rhases-nodejs-commons - npm Package Compare versions

Comparing version 0.2.24 to 0.2.25

CHANGELOG.md

@@ -5,2 +5,7 @@ # Change Log
 
+<a name="0.2.25"></a>
+## [0.2.25](https://github.com/rhases/rhases-nodejs-commons/compare/v0.2.24...v0.2.25) (2017-11-20)
+
+
+
 <a name="0.2.24"></a>
@@ -7,0 +12,0 @@ ## [0.2.24](https://github.com/rhases/rhases-nodejs-commons/compare/v0.2.23...v0.2.24) (2017-10-17)

dist/crud/access-control-with-organizations.authorization.js

@@ -14,5 +14,9 @@ 'use strict';
     logger_1.default.warn(thisGrants[0].resource);
+    return Q.when(thisGrants)
+        .then(instantiateCrudAccessControl(resource));
+    /*
     return queryAllOrgs()
-        .then(expandGrantsListRules(thisGrants))
-        .then(instantiateCrudAccessControl(resource));
+    .then(expandGrantsListRules(thisGrants))
+    .then(instantiateCrudAccessControl(resource))
+    */
 }
@@ -19,0 +23,0 @@ exports.crudAccessControlWithOrgRolesFactory = crudAccessControlWithOrgRolesFactory;

dist/crud/access-control-with-organizations.authorization.spec.js

@@ -20,4 +20,4 @@ "use strict";
         { role: '$organization:member', resource: 'video', action: 'update:own', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'read:any', attributes: ['*'] },
         { role: '$organization:manager', resource: 'video', action: 'create:own', attributes: ['*'] },
-        { role: '$organization:manager', resource: 'video', action: 'read:own', attributes: ['*'] },
         { role: '$organization:manager', resource: 'video', action: 'update:own', attributes: ['*'] },
@@ -54,2 +54,13 @@ { role: '$organization:manager', resource: 'video', action: 'delete:own', attributes: ['*'] }
     };
+    it('should organization manager be grant read any', function () {
+        return promisedAcessControl
+            .then(function (accessControll) {
+            return accessControll.check(organizationManager, 'read');
+        })
+            .then(function (grant) {
+            logger_1.default.trace('asserting permission attrs');
+            chai_1.expect(grant.granted).to.equal(true);
+            chai_1.expect(grant.type).to.equal('any');
+        });
+    });
     it('should organization manager be grant create access', function () {
@@ -56,0 +67,0 @@ return promisedAcessControl

dist/crud/access-control.authorization.js

@@ -17,7 +17,10 @@ 'use strict';
         var roles = this.filteredRoles(_ac, user.roles);
+        var orgRoles = this.getOrgRoles(user);
+        orgRoles = this.filteredRoles(_ac, orgRoles);
         logger_1.default.trace("check can " + roles + " " + op + "Any for " + this.resource);
-        var anyPermission = this.doCheck(_ac, roles, op, 'Any', this.resource);
+        var anyRoles = roles.concat(orgRoles);
+        var anyPermission = this.doCheck(_ac, anyRoles, op, 'Any', this.resource);
         if (anyPermission.granted) {
             grant = new Grant(anyPermission, 'any');
-            grant.addVerifiedRoles(roles);
+            grant.addVerifiedRoles(anyRoles);
         }
@@ -36,4 +39,2 @@ else {
             //check for 'own' clearence for 'organization'
-            var orgRoles = this.getOrgRoles(user);
-            orgRoles = this.filteredRoles(_ac, orgRoles);
             logger_1.default.trace("check can " + orgRoles + " " + op + "Own for " + this.resource);
@@ -77,2 +78,3 @@ var organizationOwnPermission = this.doCheck(_ac, orgRoles, op, 'Own', this.resource);
             roles.push(org.ref.code + ":" + org.role);
+            roles.push("$organization:" + org.role);
         }
@@ -79,0 +81,0 @@ return roles;

dist/crud/access-control.authorization.spec.js

@@ -19,4 +19,4 @@ "use strict";
         { role: 'user', resource: 'video', action: 'delete:own', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'read:any', attributes: ['*'] },
         { role: '$organization:manager', resource: 'video', action: 'create:own', attributes: ['*'] },
-        { role: '$organization:manager', resource: 'video', action: 'read:any', attributes: ['*'] },
         { role: '$organization:manager', resource: 'video', action: 'update:own', attributes: ['*'] },
@@ -23,0 +23,0 @@ { role: '$organization:manager', resource: 'video', action: 'delete:own', attributes: ['*'] }

package.json

 {
   "name": "rhases-nodejs-commons",
-  "version": "0.2.24",
+  "version": "0.2.25",
   "description": "Node.js utilities",
@@ -9,2 +9,3 @@ "main": "dist/index.js",
     "test": "mocha -r ts-node/register src/**/*.spec.ts",
+    "testauth": "mocha -r ts-node/register src/**/*.authorization.spec.ts",
     "clean": "rm -rf dist/",
@@ -11,0 +12,0 @@ "precompile": "npm run clean",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

164234

increased by0.54%

Lines of code

4329

increased by0.39%

No dependency changes