@webiny/api-security - npm Package Compare versions

Comparing version

5.41.4

5.42.0-beta.0

createSecurity/createApiKeysMethods.d.ts

		@@ -1,3 +0,2 @@
		import { ApiKey, ApiKeyInput, Security } from "../types";
		import { SecurityConfig } from "../types";
		import { ApiKey, ApiKeyInput, Security, SecurityConfig } from "../types";
		export declare const createApiKeysMethods: ({ getTenant: initialGetTenant, storageOperations }: SecurityConfig) => {
		@@ -4,0 +3,0 @@ onApiKeyBeforeCreate: import("@webiny/pubsub/types").Topic<import("@webiny/pubsub/types").Event>;

createSecurity/createApiKeysMethods.js

		@@ -9,5 +9,2 @@ "use strict";
		var _crypto = _interopRequireDefault(require("crypto"));
		var _fields = require("@commodo/fields");
		var _commodoFieldsObject = require("commodo-fields-object");
		var _validation = require("@webiny/validation");
		var _pubsub = require("@webiny/pubsub");
		@@ -18,24 +15,10 @@ var _utils = require("@webiny/utils");
		var _error = _interopRequireDefault(require("@webiny/error"));
		/**
		* Package @commodo/fields does not have types.
		*/
		// @ts-expect-error

		/**
		* Package commodo-fields-object does not have types.
		*/
		// @ts-expect-error

		const APIKeyModel = (0, _fields.withFields)({
		name: (0, _fields.string)({
		validation: _validation.validation.create("required")
		}),
		description: (0, _fields.string)({
		validation: _validation.validation.create("required")
		}),
		permissions: (0, _commodoFieldsObject.object)({
		list: true,
		value: []
		})
		})();
		var _zod = _interopRequireDefault(require("zod"));
		const apiKeyModelValidation = _zod.default.object({
		name: _zod.default.string(),
		description: _zod.default.string(),
		permissions: _zod.default.array(_zod.default.object({
		name: _zod.default.string()
		}).passthrough()).optional().default([])
		});
		const generateToken = (tokenLength = 48) => {
		@@ -123,3 +106,6 @@ const token = _crypto.default.randomBytes(Math.ceil(tokenLength / 2)).toString("hex");
		}
		await new APIKeyModel().populate(data).validate();
		const validation = apiKeyModelValidation.safeParse(data);
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const apiKey = {
		@@ -136,3 +122,3 @@ id: (0, _utils.mdbid)(),
		webinyVersion: process.env.WEBINY_VERSION,
		...data
		...validation.data
		};
		@@ -161,7 +147,6 @@ try {
		}
		const model = await new APIKeyModel().populate(data);
		await model.validate();
		const changedData = await model.toJSON({
		onlyDirty: true
		});
		const validation = apiKeyModelValidation.safeParse(data);
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const original = await this.getApiKey(id);
		@@ -172,5 +157,13 @@ if (!original) {
		const apiKey = {
		...original,
		...changedData
		...original
		};
		for (const key in apiKey) {
		// @ts-expect-error
		const value = validation.data[key];
		if (value === undefined) {
		continue;
		}
		// @ts-expect-error
		apiKey[key] = value;
		}
		try {
		@@ -177,0 +170,0 @@ await this.onApiKeyBeforeUpdate.publish({

createSecurity/createGroupsMethods.d.ts

		@@ -1,3 +0,2 @@
		import { GetGroupParams, Group, GroupInput, ListGroupsParams, Security } from "../types";
		import { SecurityConfig } from "../types";
		import { GetGroupParams, Group, GroupInput, ListGroupsParams, Security, SecurityConfig } from "../types";
		export declare const createGroupsMethods: ({ getTenant: initialGetTenant, storageOperations, groupsProvider }: SecurityConfig) => {
		@@ -4,0 +3,0 @@ onGroupBeforeCreate: import("@webiny/pubsub/types").Topic<import("@webiny/pubsub/types").Event>;

createSecurity/createGroupsMethods.js

		@@ -9,6 +9,3 @@ "use strict";
		var _deepEqual = _interopRequireDefault(require("deep-equal"));
		var _commodoFieldsObject = require("commodo-fields-object");
		var _fields = require("@commodo/fields");
		var _pubsub = require("@webiny/pubsub");
		var _validation = require("@webiny/validation");
		var _utils = require("@webiny/utils");
		@@ -20,2 +17,3 @@ var _error = _interopRequireDefault(require("@webiny/error"));
		var _getGroupFromProvider = require("./groupsTeamsPlugins/getGroupFromProvider");
		var _zod = _interopRequireDefault(require("zod"));
		/**
		@@ -26,41 +24,17 @@ * Package deep-equal does not have types.

		/**
		* Package commodo-fields-object does not have types.
		*/
		// @ts-expect-error

		/**
		* Package @commodo/fields does not have types.
		*/
		// @ts-expect-error

		const CreateDataModel = (0, _fields.withFields)({
		tenant: (0, _fields.string)({
		validation: _validation.validation.create("required")
		}),
		name: (0, _fields.string)({
		validation: _validation.validation.create("required,minLength:3")
		}),
		slug: (0, _fields.string)({
		validation: _validation.validation.create("required,minLength:3")
		}),
		description: (0, _fields.string)({
		validation: _validation.validation.create("maxLength:500")
		}),
		permissions: (0, _commodoFieldsObject.object)({
		list: true,
		validation: _validation.validation.create("required")
		})
		})();
		const UpdateDataModel = (0, _fields.withFields)({
		name: (0, _fields.string)({
		validation: _validation.validation.create("minLength:3")
		}),
		description: (0, _fields.string)({
		validation: _validation.validation.create("maxLength:500")
		}),
		permissions: (0, _commodoFieldsObject.object)({
		list: true
		})
		})();
		const createGroupValidation = _zod.default.object({
		name: _zod.default.string().min(3),
		slug: _zod.default.string().min(3),
		description: _zod.default.string().max(500).optional().default(""),
		permissions: _zod.default.array(_zod.default.object({
		name: _zod.default.string()
		}).passthrough())
		});
		const updateGroupValidation = _zod.default.object({
		name: _zod.default.string().min(3).optional(),
		description: _zod.default.string().max(500).optional(),
		permissions: _zod.default.array(_zod.default.object({
		name: _zod.default.string()
		}).passthrough()).optional()
		});
		async function checkPermission(security) {
		@@ -236,6 +210,6 @@ const permission = await security.getPermission("security.group");
		const currentTenant = getTenant();
		await new CreateDataModel().populate({
		...input,
		tenant: currentTenant
		}).validate();
		const validation = createGroupValidation.safeParse(input);
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const existing = await storageOperations.getGroup({
		@@ -253,3 +227,3 @@ where: {
		tenant: currentTenant,
		...input,
		...validation.data,
		system: input.system === true,
		@@ -283,4 +257,6 @@ webinyVersion: process.env.WEBINY_VERSION,
		await checkPermission(this);
		const model = await new UpdateDataModel().populate(input);
		await model.validate();
		const validation = updateGroupValidation.safeParse(input);
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const original = await this.getGroup({
		@@ -305,10 +281,15 @@ where: {
		}
		const data = await model.toJSON({
		onlyDirty: true
		});
		const permissionsChanged = !(0, _deepEqual.default)(data.permissions, original.permissions);
		const group = {
		...original,
		...data
		...original
		};
		for (const key in group) {
		// @ts-expect-error
		const value = validation.data[key];
		if (value === undefined) {
		continue;
		}
		// @ts-expect-error
		group[key] = value;
		}
		const permissionsChanged = !(0, _deepEqual.default)(group.permissions, original.permissions);
		try {
		@@ -315,0 +296,0 @@ await this.onGroupBeforeUpdate.publish({

createSecurity/createTeamsMethods.d.ts

		@@ -1,3 +0,2 @@
		import { GetTeamParams, Team, TeamInput, Security, ListTeamsParams } from "../types";
		import { SecurityConfig } from "../types";
		import { GetTeamParams, ListTeamsParams, Security, SecurityConfig, Team, TeamInput } from "../types";
		export declare const createTeamsMethods: ({ getTenant: initialGetTenant, storageOperations, teamsProvider }: SecurityConfig) => {
		@@ -4,0 +3,0 @@ onTeamBeforeCreate: import("@webiny/pubsub/types").Topic<import("@webiny/pubsub/types").Event>;

createSecurity/createTeamsMethods.js

		@@ -10,5 +10,3 @@ "use strict";
		var _deepEqual = _interopRequireDefault(require("deep-equal"));
		var _fields = require("@commodo/fields");
		var _pubsub = require("@webiny/pubsub");
		var _validation = require("@webiny/validation");
		var _error = _interopRequireDefault(require("@webiny/error"));
		@@ -19,2 +17,3 @@ var _handlerGraphql = require("@webiny/handler-graphql");
		var _getTeamFromProvider = require("./groupsTeamsPlugins/getTeamFromProvider");
		var _zod = _interopRequireDefault(require("zod"));
		/**
		@@ -25,36 +24,13 @@ * Package deep-equal does not have types.

		/**
		* Package @commodo/fields does not have types.
		*/
		// @ts-expect-error

		const CreateDataModel = (0, _fields.withFields)({
		tenant: (0, _fields.string)({
		validation: _validation.validation.create("required")
		}),
		name: (0, _fields.string)({
		validation: _validation.validation.create("required,minLength:3")
		}),
		slug: (0, _fields.string)({
		validation: _validation.validation.create("required,minLength:3")
		}),
		description: (0, _fields.string)({
		validation: _validation.validation.create("maxLength:500")
		}),
		groups: (0, _fields.string)({
		list: true,
		validation: _validation.validation.create("required")
		})
		})();
		const UpdateDataModel = (0, _fields.withFields)({
		name: (0, _fields.string)({
		validation: _validation.validation.create("minLength:3")
		}),
		description: (0, _fields.string)({
		validation: _validation.validation.create("maxLength:500")
		}),
		groups: (0, _fields.string)({
		list: true
		})
		})();
		const createDataModelValidation = _zod.default.object({
		name: _zod.default.string().min(3),
		slug: _zod.default.string().min(3),
		description: _zod.default.string().max(500).optional().default(""),
		groups: _zod.default.array(_zod.default.string())
		});
		const updateDataModelValidation = _zod.default.object({
		name: _zod.default.string().min(3).optional(),
		description: _zod.default.string().max(500).optional(),
		groups: _zod.default.array(_zod.default.string()).optional()
		});
		async function checkPermission(security) {
		@@ -205,6 +181,9 @@ const permission = await security.getPermission("security.team");
		const currentTenant = getTenant();
		await new CreateDataModel().populate({
		const validation = createDataModelValidation.safeParse({
		...input,
		tenant: currentTenant
		}).validate();
		});
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const existing = await storageOperations.getTeam({
		@@ -222,3 +201,3 @@ where: {
		tenant: currentTenant,
		...input,
		...validation.data,
		system: input.system === true,
		@@ -252,4 +231,6 @@ webinyVersion: process.env.WEBINY_VERSION,
		await checkPermission(this);
		const model = await new UpdateDataModel().populate(input);
		await model.validate();
		const validation = updateDataModelValidation.safeParse(input);
		if (!validation.success) {
		throw (0, _utils.createZodError)(validation.error);
		}
		const original = await this.getTeam({
		@@ -274,10 +255,15 @@ where: {
		}
		const data = await model.toJSON({
		onlyDirty: true
		});
		const groupsChanged = !(0, _deepEqual.default)(data.groups, original.groups);
		const team = {
		...original,
		...data
		...original
		};
		for (const key in validation.data) {
		// @ts-expect-error
		const value = validation.data[key];
		if (value === undefined) {
		continue;
		}
		// @ts-expect-error
		team[key] = value;
		}
		const groupsChanged = !(0, _deepEqual.default)(team.groups, original.groups);
		try {
		@@ -284,0 +270,0 @@ await this.onTeamBeforeUpdate.publish({

enterprise/multiTenancy/index.d.ts

		@@ -17,2 +17,2 @@ import { TenancyContext, Tenant } from "@webiny/api-tenancy/types";
		}
		export declare const applyMultiTenancyGraphQLPlugins: (config: MultiTenancyGraphQLConfig, context: Context) => void;
		export declare const applyMultiTenancyGraphQLPlugins: (config: MultiTenancyGraphQLConfig, ctx: Context) => void;

enterprise/multiTenancy/index.js

		@@ -16,3 +16,3 @@ "use strict";
		var _plugins = require("@webiny/handler-graphql/plugins");
		const applyMultiTenancyGraphQLPlugins = (config, context) => {
		const applyMultiTenancyGraphQLPlugins = (config, ctx) => {
		const getDefaultTenant = async context => {
		@@ -25,3 +25,3 @@ const defaultTenant = await (0, _getDefaultTenant.getDefaultTenant)(context);
		};
		context.plugins.register(new _plugins.GraphQLSchemaPlugin({
		ctx.plugins.register(new _plugins.GraphQLSchemaPlugin({
		typeDefs: /* GraphQL */`
		@@ -28,0 +28,0 @@ extend interface SecurityIdentity {

package.json

		{
		"name": "@webiny/api-security",
		"version": "5.41.4",
		"version": "5.42.0-beta.0",
		"repository": {
		@@ -12,34 +12,27 @@ "type": "git",
		"dependencies": {
		"@babel/runtime": "7.24.1",
		"@commodo/fields": "1.1.2-beta.20",
		"@webiny/api": "5.41.4",
		"@webiny/api-authentication": "5.41.4",
		"@webiny/api-tenancy": "5.41.4",
		"@webiny/aws-sdk": "5.41.4",
		"@webiny/error": "5.41.4",
		"@webiny/handler": "5.41.4",
		"@webiny/handler-graphql": "5.41.4",
		"@webiny/plugins": "5.41.4",
		"@webiny/pubsub": "5.41.4",
		"@webiny/utils": "5.41.4",
		"@webiny/validation": "5.41.4",
		"commodo-fields-object": "1.0.6",
		"@webiny/api": "5.42.0-beta.0",
		"@webiny/api-authentication": "5.42.0-beta.0",
		"@webiny/api-tenancy": "5.42.0-beta.0",
		"@webiny/aws-sdk": "5.42.0-beta.0",
		"@webiny/error": "5.42.0-beta.0",
		"@webiny/handler": "5.42.0-beta.0",
		"@webiny/handler-graphql": "5.42.0-beta.0",
		"@webiny/plugins": "5.42.0-beta.0",
		"@webiny/pubsub": "5.42.0-beta.0",
		"@webiny/utils": "5.42.0-beta.0",
		"deep-equal": "2.2.3",
		"jsonwebtoken": "9.0.1",
		"minimatch": "5.1.6"
		"minimatch": "5.1.6",
		"zod": "3.23.8"
		},
		"devDependencies": {
		"@babel/cli": "7.24.1",
		"@babel/core": "7.24.3",
		"@babel/preset-env": "7.24.3",
		"@babel/preset-typescript": "7.24.1",
		"@types/jsonwebtoken": "9.0.2",
		"@webiny/api-wcp": "5.41.4",
		"@webiny/cli": "5.41.4",
		"@webiny/db-dynamodb": "5.41.4",
		"@webiny/handler-aws": "5.41.4",
		"@webiny/handler-db": "5.41.4",
		"@webiny/project-utils": "5.41.4",
		"@webiny/wcp": "5.41.4",
		"rimraf": "5.0.5",
		"@webiny/api-wcp": "5.42.0-beta.0",
		"@webiny/cli": "5.42.0-beta.0",
		"@webiny/db-dynamodb": "5.42.0-beta.0",
		"@webiny/handler-aws": "5.42.0-beta.0",
		"@webiny/handler-db": "5.42.0-beta.0",
		"@webiny/project-utils": "5.42.0-beta.0",
		"@webiny/wcp": "5.42.0-beta.0",
		"rimraf": "6.0.1",
		"ttypescript": "1.5.15",
		@@ -61,3 +54,3 @@ "typescript": "4.9.5"
		},
		"gitHead": "94922b33af59db5afe75127bb07443ce7f1448c4"
		"gitHead": "ebf90f62ed3f28114ffdb012b7e5f80988af53d3"
		}

createSecurity/createApiKeysMethods.js.map