-
Notifications
You must be signed in to change notification settings - Fork 121
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-Authored-By: Ludovico Granata <Ludogranata@gmail.com>
- Loading branch information
Showing
12 changed files
with
246 additions
and
132 deletions.
There are no files selected for viewing
9 changes: 9 additions & 0 deletions
9
config/ldp/authorization/authorizers/access-checkers/agent.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
{ | ||
"@context": "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^1.0.0/components/context.jsonld", | ||
"@graph": [ | ||
{ | ||
"@id": "urn:solid-server:default:AgentAccessChecker", | ||
"@type": "AgentAccessChecker" | ||
} | ||
] | ||
} |
9 changes: 9 additions & 0 deletions
9
config/ldp/authorization/authorizers/access-checkers/agentClass.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
{ | ||
"@context": "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^1.0.0/components/context.jsonld", | ||
"@graph": [ | ||
{ | ||
"@id": "urn:solid-server:default:AgentClassAccessChecker", | ||
"@type": "AgentClassAccessChecker" | ||
} | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
import type { Store, Term } from 'n3'; | ||
import type { Credentials } from '../../authentication/Credentials'; | ||
import { AsyncHandler } from '../../util/handlers/AsyncHandler'; | ||
|
||
/** | ||
* Performs an authorization check against the given acl resource. | ||
*/ | ||
export abstract class AccessChecker extends AsyncHandler<AccessCheckerArgs, boolean> {} | ||
|
||
export interface AccessCheckerArgs { | ||
/** | ||
* A store containing the relevant triples of the authorization. | ||
*/ | ||
acl: Store; | ||
|
||
/** | ||
* Authorization rule to be processed. | ||
*/ | ||
rule: Term; | ||
|
||
/** | ||
* Credentials of the entity that wants to use the resource. | ||
*/ | ||
credentials: Credentials; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
import { ACL } from '../../util/Vocabularies'; | ||
import type { AccessCheckerArgs } from './AccessChecker'; | ||
import { AccessChecker } from './AccessChecker'; | ||
|
||
/** | ||
* Checks if the given WebID has been given access. | ||
*/ | ||
export class AgentAccessChecker extends AccessChecker { | ||
public async handle({ acl, rule, credentials }: AccessCheckerArgs): Promise<boolean> { | ||
if (typeof credentials.webId === 'string') { | ||
return acl.countQuads(rule, ACL.terms.agent, credentials.webId, null) !== 0; | ||
} | ||
return false; | ||
} | ||
} |
18 changes: 18 additions & 0 deletions
18
src/authorization/access-checkers/AgentClassAccessChecker.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
import { ACL, FOAF } from '../../util/Vocabularies'; | ||
import type { AccessCheckerArgs } from './AccessChecker'; | ||
import { AccessChecker } from './AccessChecker'; | ||
|
||
/** | ||
* Checks access based on the agent class. | ||
*/ | ||
export class AgentClassAccessChecker extends AccessChecker { | ||
public async handle({ acl, rule, credentials }: AccessCheckerArgs): Promise<boolean> { | ||
if (acl.countQuads(rule, ACL.terms.agentClass, FOAF.terms.Agent, null) !== 0) { | ||
return true; | ||
} | ||
if (typeof credentials.webId === 'string') { | ||
return acl.countQuads(rule, ACL.terms.agentClass, ACL.terms.AuthenticatedAgent, null) !== 0; | ||
} | ||
return false; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.