pauldron-policy
Version:
Simple JSON-based Authorization Policy Engine
372 lines (371 loc) • 11 kB
HTML
<html lang="en">
<head>
<title>Code coverage report for SimpleRule.js</title>
<meta charset="utf-8" />
<link rel="stylesheet" href="prettify.css" />
<link rel="stylesheet" href="base.css" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type='text/css'>
.coverage-summary .sorter {
background-image: url(sort-arrow-sprite.png);
}
</style>
</head>
<body>
<div class='wrapper'>
<div class='pad1'>
<h1>
<a href="index.html">All files</a> SimpleRule.js
</h1>
<div class='clearfix'>
<div class='fl pad1y space-right2'>
<span class="strong">88.57% </span>
<span class="quiet">Statements</span>
<span class='fraction'>31/35</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">84.85% </span>
<span class="quiet">Branches</span>
<span class='fraction'>28/33</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">100% </span>
<span class="quiet">Functions</span>
<span class='fraction'>6/6</span>
</div>
<div class='fl pad1y space-right2'>
<span class="strong">88.57% </span>
<span class="quiet">Lines</span>
<span class='fraction'>31/35</span>
</div>
</div>
</div>
<div class='status-line high'></div>
<pre><table class="coverage">
<tr><td class="line-count quiet">1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103</td><td class="line-coverage quiet"><span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">40x</span>
<span class="cline-any cline-no"> </span>
<span class="cline-any cline-yes">40x</span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">39x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-no"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">37x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">48x</span>
<span class="cline-any cline-yes">8x</span>
<span class="cline-any cline-yes">8x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">40x</span>
<span class="cline-any cline-yes">40x</span>
<span class="cline-any cline-yes">38x</span>
<span class="cline-any cline-yes">115x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">35x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-yes">7x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">5x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">6x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">17x</span>
<span class="cline-any cline-no"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">17x</span>
<span class="cline-any cline-no"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">17x</span>
<span class="cline-any cline-yes">9x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-yes">1x</span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span>
<span class="cline-any cline-neutral"> </span></td><td class="text"><pre class="prettyprint lang-js">const esprima = require("esprima");
const permittedExpressionTypes = [
"ExpressionStatement",
"LogicalExpression",
"Literal",
"MemberExpression",
"BinaryExpression",
"CallExpression",
"Identifier",
"ArrowFunctionExpression",
"UnaryExpression"
];
const permittedMemberFunctionCalls = [
"filter",
"map",
"reduce",
"hasOwnProperty"
];
const permittedUnaryFunctionCalls = [
"!"
];
function validateSyntaxNode( node) {
<span class="missing-if-branch" title="if path not taken" >I</span>if (! node.type)
<span class="cstat-no" title="statement not covered" > return;</span>
if (!permittedExpressionTypes.includes(node.type)) {
throw {
error: "invalid_policy",
message: `${node.type}s are not allowed in 'condition'.`
};
} else if (node.type === "CallExpression") {
<span class="missing-if-branch" title="if path not taken" >I</span>if (!permittedMemberFunctionCalls.includes(node.callee.property.name))
<span class="cstat-no" title="statement not covered" > throw {</span>
error: "invalid_policy",
message: `Calling ${node.callee.property.name} is not allowed in 'condition'.`
};
} else if (node.type === "UnaryExpression") {
if (!permittedUnaryFunctionCalls.includes(node.operator))
throw {
error: "invalid_policy",
message: `Calling ${node.operator} is not allowed in 'condition'.`
};
}
}
function checkSyntaxTreeNodeTypes(node) {
if (node instanceof Array) {
node.forEach(element => {
checkSyntaxTreeNodeTypes(element);
});
} else <span class="missing-if-branch" title="else path not taken" >E</span>if (node instanceof Object) {
validateSyntaxNode(node);
Object.keys(node).forEach((key) => {
if (node[key] &&
(node[key] instanceof Object || (node[key]) instanceof Array)) {
checkSyntaxTreeNodeTypes(node[key]);
}
});
}
}
function validateCondition(conditionString) {
try {
const parseTree = esprima.parse(conditionString);
if (!parseTree.body || parseTree.body.length !== 1 ) {
throw {
error: "invalid_policy",
message: "'condition' must be exactly one non-empty Boolean expression."
};
} else {
checkSyntaxTreeNodeTypes(parseTree.body);
}
} catch (e) {
throw {
error: "invalid_policy",
message: `"Invalid 'condition': ${e.message}`
};
}
}
function validate(rule) {
<span class="missing-if-branch" title="if path not taken" >I</span>if (!rule.matchAnyOf) {
<span class="cstat-no" title="statement not covered" > throw {</span>
error: "invalid_policy",
message: "Must have 'matchAnyOf'."
};
} else <span class="missing-if-branch" title="if path not taken" >I</span>if (!rule.decision) {
<span class="cstat-no" title="statement not covered" > throw {</span>
error: "invalid_policy",
message: "Must have 'decision'."
};
} else if (rule.condition || rule.condition === "") {
validateCondition(rule.condition);
}
}
module.exports = {
validate
}
</pre></td></tr>
</table></pre>
<div class='push'></div><!-- for sticky footer -->
</div><!-- /wrapper -->
<div class='footer quiet pad2 space-top1 center small'>
Code coverage
generated by <a href="https://istanbul.js.org/" target="_blank">istanbul</a> at Thu Nov 22 2018 16:28:45 GMT-0800 (Pacific Standard Time)
</div>
</div>
<script src="prettify.js"></script>
<script>
window.onload = function () {
if (typeof prettyPrint === 'function') {
prettyPrint();
}
};
</script>
<script src="sorter.js"></script>
</body>
</html>