Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
mongoose-acl
Advanced tools
mongoose-acl - npm Package Compare versions
Comparing version 0.1.0 to 0.2.0
@@ -26,5 +26,29 @@ module.exports = function(schema, options) { | ||
| var acl = this[options.path] || {}; | ||
| return acl[key] || {}; | ||
| return acl[key] || []; | ||
| }; | ||
| schema.methods.keysWithAccess = function(perms) { | ||
| perms || (perms = []); | ||
| var acl = this[options.path] || {}; | ||
| var length = perms.length; | ||
| var keys = []; | ||
| for (var key in acl) { | ||
| var count = 0; | ||
| for (var i = 0; i < length; i++) { | ||
| if (acl[key].indexOf(perms[i]) !== -1) { | ||
| count++; | ||
| } | ||
| } | ||
| if (count === length) { | ||
| keys.push(key); | ||
| } | ||
| } | ||
| return keys; | ||
| }; | ||
| var toJSON = schema.methods.toJSON; | ||
@@ -45,8 +69,5 @@ | ||
| var query = {}; | ||
| var path = [options.path, key].join('.'); | ||
| for (var perm in perms) { | ||
| var path = [options.path, key, perm].join('.'); | ||
| query[path] = perms[perm]; | ||
| } | ||
| query[path] = { $all: perms }; | ||
| return query; | ||
@@ -53,0 +74,0 @@ }); |
@@ -28,13 +28,15 @@ module.exports = function(schema, options) { | ||
| schema.methods.getAccess = function(entity) { | ||
| schema.methods.getAccess = function(object) { | ||
| var entries = this.getAccessKeys().map(function(key) { | ||
| return entity.getAccess(key); | ||
| return object.getAccess(key); | ||
| }); | ||
| var result = {}; | ||
| var result = []; | ||
| entries.forEach(function(perms) { | ||
| for (var perm in perms) { | ||
| result[perm] = result[perm] || perms[perm]; | ||
| } | ||
| perms.forEach(function(perm) { | ||
| if (result.indexOf(perm) === -1) { | ||
| result.push(perm); | ||
| } | ||
| }); | ||
| }); | ||
@@ -45,6 +47,6 @@ | ||
| schema.methods.setAccess = function(entity, perms) { | ||
| schema.methods.setAccess = function(object, perms) { | ||
| var key = options.key.call(this); | ||
| entity.setAccess(key, perms); | ||
| object.setAccess(key, perms); | ||
| }; | ||
| }; |
| { | ||
| "name": "mongoose-acl", | ||
| "version": "0.1.0", | ||
| "version": "0.2.0", | ||
| "description": "Mongoose ACL", | ||
@@ -5,0 +5,0 @@ "homepage": "http://github.com/scttnlsn/mongoose-acl", |
@@ -25,5 +25,11 @@ mongoose-acl | ||
| widget.setAccess('foo', { a: true, b: true }); | ||
| widget.getAccess('foo'); // => { a: true, b: true } | ||
| widget.setAccess('foo', ['a', 'b']); | ||
| widget.getAccess('foo'); // => ['a', 'b'] | ||
| ``` | ||
| Or getting all keys with given permissions: | ||
| ```javascript | ||
| widget.keysWithAccess(['a']); // => ['foo'] | ||
| ``` | ||
@@ -35,4 +41,4 @@ There are also convenience methods added to the subject for getting and setting the permissions for a given object: | ||
| user.setAccess(widget, { read: true, write: true, delete: true }); | ||
| user.getAccess(widget); // => { read: true: write: true, delete: true }); | ||
| user.setAccess(widget, ['read', 'write', 'delete']); | ||
| user.getAccess(widget); // => ['read', 'write', 'delete'] | ||
| ``` | ||
@@ -43,3 +49,3 @@ | ||
| ```javascript | ||
| Widget.withAccess(user, { read: true }).exec(function(err, widgets) { | ||
| Widget.withAccess(user, ['read']).exec(function(err, widgets) { | ||
| ... | ||
@@ -46,0 +52,0 @@ }); |
@@ -6,3 +6,3 @@ var assert = require('assert'); | ||
| describe('Entity', function() { | ||
| describe('Object', function() { | ||
| var model, Test; | ||
@@ -22,8 +22,8 @@ | ||
| beforeEach(function() { | ||
| model.setAccess('foo', { bar: true }); | ||
| model.setAccess('foo', ['bar']); | ||
| }); | ||
| it('sets permissions in acl', function() { | ||
| assert.equal(model._acl.foo.bar, true); | ||
| assert.deepEqual(model.getAccess('foo'), { bar: true }); | ||
| assert.deepEqual(model._acl.foo, ['bar']); | ||
| assert.deepEqual(model.getAccess('foo'), ['bar']); | ||
| }); | ||
@@ -49,3 +49,3 @@ | ||
| var find = sinon.spy(Test, 'find'); | ||
| var cursor = Test.withAccess(subject, { baz: true }); | ||
| var cursor = Test.withAccess(subject, ['baz', 'qux']); | ||
@@ -58,4 +58,4 @@ assert.ok(find.calledOnce); | ||
| $or: [ | ||
| { '_acl.foo.baz': true }, | ||
| { '_acl.bar.baz': true } | ||
| { '_acl.foo': { $all: ['baz', 'qux'] }}, | ||
| { '_acl.bar': { $all: ['baz', 'qux'] }} | ||
| ] | ||
@@ -65,2 +65,42 @@ }); | ||
| }); | ||
| describe('when getting keys with given permissions', function() { | ||
| beforeEach(function() { | ||
| model.setAccess('foo', ['a', 'b']); | ||
| model.setAccess('bar', ['a']); | ||
| model.setAccess('baz', ['b', 'c']); | ||
| }); | ||
| it('returns keys that have all given permissions', function() { | ||
| var keys = model.keysWithAccess(['a']); | ||
| assert.equal(keys.length, 2); | ||
| assert.ok(keys.indexOf('foo') !== -1); | ||
| assert.ok(keys.indexOf('bar') !== -1); | ||
| keys = model.keysWithAccess(['a', 'b']); | ||
| assert.equal(keys.length, 1); | ||
| assert.ok(keys.indexOf('foo') !== -1); | ||
| keys = model.keysWithAccess(['b']); | ||
| assert.equal(keys.length, 2); | ||
| assert.ok(keys.indexOf('foo') !== -1); | ||
| assert.ok(keys.indexOf('baz') !== -1); | ||
| keys = model.keysWithAccess(['c']); | ||
| assert.equal(keys.length, 1); | ||
| assert.ok(keys.indexOf('baz') !== -1); | ||
| keys = model.keysWithAccess(['a', 'c']); | ||
| assert.equal(keys.length, 0); | ||
| keys = model.keysWithAccess(['d']); | ||
| assert.equal(keys.length, 0); | ||
| }); | ||
| }); | ||
| }); |
@@ -38,15 +38,5 @@ var assert = require('assert'); | ||
| var access = { | ||
| '*': { | ||
| a: true, | ||
| b: true, | ||
| c: false | ||
| }, | ||
| 'role:foo': { | ||
| a: true, | ||
| b: false, | ||
| c: false | ||
| }, | ||
| 'role:bar': { | ||
| d: false | ||
| } | ||
| '*': ['a', 'b'], | ||
| 'role:foo': ['a'], | ||
| 'role:bar': ['c'] | ||
| }; | ||
@@ -56,3 +46,3 @@ | ||
| getAccess: function(key) { | ||
| return access[key] || {}; | ||
| return access[key] || []; | ||
| } | ||
@@ -62,5 +52,5 @@ }; | ||
| it('logically ors permissions', function() { | ||
| it('combines all permissions', function() { | ||
| var perms = model.getAccess(entity); | ||
| assert.deepEqual(perms, { a: true, b: true, c: false, d: false }); | ||
| assert.deepEqual(perms, ['a', 'b', 'c']); | ||
| }); | ||
@@ -80,3 +70,3 @@ }); | ||
| it('sets permissions for subject key', function() { | ||
| model.setAccess(entity, { a: true }); | ||
| model.setAccess(entity, ['a']); | ||
| assert.ok(setAccess.calledOnce); | ||
@@ -88,5 +78,5 @@ | ||
| assert.equal(key, 'subject:' + model._id); | ||
| assert.deepEqual(perms, { a: true }); | ||
| assert.deepEqual(perms, ['a']); | ||
| }); | ||
| }); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by14.7%
12022
- Lines of code
- increased by17.5%
235
- Number of lines in readme file
- increased by6.06%
105
No dependency changes