UNPKG

@superawesome/permissions

Version:

Fine grained permissions / access control with ownerships & attribute picking, done right.

permissions.docs.superawesome.com

SuperAwesomeLTD/permissions

75 lines 4.51 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.limitOwned_DocsOfMeAndMyCompanyUsers = exports.listOwned_DocsOfMeAndMyCompanyUsers = exports.isOwner_isDocCreatedByMeAndMyCompanyUsers = exports.listDocsOfMeAndMyCompanyUsers = exports.limitOwned_DocsOfMeAndMyManagedUsers = exports.listOwned_DocsOfMeAndMyManagedUsers = exports.isOwner_isDocCreatedByMeAndMyManagedUsers = exports.listDocsOfMeAndMyManagedUsers = exports.limitOwned_listUserCreatedDocuments = exports.listOwned_listUserCreatedDocuments = exports.isOwner_isUserCreatorOfDocument = exports.listUserCreatedDocuments = exports.isUserCreatorOfDocument = exports.USER_BELONGS_TO_ONE_COMPANY = exports.USER_MANAGES_MANY_USERS = exports.ALL_DOCUMENTS = exports.ALL_DOCUMENTS_IDS = exports.USER_CREATED_DOCUMENTS = exports.USERS = void 0; /* eslint-disable @typescript-eslint/camelcase */ // Our "Database" const _f = require("lodash/fp"); const _ = require("lodash"); exports.USERS = { employee1: { id: 1, roles: ['EMPLOYEE'] }, employeeManager2: { id: 2, roles: ['EMPLOYEE_MANAGER'] }, qaManager3: { id: 3, roles: ['QA_MANAGER'] }, companyAdmin4: { id: 4, roles: ['COMPANY_ADMIN'] }, superAdmin5: { id: 5, roles: ['SUPER_ADMIN'] }, god6: { id: 6, roles: ['GOD'] }, managerAndCompanyAdmin7: { id: 7, roles: ['EMPLOYEE_MANAGER', 'COMPANY_ADMIN'] }, employeeAndSuperAdmin8: { id: 8, roles: ['EMPLOYEE', 'SUPER_ADMIN'] }, }; exports.USER_CREATED_DOCUMENTS = { // userId: documentId[] 1: [1, 10, 100], 2: [2, 20, 200], 3: [3, 30, 300], 4: [4, 40, 400], 5: [5, 50, 500], 6: [6, 60, 600], 7: [7, 70, 700], 8: [8, 80, 800], }; exports.ALL_DOCUMENTS_IDS = _f.flow(_f.values, _f.flatten)(exports.USER_CREATED_DOCUMENTS); exports.ALL_DOCUMENTS = _.flatten(_.values(exports.USER_CREATED_DOCUMENTS)).map((id) => ({ id, title: `Document Title ${id}`, date: `2020-02-0${[`${id}`][0]}`, someRandomField: `Some random value ${id}`, confidential: `Confidential ${id}`, })); exports.USER_MANAGES_MANY_USERS = { // userId: userId[] 2: [1, 4], 3: [2, 5], 7: [5, 6], }; exports.USER_BELONGS_TO_ONE_COMPANY = { // userId: companyId 1: 1, 2: 1, 3: 1, 4: 2, 5: 2, 6: 2, 7: 1, }; // Ownership if I am the direct document creator exports.isUserCreatorOfDocument = ({ user, resourceId }) => (exports.USER_CREATED_DOCUMENTS[user.id] || []).includes(resourceId); exports.listUserCreatedDocuments = async (user) => exports.USER_CREATED_DOCUMENTS[user.id] || []; exports.isOwner_isUserCreatorOfDocument = async ({ user, resourceId }) => exports.isUserCreatorOfDocument({ user, resourceId }); exports.listOwned_listUserCreatedDocuments = async (user) => exports.listUserCreatedDocuments(user); exports.limitOwned_listUserCreatedDocuments = ({ user, }) => (document) => (exports.USER_CREATED_DOCUMENTS[user.id] || []).includes(document.id); // Ownership if I am the document creator OR created by a user managed by me (i.e Employee Manager) exports.listDocsOfMeAndMyManagedUsers = (user) => [ ...(exports.USER_CREATED_DOCUMENTS[user.id] || []), ..._.flatten((exports.USER_MANAGES_MANY_USERS[user.id] || []).map((userId) => exports.USER_CREATED_DOCUMENTS[userId])), ]; exports.isOwner_isDocCreatedByMeAndMyManagedUsers = async ({ user, resourceId }) => exports.listDocsOfMeAndMyManagedUsers(user).includes(resourceId); exports.listOwned_DocsOfMeAndMyManagedUsers = async (user) => exports.listDocsOfMeAndMyManagedUsers(user); exports.limitOwned_DocsOfMeAndMyManagedUsers = ({ user, }) => (document) => exports.listDocsOfMeAndMyManagedUsers(user).includes(document.id); // Ownership if I am the Document creator OR created by a User in my Company (i.e Company Admin) exports.listDocsOfMeAndMyCompanyUsers = (user) => { const companyId = exports.USER_BELONGS_TO_ONE_COMPANY[user.id]; return _.flow(_f.pickBy(_f.isEqual(companyId)), _f.keys, _f.map((userId) => exports.USER_CREATED_DOCUMENTS[userId]), _f.flatten, _f.uniq)(exports.USER_BELONGS_TO_ONE_COMPANY); }; exports.isOwner_isDocCreatedByMeAndMyCompanyUsers = async ({ user, resourceId }) => exports.listDocsOfMeAndMyCompanyUsers(user).includes(resourceId); exports.listOwned_DocsOfMeAndMyCompanyUsers = async (user) => exports.listDocsOfMeAndMyCompanyUsers(user); exports.limitOwned_DocsOfMeAndMyCompanyUsers = ({ user, }) => (document) => exports.listDocsOfMeAndMyCompanyUsers(user).includes(document.id); //# sourceMappingURL=data.fixtures.js.map