Product
Introducing Enhanced Alert Actions and Triage Functionality
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
q3-core-composer
Advanced tools
This package registers a few methods onto the request object, most of which help with authenticating and authorizing.
Readme
This package registers a few methods onto the request object, most of which help with authenticating and authorizing.
Redact the request's body to safely update documents.
«Object(optional)»
A document to consider during
redaction. Useful for triggering test cases with
conditional access control grants.«String(optional)»
A collection to query for grants.
Q3-core-rest automates this value's assignment.«String(optional)»
A field under which the body should
be tested (i.e. sub-documents). Q3-core-rest automates
this value's assignment.«String(optional)»
An ID to load a sub-document into the
document context. Useful for triggering test cases on
nested access control grants.«Object»
The redacted request bodymodule.exports = async function controller(req, res) {
const doc = await Model.findById(req.id);
const subdoc = doc;
const body = req.authorizeBody(
doc, // the parent document
'test-collection', // the collection to pull grants from
'sample', // the sub-document name
req.sampleId, // the sub-document id
);
doc.sample.id(req.sampleId).set(body);
await doc.save();
res.status(200).json({
ok: 1,
});
};
FAQs
This package registers a few methods onto the request object, most of which help with authenticating and authorizing.
We found that q3-core-composer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.