UNPKG

grpc-acl

Version:

GRPC ACL microservice

github.com/devsu/grpc-acl

devsu/grpc-acl

123 lines (102 loc) 3.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
const ACL = require('acl'); module.exports = class { constructor(options) { this.acl = new ACL(options); } addUserRoles(call) { return this.acl.addUserRoles(call.request.user, call.request.roles); } removeUserRoles(call) { return this.acl.removeUserRoles(call.request.user, call.request.roles); } getUserRoles(call) { return this.acl.userRoles(call.request.user).then((roles) => { return {roles}; }); } getRoleUsers(call) { return this.acl.roleUsers(call.request.role).then((users) => { return {users}; }); } hasRole(call) { return this.acl.hasRole(call.request.user, call.request.role).then((result) => { return {result}; }); } addRoleParents(call) { return this.acl.addRoleParents(call.request.role, call.request.parents); } removeRoleParents(call) { return this.acl.removeRoleParents(call.request.role, call.request.parents); } removeRole(call) { return this.acl.removeRole(call.request.role); } removeResource(call) { return this.acl.removeResource(call.request.resource); } allow(call) { return this.acl.allow(call.request.roles, call.request.resources, call.request.permissions); } allowMultiple(call) { const allows = call.request.data.map((allow) => { return { 'roles': allow.roles, 'allows': [{'resources': allow.resources, 'permissions': allow.permissions}], }; }); return this.acl.allow(allows); } removeAllow(call) { return this.acl.removeAllow(call.request.role, call.request.resources, call.request.permissions); } getPermissions(call) { const req = call.request; return this.acl.allowedPermissions(req.user, req.resources).then((permissions) => { const data = permissions.map((permission) => { const key = Object.keys(permission)[0]; return { 'resource': key, 'permissions': permission[key], }; }); return {data}; }); } isAllowed(call) { const req = call.request; return this.acl.isAllowed(req.user, req.resource, req.permissions).then((result) => { return {result}; }); } areAnyRolesAllowed(call) { const req = call.request; return this.acl.areAnyRolesAllowed(req.roles, req.resource, req.permissions).then((result) => { return {result}; }); } getRolePermissions(call) { return this._getRolePermissionsCommon(call.request.role); } getRolesPermissions(call) { return this._getRolePermissionsCommon(call.request.roles); } _getRolePermissionsCommon(roles) { return this.acl.whatResources(roles).then((resourcesObj) => { const data = Object.keys(resourcesObj).map((key) => { return { 'resource': key, 'permissions': resourcesObj[key], }; }); return {data}; }); } getResources(call) { return this.acl.whatResources(call.request.role, call.request.permissions).then((resources) => { return {resources}; }); } };