ||
| }).map(function (group) { | ||
| return group.id; | ||
| }).includes(groupId); | ||
| }; | ||
| module.exports.hasWriteAccessToInventory = function (inventoryId, user) { | ||
| return module.exports.isChemAdmin(user.campusCode, user) || (user.inventories || [{}]).filter(function (inventory) { | ||
| return inventory && inventory._id === inventoryId; | ||
| }).some(function (group) { | ||
| return group.roles.includes(ROLES.RESPONSIBLE_PERSON) || group.roles.includes(ROLES.DELEGATE) || group.roles.includes(ROLES.LAB_MANAGER); | ||
| return inventory.groups.some(function (item) { | ||
| return item.id === group.id; | ||
| }); | ||
| }); | ||
| }; | ||
| module.exports.hasWriteAccessToGroupOwner = function (groupOwnerId, user) { | ||
| return module.exports.isChemAdmin(user.campusCode, user) || user.groups.filter(function (group) { | ||
| return group.roles.includes(ROLES.RESPONSIBLE_PERSON) || group.roles.includes(ROLES.DELEGATE) || group.roles.includes(ROLES.LAB_MANAGER); | ||
| }).map(function (group) { | ||
| return group.owner.userId; | ||
| }).includes(groupOwnerId); | ||
| }; | ||
| // chemical | ||
@@ -73,14 +59,13 @@ module.exports.hasWriteAccessToFamily = function (family, user) { | ||
| module.exports.hasReadAccessToContainer = function (container, user) { | ||
| return module.exports.hasWriteAccessToContainer(container, user) || !container.isPrivate && user.groups.reduce(function (acc, group) { | ||
| return acc.concat(group.colleagues.reduce(function (groupAcc, colleague) { | ||
| return groupAcc.concat(colleague.id); | ||
| return module.exports.hasWriteAccessToContainer(container, user) || !container.isPrivate && user.inventories.reduce(function (acc, inventory) { | ||
| return acc.concat(inventory.colleagues.reduce(function (inventoryAcc, colleague) { | ||
| return inventoryAcc.concat(colleague._id.toString()); | ||
| }, [])); | ||
| }, []).includes(container.group.id); | ||
| }, []).includes(container.inventory._id.toString()); | ||
| }; | ||
| module.exports.hasWriteAccessToContainer = function (container, user) { | ||
| return (user.inventories || [{}]).map(function (inventory) { | ||
| return inventory._id; | ||
| }).includes(container.inventory._id) || // TODO: should use user.inventories | ||
| module.exports.isChemAdmin(container.inventory.campusCode, user); | ||
| return (user.inventories || [{}]).some(function (inventory) { | ||
| return inventory._id && inventory._id.toString() === container.inventory._id.toString(); | ||
| }) || module.exports.isChemAdmin(container.inventory.campusCode, user); | ||
| }; | ||
@@ -87,0 +72,0 @@ |
@@ -11,3 +11,3 @@ 'use strict'; | ||
| var GroupReference = require('../core/group-reference'); | ||
| var InventoryReference = require('./inventory-reference'); | ||
| var PersonReference = require('../core/person-reference'); | ||
@@ -22,3 +22,3 @@ | ||
| this.familyId = null; | ||
| this.group = null; | ||
| this.inventory = null; | ||
| this.type = null; | ||
@@ -41,3 +41,3 @@ this.requestedBy = null; | ||
| this.familyId = opt.familyId ? new ObjectId(opt.familyId) : null; | ||
| this.group = new GroupReference(opt.group); | ||
| this.inventory = new InventoryReference(opt.inventory); | ||
| this.type = opt.type || null; | ||
@@ -62,3 +62,3 @@ this.requestedBy = opt.requestedBy ? new PersonReference(opt.requestedBy) : null; | ||
| properties: { | ||
| group: { $ref: 'group-reference.schema.json' }, | ||
| inventory: { $ref: 'inventory-reference.schema.json' }, | ||
| message: { type: 'string' }, | ||
@@ -69,7 +69,7 @@ name: { type: 'string' }, | ||
| requestedDate: { type: 'object' }, | ||
| sendTo: { type: 'array', item: { $ref: 'group-reference.schema.json' } }, | ||
| sendTo: { type: 'array', item: { $ref: 'inventory-reference.schema.json' } }, | ||
| status: { type: 'string' }, | ||
| type: { type: 'string' } | ||
| }, | ||
| required: ['status', 'name', 'familyId', 'group', 'type', 'requestedBy', 'requestedDate', 'message', 'sendTo'] | ||
| required: ['status', 'name', 'familyId', 'inventory', 'type', 'requestedBy', 'requestedDate', 'message', 'sendTo'] | ||
| }; | ||
@@ -82,5 +82,5 @@ } | ||
| tv4.addSchema(GroupReference.schema()); | ||
| tv4.addSchema(InventoryReference.schema()); | ||
| tv4.addSchema(PersonReference.schema()); | ||
| module.exports = Request; |
@@ -47,3 +47,2 @@ // constant - core | ||
| exports.Access = require('./dist/model/core/access'); | ||
| exports.ColleagueRequest = require('./dist/model/core/colleague-request'); | ||
| exports.ContactPerson = require('./dist/model/core/contact-person'); | ||
@@ -62,2 +61,3 @@ exports.GroupReference = require('./dist/model/core/group-reference'); | ||
| exports.Checkout = require('./dist/model/chemical/checkout'); | ||
| exports.ColleagueRequest = require('./dist/model/chemical/colleague-request'); | ||
| exports.Container = require('./dist/model/chemical/container'); | ||
@@ -64,0 +64,0 @@ exports.CustomName = require('./dist/model/chemical/custom-name'); |
| { | ||
| "name": "@rss/common", | ||
| "version": "0.0.20", | ||
| "version": "0.0.21", | ||
| "description": "common constant, classes, & helper", | ||
@@ -5,0 +5,0 @@ "author": "Risk & Safety Solution", |
@@ -21,35 +21,13 @@ const ROLES = require('../constant/core/roles.constant'); | ||
| // TODO: checking user.campusCode bc don't have group.owner | ||
| module.exports.isMemberOfGroup = (groupId, user) => | ||
| module.exports.isChemAdmin(user.campusCode, user) || user.groups.map((group) => group.id).includes(groupId); | ||
| module.exports.isMemberOrColleagueOfGroup = (groupId, user) => | ||
| module.exports.isMemberOfGroup(groupId, user) || | ||
| !!user.groups.find((group) => group.colleagues.map((item) => item.id).includes(groupId)); | ||
| // TODO: pass in group to check CHEM_ADMIN against group campusCode | ||
| module.exports.hasWriteAccessToGroup = (groupId, user) => | ||
| module.exports.isMemberOfInventory = (inventory, user) => | ||
| module.exports.isChemAdmin(user.campusCode, user) || | ||
| user.groups | ||
| .filter( | ||
| (group) => | ||
| group.roles.includes(ROLES.RESPONSIBLE_PERSON) || | ||
| group.roles.includes(ROLES.DELEGATE) || | ||
| group.roles.includes(ROLES.LAB_MANAGER), | ||
| ) | ||
| .map((group) => group.id) | ||
| .includes(groupId); | ||
| user.groups.some((group) => inventory.groups.map((item) => item.id).includes(group.id)); | ||
| module.exports.hasWriteAccessToInventory = (inventoryId, user) => | ||
| module.exports.isChemAdmin(user.campusCode, user) || | ||
| (user.inventories || [{}]) | ||
| .filter((inventory) => inventory && inventory._id === inventoryId) | ||
| .some( | ||
| (group) => | ||
| group.roles.includes(ROLES.RESPONSIBLE_PERSON) || | ||
| group.roles.includes(ROLES.DELEGATE) || | ||
| group.roles.includes(ROLES.LAB_MANAGER), | ||
| ); | ||
| module.exports.isMemberOrColleagueOfInventory = (inventory, user) => | ||
| module.exports.isMemberOfInventory(inventory, user) || | ||
| !!inventory.colleagues.find( | ||
| (colleague) => user.inventories && user.inventories.some((inv) => inv._id.toString() === colleague._id.toString()), | ||
| ); | ||
| module.exports.hasWriteAccessToGroupOwner = (groupOwnerId, user) => | ||
| module.exports.hasWriteAccessToInventory = (inventory, user) => | ||
| module.exports.isChemAdmin(user.campusCode, user) || | ||
@@ -63,4 +41,3 @@ user.groups | ||
| ) | ||
| .map((group) => group.owner.userId) | ||
| .includes(groupOwnerId); | ||
| .some((group) => inventory.groups.some((item) => item.id === group.id)); | ||
@@ -75,12 +52,16 @@ // chemical | ||
| (!container.isPrivate && | ||
| user.groups | ||
| user.inventories | ||
| .reduce( | ||
| (acc, group) => acc.concat(group.colleagues.reduce((groupAcc, colleague) => groupAcc.concat(colleague.id), [])), | ||
| (acc, inventory) => | ||
| acc.concat( | ||
| inventory.colleagues.reduce((inventoryAcc, colleague) => inventoryAcc.concat(colleague._id.toString()), []), | ||
| ), | ||
| [], | ||
| ) | ||
| .includes(container.group.id)); | ||
| .includes(container.inventory._id.toString())); | ||
| module.exports.hasWriteAccessToContainer = (container, user) => | ||
| (user.inventories || [{}]).map((inventory) => inventory._id).includes(container.inventory._id) || // TODO: should use user.inventories | ||
| module.exports.isChemAdmin(container.inventory.campusCode, user); | ||
| (user.inventories || [{}]).some( | ||
| (inventory) => inventory._id && inventory._id.toString() === container.inventory._id.toString(), | ||
| ) || module.exports.isChemAdmin(container.inventory.campusCode, user); | ||
@@ -87,0 +68,0 @@ // procedures |
@@ -8,2 +8,3 @@ const ROLES = require('../constant/core/roles.constant'); | ||
| const Helper = require('./permission.helper'); | ||
| const { ObjectId } = require('bson'); | ||
@@ -54,5 +55,98 @@ describe('Permission Helper', () => { | ||
| }, | ||
| { | ||
| id: 'a21307f6-c584-46af-aa30-bffa956f6bff', | ||
| name: 'Demo Lab', | ||
| owner: { | ||
| userId: 'VUN8MDN8aGFwZXJlekB1Y2RhdmlzLmVkdQ', | ||
| firstName: 'Hannah', | ||
| lastName: 'Perez', | ||
| tenantCode: null, | ||
| campusCode: '03', | ||
| }, | ||
| roles: ['Responsible Person', 'LAB_MANAGER', 'Delegate'], | ||
| }, | ||
| ], | ||
| }; | ||
| const inventory = { | ||
| _id: ObjectId('5adf97597ed8203054035908'), | ||
| tenantCode: 'UC', | ||
| campusCode: '03', | ||
| colleagues: [ | ||
| { | ||
| _id: ObjectId('5adf975a7ed820305403590c'), | ||
| tenantCode: 'UC', | ||
| campusCode: null, | ||
| name: 'test group', | ||
| }, | ||
| { | ||
| _id: ObjectId('5adf975a7ed8203054035914'), | ||
| tenantCode: 'UC', | ||
| campusCode: null, | ||
| name: "Sydney's Group", | ||
| }, | ||
| { | ||
| _id: ObjectId('5adf975a7ed8203054035912'), | ||
| tenantCode: 'UC', | ||
| campusCode: '03', | ||
| name: "Christine's Test Group", | ||
| }, | ||
| { | ||
| _id: ObjectId('5adf975a7ed8203054035912'), | ||
| tenantCode: 'UC', | ||
| campusCode: '03', | ||
| name: "Christine's Test Group", | ||
| }, | ||
| { | ||
| _id: ObjectId('5adf975a7ed820305403590e'), | ||
| tenantCode: null, | ||
| campusCode: '03', | ||
| name: "Ben's Test Group 2", | ||
| }, | ||
| { | ||
| _id: ObjectId('5adf975a7ed820305403590e'), | ||
| tenantCode: null, | ||
| campusCode: '03', | ||
| name: "Ben's Test Group 2", | ||
| }, | ||
| ], | ||
| groups: [ | ||
| { | ||
| id: 'a21307f6-c584-46af-aa30-bffa956f6bff', | ||
| name: 'Demo Lab', | ||
| owner: { | ||
| userId: 'VUN8MDN8aGFwZXJlekB1Y2RhdmlzLmVkdQ', | ||
| firstName: 'Hannah', | ||
| lastName: 'Perez', | ||
| tenantCode: null, | ||
| campusCode: '03', | ||
| }, | ||
| }, | ||
| ], | ||
| name: 'Demo Lab', | ||
| owner: { | ||
| userId: 'VUN8MDN8aGFwZXJlekB1Y2RhdmlzLmVkdQ', | ||
| firstName: 'Hannah', | ||
| lastName: 'Perez', | ||
| tenantCode: null, | ||
| campusCode: '03', | ||
| }, | ||
| tags: [ | ||
| 'ACS Grade', | ||
| 'Enzymes', | ||
| 'Antibiotic', | ||
| 'Chem 118', | ||
| 'Chem2B', | ||
| 'acid', | ||
| 'pyrophoric', | ||
| 'chem', | ||
| "John's Chemicals", | ||
| 'carbon', | ||
| "Diana's Chemicals", | ||
| 'Test', | ||
| 'awesome', | ||
| 'TEst 2', | ||
| ], | ||
| }; | ||
| const admin = { | ||
@@ -71,7 +165,7 @@ userId: 'TEST_ID', | ||
| const container = { | ||
| group: { id: hannah.groups[0].id, owner: hannah }, | ||
| inventory, | ||
| isPrivate: false, | ||
| }; | ||
| expect(Helper.hasReadAccessToContainer(container, hannah)).toBeTruthy(); | ||
| expect(Helper.hasReadAccessToContainer(container, { ...hannah, inventories: [inventory] })).toBeTruthy(); | ||
| }); | ||
@@ -81,7 +175,7 @@ | ||
| const container = { | ||
| group: { id: hannah.groups[0].colleagues[0].id, owner: hannah }, | ||
| inventory, | ||
| isPrivate: false, | ||
| }; | ||
| expect(Helper.hasReadAccessToContainer(container, hannah)).toBeTruthy(); | ||
| expect(Helper.hasReadAccessToContainer(container, { ...hannah, inventories: [inventory] })).toBeTruthy(); | ||
| }); | ||
@@ -91,5 +185,5 @@ | ||
| const container = { | ||
| group: { | ||
| id: hannah.groups[0].colleagues[0].id, | ||
| owner: { campusCode: hannah.campusCode }, | ||
| inventory: { | ||
| _id: hannah.groups[0].colleagues[0].id, | ||
| campusCode: '03', | ||
| }, | ||
@@ -104,11 +198,6 @@ isPrivate: true, | ||
| const container = { | ||
| group: hannah.groups[0], | ||
| inventory, | ||
| isPrivate: false, | ||
| }; | ||
| const user = { | ||
| roles: [{ role: ROLES.CHEM_ADMIN, campusCode: '03' }], | ||
| groups: [], | ||
| }; | ||
| expect(Helper.hasReadAccessToContainer(container, user)).toBeTruthy(); | ||
| expect(Helper.hasReadAccessToContainer(container, { ...hannah, inventories: [inventory] })).toBeTruthy(); | ||
| }); | ||
@@ -118,3 +207,3 @@ | ||
| const container = { | ||
| group: hannah.groups[0], | ||
| inventory, | ||
| isPrivate: false, | ||
@@ -127,72 +216,47 @@ }; | ||
| }; | ||
| expect(Helper.hasReadAccessToContainer(container, user)).toBeFalsy(); | ||
| expect(Helper.hasWriteAccessToContainer(container, { ...user, inventories: [] })).toBeFalsy(); | ||
| }); | ||
| it('should have write access to container is member of group', () => { | ||
| it('should have write access to container is member of Inventory', () => { | ||
| const container = { | ||
| group: { id: hannah.groups[0].id, campusCode: hannah.campusCode }, | ||
| inventory, | ||
| isPrivate: false, | ||
| }; | ||
| expect(Helper.hasWriteAccessToContainer(container, hannah)).toBeTruthy(); | ||
| expect(Helper.hasWriteAccessToContainer(container, { ...hannah, inventories: [inventory] })).toBeTruthy(); | ||
| }); | ||
| it('should not have write access to container is colleagues of group', () => { | ||
| it('should not have write access to container is colleagues of Inventory', () => { | ||
| const container = { | ||
| group: { id: hannah.groups[0].colleagues[0].id, owner: hannah }, | ||
| inventory: { ...inventory, _id: 'nope' }, | ||
| isPrivate: false, | ||
| }; | ||
| expect(Helper.hasWriteAccessToContainer(container, hannah)).toBeFalsy(); | ||
| expect(Helper.hasWriteAccessToContainer(container, { ...hannah, inventories: [inventory] })).toBeFalsy(); | ||
| }); | ||
| it('should be member of groups', () => { | ||
| const group = hannah.groups[0]; | ||
| expect(Helper.isMemberOfGroup(group.id, hannah)).toBeTruthy(); | ||
| it('should be member of Inventory', () => { | ||
| expect(Helper.isMemberOfInventory(inventory, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should be colleage of group', () => { | ||
| const colleage = 'a21307f6-c584-46af-aa30-bffa956f6bff'; | ||
| expect(Helper.isMemberOrColleagueOfGroup(colleage, hannah)).toBeTruthy(); | ||
| it('should be colleage of Inventory', () => { | ||
| const colleague = { ...inventory, colleagues: [...inventory.colleagues, { _id: inventory._id }] }; | ||
| expect(Helper.isMemberOrColleagueOfInventory(colleague, { ...hannah, inventories: [inventory] })).toBeTruthy(); | ||
| }); | ||
| it('should have write access to groupOwner if PI of group', () => { | ||
| const group = hannah.groups[0]; | ||
| expect(Helper.hasWriteAccessToGroupOwner(group.owner.userId, hannah)).toBeTruthy(); | ||
| it('should have write access to Inventory if Responsible Member of Inventory', () => { | ||
| expect(Helper.hasWriteAccessToInventory(inventory, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to groupOwner if delegate of group', () => { | ||
| const group = hannah.groups[1]; | ||
| expect(Helper.hasWriteAccessToGroupOwner(group.owner.userId, hannah)).toBeTruthy(); | ||
| it('should have write access to group if Delegate of Inventory', () => { | ||
| expect(Helper.hasWriteAccessToInventory(inventory, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to groupOwner if lab manager of group', () => { | ||
| const group = hannah.groups[2]; | ||
| expect(Helper.hasWriteAccessToGroupOwner(group.owner.userId, hannah)).toBeTruthy(); | ||
| it('should have write access to group if Lab Manager of Inventory', () => { | ||
| expect(Helper.hasWriteAccessToInventory(inventory, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to group if Responsible Member of group', () => { | ||
| const group = hannah.groups[0]; | ||
| expect(Helper.hasWriteAccessToGroup(group.id, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to group if Delegate of group', () => { | ||
| const group = hannah.groups[1]; | ||
| expect(Helper.hasWriteAccessToGroup(group.id, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to group if Lab Manager of group', () => { | ||
| const group = hannah.groups[2]; | ||
| expect(Helper.hasWriteAccessToGroup(group.id, hannah)).toBeTruthy(); | ||
| }); | ||
| it('should have write access to family if family is owned by group', () => { | ||
| it('should have write access to family if family is owned by inventory', () => { | ||
| const family = new Family({ | ||
| scope: 'GROUP', | ||
| scope: 'INVENTORY', | ||
| group: hannah.groups[0], | ||
@@ -199,0 +263,0 @@ }); |
@@ -5,3 +5,3 @@ const ObjectId = require('bson').ObjectID; | ||
| const GroupReference = require('../core/group-reference'); | ||
| const InventoryReference = require('./inventory-reference'); | ||
| const PersonReference = require('../core/person-reference'); | ||
@@ -14,3 +14,3 @@ | ||
| this.familyId = null; | ||
| this.group = null; | ||
| this.inventory = null; | ||
| this.type = null; | ||
@@ -31,3 +31,3 @@ this.requestedBy = null; | ||
| this.familyId = opt.familyId ? new ObjectId(opt.familyId) : null; | ||
| this.group = new GroupReference(opt.group); | ||
| this.inventory = new InventoryReference(opt.inventory); | ||
| this.type = opt.type || null; | ||
@@ -50,3 +50,3 @@ this.requestedBy = opt.requestedBy ? new PersonReference(opt.requestedBy) : null; | ||
| properties: { | ||
| group: { $ref: 'group-reference.schema.json' }, | ||
| inventory: { $ref: 'inventory-reference.schema.json' }, | ||
| message: { type: 'string' }, | ||
@@ -57,7 +57,17 @@ name: { type: 'string' }, | ||
| requestedDate: { type: 'object' }, | ||
| sendTo: { type: 'array', item: { $ref: 'group-reference.schema.json' } }, | ||
| sendTo: { type: 'array', item: { $ref: 'inventory-reference.schema.json' } }, | ||
| status: { type: 'string' }, | ||
| type: { type: 'string' }, | ||
| }, | ||
| required: ['status', 'name', 'familyId', 'group', 'type', 'requestedBy', 'requestedDate', 'message', 'sendTo'], | ||
| required: [ | ||
| 'status', | ||
| 'name', | ||
| 'familyId', | ||
| 'inventory', | ||
| 'type', | ||
| 'requestedBy', | ||
| 'requestedDate', | ||
| 'message', | ||
| 'sendTo', | ||
| ], | ||
| }; | ||
@@ -67,5 +77,5 @@ } | ||
| tv4.addSchema(GroupReference.schema()); | ||
| tv4.addSchema(InventoryReference.schema()); | ||
| tv4.addSchema(PersonReference.schema()); | ||
| module.exports = Request; |
No alert changes
Improved metrics
- Lines of code
- increased by0.89%
11839
Worsened metrics
- Total package byte prevSize
- decreased by-37.93%
431942
No dependency changes