Comparing version 0.0.6-alpha.1 to 0.0.6-alpha.2
@@ -69,5 +69,2 @@ interface IPrincipal { | ||
} | ||
declare const _default: { | ||
Cerbos: typeof Cerbos; | ||
}; | ||
export default _default; | ||
export {}; |
169
lib/index.js
@@ -0,1 +1,28 @@ | ||
"use strict"; | ||
var __extends = (this && this.__extends) || (function () { | ||
var extendStatics = function (d, b) { | ||
extendStatics = Object.setPrototypeOf || | ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || | ||
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; }; | ||
return extendStatics(d, b); | ||
}; | ||
return function (d, b) { | ||
if (typeof b !== "function" && b !== null) | ||
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null"); | ||
extendStatics(d, b); | ||
function __() { this.constructor = d; } | ||
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); | ||
}; | ||
})(); | ||
var __assign = (this && this.__assign) || function () { | ||
__assign = Object.assign || function(t) { | ||
for (var s, i = 1, n = arguments.length; i < n; i++) { | ||
s = arguments[i]; | ||
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) | ||
t[p] = s[p]; | ||
} | ||
return t; | ||
}; | ||
return __assign.apply(this, arguments); | ||
}; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
@@ -10,20 +37,55 @@ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | ||
}; | ||
import fetch from "node-fetch"; | ||
import { v4 as uuidv4 } from "uuid"; | ||
import * as winston from "winston"; | ||
export var AuthorizeEffect; | ||
var __generator = (this && this.__generator) || function (thisArg, body) { | ||
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; | ||
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; | ||
function verb(n) { return function (v) { return step([n, v]); }; } | ||
function step(op) { | ||
if (f) throw new TypeError("Generator is already executing."); | ||
while (_) try { | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [op[0] & 2, t.value]; | ||
switch (op[0]) { | ||
case 0: case 1: t = op; break; | ||
case 4: _.label++; return { value: op[1], done: false }; | ||
case 5: _.label++; y = op[1]; op = [0]; continue; | ||
case 7: op = _.ops.pop(); _.trys.pop(); continue; | ||
default: | ||
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } | ||
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } | ||
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } | ||
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } | ||
if (t[2]) _.ops.pop(); | ||
_.trys.pop(); continue; | ||
} | ||
op = body.call(thisArg, _); | ||
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } | ||
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; | ||
} | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.Cerbos = exports.AuthorizationError = exports.AuthorizeEffect = void 0; | ||
var node_fetch_1 = require("node-fetch"); | ||
var uuid_1 = require("uuid"); | ||
var winston = require("winston"); | ||
var AuthorizeEffect; | ||
(function (AuthorizeEffect) { | ||
AuthorizeEffect["ALLOW"] = "EFFECT_ALLOW"; | ||
AuthorizeEffect["DENY"] = "EFFECT_DENY"; | ||
})(AuthorizeEffect || (AuthorizeEffect = {})); | ||
export class AuthorizationError extends Error { | ||
} | ||
class CerbosResponseWrapper { | ||
constructor(resp) { | ||
})(AuthorizeEffect = exports.AuthorizeEffect || (exports.AuthorizeEffect = {})); | ||
var AuthorizationError = /** @class */ (function (_super) { | ||
__extends(AuthorizationError, _super); | ||
function AuthorizationError() { | ||
return _super !== null && _super.apply(this, arguments) || this; | ||
} | ||
return AuthorizationError; | ||
}(Error)); | ||
exports.AuthorizationError = AuthorizationError; | ||
var CerbosResponseWrapper = /** @class */ (function () { | ||
function CerbosResponseWrapper(resp) { | ||
this.resp = resp; | ||
} | ||
isAuthorized(resourceKey, action) { | ||
CerbosResponseWrapper.prototype.isAuthorized = function (resourceKey, action) { | ||
var _a; | ||
try { | ||
const allowed = ((_a = this.resp.resourceInstances[resourceKey]) === null || _a === void 0 ? void 0 : _a.actions[action]) == | ||
var allowed = ((_a = this.resp.resourceInstances[resourceKey]) === null || _a === void 0 ? void 0 : _a.actions[action]) == | ||
AuthorizeEffect.ALLOW; | ||
@@ -35,6 +97,8 @@ return allowed !== null && allowed !== void 0 ? allowed : false; | ||
} | ||
} | ||
} | ||
export class Cerbos { | ||
constructor({ hostname, logLevel, timeout = 0, playgroundInstance, }) { | ||
}; | ||
return CerbosResponseWrapper; | ||
}()); | ||
var Cerbos = /** @class */ (function () { | ||
function Cerbos(_a) { | ||
var hostname = _a.hostname, logLevel = _a.logLevel, _b = _a.timeout, timeout = _b === void 0 ? 0 : _b, playgroundInstance = _a.playgroundInstance; | ||
this.host = hostname; | ||
@@ -53,35 +117,44 @@ this.timeout = timeout; | ||
} | ||
check(data) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
this.log.info("Cerbos.check", data); | ||
const payload = Object.assign(Object.assign({ requestId: uuidv4() }, data), { resource: Object.assign({ policyVersion: data.resource.policyVersion || "default" }, data.resource), principal: Object.assign({ policyVersion: data.principal.policyVersion || "default" }, data.principal) }); | ||
this.log.debug("Cerbos.check Payload", payload); | ||
// eslint-disable-next-line prefer-const | ||
// eslint-disable-next-line @typescript-eslint/no-explicit-any | ||
let headers = { | ||
"Content-Type": "application/json", | ||
}; | ||
if (this.playgroundInstance) { | ||
headers = Object.assign(Object.assign({}, headers), { "Playground-Instance": this.playgroundInstance }); | ||
} | ||
try { | ||
const response = yield fetch(`${this.host}/api/check`, { | ||
method: "post", | ||
body: JSON.stringify(payload), | ||
headers, | ||
timeout: this.timeout, | ||
}); | ||
const data = yield response.json(); | ||
this.log.info("Cerbos.check: Response", data); | ||
return new CerbosResponseWrapper(data); | ||
} | ||
catch (e) { | ||
this.log.error("Cerbos.check Error", e); | ||
throw new AuthorizationError(`Could not connect to Cerbos PDP at ${this.host}`); | ||
} | ||
Cerbos.prototype.check = function (data) { | ||
return __awaiter(this, void 0, void 0, function () { | ||
var payload, headers, response, data_1, e_1; | ||
return __generator(this, function (_a) { | ||
switch (_a.label) { | ||
case 0: | ||
this.log.info("Cerbos.check", data); | ||
payload = __assign(__assign({ requestId: (0, uuid_1.v4)() }, data), { resource: __assign({ policyVersion: data.resource.policyVersion || "default" }, data.resource), principal: __assign({ policyVersion: data.principal.policyVersion || "default" }, data.principal) }); | ||
this.log.debug("Cerbos.check Payload", payload); | ||
headers = { | ||
"Content-Type": "application/json", | ||
}; | ||
if (this.playgroundInstance) { | ||
headers = __assign(__assign({}, headers), { "Playground-Instance": this.playgroundInstance }); | ||
} | ||
_a.label = 1; | ||
case 1: | ||
_a.trys.push([1, 4, , 5]); | ||
return [4 /*yield*/, (0, node_fetch_1.default)(this.host + "/api/check", { | ||
method: "post", | ||
body: JSON.stringify(payload), | ||
headers: headers, | ||
timeout: this.timeout, | ||
})]; | ||
case 2: | ||
response = _a.sent(); | ||
return [4 /*yield*/, response.json()]; | ||
case 3: | ||
data_1 = _a.sent(); | ||
this.log.info("Cerbos.check: Response", data_1); | ||
return [2 /*return*/, new CerbosResponseWrapper(data_1)]; | ||
case 4: | ||
e_1 = _a.sent(); | ||
this.log.error("Cerbos.check Error", e_1); | ||
throw new AuthorizationError("Could not connect to Cerbos PDP at " + this.host); | ||
case 5: return [2 /*return*/]; | ||
} | ||
}); | ||
}); | ||
} | ||
} | ||
export default { | ||
Cerbos, | ||
}; | ||
}; | ||
return Cerbos; | ||
}()); | ||
exports.Cerbos = Cerbos; |
{ | ||
"name": "cerbos", | ||
"version": "0.0.6-alpha.1", | ||
"version": "0.0.6-alpha.2", | ||
"homepage": "https://cerbos.dev", | ||
"description": "Cerbos helps you super-charge your authorization implementation by writing context-aware access control policies for your application resources.", | ||
"main": "./lib/cjs/index.js", | ||
"module": "./lib/esm/index.js", | ||
"main": "lib/index.js", | ||
"types": "lib/index.d.ts", | ||
"files": [ | ||
@@ -12,7 +12,7 @@ "lib/**/*" | ||
"scripts": { | ||
"build": "tsc -p tsconfig.json && tsc -p tsconfig-cjs.json", | ||
"build": "tsc -p tsconfig.json", | ||
"test": "jest --config jestconfig.json", | ||
"prepare": "npm run build", | ||
"lint": "eslint . --ext .ts", | ||
"prepublishOnly": "npm test && npm run lint", | ||
"prepublishOnly": "npm test && npm run lint && npm run build", | ||
"preversion": "npm run lint", | ||
@@ -19,0 +19,0 @@ "version": "git add -A src", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
1
25368
5
226