Gergő Jedlicska
968d2f2520
* wip * wip * feat(authz): wip policy shape * wip * fix(authz): canReadProject with latest pattern * wip * feat(shared): simplify authz checks and policies * feat(shared): port role weights into shared * test(shared): some more tests for authz * test(shared): more query project tests * typo! * feat(shared): ff loading refinements * feat(shared): example authorization policy integration * authz loaders init * chore(authz): naming etc * wip * fix(authz): authz error objects Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com> Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com> * fix(authz): use correct role weights * chore(authz): use codes from errors in tests * chore(authz): wow * chore(authz): fix more tests, add more tests * chore(authz): fix some tests, add some tests (again) * fix(authz): fix tests again * fix(server): you need to await !!!! otherwise it crashes the server. --------- Co-authored-by: Charles Driesler <chuck@speckle.systems> Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com> Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com>
52 lines
1.3 KiB
TypeScript
52 lines
1.3 KiB
TypeScript
import { LoaderConfigurationError } from '@/modules/shared/errors'
|
|
import { Authz } from '@speckle/shared'
|
|
|
|
let cachedLoaders: Partial<Authz.AuthCheckContextLoaders> = {}
|
|
|
|
const loaderKeys: (keyof Authz.AuthCheckContextLoaders)[] = [
|
|
'getEnv',
|
|
'getProject',
|
|
'getProjectRole',
|
|
'getServerRole',
|
|
'getWorkspace',
|
|
'getWorkspaceRole',
|
|
'getWorkspaceSsoProvider',
|
|
'getWorkspaceSsoSession'
|
|
]
|
|
|
|
export const defineLoaders = (
|
|
loaders: Partial<Authz.AuthCheckContextLoaders>
|
|
): void => {
|
|
for (const key of Object.keys(loaders)) {
|
|
if (!loaderKeys.includes(key as keyof Authz.AuthCheckContextLoaders)) {
|
|
throw new LoaderConfigurationError(
|
|
`Attempted to define loader with unknown key: ${key}`
|
|
)
|
|
}
|
|
}
|
|
|
|
cachedLoaders = {
|
|
...cachedLoaders,
|
|
...loaders
|
|
}
|
|
}
|
|
|
|
const isValidLoaders = (
|
|
loaders: Partial<Authz.AuthCheckContextLoaders>
|
|
): loaders is Authz.AuthCheckContextLoaders => {
|
|
return loaderKeys.every((key) => !!loaders[key])
|
|
}
|
|
|
|
export const validateLoaders = () => {
|
|
if (!isValidLoaders(cachedLoaders)) {
|
|
throw new LoaderConfigurationError()
|
|
}
|
|
}
|
|
|
|
export const getLoaders = (): Authz.AuthCheckContextLoaders => {
|
|
if (!isValidLoaders(cachedLoaders)) {
|
|
throw new LoaderConfigurationError('Attempted to reference invalid loaders.')
|
|
}
|
|
return cachedLoaders
|
|
}
|