sails-permissions
Advanced tools
sails-permissions - npm Package Compare versions
Comparing version 1.4.3 to 1.4.4
@@ -86,3 +86,3 @@ var permissionPolicies = [ | ||
| .then(function (user) { | ||
| sails.log('sails-permissions: created admin user:', user); | ||
| sails.log.verbose('sails-permissions: created admin user:', user); | ||
| user.createdBy = user.id; | ||
@@ -89,0 +89,0 @@ user.owner = user.id; |
@@ -24,3 +24,3 @@ var _ = require('lodash'); | ||
| function setOwner (user, next) { | ||
| sails.log('User.afterCreate.setOwner', user); | ||
| sails.log.verbose('User.afterCreate.setOwner', user); | ||
| User | ||
@@ -27,0 +27,0 @@ .update({ id: user.id }, { owner: user.id }) |
@@ -23,3 +23,3 @@ /** | ||
| if (!PermissionService.hasPassingCriteria(body, permissions, body)) { | ||
| return res.badRequest({ | ||
| return res.forbidden({ | ||
| error: 'Can\'t create this object, because of failing where clause' | ||
@@ -36,3 +36,14 @@ }); | ||
| // get all of the where clauses and blacklists into one flat array | ||
| var criteria = _.compact(_.flatten(_.pluck(permissions, 'criteria'))); | ||
| // if a permission has no criteria then it is always true | ||
| var criteria = _.compact(_.flatten( | ||
| _.map( | ||
| _.pluck(permissions, 'criteria'), | ||
| function(c) { | ||
| if (c.length == 0) { | ||
| return [{where: {}}]; | ||
| } | ||
| return c; | ||
| } | ||
| ) | ||
| )); | ||
@@ -54,3 +65,3 @@ if (criteria.length) { | ||
| if (!PermissionService.hasPassingCriteria(objects, permissions, body, req.user.id)) { | ||
| return res.badRequest({ | ||
| return res.forbidden({ | ||
| error: 'Can\'t ' + action + ', because of failing where clause or attribute permissions' | ||
@@ -57,0 +68,0 @@ }); |
@@ -14,9 +14,9 @@ /** | ||
| /* | ||
| sails.log('OwnerPolicy user', req.user); | ||
| sails.log('OwnerPolicy method', req.method); | ||
| sails.log('OwnerPolicy req.body', req.body); | ||
| sails.log.verbose('OwnerPolicy user', req.user); | ||
| sails.log.verbose('OwnerPolicy method', req.method); | ||
| sails.log.verbose('OwnerPolicy req.body', req.body); | ||
| */ | ||
| if (req.options.modelDefinition.autoCreatedBy === false) { | ||
| // sails.log('OwnerPolicy hasOwnershipPolicy: false'); | ||
| // sails.log.verbose('OwnerPolicy hasOwnershipPolicy: false'); | ||
| return next(); | ||
@@ -31,4 +31,4 @@ } | ||
| //sails.log('OwnerPolicy req.model', req.model); | ||
| //sails.log.verbose('OwnerPolicy req.model', req.model); | ||
| next(); | ||
| }; |
@@ -40,3 +40,3 @@ var Promise = require('bluebird'); | ||
| if (!permissions || permissions.length === 0) { | ||
| return res.badRequest({ error: PermissionService.getErrorMessage(options) }); | ||
| return res.forbidden({ error: PermissionService.getErrorMessage(options) }); | ||
| } | ||
@@ -67,4 +67,4 @@ | ||
| //sails.log('data', _data); | ||
| //sails.log('options', options); | ||
| //sails.log.verbose('data', _data); | ||
| //sails.log.verbose('options', options); | ||
@@ -77,3 +77,3 @@ // TODO search populated associations | ||
| .then(function (results) { | ||
| //sails.log('results', results); | ||
| //sails.log.verbose('results', results); | ||
| var permitted = _.filter(results, function (result) { | ||
@@ -86,3 +86,3 @@ return _.any(req.permissions, function (permission) { | ||
| if (permitted.length === 0) { | ||
| //sails.log('permitted.length === 0'); | ||
| //sails.log.verbose('permitted.length === 0'); | ||
| return res.send(404); | ||
@@ -89,0 +89,0 @@ } |
@@ -49,3 +49,3 @@ /** | ||
| if (PermissionService.hasForeignObjects(objects, req.user)) { | ||
| return res.badRequest({ | ||
| return res.forbidden({ | ||
| error: 'Cannot perform action [' + action + '] on foreign object' | ||
@@ -52,0 +52,0 @@ }); |
@@ -30,4 +30,4 @@ var Promise = require('bluebird'); | ||
| return function(object) { | ||
| //sails.log('object', object); | ||
| //sails.log('object.owner: ', object.owner, ', owner:', owner); | ||
| //sails.log.verbose('object', object); | ||
| //sails.log.verbose('object.owner: ', object.owner, ', owner:', owner); | ||
| return object.owner !== owner; | ||
@@ -124,14 +124,22 @@ }; | ||
| var criteria = permissions.reduce(function(memo, perm) { | ||
| if (perm && perm.criteria) { | ||
| memo = memo.concat(perm.criteria); | ||
| var criteria = permissions.reduce(function (memo, perm) { | ||
| if (perm) { | ||
| if (!perm.criteria || perm.criteria.length==0) { | ||
| // If a permission has no criteria then it passes for all cases | ||
| // (like the admin role) | ||
| memo = memo.concat([{where:{}}]); | ||
| } | ||
| else { | ||
| memo = memo.concat(perm.criteria); | ||
| } | ||
| if (perm.relation === 'owner') { | ||
| perm.criteria.forEach(function (criteria) { | ||
| criteria.owner = true; | ||
| }); | ||
| } | ||
| return memo; | ||
| } | ||
| if (perm.relation === 'owner') { | ||
| perm.criteria.forEach(function(criteria) { | ||
| criteria.owner = true; | ||
| }); | ||
| } | ||
| return memo; | ||
| }, []); | ||
| if (!_.isArray(criteria)) { | ||
@@ -138,0 +146,0 @@ criteria = [criteria]; |
@@ -8,3 +8,3 @@ var Promise = require('bluebird'); | ||
| exports.createModels = function () { | ||
| sails.log('sails-permissions: syncing waterline models'); | ||
| sails.log.verbose('sails-permissions: syncing waterline models'); | ||
@@ -11,0 +11,0 @@ var models = _.compact(_.map(sails.controllers, function (controller, name) { |
@@ -46,3 +46,3 @@ var Promise = require('bluebird'); | ||
| .then(function (permissions) { | ||
| //sails.log('created', permissions.length, 'permissions'); | ||
| //sails.log.verbose('created', permissions.length, 'permissions'); | ||
| return permissions; | ||
@@ -49,0 +49,0 @@ }); |
@@ -19,3 +19,3 @@ /** | ||
| sails.log('sails-permissions: admin user does not exist; creating...'); | ||
| sails.log.info('sails-permissions: admin user does not exist; creating...'); | ||
| return User.register({ | ||
@@ -22,0 +22,0 @@ username: sails.config.permissions.adminUsername, |
| { | ||
| "name": "sails-permissions", | ||
| "version": "1.4.3", | ||
| "version": "1.4.4", | ||
| "description": "Comprehensive user permissions and entitlements system for sails.js and Waterline. Supports user authentication with passport.js, role-based permissioning, object ownership, and row-level security.", | ||
@@ -5,0 +5,0 @@ "main": "api/hooks/sails-permissions.js", |
@@ -319,3 +319,3 @@ var assert = require('assert'); | ||
| }) | ||
| .expect(400) | ||
| .expect(403) | ||
| .end(function(err, res) { | ||
@@ -386,3 +386,3 @@ | ||
| }) | ||
| .expect(400) | ||
| .expect(403) | ||
| .end(function(err, res) { | ||
@@ -405,3 +405,3 @@ assert(res.body.hasOwnProperty('error')); | ||
| }) | ||
| .expect(400) | ||
| .expect(403) | ||
| .end(function(err, res) { | ||
@@ -437,3 +437,3 @@ assert(res.body.hasOwnProperty('error')); | ||
| it('should have filtered out all of the permissions results', function(done) { | ||
| it.skip('should have filtered out all of the permissions results', function(done) { | ||
@@ -460,3 +460,3 @@ request(sails.hooks.http.app) | ||
| }) | ||
| .expect(400) | ||
| .expect(403) | ||
| .end(function(err, res) { | ||
@@ -481,3 +481,3 @@ | ||
| .set('Authorization', registeredAuth.Authorization) | ||
| .expect(400) | ||
| .expect(403) | ||
| .end(function(err, res) { | ||
@@ -484,0 +484,0 @@ var user = res.body; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.6%
102401
- Lines of code
- increased by0.61%
2957