UNPKG

unleash-server

Version:

Unleash is an enterprise ready feature flag service. It provides different strategies for handling feature flags.

github.com/Unleash/unleash

Unleash/unleash

142 lines 7.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
import type { IAuditUser, IUser } from '../types/user.js'; import type { IGroupWithProjectRoles, IProjectRoleUsage, IRole, IRoleDescriptor, IRoleWithPermissions, IRoleWithProject, IUserPermission, IUserRole, IUserWithProjectRoles } from '../types/stores/access-store.js'; import type { IUnleashStores } from '../types/stores.js'; import { type IAvailablePermissions, type ICustomRole, type IPermission, type IRoleData, type IUserWithRole, RoleName } from '../types/model.js'; import type { IGroup } from '../types/group.js'; import type { GroupService } from './group-service.js'; import { type IUnleashConfig, type IUserAccessOverview } from '../types/index.js'; import type EventService from '../features/events/event-service.js'; /** @deprecated prefer to use NamePermissionRef */ export type IdPermissionRef = Pick<IPermission, 'id' | 'environment'>; export type NamePermissionRef = Pick<IPermission, 'name' | 'environment'>; export type PermissionRef = IdPermissionRef | NamePermissionRef; type AccessOverviewPermission = IPermission & { hasPermission: boolean; }; type AccessOverview = { root: AccessOverviewPermission[]; project: AccessOverviewPermission[]; environment: AccessOverviewPermission[]; }; type APIUser = Pick<IUser, 'id' | 'permissions'> & { isAPI: true; }; type NonAPIUser = Pick<IUser, 'id'> & { isAPI?: false; }; export interface IRoleCreation { name: string; description: string; type?: 'root-custom' | 'custom'; permissions?: PermissionRef[]; createdBy?: string; createdByUserId: number; } export interface IRoleValidation { name: string; description?: string; permissions?: PermissionRef[]; } export interface IRoleUpdate { id: number; name: string; description: string; type?: 'root-custom' | 'custom'; permissions?: PermissionRef[]; createdBy?: string; createdByUserId: number; } export interface AccessWithRoles { roles: IRoleDescriptor[]; groups: IGroupWithProjectRoles[]; users: IUserWithProjectRoles[]; } export declare const cleanPermissionEnvironment: (permissions: PermissionRef[] | undefined) => PermissionRef[] | undefined; export declare class AccessService { private store; private accountStore; private roleStore; private groupService; private environmentStore; private logger; private eventService; constructor({ accessStore, accountStore, roleStore, environmentStore, }: Pick<IUnleashStores, 'accessStore' | 'accountStore' | 'roleStore' | 'environmentStore'> & { groupStore?: any; }, // TODO remove groupStore later, kept for backward compatibility with enterprise { getLogger }: Pick<IUnleashConfig, 'getLogger'>, groupService: GroupService, eventService: EventService); private meetsAllPermissions; /** * Used to check if a user has access to the requested resource * * @param user * @param permission * @param projectId */ hasPermission(user: APIUser | NonAPIUser, permission: string | string[], projectId?: string, environment?: string): Promise<boolean>; /** * Returns all roles the user has in the project. * Including roles via groups. * In addition, it includes root roles * @param userId user to find roles for * @param project project to find roles for */ getAllProjectRolesForUser(userId: number, project: string): Promise<IRoleWithProject[]>; /** * Check a user against all available permissions. * Provided a project, project permissions will be checked against that project. * Provided an environment, environment permissions will be checked against that environment (and project). */ getAccessOverviewForUser(user: APIUser | NonAPIUser, projectId?: string, environment?: string): Promise<AccessOverview>; getPermissionsForUser(user: APIUser | NonAPIUser): Promise<IUserPermission[]>; getPermissions(): Promise<IAvailablePermissions>; addUserToRole(userId: number, roleId: number, projectId: string): Promise<void>; addGroupToRole(groupId: number, roleId: number, createdBy: string, projectId: string): Promise<void>; addAccessToProject(roles: number[], groups: number[], users: number[], projectId: string, createdBy: string): Promise<void>; setProjectRolesForUser(projectId: string, userId: number, roles: number[]): Promise<void>; getProjectRolesForUser(projectId: string, userId: number): Promise<number[]>; setProjectRolesForGroup(projectId: string, groupId: number, roles: number[], createdBy: string): Promise<void>; getProjectRolesForGroup(projectId: string, groupId: number): Promise<number[]>; getRoleByName(roleName: string): Promise<IRole>; removeUserAccess(projectId: string, userId: number): Promise<void>; removeGroupAccess(projectId: string, groupId: number): Promise<void>; setUserRootRole(userId: number, role: number | RoleName): Promise<void>; getRootRoleForUser(userId: number): Promise<IRole>; removeUserFromRole(userId: number, roleId: number, projectId: string): Promise<void>; updateUserProjectRole(userId: number, roleId: number, projectId: string): Promise<void>; addPermissionToRole(roleId: number, permission: string, environment?: string): Promise<void>; removePermissionFromRole(roleId: number, permission: string, environment?: string): Promise<void>; getRoles(): Promise<IRole[]>; getRole(id: number): Promise<IRoleWithPermissions>; getRoleData(roleId: number): Promise<IRoleData>; getProjectRoles(): Promise<IRole[]>; getRolesForProject(projectId: string): Promise<IRole[]>; getRolesForUser(userId: number): Promise<IRole[]>; wipeUserPermissions(userId: number): Promise<Array<void>>; getUsersForRole(roleId: number): Promise<IUser[]>; getGroupsForRole(roleId: number): Promise<IGroup[]>; getProjectUsersForRole(roleId: number, projectId?: string): Promise<IUserWithRole[]>; getProjectUsers(projectId: string): Promise<IUserWithProjectRoles[]>; getProjectRoleAccess(projectId: string): Promise<AccessWithRoles>; getProjectRoleUsage(roleId: number): Promise<IProjectRoleUsage[]>; createDefaultProjectRoles(owner: IUser, projectId: string): Promise<void>; removeDefaultProjectRoles(_owner: IUser, projectId: string): Promise<void>; getRootRoleForAllUsers(): Promise<IUserRole[]>; getRootRoles(): Promise<IRole[]>; resolveRootRole(rootRole: number | RoleName): Promise<IRole | undefined>; getPredefinedRole(roleName: RoleName): Promise<IRole>; getAllRoles(): Promise<ICustomRole[]>; createRole(role: IRoleCreation, auditUser: IAuditUser): Promise<ICustomRole>; updateRole(role: IRoleUpdate, auditUser: IAuditUser): Promise<ICustomRole>; sanitizePermissions(permissions: IPermission[]): { name: string; environment?: string; }[]; deleteRole(id: number, deletedBy: IAuditUser): Promise<void>; validateRoleIsUnique(roleName: string, existingId?: number): Promise<void>; validateRoleIsNotBuiltIn(roleId: number): Promise<void>; validateRole(role: IRoleValidation, existingId?: number): Promise<IRoleCreation>; getUserAccessOverview(): Promise<IUserAccessOverview[]>; validatePermissions(permissions?: PermissionRef[]): Promise<void>; } export {}; //# sourceMappingURL=access-service.d.ts.map