@restorecommerce/acs-client

Version:

Access Control Service Client

52 lines • 3.04 kB

TypeScript

import lodash from 'lodash'; export declare const _: lodash.LoDashStatic; import { PolicySetRQ, PolicySetRQResponse, ResourceFilterMap, CustomQueryArgs, DecisionResponse, ACSResource, AuthZAction, ResolvedSubject, Obligation } from './acs/interfaces'; import { QueryArguments, UserQueryArguments } from './acs/resolver'; import { Subject, DeepPartial } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/auth'; import { Attribute } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/attribute'; export declare const handleError: (err: string | Error | any) => any; export declare const buildFilterPermissions: (policySet: PolicySetRQ, subject: ResolvedSubject, reqResources: any, database: string) => Promise<QueryArguments | UserQueryArguments>; export declare const generateOperationStatus: (code?: number, message?: string) => { code: number; message: string; }; /** * Check if the attributes of a resources from a rule, policy * or policy set match the attributes from a request. * * @param ruleAttributes * @param requestAttributes */ export declare const attributesMatch: (ruleAttributes: DeepPartial<Attribute>[], requestAttributes: DeepPartial<Attribute>[]) => boolean; export interface FilterMapResponse { resourceFilterMap: ResourceFilterMap[]; customQueryArgs: CustomQueryArgs[]; } /** * creates resource filters and custom query / arguments for the resource list provided * It iterates through each resource and filter the applicable policies and * provide them to buildFilterPermissions to create filters for each of the resource requested * * @param {ACSResource[]} resource Contains resource name, resource instance and optional resource properties * @param {PolicSetResponse} policySetResponse contains set of applicable policies for entities list * @param {any} resources context resources * @param {AuthZAction} action Action to be performed on resource * @param {Subject} subject Contains subject information * @param {string} subjectID resolved subject identifier from token * @param {boolean} authzEnforced authorization enforcement flag * @param {string} targetScope target scope * @param {Database} database database used either `arangoDB` or `postgres`, * if this param is missing defaults to `arangoDB` * */ export declare const createResourceFilterMap: (resource: ACSResource[], policySetResponse: PolicySetRQResponse, resources: any, action: AuthZAction, subject: DeepPartial<Subject>, subjectID: string, authzEnforced: boolean, targetScope: string, database: "arangoDB" | "postgres") => Promise<FilterMapResponse | DecisionResponse>; /** * converts the Obligation Attribute[] to Obligation[] object * * @param {Attribute[]} obligation contains list of obligations * @returns {Obligation[]} maps the URNS of the entity to resource and obligation attributes * to property[]. * */ export declare const mapResourceURNObligationProperties: (obligations: Attribute[]) => Obligation[]; //# sourceMappingURL=utils.d.ts.map