UNPKG

@getanthill/datastore

Version:

Event-Sourced Datastore

gitlab.com/getanthill/datastore

104 lines (103 loc) 2.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
import { ErrorObject } from 'ajv'; import type { JSONSchema4 } from 'json-schema'; export interface JSONSchema extends JSONSchema4 { } export declare const AUTHORIZATION_VERB_ALLOW = "allow"; export declare const AUTHORIZATION_VERB_DENY = "deny"; export declare const AUTHORIZATION_SCOPE_ACTION = "action"; export declare const AUTHORIZATION_SCOPE_CONTEXT = "context"; export declare const AUTHORIZATION_SCOPE_OBJECT = "object"; export declare const AUTHORIZATION_SCOPE_SUBJECT = "subject"; export declare enum AuthorizationScopes { Subject = "subject", Action = "action", Object = "object", Context = "context" } export type AuthorizationScope = AuthorizationScopes.Subject | AuthorizationScopes.Action | AuthorizationScopes.Object | AuthorizationScopes.Context; export type Scope = Array<string>; export interface Action { scope: Scope; [key: string]: any; } export interface Subject { scope: Scope; [key: string]: any; } export interface Object { scope: Scope; [key: string]: any; } export interface Context { scope: Scope; [key: string]: any; } export interface AuthorizationRequest { action: Action; subject: Subject; object: Object; context: Context; } export interface ScopeValidation { is_valid: boolean; errors: Array<ErrorObject<string, Record<string, any>, unknown>>; } export interface RuleValidation { [AuthorizationScopes.Action]: ScopeValidation; [AuthorizationScopes.Subject]: ScopeValidation; [AuthorizationScopes.Object]: ScopeValidation; [AuthorizationScopes.Context]: ScopeValidation; } export interface Decision { verb: PolicyVerb; obligations: Array<Obligation>; validations: Array<RuleValidation>; } export interface Attribute { attribute_id?: string; is_enabled: boolean; attribute: string; description: string; value: string; scope: Scope; } export interface Rule { rule_id?: string; is_enabled: boolean; name: string; description: string; subject: JSONSchema; action: JSONSchema; object: JSONSchema; context: JSONSchema; } export interface Obligation { obligation_id?: string; is_enabled: boolean; name: string; description: string; type: 'patch' | 'pick'; source: 'payload' | 'query' | 'headers' | 'body'; value: any; } export declare enum PolicyVerbs { Allow = "allow", Deny = "deny" } export type PolicyVerb = PolicyVerbs.Allow | PolicyVerbs.Deny; export interface Policy { policy_id?: string; is_enabled: boolean; name: string; description: string; scope: Scope; verb: PolicyVerb; rules: Array<Rule>; obligations: Array<Obligation>; } export interface RequestAttributes { [AuthorizationScopes.Action]: Array<Attribute>; [AuthorizationScopes.Subject]: Array<Attribute>; [AuthorizationScopes.Object]: Array<Attribute>; [AuthorizationScopes.Context]: Array<Attribute>; }