New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
oso-cloud - npm Package Compare versions
Comparing version 1.6.1 to 1.7.0
| # Changelog | ||
| ## 1.7.0 | ||
| - Add new [`oso.actionsLocal()`](https://www.osohq.com/docs/reference/client-apis/node#list-authorized-actions-with-distributed-data-osoactionslocalactor-resource) method. | ||
| - Accept `boolean`, `bigint`, and `number` as fact args. These are converted to the appropriate Polar type. | ||
| ## 1.6.2 | ||
| - Return an error if the request body is too large without sending a request to Oso Cloud. | ||
| ## 1.6.1 | ||
@@ -4,0 +13,0 @@ |
| { | ||
| "name": "oso-cloud", | ||
| "version": "1.6.1", | ||
| "version": "1.7.0", | ||
| "description": "Oso Cloud Node client", | ||
@@ -28,3 +28,3 @@ "keywords": [ | ||
| "preversion": "yarn build", | ||
| "build": "tsc", | ||
| "build": "tsc -p tsconfig.build.json", | ||
| "prepublish": "yarn build" | ||
@@ -51,5 +51,7 @@ }, | ||
| "rimraf": "^3.0.2", | ||
| "sequelize": "^6.37.3", | ||
| "ts-jest": "^28.0.5", | ||
| "typeorm": "0.3.19", | ||
| "typescript": "^4.7.4" | ||
| } | ||
| } |
@@ -152,2 +152,3 @@ /// <reference types="node" /> | ||
| getStats(): Promise<StatsResult>; | ||
| postActionsQuery(query: ActionsQuery): Promise<LocalQueryResult>; | ||
| postAuthorizeQuery(query: AuthorizeQuery): Promise<LocalQueryResult>; | ||
@@ -154,0 +155,0 @@ postListQuery(query: ListQuery, column: string): Promise<LocalQueryResult>; |
@@ -31,2 +31,4 @@ "use strict"; | ||
| }; | ||
| // 10 MiB | ||
| const maxBodySizeBytes = 10485760; | ||
| const fetch = (0, fetch_retry_1.default)(cross_fetch_1.default, retryOptions); | ||
@@ -137,2 +139,6 @@ class Api { | ||
| request.body = JSON.stringify(body); | ||
| const bodySizeBytes = Buffer.byteLength(request.body); | ||
| if (bodySizeBytes >= maxBodySizeBytes) { | ||
| throw new Error(`Oso Cloud error: Request payload too large (bodySizeBytes: ${bodySizeBytes}, maxBodySize: ${maxBodySizeBytes})`); | ||
| } | ||
| } | ||
@@ -272,2 +278,12 @@ const startTime = Date.now(); | ||
| } | ||
| postActionsQuery(query) { | ||
| return __awaiter(this, void 0, void 0, function* () { | ||
| const params = {}; | ||
| const data = { | ||
| query, | ||
| data_bindings: (yield this.dataBindings) || "", | ||
| }; | ||
| return this._post(`/actions_query`, params, data, false); | ||
| }); | ||
| } | ||
| postAuthorizeQuery(query) { | ||
@@ -300,3 +316,3 @@ return __awaiter(this, void 0, void 0, function* () { | ||
| } | ||
| // NOTE: the args stuff here doesn not show up in the openapi spec | ||
| // NOTE: the args stuff here does not show up in the openapi spec | ||
| // so we don't codegen this correctly | ||
@@ -303,0 +319,0 @@ getFacts(predicate, args) { |
@@ -1,9 +0,9 @@ | ||
| import { Instance } from "."; | ||
| import { IntoInstance, Instance } from "."; | ||
| import { Fact, Value } from "./api"; | ||
| export declare function paramToFact(predicate: string, ...args: Instance[]): Fact; | ||
| export declare function mapParamsToFacts(params?: [predicate: string, ...args: Instance[]][]): Fact[]; | ||
| export declare function paramToFact(predicate: string, ...args: IntoInstance[]): Fact; | ||
| export declare function mapParamsToFacts(params?: [predicate: string, ...args: IntoInstance[]][]): Fact[]; | ||
| export declare function factToParam(fact: Fact): [predicate: string, ...args: Instance[]]; | ||
| export declare function mapFactsToParams(facts?: Fact[]): [predicate: string, ...args: Instance[]][]; | ||
| export declare function toValue(instance: Instance): Value; | ||
| export declare function toValue(instance: IntoInstance): Value; | ||
| export declare function fromValue(value: Value): Instance; | ||
| //# sourceMappingURL=helpers.d.ts.map |
@@ -34,2 +34,18 @@ "use strict"; | ||
| } | ||
| if (typeof instance === "boolean") { | ||
| return { type: "Boolean", id: instance.toString() }; | ||
| } | ||
| if (typeof instance === "number") { | ||
| if (instance > Number.MAX_SAFE_INTEGER || | ||
| instance < Number.MIN_SAFE_INTEGER) { | ||
| throw new Error(`Oso: integer identifier is outside the range of safe integers, making it unsuitable for use as an identifier`); | ||
| } | ||
| if (!Number.isInteger(instance)) { | ||
| throw new Error(`Oso: non-integer numeric values may not be used as identifiers`); | ||
| } | ||
| return { type: "Integer", id: instance.toString() }; | ||
| } | ||
| if (typeof instance === "bigint") { | ||
| return { type: "Integer", id: instance.toString() }; | ||
| } | ||
| if (instance.id === undefined || instance.id === null) { | ||
@@ -36,0 +52,0 @@ if (instance.type === undefined || instance.type === null) { |
@@ -6,5 +6,7 @@ import { Api } from "./api"; | ||
| } | string | null; | ||
| export declare type IntoInstance = Instance | boolean | number | bigint; | ||
| export declare type Fact = [predicate: string, ...args: Instance[]]; | ||
| export declare type IntoFact = [predicate: string, ...args: IntoInstance[]]; | ||
| export declare type Context = { | ||
| contextFacts?: Fact[]; | ||
| contextFacts?: IntoFact[]; | ||
| }; | ||
@@ -33,9 +35,9 @@ export { AuthorizeResult } from "./api"; | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance} resource | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} resource | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<boolean>} | ||
| */ | ||
| authorize(actor: Instance, action: string, resource: Instance, contextFacts?: Fact[]): Promise<boolean>; | ||
| authorize(actor: IntoInstance, action: string, resource: IntoInstance, contextFacts?: IntoFact[]): Promise<boolean>; | ||
| /** | ||
@@ -47,9 +49,9 @@ * Check authorized resources: | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance[]} resources | ||
| * @param {Fact[]} [contextFacts] | ||
| * @returns {Promise<Instance[]>} | ||
| * @param {IntoInstance[]} resources | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<IntoInstance[]>} | ||
| */ | ||
| authorizeResources(actor: Instance, action: string, resources: Instance[], contextFacts?: Fact[]): Promise<Instance[]>; | ||
| authorizeResources<T extends IntoInstance>(actor: IntoInstance, action: string, resources: T[], contextFacts?: IntoFact[]): Promise<T[]>; | ||
| /** | ||
@@ -60,9 +62,9 @@ * List authorized resources: | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {string} resourceType | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[]>} | ||
| */ | ||
| list(actor: Instance, action: string, resourceType: string, contextFacts?: Fact[]): Promise<string[]>; | ||
| list(actor: IntoInstance, action: string, resourceType: string, contextFacts?: IntoFact[]): Promise<string[]>; | ||
| /** | ||
@@ -73,8 +75,8 @@ * List authorized actions: | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {Instance} resource | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance} resource | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[]>} | ||
| */ | ||
| actions(actor: Instance, resource: Instance, contextFacts?: Fact[]): Promise<string[]>; | ||
| actions(actor: IntoInstance, resource: IntoInstance, contextFacts?: IntoFact[]): Promise<string[]>; | ||
| /** | ||
@@ -86,8 +88,8 @@ * List authorized actions for a list of resources | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {Instance[]} resources | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance[]} resources | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[][]>} | ||
| */ | ||
| bulkActions(actor: Instance, resources: Instance[], contextFacts?: Fact[]): Promise<string[][]>; | ||
| bulkActions(actor: IntoInstance, resources: IntoInstance[], contextFacts?: IntoFact[]): Promise<string[][]>; | ||
| /** | ||
@@ -112,6 +114,6 @@ * Update the active policy: | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact>} | ||
| */ | ||
| tell(predicate: string, ...args: Instance[]): Promise<Fact>; | ||
| tell(predicate: string, ...args: IntoInstance[]): Promise<Fact>; | ||
| /** | ||
@@ -123,5 +125,5 @@ * Delete fact: | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| */ | ||
| delete(predicate: string, ...args: Instance[]): Promise<void>; | ||
| delete(predicate: string, ...args: IntoInstance[]): Promise<void>; | ||
| /** | ||
@@ -132,5 +134,5 @@ * Add many facts: | ||
| * | ||
| * @param {Fact[]} facts | ||
| * @param {IntoFact[]} facts | ||
| */ | ||
| bulkTell(facts: Fact[]): Promise<void>; | ||
| bulkTell(facts: IntoFact[]): Promise<void>; | ||
| /** | ||
@@ -142,5 +144,5 @@ * Delete many facts: | ||
| * | ||
| * @param {Fact[]} facts | ||
| * @param {IntoFact[]} facts | ||
| */ | ||
| bulkDelete(facts: Fact[]): Promise<void>; | ||
| bulkDelete(facts: IntoFact[]): Promise<void>; | ||
| /** | ||
@@ -153,18 +155,22 @@ * Transactionally delete and add facts: oso.bulk(delete, tell) | ||
| * | ||
| * @param {Fact[]} delete | ||
| * @param {Fact[]} tell | ||
| * @param {IntoFact[]} delete | ||
| * @param {IntoFact[]} tell | ||
| */ | ||
| bulk(delete_?: Fact[], tell?: Fact[]): Promise<void>; | ||
| bulk(delete_?: IntoFact[], tell?: IntoFact[]): Promise<void>; | ||
| /** | ||
| * List facts: | ||
| * Get facts: | ||
| * | ||
| * Lists facts that are stored in Oso Cloud. Can be used to check the existence | ||
| * Get facts that are stored in Oso Cloud. Can be used to check the existence | ||
| * of a particular fact, or used to fetch all facts that have a particular | ||
| * argument. | ||
| * | ||
| * `oso.get()` only returns facts you've added. If you want to return a list of authorized resources, use | ||
| * the Check API. For example, to answer "on which resouces can a given user | ||
| * perform a given action", use `oso.list()`. | ||
| * | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact[]>} | ||
| */ | ||
| get(predicate: string, ...args: Instance[]): Promise<Fact[]>; | ||
| get(predicate: string, ...args: IntoInstance[]): Promise<Fact[]>; | ||
| /** | ||
@@ -175,6 +181,6 @@ * Query Oso Cloud for any predicate, and any combination of concrete and | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact[]>} | ||
| */ | ||
| query(predicate: string, ...args: Instance[]): Promise<Fact[]>; | ||
| query(predicate: string, ...args: IntoInstance[]): Promise<Fact[]>; | ||
| /** | ||
@@ -184,8 +190,19 @@ * Query Oso Cloud for any predicate, and any combination of concrete and | ||
| * | ||
| * @param {Fact} fact | ||
| * @param {IntoFact} fact | ||
| * @param {Context} context | ||
| * @returns {Promise<Fact[]>} | ||
| */ | ||
| query_with_context(fact: Fact, { contextFacts }: Context): Promise<Fact[]>; | ||
| query_with_context(fact: IntoFact, { contextFacts }: Context): Promise<Fact[]>; | ||
| /** | ||
| * Fetches a query that can be run against your database to determine the actions | ||
| * an actor can perform on a resource. | ||
| * | ||
| * Returns a SQL query to run against the local database. | ||
| * | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance} resource | ||
| * @returns {Promise<string>} | ||
| */ | ||
| actionsLocal(actor: IntoInstance, resource: IntoInstance): Promise<string>; | ||
| /** | ||
| * Check a permission depending on data both in Oso Cloud and stored in a local database. | ||
@@ -195,8 +212,8 @@ * | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance} resource | ||
| * @param {IntoInstance} resource | ||
| * @returns {Promise<string>} | ||
| */ | ||
| authorizeLocal(actor: Instance, action: string, resource: Instance): Promise<string>; | ||
| authorizeLocal(actor: IntoInstance, action: string, resource: IntoInstance): Promise<string>; | ||
| /** | ||
@@ -207,10 +224,10 @@ * List authorized resources depending on data both in Oso Cloud and stored in a local database. | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance[]} resourceType | ||
| * @param {string} resourceType | ||
| * @param {string} column | ||
| * @returns {Promise<string>} | ||
| */ | ||
| listLocal(actor: Instance, action: string, resourceType: string, column: string): Promise<string>; | ||
| listLocal(actor: IntoInstance, action: string, resourceType: string, column: string): Promise<string>; | ||
| } | ||
| //# sourceMappingURL=index.d.ts.map |
@@ -28,6 +28,6 @@ "use strict"; | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance} resource | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} resource | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<boolean>} | ||
@@ -65,7 +65,7 @@ */ | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance[]} resources | ||
| * @param {Fact[]} [contextFacts] | ||
| * @returns {Promise<Instance[]>} | ||
| * @param {IntoInstance[]} resources | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<IntoInstance[]>} | ||
| */ | ||
@@ -113,6 +113,6 @@ authorizeResources(actor, action, resources, contextFacts) { | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {string} resourceType | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[]>} | ||
@@ -143,5 +143,5 @@ */ | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {Instance} resource | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance} resource | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[]>} | ||
@@ -175,5 +175,5 @@ */ | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {Instance[]} resources | ||
| * @param {Fact[]} [contextFacts] | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance[]} resources | ||
| * @param {IntoFact[]} [contextFacts] | ||
| * @returns {Promise<string[][]>} | ||
@@ -245,3 +245,3 @@ */ | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact>} | ||
@@ -263,3 +263,3 @@ */ | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| */ | ||
@@ -279,3 +279,3 @@ delete(predicate, ...args) { | ||
| * | ||
| * @param {Fact[]} facts | ||
| * @param {IntoFact[]} facts | ||
| */ | ||
@@ -293,3 +293,3 @@ bulkTell(facts) { | ||
| * | ||
| * @param {Fact[]} facts | ||
| * @param {IntoFact[]} facts | ||
| */ | ||
@@ -308,4 +308,4 @@ bulkDelete(facts) { | ||
| * | ||
| * @param {Fact[]} delete | ||
| * @param {Fact[]} tell | ||
| * @param {IntoFact[]} delete | ||
| * @param {IntoFact[]} tell | ||
| */ | ||
@@ -321,10 +321,14 @@ bulk(delete_ = [], tell = []) { | ||
| /** | ||
| * List facts: | ||
| * Get facts: | ||
| * | ||
| * Lists facts that are stored in Oso Cloud. Can be used to check the existence | ||
| * Get facts that are stored in Oso Cloud. Can be used to check the existence | ||
| * of a particular fact, or used to fetch all facts that have a particular | ||
| * argument. | ||
| * | ||
| * `oso.get()` only returns facts you've added. If you want to return a list of authorized resources, use | ||
| * the Check API. For example, to answer "on which resouces can a given user | ||
| * perform a given action", use `oso.list()`. | ||
| * | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact[]>} | ||
@@ -344,3 +348,3 @@ */ | ||
| * @param {string} predicate | ||
| * @param {...Instance} args | ||
| * @param {...IntoInstance} args | ||
| * @returns {Promise<Fact[]>} | ||
@@ -355,3 +359,3 @@ */ | ||
| * | ||
| * @param {Fact} fact | ||
| * @param {IntoFact} fact | ||
| * @param {Context} context | ||
@@ -370,2 +374,32 @@ * @returns {Promise<Fact[]>} | ||
| /** | ||
| * Fetches a query that can be run against your database to determine the actions | ||
| * an actor can perform on a resource. | ||
| * | ||
| * Returns a SQL query to run against the local database. | ||
| * | ||
| * @param {IntoInstance} actor | ||
| * @param {IntoInstance} resource | ||
| * @returns {Promise<string>} | ||
| */ | ||
| actionsLocal(actor, resource) { | ||
| return __awaiter(this, void 0, void 0, function* () { | ||
| const { type: actor_type, id: actor_id } = (0, helpers_1.toValue)(actor); | ||
| const { type: resource_type, id: resource_id } = (0, helpers_1.toValue)(resource); | ||
| if (actor_type == null || actor_id == null) { | ||
| throw new TypeError(`'actor' can not be a wildcard: ${actor}`); | ||
| } | ||
| if (resource_type == null || resource_id == null) { | ||
| throw new TypeError(`'resource' can not be a wildcard: ${resource}`); | ||
| } | ||
| const result = yield this.api.postActionsQuery({ | ||
| actor_type, | ||
| actor_id, | ||
| resource_type, | ||
| resource_id, | ||
| context_facts: [], | ||
| }); | ||
| return result.sql; | ||
| }); | ||
| } | ||
| /** | ||
| * Check a permission depending on data both in Oso Cloud and stored in a local database. | ||
@@ -375,5 +409,5 @@ * | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance} resource | ||
| * @param {IntoInstance} resource | ||
| * @returns {Promise<string>} | ||
@@ -410,5 +444,5 @@ */ | ||
| * | ||
| * @param {Instance} actor | ||
| * @param {IntoInstance} actor | ||
| * @param {string} action | ||
| * @param {Instance[]} resourceType | ||
| * @param {string} resourceType | ||
| * @param {string} column | ||
@@ -415,0 +449,0 @@ * @returns {Promise<string>} |
| { | ||
| "name": "oso-cloud", | ||
| "version": "1.6.1", | ||
| "version": "1.7.0", | ||
| "description": "Oso Cloud Node client", | ||
@@ -28,3 +28,3 @@ "keywords": [ | ||
| "preversion": "yarn build", | ||
| "build": "tsc", | ||
| "build": "tsc -p tsconfig.build.json", | ||
| "prepublish": "yarn build" | ||
@@ -51,5 +51,7 @@ }, | ||
| "rimraf": "^3.0.2", | ||
| "sequelize": "^6.37.3", | ||
| "ts-jest": "^28.0.5", | ||
| "typeorm": "0.3.19", | ||
| "typescript": "^4.7.4" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Number of low supply chain risk alerts
- decreased by-33.33%
2
Worsened metrics
- Total package byte prevSize
- decreased by-36.7%
83592
- Dev dependency count
- increased by12.5%
18
- Number of package files
- decreased by-33.33%
16
- Lines of code
- decreased by-32.62%
1256
No dependency changes