unleash-server/dist/lib/middleware/rbac-middleware.js

Unleash is an enterprise ready feature toggles service. It provides different strategies for handling feature toggles.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
const permissions_1 = require("../types/permissions");
const rbacMiddleware = (config, { featureToggleStore }, accessService) => {
    const logger = config.getLogger('/middleware/rbac-middleware.ts');
    logger.debug('Enabling RBAC middleware');
    return (req, res, next) => {
        req.checkRbac = async (permission) => {
            const { user, params } = req;
            if (!user) {
                logger.error('RBAC requires a user to exist on the request.');
                return false;
            }
            if (user.isAPI) {
                return user.permissions.includes(permissions_1.ADMIN);
            }
            if (!user.id) {
                logger.error('RBAC requires the user to have a unique id.');
                return false;
            }
            // For /api/admin/projects/:projectId we will find it as part of params
            let { projectId, environment } = params;
            // Temporary workaround to figure out projectId for feature toggle updates.
            // will be removed in Unleash v5.0
            if ([permissions_1.DELETE_FEATURE, permissions_1.UPDATE_FEATURE].includes(permission)) {
                const { featureName } = params;
                projectId = await featureToggleStore.getProjectId(featureName);
            }
            else if (permission === permissions_1.CREATE_FEATURE) {
                projectId = projectId || req.body.project || 'default';
            }
            return accessService.hasPermission(user, permission, projectId, environment);
        };
        return next();
    };
};
exports.default = rbacMiddleware;
//# sourceMappingURL=rbac-middleware.js.map