New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
ocbesbn-bouncer
Advanced tools
ocbesbn-bouncer - npm Package Compare versions
Comparing version 0.2.1 to 0.2.2
48
index.js
@@ -65,14 +65,22 @@ /** | ||
| var roles = req.opuscapita.userData('roles') ? req.opuscapita.userData('roles').join(',') : ''; | ||
| var originalURL = '/api/permission?roles=' + roles + '&service=' + this.serviceName; | ||
| var aclPermissionURL = '/api/permission?roles=' + roles + '&service=' + this.serviceName; | ||
| // #TODO Need to cache the acl json and parse it accordingly | ||
| var isPermitted = function(url) | ||
| /** | ||
| * function to validate the given url against the ACL and | ||
| * restricted resource groups | ||
| * @param {String} url | ||
| * @param {String} method | ||
| * @param {Object} userData | ||
| * @return {Promise} | ||
| */ | ||
| var isPermitted = function(url, method, userData) | ||
| { | ||
| // #TODO Need to cache the acl json and parse it accordingly | ||
| var checkPermissions = function(resolve, reject) | ||
| { | ||
| req.opuscapita.serviceClient.get(this.aclServiceName, url) | ||
| req.opuscapita.serviceClient.get(this.aclServiceName, aclPermissionURL) | ||
| .then((response) => | ||
| { | ||
| var permissions = response[0].results; | ||
| var isAuthorized = this.isAuthorized(permissions, req.originalUrl, req.method, req.opuscapita.userData()); | ||
| var isAuthorized = this.isAuthorized(permissions, url, method, userData); | ||
@@ -104,3 +112,21 @@ if (!isAuthorized) | ||
| isPermitted(originalURL) | ||
| /** | ||
| * function to check the url is under public access or under restricted urls | ||
| * @param {String} url | ||
| * @param {String} method | ||
| * @param {Object} userData | ||
| * @return {Promise} | ||
| */ | ||
| var checkIsPermitted = function(url, method, userData) | ||
| { | ||
| for (var i = 0; i < this.publicPaths.length; i++) | ||
| { | ||
| if (url.indexOf(this.publicPaths[i]) > -1) | ||
| return Promise.resolve(true) | ||
| } | ||
| return isPermitted(url, method, userData); | ||
| } | ||
| checkIsPermitted(req.originalUrl.split('?')[0], req.method, req.opuscapita.userData()) | ||
| .then((response) => | ||
@@ -140,2 +166,12 @@ { | ||
| // -------------------- | ||
| // Define the public paths to exclude from the acl check | ||
| // -------------------- | ||
| this.publicPaths = [ | ||
| 'public', | ||
| 'static', | ||
| '/api/health/check', | ||
| '/api/list/apis' | ||
| ]; | ||
| // -------------------- | ||
| // Define logger | ||
@@ -142,0 +178,0 @@ // -------------------- |
| { | ||
| "name": "ocbesbn-bouncer", | ||
| "version": "0.2.1", | ||
| "version": "0.2.2", | ||
| "description": "Express middleware for ACl service and validation", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by14.25%
8337
- Lines of code
- increased by19.88%
199
No dependency changes