UNPKG

multi-acl

Version:

Simple multi-endpoint acl checker

github.com/BosioGerman/multi-acl

BosioGerman/multi-acl

39 lines (29 loc) 1.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
'use strict' const _ = require('lodash') const p2r = require('path-to-regexp') module.exports = { CheckUserAcl (userAclList, endpoint, resource, method) { // Filter by endpoint let byEndpoint = _.filter(userAclList, (o) => o.endpoint === endpoint || o.endpoint === '*') // Exit if no match if (byEndpoint.length === 0) return false // Exit if have deny rule for all resources and all methods if (_.filter(byEndpoint, (o) => o.action === 'deny' && o.method === '*' && o.resource === '*').length > 0) return false // Sort with deny first let sorted = _.sortBy(byEndpoint, (o) => o.action === 'deny') // Find matches by resource let byResource = _.filter(sorted, function (o) { if (o.resource === '*') return true var re = p2r(o.resource) return re.exec(resource) != null }) // Filter By Method let byMethod = _.filter(byResource, function (o) { if (o.methods === '*') return true return _.filter(o.methods, (m) => m === method).length > 0 }) if (_.filter(byMethod, (o) => o.action === 'deny').length > 0) return false if (_.filter(byMethod, (o) => o.action === 'allow').length > 0) return true return false } }