UNPKG

@inrupt/solid-client

Version:

Make your web apps work with Solid Pods.

inrupt.github.io/solid-client-js/

inrupt/solid-client-js

90 lines (85 loc) 4.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// Copyright Inrupt Inc. // // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to deal in // the Software without restriction, including without limitation the rights to use, // copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the // Software, and to permit persons to whom the Software is furnished to do so, // subject to the following conditions: // // The above copyright notice and this permission notice shall be included in // all copies or substantial portions of the Software. // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A // PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // import type { AccessModes, UrlString, WebId } from "../interfaces"; import type { DefaultOptions } from "../acp/type/DefaultOptions"; import { getResourceInfo } from "../resource/resource"; import { setAgentAccess as setAgentAccessAcp } from "../acp/util/setAgentAccess"; import type { WacAccess } from "../access/wac"; import { setAgentResourceAccess as setAgentAccessWac, getAgentAccess as getAgentAccessWac, } from "../access/wac"; import { getResourceAcr } from "../acp/util/getResourceAcr"; import { saveAcrFor } from "../acp/acp"; import { getAgentAccess } from "./getAgentAccess"; /** * Set access to a resource for a given Agent. * * This function works with Solid Pods that implement either the Web Access * Control spec or the Access Control Policies proposal, with some caveats: * * - If access to the given Resource has been set using anything other than the * functions in this module, it is possible that it has been set in a way that * prevents this function from reliably setting access. * - It will only set access explicitly for the given Agent. In other words, * additional restrictions could be present that further restrict or loosen * what access the given Agent has in particular circumstances. * - The provided access will only apply to the given Resource. In other words, * if the Resource is a Container, the configured Access will not apply to * contained Resources. * - If the current user does not have permission to view or change access for * the given Resource, this function will resolve to `null`. * * Additionally, two caveats apply to users with a Pod server that uses WAC: * - If the Resource did not have an ACL yet, a new one will be initialised. * This means that changes to the ACL of a parent Container can no longer * affect access people have to this Resource, although existing access will * be preserved. * - Setting different values for `controlRead` and `controlWrite` is not * supported, and **will throw an error**. If you expect (some of) your users * to have Pods implementing WAC, be sure to pass the same value for both. * * @param resourceUrl URL of the Resource you want to set access for. * @param webId WebID of the Agent you want to set access for. * @param access The Access Modes to add (true) or remove (false). * @param options Default Options such as a fetch function. * @since 1.19.0 */ export async function setAgentAccess( resourceUrl: UrlString, webId: WebId, access: Partial<AccessModes>, options?: DefaultOptions, ): Promise<AccessModes | null> { // TODO: Change the standard getAgentAccess signatures to all take a T extends WithAcl const resourceInfo = await getResourceInfo(resourceUrl, options); const acr = await getResourceAcr(resourceInfo, options); if (acr === null) { await setAgentAccessWac(resourceInfo, webId, access as WacAccess, options); return getAgentAccessWac(resourceInfo, webId, options); } // TODO: Make sure both setAgentAccessWac and setAgentAccessAcp don't save within the function, expose one standard saveAclFor function that is universal. try { await saveAcrFor(await setAgentAccessAcp(acr, webId, access), options); return await getAgentAccess(resourceUrl, webId, options); } catch { return null; } }