azurite
Version:
An open source Azure Storage API compatible server
66 lines • 6.72 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.OperationAccountSASPermission = void 0;
const tslib_1 = require("tslib");
const operation_1 = tslib_1.__importDefault(require("../generated/artifacts/operation"));
const AccountSASPermissions_1 = require("../../common/authentication/AccountSASPermissions");
const AccountSASResourceTypes_1 = require("../../common/authentication/AccountSASResourceTypes");
const AccountSASServices_1 = require("../../common/authentication/AccountSASServices");
class OperationAccountSASPermission {
constructor(service, resourceType, permission) {
this.service = service;
this.resourceType = resourceType;
this.permission = permission;
}
validate(services, resourceTypes, permissions) {
return (this.validateServices(services) &&
this.validateResourceTypes(resourceTypes) &&
this.validatePermissions(permissions));
}
validateServices(services) {
return services.toString().includes(this.service);
}
validateResourceTypes(resourceTypes) {
for (const p of this.resourceType) {
if (resourceTypes.toString().includes(p)) {
return true;
}
}
return false;
}
validatePermissions(permissions) {
for (const p of this.permission) {
if (permissions.toString().includes(p)) {
return true;
}
}
return false;
}
}
exports.OperationAccountSASPermission = OperationAccountSASPermission;
// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-an-account-sas
// TODO: Check all required operations
const OPERATION_ACCOUNT_SAS_PERMISSIONS = new Map();
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Service_GetProperties, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Service, AccountSASPermissions_1.AccountSASPermission.Read));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Service_SetProperties, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Service, AccountSASPermissions_1.AccountSASPermission.Write));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Service_ListQueuesSegment, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Service, AccountSASPermissions_1.AccountSASPermission.List));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Service_GetStatistics, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Service, AccountSASPermissions_1.AccountSASPermission.Read));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_Create, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Create + AccountSASPermissions_1.AccountSASPermission.Write));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_Delete, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Delete));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_GetProperties, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Read));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_GetPropertiesWithHead, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Read));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_SetMetadata, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Write));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_GetAccessPolicy, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, "" // Not allowed.
));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_GetAccessPolicyWithHead, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, "" // Not allowed.
));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Queue_SetAccessPolicy, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, "" // Not allowed.
));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Messages_Enqueue, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Object, AccountSASPermissions_1.AccountSASPermission.Add));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Messages_Dequeue, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Object, AccountSASPermissions_1.AccountSASPermission.Process));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Messages_Peek, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Object, AccountSASPermissions_1.AccountSASPermission.Read));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.MessageId_Delete, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Process));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.Messages_Clear, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Delete));
OPERATION_ACCOUNT_SAS_PERMISSIONS.set(operation_1.default.MessageId_Update, new OperationAccountSASPermission(AccountSASServices_1.AccountSASService.Queue, AccountSASResourceTypes_1.AccountSASResourceType.Container, AccountSASPermissions_1.AccountSASPermission.Update));
exports.default = OPERATION_ACCOUNT_SAS_PERMISSIONS;
//# sourceMappingURL=OperationAccountSASPermission.js.map