Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add batch check method #59

Merged
merged 2 commits into from
Apr 16, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions src/modules/Authorization.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
import {
BatchCheckParams,
Check,
CheckOp,
CheckParams,
CheckManyParams,
CheckResult,
FeatureCheckParams,
PermissionCheckParams,
checkWarrantParamsToCheckWarrant,
Expand Down Expand Up @@ -39,6 +42,16 @@ export default class Authorization {
return this.makeCheckRequest(check, options);
}

public static async batchCheck(checkParams: BatchCheckParams, options: WarrantRequestOptions = {}): Promise<boolean[]> {
const check: Check = {
op: CheckOp.Batch,
warrants: checkParams.warrants.map((checkWarrantParams) => checkWarrantParamsToCheckWarrant(checkWarrantParams)),
debug: checkParams.debug
};

return this.makeBatchCheckRequest(check, options);
}

public static async hasFeature(featureCheckParams: FeatureCheckParams, options: WarrantRequestOptions = {}): Promise<boolean> {
return this.check({
object: {
Expand Down Expand Up @@ -94,4 +107,14 @@ export default class Authorization {
throw e;
}
}

private static async makeBatchCheckRequest(check: Check, options: WarrantRequestOptions = {}): Promise<boolean[]> {
const response = await WarrantClient.httpClient.post({
url: `/${API_VERSION}/check`,
data: check,
options,
});

return response.map((checkResult: CheckResult) => checkResult.code === 200);
}
}
12 changes: 12 additions & 0 deletions src/types/Check.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import {
export enum CheckOp {
AllOf = "allOf",
AnyOf = "anyOf",
Batch = "batch",
}

export interface CheckWarrantParams {
Expand All @@ -31,6 +32,11 @@ export interface CheckManyParams {
debug?: boolean;
}

export interface BatchCheckParams {
warrants: CheckWarrantParams[];
debug?: boolean;
}

export interface FeatureCheckParams {
featureId: string;
subject: WarrantObject | Subject;
Expand Down Expand Up @@ -68,3 +74,9 @@ export function checkWarrantParamsToCheckWarrant(checkWarrantParams: CheckWarran
context: checkWarrantParams.context
}
}

export interface CheckResult {
code?: number;
result: string;
isImplicit: boolean;
}
89 changes: 55 additions & 34 deletions test/LiveTest.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@ describe.skip('Live Test', function () {
await this.warrant.Permission.removePermissionFromRole(adminRole.roleId, createPermission.permissionId);
await this.warrant.Role.removeRoleFromUser(adminUser.userId, adminRole.roleId);

adminUserHasPermission = await this.warrant.Authorization.hasPermission({ permissionId: "create-report", subject: adminUser });
adminUserHasPermission = await this.warrant.Authorization.hasPermission({ permissionId: "create-report", subject: adminUser }, { warrantToken: "latest" });
assert.strictEqual(adminUserHasPermission, false);

adminUserRolesList = await this.warrant.Role.listRolesForUser(adminUser.userId, { limit: 100 }, { warrantToken: "latest" });
Expand Down Expand Up @@ -678,23 +678,23 @@ describe.skip('Live Test', function () {
});
assert(warrant2.warrantToken);

const warrants1 = await this.warrant.Warrant.list({ limit: 1 });
const warrants1 = await this.warrant.Warrant.list({ limit: 1 }, { warrantToken: "latest" });
assert.strictEqual(warrants1.results.length, 1);
assert.strictEqual(warrants1.results[0].objectType, "permission");
assert.strictEqual(warrants1.results[0].objectId, "perm1");
assert.strictEqual(warrants1.results[0].relation, "member");
assert.strictEqual(warrants1.results[0].subject.objectType, "user");
assert.strictEqual(warrants1.results[0].subject.objectId, user1.userId);

const warrants2 = await this.warrant.Warrant.list({ limit: 1, nextCursor: warrants1.nextCursor });
const warrants2 = await this.warrant.Warrant.list({ limit: 1, nextCursor: warrants1.nextCursor }, { warrantToken: "latest" });
assert.strictEqual(warrants2.results.length, 1);
assert.strictEqual(warrants2.results[0].objectType, "permission");
assert.strictEqual(warrants2.results[0].objectId, "perm1");
assert.strictEqual(warrants2.results[0].relation, "member");
assert.strictEqual(warrants2.results[0].subject.objectType, "user");
assert.strictEqual(warrants2.results[0].subject.objectId, user2.userId);

const warrants3 = await this.warrant.Warrant.list({ subjectId: user1.userId });
const warrants3 = await this.warrant.Warrant.list({ subjectId: user1.userId }, { warrantToken: "latest" });
assert.strictEqual(warrants3.results.length, 1);
assert.strictEqual(warrants3.results[0].objectType, "permission");
assert.strictEqual(warrants3.results[0].objectId, "perm1");
Expand All @@ -712,7 +712,7 @@ describe.skip('Live Test', function () {
assert.strictEqual(userHasPermission, true);

const query = `select permission where user:${user1.userId} is member`;
const response = await this.warrant.Warrant.query(query);
const response = await this.warrant.Warrant.query(query, { warrantToken: "latest" });

assert.strictEqual(response.results.length, 1);
assert.strictEqual(response.results[0].objectType, "permission");
Expand Down Expand Up @@ -743,28 +743,29 @@ describe.skip('Live Test', function () {
assert(warrantToken);
});

it('batch create/delete warrants', async function () {
it('batch create/delete/check warrants', async function () {
const newUser = await this.warrant.User.create();
const permission1 = await this.warrant.Permission.create({ permissionId: "perm1", meta: { name: "Permission 1", description: "Permission 1" }});
const permission2 = await this.warrant.Permission.create({ permissionId: "perm2", meta: { name: "Permission 2", description: "Permission 2" }});

let userHasPermission1 = await this.warrant.Authorization.check({
object: permission1,
relation: "member",
subject: newUser
}, {
warrantToken: "latest"
});
assert.strictEqual(userHasPermission1, false);

let userHasPermission2 = await this.warrant.Authorization.check({
object: permission2,
relation: "member",
subject: newUser
let userHasPermissions = await this.warrant.Authorization.batchCheck({
warrants: [
{
object: permission1,
relation: "member",
subject: newUser
},
{
object: permission2,
relation: "member",
subject: newUser
}
]
}, {
warrantToken: "latest"
});
assert.strictEqual(userHasPermission2, false);
assert.strictEqual(userHasPermissions[0], false);
assert.strictEqual(userHasPermissions[1], false);

const warrants = await this.warrant.Warrant.batchCreate([
{
Expand All @@ -783,23 +784,24 @@ describe.skip('Live Test', function () {
assert(warrant.warrantToken);
}

userHasPermission1 = await this.warrant.Authorization.check({
object: permission1,
relation: "member",
subject: newUser
userHasPermissions = await this.warrant.Authorization.batchCheck({
warrants: [
{
object: permission1,
relation: "member",
subject: newUser
},
{
object: permission2,
relation: "member",
subject: newUser
}
]
}, {
warrantToken: "latest"
});
assert.strictEqual(userHasPermission1, true);

userHasPermission2 = await this.warrant.Authorization.check({
object: permission2,
relation: "member",
subject: newUser
}, {
warrantToken: "latest"
});
assert.strictEqual(userHasPermission2, true);
assert.strictEqual(userHasPermissions[0], true);
assert.strictEqual(userHasPermissions[1], true);

let warrantToken = await this.warrant.Warrant.batchDelete([
{
Expand All @@ -820,6 +822,25 @@ describe.skip('Live Test', function () {
{ object: { objectType: "user", objectId: newUser.userId } },
]);
assert(warrantToken);

userHasPermissions = await this.warrant.Authorization.batchCheck({
warrants: [
{
object: permission1,
relation: "member",
subject: newUser
},
{
object: permission2,
relation: "member",
subject: newUser
}
]
}, {
warrantToken: "latest"
});
assert.strictEqual(userHasPermissions[0], false);
assert.strictEqual(userHasPermissions[1], false);
});

it('warrant with policy', async function () {
Expand Down
Loading