From 63a63059ad64c99183fa61ffccec4d6496a750ae Mon Sep 17 00:00:00 2001 From: Stanley Phu Date: Sun, 14 Apr 2024 17:44:57 -0700 Subject: [PATCH 1/2] Add batch check method --- src/modules/Authorization.ts | 23 +++++++++++ src/types/Check.ts | 12 ++++++ test/LiveTest.spec.ts | 79 +++++++++++++++++++++++------------- 3 files changed, 85 insertions(+), 29 deletions(-) diff --git a/src/modules/Authorization.ts b/src/modules/Authorization.ts index e707188..d16cd6b 100644 --- a/src/modules/Authorization.ts +++ b/src/modules/Authorization.ts @@ -1,7 +1,10 @@ import { + BatchCheckParams, Check, + CheckOp, CheckParams, CheckManyParams, + CheckResult, FeatureCheckParams, PermissionCheckParams, checkWarrantParamsToCheckWarrant, @@ -39,6 +42,16 @@ export default class Authorization { return this.makeCheckRequest(check, options); } + public static async batchCheck(checkParams: BatchCheckParams, options: WarrantRequestOptions = {}): Promise { + const check: Check = { + op: CheckOp.Batch, + warrants: checkParams.warrants.map((checkWarrantParams) => checkWarrantParamsToCheckWarrant(checkWarrantParams)), + debug: checkParams.debug + }; + + return this.makeBatchCheckRequest(check, options); + } + public static async hasFeature(featureCheckParams: FeatureCheckParams, options: WarrantRequestOptions = {}): Promise { return this.check({ object: { @@ -94,4 +107,14 @@ export default class Authorization { throw e; } } + + private static async makeBatchCheckRequest(check: Check, options: WarrantRequestOptions = {}): Promise { + const response = await WarrantClient.httpClient.post({ + url: `/${API_VERSION}/check`, + data: check, + options, + }); + + return response.map((checkResult: CheckResult) => checkResult.code === 200); + } } diff --git a/src/types/Check.ts b/src/types/Check.ts index c9a828c..e182b5b 100644 --- a/src/types/Check.ts +++ b/src/types/Check.ts @@ -12,6 +12,7 @@ import { export enum CheckOp { AllOf = "allOf", AnyOf = "anyOf", + Batch = "batch", } export interface CheckWarrantParams { @@ -31,6 +32,11 @@ export interface CheckManyParams { debug?: boolean; } +export interface BatchCheckParams { + warrants: CheckWarrantParams[]; + debug?: boolean; +} + export interface FeatureCheckParams { featureId: string; subject: WarrantObject | Subject; @@ -68,3 +74,9 @@ export function checkWarrantParamsToCheckWarrant(checkWarrantParams: CheckWarran context: checkWarrantParams.context } } + +export interface CheckResult { + code?: number; + result: string; + isImplicit: boolean; +} diff --git a/test/LiveTest.spec.ts b/test/LiveTest.spec.ts index 07d83dd..f8659cc 100644 --- a/test/LiveTest.spec.ts +++ b/test/LiveTest.spec.ts @@ -743,28 +743,29 @@ describe.skip('Live Test', function () { assert(warrantToken); }); - it('batch create/delete warrants', async function () { + it('batch create/delete/check warrants', async function () { const newUser = await this.warrant.User.create(); const permission1 = await this.warrant.Permission.create({ permissionId: "perm1", meta: { name: "Permission 1", description: "Permission 1" }}); const permission2 = await this.warrant.Permission.create({ permissionId: "perm2", meta: { name: "Permission 2", description: "Permission 2" }}); - let userHasPermission1 = await this.warrant.Authorization.check({ - object: permission1, - relation: "member", - subject: newUser + let userHasPermissions = await this.warrant.Authorization.batchCheck({ + warrants: [ + { + object: permission1, + relation: "member", + subject: newUser + }, + { + object: permission2, + relation: "member", + subject: newUser + } + ] }, { warrantToken: "latest" }); - assert.strictEqual(userHasPermission1, false); - - let userHasPermission2 = await this.warrant.Authorization.check({ - object: permission2, - relation: "member", - subject: newUser - }, { - warrantToken: "latest" - }); - assert.strictEqual(userHasPermission2, false); + assert.strictEqual(userHasPermissions[0], false); + assert.strictEqual(userHasPermissions[1], false); const warrants = await this.warrant.Warrant.batchCreate([ { @@ -783,23 +784,24 @@ describe.skip('Live Test', function () { assert(warrant.warrantToken); } - userHasPermission1 = await this.warrant.Authorization.check({ - object: permission1, - relation: "member", - subject: newUser - }, { - warrantToken: "latest" - }); - assert.strictEqual(userHasPermission1, true); - - userHasPermission2 = await this.warrant.Authorization.check({ - object: permission2, - relation: "member", - subject: newUser + userHasPermissions = await this.warrant.Authorization.batchCheck({ + warrants: [ + { + object: permission1, + relation: "member", + subject: newUser + }, + { + object: permission2, + relation: "member", + subject: newUser + } + ] }, { warrantToken: "latest" }); - assert.strictEqual(userHasPermission2, true); + assert.strictEqual(userHasPermissions[0], true); + assert.strictEqual(userHasPermissions[1], true); let warrantToken = await this.warrant.Warrant.batchDelete([ { @@ -820,6 +822,25 @@ describe.skip('Live Test', function () { { object: { objectType: "user", objectId: newUser.userId } }, ]); assert(warrantToken); + + userHasPermissions = await this.warrant.Authorization.batchCheck({ + warrants: [ + { + object: permission1, + relation: "member", + subject: newUser + }, + { + object: permission2, + relation: "member", + subject: newUser + } + ] + }, { + warrantToken: "latest" + }); + assert.strictEqual(userHasPermissions[0], false); + assert.strictEqual(userHasPermissions[1], false); }); it('warrant with policy', async function () { From b52c55d907c3d7c31612f4e9339aa9a6d87e468e Mon Sep 17 00:00:00 2001 From: Stanley Phu Date: Tue, 16 Apr 2024 06:20:21 +0100 Subject: [PATCH 2/2] Specify latest warrant token where applicable --- test/LiveTest.spec.ts | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/LiveTest.spec.ts b/test/LiveTest.spec.ts index f8659cc..37860f7 100644 --- a/test/LiveTest.spec.ts +++ b/test/LiveTest.spec.ts @@ -391,7 +391,7 @@ describe.skip('Live Test', function () { await this.warrant.Permission.removePermissionFromRole(adminRole.roleId, createPermission.permissionId); await this.warrant.Role.removeRoleFromUser(adminUser.userId, adminRole.roleId); - adminUserHasPermission = await this.warrant.Authorization.hasPermission({ permissionId: "create-report", subject: adminUser }); + adminUserHasPermission = await this.warrant.Authorization.hasPermission({ permissionId: "create-report", subject: adminUser }, { warrantToken: "latest" }); assert.strictEqual(adminUserHasPermission, false); adminUserRolesList = await this.warrant.Role.listRolesForUser(adminUser.userId, { limit: 100 }, { warrantToken: "latest" }); @@ -678,7 +678,7 @@ describe.skip('Live Test', function () { }); assert(warrant2.warrantToken); - const warrants1 = await this.warrant.Warrant.list({ limit: 1 }); + const warrants1 = await this.warrant.Warrant.list({ limit: 1 }, { warrantToken: "latest" }); assert.strictEqual(warrants1.results.length, 1); assert.strictEqual(warrants1.results[0].objectType, "permission"); assert.strictEqual(warrants1.results[0].objectId, "perm1"); @@ -686,7 +686,7 @@ describe.skip('Live Test', function () { assert.strictEqual(warrants1.results[0].subject.objectType, "user"); assert.strictEqual(warrants1.results[0].subject.objectId, user1.userId); - const warrants2 = await this.warrant.Warrant.list({ limit: 1, nextCursor: warrants1.nextCursor }); + const warrants2 = await this.warrant.Warrant.list({ limit: 1, nextCursor: warrants1.nextCursor }, { warrantToken: "latest" }); assert.strictEqual(warrants2.results.length, 1); assert.strictEqual(warrants2.results[0].objectType, "permission"); assert.strictEqual(warrants2.results[0].objectId, "perm1"); @@ -694,7 +694,7 @@ describe.skip('Live Test', function () { assert.strictEqual(warrants2.results[0].subject.objectType, "user"); assert.strictEqual(warrants2.results[0].subject.objectId, user2.userId); - const warrants3 = await this.warrant.Warrant.list({ subjectId: user1.userId }); + const warrants3 = await this.warrant.Warrant.list({ subjectId: user1.userId }, { warrantToken: "latest" }); assert.strictEqual(warrants3.results.length, 1); assert.strictEqual(warrants3.results[0].objectType, "permission"); assert.strictEqual(warrants3.results[0].objectId, "perm1"); @@ -712,7 +712,7 @@ describe.skip('Live Test', function () { assert.strictEqual(userHasPermission, true); const query = `select permission where user:${user1.userId} is member`; - const response = await this.warrant.Warrant.query(query); + const response = await this.warrant.Warrant.query(query, { warrantToken: "latest" }); assert.strictEqual(response.results.length, 1); assert.strictEqual(response.results[0].objectType, "permission");