cansecurity
Advanced tools
cansecurity - npm Package Compare versions
Comparing version 0.6.2 to 0.6.3
@@ -114,3 +114,3 @@ /*jslint node:true, nomen:true */ | ||
| try { | ||
| isCondition = vm.runInNewContext(entry.condition,{req:req,user:user}); | ||
| isCondition = vm.runInNewContext(entry.condition,{req:req,request:req,user:user,_:_}); | ||
| } catch (e) { | ||
@@ -117,0 +117,0 @@ isCondition = false; |
| { | ||
| "name": "cansecurity", | ||
| "description": "cansecurity is your all-in-one security library for user authentication, authorization and management in node expressjs apps", | ||
| "version": "0.6.2", | ||
| "version": "0.6.3", | ||
| "url": "http://github.com/deitch/cansecurity", | ||
@@ -6,0 +6,0 @@ "author": "Avi Deitcher <avi@deitcher.net>", |
@@ -618,5 +618,8 @@ # cansecurity | ||
| 1. `req`: the actual express `req` object, normally found on each route whose signature is `function(req,res,next)`. | ||
| 2. `user`: the user object if you used cansecurity authentication. This is the equivalent of calling `cansec.getUser(req)`. | ||
| 1. `req`: the actual express `req` object, normally found on each route whose signature is `function(req,res,next)`. | ||
| 2. `request`: an alias for `req` | ||
| 3. `user`: the user object if you used cansecurity authentication. This is the equivalent of calling `cansec.getUser(req)`. | ||
| 4. `_`: the underscore/lodash utility functions. cansecurity actually uses [lodash](http://lodash.com) | ||
| #### What It Returns | ||
@@ -623,0 +626,0 @@ The authorizer has one of three possible results: |
@@ -20,4 +20,8 @@ { | ||
| ["GET","/secure/user/:user","deny","req.param('user') === '1'"] | ||
| ["GET","/secure/user/:user","deny","req.param('user') === '1'"], | ||
| ["GET","/secure/dash","deny","_.contains([1,2,3],1)"], | ||
| ["GET","/secure/request","deny","request.url !== null"] | ||
| ] | ||
| } |
@@ -43,2 +43,12 @@ /*jslint node:true, nomen:true */ | ||
| }); | ||
| describe('dash in condition', function(){ | ||
| it('should accept condition with dash', function(done){ | ||
| r.get('/secure/dash').expect(200,done); | ||
| }); | ||
| }); | ||
| describe('request as alias to req', function(){ | ||
| it('should accept condition with "request" in it', function(done){ | ||
| r.get('/secure/request').expect(200,done); | ||
| }); | ||
| }); | ||
| describe('deny vs allow', function(){ | ||
@@ -45,0 +55,0 @@ it('should always deny denyAll', function(done){ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.69%
89645
- Lines of code
- increased by0.88%
1380
- Number of lines in readme file
- increased by0.44%
687