UNPKG

casbin

Version:

An authorization library that supports access control models like ACL, RBAC, ABAC in Node.JS

casbin.org

casbin/node-casbin

99 lines (98 loc) 3.86 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
"use strict"; // Copyright 2017 The casbin Authors. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.Assertion = void 0; const rbac = __importStar(require("../rbac")); const log_1 = require("../log"); const model_1 = require("./model"); // Assertion represents an expression in a section of the model. // For example: r = sub, obj, act class Assertion { /** * constructor is the constructor for Assertion. */ constructor() { this.key = ''; this.value = ''; this.tokens = []; this.policy = []; this.rm = new rbac.DefaultRoleManager(10); this.fieldIndexMap = new Map(); } async buildIncrementalRoleLinks(rm, op, rules) { this.rm = rm; const count = (this.value.match(/_/g) || []).length; if (count < 2) { throw new Error('the number of "_" in role definition should be at least 2'); } for (let rule of rules) { if (rule.length < count) { throw new Error('grouping policy elements do not meet role definition'); } if (rule.length > count) { rule = rule.slice(0, count); } switch (op) { case model_1.PolicyOp.PolicyAdd: await this.rm.addLink(rule[0], rule[1], ...rule.slice(2)); break; case model_1.PolicyOp.PolicyRemove: await this.rm.deleteLink(rule[0], rule[1], ...rule.slice(2)); break; default: throw new Error('unsupported operation'); } } } async buildRoleLinks(rm) { this.rm = rm; const count = (this.value.match(/_/g) || []).length; if (count < 2) { throw new Error('the number of "_" in role definition should be at least 2'); } for (let rule of this.policy) { if (rule.length > count) { rule = rule.slice(0, count); } await this.rm.addLink(rule[0], rule[1], ...rule.slice(2)); } (0, log_1.logPrint)(`Role links for: ${this.key}`); await this.rm.printRoles(); } } exports.Assertion = Assertion;