shyft-storage-connector
Version:
Storage connector for Shyft
110 lines (82 loc) • 4.09 kB
JavaScript
;
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.handlePermission = exports.loadPermission = exports.applyPermission = exports.PERMISSION_TYPES = void 0;
var _regenerator = _interopRequireDefault(require("@babel/runtime/regenerator"));
var _asyncToGenerator2 = _interopRequireDefault(require("@babel/runtime/helpers/asyncToGenerator"));
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
var _shyft = require("shyft");
function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; }
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { (0, _defineProperty2["default"])(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; }
var PERMISSION_TYPES = {
read: 10,
find: 20,
mutation: 30
};
exports.PERMISSION_TYPES = PERMISSION_TYPES;
var applyPermission = function applyPermission(where, permissionWhere) {
if (!permissionWhere) {
return where;
}
var newWhere = _objectSpread({}, where);
newWhere.$and.push(permissionWhere);
return newWhere;
};
exports.applyPermission = applyPermission;
var loadPermission = function loadPermission(entity, permissionType, entityMutation) {
if (!entity.permissions) {
return null;
} else if (permissionType === PERMISSION_TYPES.read) {
return entity.permissions.read;
} else if (permissionType === PERMISSION_TYPES.find) {
return entity.permissions.find;
} else if (permissionType === PERMISSION_TYPES.mutation) {
if (!entity.permissions.mutations) {
return null;
}
var mutationName = entityMutation.name;
return entity.permissions.mutations[mutationName];
}
throw new _shyft.CustomError("Unknown permission type '".concat(permissionType, "'"), 'PermissionTypeError');
};
exports.loadPermission = loadPermission;
var handlePermission = /*#__PURE__*/function () {
var _ref = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee(context, entity, permissionType, entityMutation, input) {
var permission, userId, userRoles, permissionFilter;
return _regenerator["default"].wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
permission = loadPermission(entity, permissionType, entityMutation);
if (permission) {
_context.next = 3;
break;
}
return _context.abrupt("return", null);
case 3:
userId = context.userId, userRoles = context.userRoles;
_context.next = 6;
return (0, _shyft.buildPermissionFilter)(permission, userId, userRoles, entity, input, context);
case 6:
permissionFilter = _context.sent;
if (permissionFilter) {
_context.next = 9;
break;
}
throw new _shyft.CustomError('Access denied', 'PermissionError', 403);
case 9:
return _context.abrupt("return", permissionFilter);
case 10:
case "end":
return _context.stop();
}
}
}, _callee);
}));
return function handlePermission(_x, _x2, _x3, _x4, _x5) {
return _ref.apply(this, arguments);
};
}();
exports.handlePermission = handlePermission;