loopback-component-access-groups
Advanced tools
loopback-component-access-groups - npm Package Compare versions
Comparing version 1.1.0 to 1.2.0
@@ -17,3 +17,3 @@ 'use strict' | ||
| // Initialize middleware | ||
| // Initialize middleware. | ||
| app.middleware('auth:after', userContext()) | ||
@@ -23,12 +23,13 @@ app.middleware('routes:before', accessLogger()) | ||
| // Initialise helper class. | ||
| const accessUtils = new AccessUtils(app, options) | ||
| app.accessUtils = new AccessUtils(app, options) | ||
| app.accessUtils = accessUtils | ||
| // Initialize remoting phase. | ||
| app.accessUtils.setupRemotingPhase() | ||
| // Set up role resolvers. | ||
| accessUtils.setupRoleResolvers() | ||
| app.accessUtils.setupRoleResolvers() | ||
| // Set up model opertion hooks. | ||
| if (options.applyToStatic) { | ||
| accessUtils.setupFilters() | ||
| app.accessUtils.setupFilters() | ||
| } | ||
@@ -35,0 +36,0 @@ |
| 'use strict' | ||
| const LoopBackContext = require('loopback-context') | ||
| const debug = require('debug')('loopback:component:access:logger') | ||
@@ -8,2 +9,6 @@ | ||
| return function accessLogger(req, res, next) { | ||
| const loopbackContext = LoopBackContext.getCurrentContext({ bind: true }) | ||
| next = loopbackContext.bind(next) | ||
| if (req.accessToken) { | ||
@@ -10,0 +15,0 @@ debug('req: %s %s, token: %o', req.method, req.originalUrl, req.accessToken) |
@@ -11,4 +11,6 @@ 'use strict' | ||
| return function userContext(req, res, next) { | ||
| const loopbackContext = LoopBackContext.getCurrentContext() | ||
| const loopbackContext = LoopBackContext.getCurrentContext({ bind: true }) | ||
| next = loopbackContext.bind(next) | ||
| if (!loopbackContext) { | ||
@@ -24,3 +26,2 @@ debug('No user context (loopback current context not found)') | ||
| loopbackContext.set('accessToken', req.accessToken.id) | ||
| const { app } = req | ||
@@ -27,0 +28,0 @@ const UserModel = app.accessUtils.options.userModel || 'User' |
@@ -10,3 +10,3 @@ 'use strict' | ||
| Model.getCurrentUser = function getCurrentUser() { | ||
| const ctx = LoopBackContext.getCurrentContext() | ||
| const ctx = LoopBackContext.getCurrentContext({ bind: true }) | ||
| const currentUser = (ctx && ctx.get('currentUser')) || null | ||
@@ -13,0 +13,0 @@ |
@@ -7,2 +7,3 @@ 'use strict' | ||
| const _get = require('lodash').get | ||
| const _set = require('lodash').set | ||
| const Promise = require('bluebird') | ||
@@ -43,2 +44,18 @@ const LoopBackContext = require('loopback-context') | ||
| /** | ||
| * Register a custom remoting phase to make the current user details available from remoting contexts. | ||
| */ | ||
| setupRemotingPhase() { | ||
| this.app.remotes().phases | ||
| .addBefore('invoke', 'options-from-request') | ||
| .use((ctx, next) => { | ||
| if (!_get(ctx, 'args.options.accessToken')) { | ||
| return next() | ||
| } | ||
| _set(ctx, 'args.options.currentUser', this.getCurrentUser()) | ||
| _set(ctx, 'args.options.currentUserGroups', this.getCurrentUserGroups()) | ||
| return next() | ||
| }) | ||
| } | ||
| /** | ||
| * Register a dynamic role resolver for each defined access group. | ||
@@ -80,3 +97,3 @@ */ | ||
| // Do not apply filters if no group access acls were applied. | ||
| const loopbackContext = LoopBackContext.getCurrentContext() | ||
| const loopbackContext = LoopBackContext.getCurrentContext({ bind: true }) | ||
| const groupAccessApplied = Boolean(loopbackContext && loopbackContext.get('groupAccessApplied')) | ||
@@ -235,3 +252,3 @@ | ||
| getCurrentUser() { | ||
| const ctx = LoopBackContext.getCurrentContext() | ||
| const ctx = LoopBackContext.getCurrentContext({ bind: true }) | ||
| const currentUser = (ctx && ctx.get('currentUser')) || null | ||
@@ -248,3 +265,3 @@ | ||
| getCurrentUserGroups() { | ||
| const ctx = LoopBackContext.getCurrentContext() | ||
| const ctx = LoopBackContext.getCurrentContext({ bind: true }) | ||
| const currentUserGroups = (ctx && ctx.get('currentUserGroups')) || [] | ||
@@ -304,3 +321,3 @@ | ||
| LoopBackContext.getCurrentContext().set('groupAccessApplied', true) | ||
| LoopBackContext.getCurrentContext({ bind: true }).set('groupAccessApplied', true) | ||
@@ -378,3 +395,3 @@ /** | ||
| if (res) { | ||
| LoopBackContext.getCurrentContext().set('groupAccessApplied', true) | ||
| LoopBackContext.getCurrentContext({ bind: true }).set('groupAccessApplied', true) | ||
| } | ||
@@ -381,0 +398,0 @@ |
| { | ||
| "name": "loopback-component-access-groups", | ||
| "description": "Access controls for Loopback.", | ||
| "version": "1.1.0", | ||
| "version": "1.2.0", | ||
| "author": { | ||
@@ -6,0 +6,0 @@ "name": "Tom Kirkpatrick @mrfelton" |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.1%
78205
- Lines of code
- increased by0.96%
2103