UNPKG

@microtica/auth

Version:

Authentication and Authorization library

125 lines (124 loc) 5.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import { Column, Table } from "@microtica/database"; import { Request, Response } from "express"; import * as _ from "lodash"; import { AuthHeaders, Dictionary } from "."; import { AssigneeType, EntityPermission } from "./entity-permission"; declare type Procedure = () => void; export declare enum AccessPermission { GrantAccess = "GRANT_ACCESS", RevokeAccess = "REVOKE_ACCESS" } export interface Auth { id: string; type?: string; plain?: string; roles?: string[]; groups?: string[]; } export interface AccessList { assigneeId: string; assigneeType: AssigneeType; permissions: string[]; } export interface AuthRequest extends Request { auth?: Auth; } export declare class AuthManager { protected auth?: Auth | undefined; constructor(auth?: Auth | undefined); private static serializePermissions; private static deserializePermissions; /** * Returns all the needed Authorization Headers * * @param headers The Header object of the request * @returns Returns an object with all the AuthHeaders extracted from the Request.Headers */ static getAuthHeaders(headers: _.Dictionary<string>): AuthHeaders; /** * Grants certain permissions to the given user or group on the entity provided. * * @param assigneeId The assigneeId you want to grant access to * @param assigneeType The assigneeType of the assignee * @param entityId The Entity you want to grant the access on * @param permissions The permissions you want to be granted * @returns Returns an object with a done boolean parameter */ grantAccess(assigneeId: string, assigneeType: AssigneeType, entityId: string, permissions: string[]): Promise<{ done: boolean; }>; /** * Removes all access from the given assignee, on the given entity * * @param assigneeId The Assignee you want to revoke all access from * @param entityId The entity you want that access revoked * @returns Returns an object with a done boolean parameter */ revokeAccess(assigneeId: string, entityId: string): Promise<{ done: boolean; }>; /** * Sets an Access List to the given entityId * * @param entityId The entity you want to set the access list to * @param accessList The access list you want to set * @returns Returns an object with a done boolean parameter */ forceInheritAccess(entityId: string, accessList: AccessList[]): Promise<{ done: boolean; }>; /** * Returns the Access List for the given Entity * * @param entityId The entity, which you want the access list for * @returns Returns an array with data of the EntityPermission Table */ getAccessList(entityId: string): Promise<(EntityPermission & { permissions: string[]; })[]>; /** * Returns the Access List for multiple entities * * @param entityIds The entities, which you want the access list for * @returns Returns a dictionary of arrays with data of the EntityPermission Table */ getAccessListForMultipleEntities(entityIds: string[]): Promise<Dictionary<(EntityPermission & { permissions: string[]; })[]>>; /** * Returns an Access List for the given Assignee Type and Entity * * @param entityId The entity, which you want the access list for * @param filterAssigneeType The assignee type you want from the access list * @returns Returns an array of the Access Lists on the entityId */ getAccessListByType(entityId: string, filterAssigneeType?: AssigneeType): Promise<AccessList[]>; /** * Returns a query of the entity table with the entities/data with sufficient access * if given a parentId, returns a query of the entities/data the parent has access to * if not, returns a query of the entities/data the User has access to * * @param entity The EntityTable * @param parentId The Parent ID to check access against * @returns A query with the EntityTable joined with EntityPermission Table */ listEntities<T>(entity: Table<T> & { id: Column<string>; }, parentId?: string): import("anydb-sql").Group<import("anydb-sql").Query<T>>; } /** * Returns the Authorization Function * * @param requiredPermissions The Required Permissions for the User to pass * @returns Returns the authorize function */ export declare function authorize(...requiredPermissions: string[]): (req: AuthRequest, res: Response, next: Procedure) => void | import("express-serve-static-core").Response; /** * Returns the Authorization Function * * @param entityParam The Entity to authorize against * @param requiredPermissions The Required Permissions for the User to pass * @returns Returns the authorize function */ export declare function authorizeStrict(entityParam: string, requiredPermissions: string[]): (req: AuthRequest, res: Response, next: Procedure) => void | import("express-serve-static-core").Response; export {};