pauldron-policy
Version:
Simple JSON-based Authorization Policy Engine
225 lines (224 loc) • 6.67 kB
HTML
<html lang="en">
<head>
<title>Code coverage report for SimplePolicyEngine.js</title>
<meta charset="utf-8" />
<link rel="stylesheet" href="prettify.css" />
<link rel="stylesheet" href="base.css" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type='text/css'>
.coverage-summary .sorter {
background-image: url(sort-arrow-sprite.png);
}
</style>
</head>
<body>
<div class='wrapper'>
<div class='pad1'>
<h1>
<a href="index.html">All files</a> SimplePolicyEngine.js
</h1>
<div class='clearfix'>
<div class='fl pad1y space-right2'>
<span class="strong">100% </span>
<span class="quiet">Statements</span>
<span class='fraction'>20/20</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">100% </span>
<span class="quiet">Branches</span>
<span class='fraction'>12/12</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">100% </span>
<span class="quiet">Functions</span>
<span class='fraction'>9/9</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">100% </span>
<span class="quiet">Lines</span>
<span class='fraction'>19/19</span>
</div>
</div>
</div>
<div class='status-line high'></div>
<pre><table class="coverage">
<tr><td class="line-count quiet">1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54</td><td class="line-coverage quiet"><span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-yes">45x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">8x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">45x</span>
<span class="cline-any cline-yes">44x</span>
<span class="cline-any cline-yes">52x</span>
<span class="cline-any cline-yes">52x</span>
<span class="cline-any cline-yes">44x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">45x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">45x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">27x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">27x</span>
<span class="cline-any cline-yes">39x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span></td><td class="text"><pre class="prettyprint lang-js">
const _ = require("lodash");
const {combineDecisionsDenyOverrides} = require("./SimplePolicyDecisionCombinerEngine");
function evaluate(claims, policy) {
const policyDecisions = Object.keys(policy.content.rules).map((ruleId) => (
matchesRule(claims, policy.content.rules[ruleId])
? policy.content.rules[ruleId].decision
: {authorization: "NotApplicable", obligations: []}
));
const finalDecision = combineDecisionsDenyOverrides(policyDecisions);
if (finalDecision.authorization === "NotApplicable") {
return policy.content.default;
} else {
return finalDecision;
}
}
function matchesRule(claims, rule) {
const matchesRuleSignature =
(rule.matchAnyOf.map((rule) => (
Object.keys(rule)
.map((key) => (_.isEqual(claims[key], rule[key])))
.reduce((acc, current) => (acc && current), true))
).reduce((acc, current) => (acc || current), false));
const matchesCondition = (!rule.condition) || evaluateCondition(claims, rule.condition);
return matchesRuleSignature && matchesCondition;
}
function evaluateCondition(claims, condition) {
const functionText = `
'use strict';
try {
if (${condition})
return true;
else
return false;
} catch (e) {
return false;
}
`;
const func = new Function(Object.keys(claims).join(","), functionText);
return func.apply(null, Object.keys(claims).map((key) => (claims[key])));
}
module.exports = {
evaluate
}
</pre></td></tr>
</table></pre>
<div class='push'></div><!-- for sticky footer -->
</div><!-- /wrapper -->
<div class='footer quiet pad2 space-top1 center small'>
Code coverage
generated by <a href="https://istanbul.js.org/" target="_blank">istanbul</a> at Thu Nov 22 2018 16:28:45 GMT-0800 (Pacific Standard Time)
</div>
</div>
<script src="prettify.js"></script>
<script>
window.onload = function () {
if (typeof prettyPrint === 'function') {
prettyPrint();
}
};
</script>
<script src="sorter.js"></script>
</body>
</html>