-
Notifications
You must be signed in to change notification settings - Fork 65
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implemented a 'SimplePathPrivilegeManager' to manage easily user priv…
…ileges (pretty bare)
- Loading branch information
1 parent
bd2f12f
commit b5b81f3
Showing
3 changed files
with
196 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
import { SimplePrivilegeManager, SimpleBasicPrivilege } from './SimplePrivilegeManager'; | ||
import { MethodCallArgs } from '../../server/MethodCallArgs'; | ||
import { IResource } from '../../resource/IResource'; | ||
import { IUser } from '../IUser'; | ||
export declare class SimplePathPrivilegeManager extends SimplePrivilegeManager { | ||
rights: any; | ||
constructor(); | ||
setRights(user: IUser, path: string, rights: SimpleBasicPrivilege[]): void; | ||
getRights(user: IUser, path: string): SimpleBasicPrivilege[]; | ||
can(user: IUser, path: string, right: SimpleBasicPrivilege): boolean; | ||
canCreate: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canDelete: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canWrite: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canSource: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canRead: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canListLocks: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canSetLock: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canGetAvailableLocks: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canAddChild: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canRemoveChild: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canGetChildren: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
canSetProperty: (arg: MethodCallArgs, resource: IResource, callback: any) => void; | ||
canGetProperty: (arg: MethodCallArgs, resource: IResource, callback: any) => any; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
"use strict"; | ||
var __extends = (this && this.__extends) || (function () { | ||
var extendStatics = Object.setPrototypeOf || | ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || | ||
function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; }; | ||
return function (d, b) { | ||
extendStatics(d, b); | ||
function __() { this.constructor = d; } | ||
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); | ||
}; | ||
})(); | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
var SimplePrivilegeManager_1 = require("./SimplePrivilegeManager"); | ||
var IPrivilegeManager_1 = require("./IPrivilegeManager"); | ||
function standarizePath(path) { | ||
if (!path) | ||
path = '/'; | ||
var startIndex = path.indexOf('://'); | ||
if (startIndex !== -1) { | ||
path = path.substr(startIndex + 3); | ||
path = path.substr(path.indexOf('/') + 1); | ||
} | ||
path = path.replace(/\\/g, '/'); | ||
var rex = /\/\//g; | ||
while (rex.test(path)) | ||
path = path.replace(rex, '/'); | ||
path = path.replace(/\/$/g, ''); | ||
path = path.replace(/^([^\/])/g, '/$1'); | ||
if (path.length === 0) | ||
path = '/'; | ||
return path; | ||
} | ||
function checker(sppm, right) { | ||
return function (arg, resource, callback) { return callback(null, sppm.can(arg.user, arg.uri, right)); }; | ||
} | ||
function checkerNoLock(sppm, right) { | ||
return function (arg, resource, callback) { | ||
if (!sppm.can(arg.user, arg.uri, right)) | ||
callback(null, false); | ||
else | ||
IPrivilegeManager_1.hasNoWriteLock(arg, resource, callback); | ||
}; | ||
} | ||
var SimplePathPrivilegeManager = (function (_super) { | ||
__extends(SimplePathPrivilegeManager, _super); | ||
function SimplePathPrivilegeManager() { | ||
var _this = _super.call(this) || this; | ||
_this.canCreate = checker(_this, 'canCreate'); | ||
_this.canDelete = checkerNoLock(_this, 'canDelete'); | ||
_this.canWrite = checkerNoLock(_this, 'canWrite'); | ||
_this.canSource = checker(_this, 'canSource'); | ||
_this.canRead = checker(_this, 'canRead'); | ||
_this.canListLocks = checker(_this, 'canListLocks'); | ||
_this.canSetLock = checkerNoLock(_this, 'canSetLock'); | ||
_this.canGetAvailableLocks = checker(_this, 'canGetAvailableLocks'); | ||
_this.canAddChild = checkerNoLock(_this, 'canAddChild'); | ||
_this.canRemoveChild = checkerNoLock(_this, 'canRemoveChild'); | ||
_this.canGetChildren = checker(_this, 'canGetChildren'); | ||
_this.canSetProperty = checkerNoLock(_this, 'canSetProperty'); | ||
_this.canGetProperty = checker(_this, 'canGetProperty'); | ||
_this.rights = {}; | ||
return _this; | ||
} | ||
SimplePathPrivilegeManager.prototype.setRights = function (user, path, rights) { | ||
if (!this.rights[user.uid]) | ||
this.rights[user.uid] = {}; | ||
this.rights[user.uid][standarizePath(path)] = rights; | ||
}; | ||
SimplePathPrivilegeManager.prototype.getRights = function (user, path) { | ||
if (!this.rights[user.uid]) | ||
return []; | ||
return this.rights[user.uid][standarizePath(path)]; | ||
}; | ||
SimplePathPrivilegeManager.prototype.can = function (user, path, right) { | ||
var rights = this.getRights(user, path); | ||
var r = rights && (rights.indexOf('all') !== -1 || rights.indexOf(right) !== -1); | ||
return r; | ||
}; | ||
return SimplePathPrivilegeManager; | ||
}(SimplePrivilegeManager_1.SimplePrivilegeManager)); | ||
exports.SimplePathPrivilegeManager = SimplePathPrivilegeManager; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
import { SimplePrivilegeManager, SimpleBasicPrivilege } from './SimplePrivilegeManager' | ||
import { MethodCallArgs } from '../../server/MethodCallArgs' | ||
import { hasNoWriteLock } from './IPrivilegeManager' | ||
import { IResource } from '../../resource/IResource' | ||
import { LockType } from '../../resource/lock/LockType' | ||
import { IUser } from '../IUser' | ||
|
||
function standarizePath(path : string) | ||
{ | ||
if(!path) | ||
path = '/'; | ||
|
||
const startIndex = path.indexOf('://'); | ||
if(startIndex !== -1) | ||
{ | ||
path = path.substr(startIndex + 3); | ||
path = path.substr(path.indexOf('/') + 1); | ||
} | ||
|
||
path = path.replace(/\\/g, '/'); | ||
const rex = /\/\//g; | ||
while(rex.test(path)) | ||
path = path.replace(rex, '/'); | ||
path = path.replace(/\/$/g, ''); | ||
path = path.replace(/^([^\/])/g, '/$1'); | ||
if(path.length === 0) | ||
path = '/'; | ||
|
||
return path; | ||
} | ||
|
||
function checker(sppm : SimplePathPrivilegeManager, right : SimpleBasicPrivilege) | ||
{ | ||
return (arg : MethodCallArgs, resource : IResource, callback) => callback(null, sppm.can(arg.user, arg.uri, right)); | ||
} | ||
function checkerNoLock(sppm : SimplePathPrivilegeManager, right : SimpleBasicPrivilege) | ||
{ | ||
return (arg : MethodCallArgs, resource : IResource, callback) => { | ||
if(!sppm.can(arg.user, arg.uri, right)) | ||
callback(null, false); | ||
else | ||
hasNoWriteLock(arg, resource, callback); | ||
}; | ||
} | ||
|
||
export class SimplePathPrivilegeManager extends SimplePrivilegeManager | ||
{ | ||
rights : any; | ||
|
||
constructor() | ||
{ | ||
super(); | ||
|
||
this.rights = {}; | ||
} | ||
|
||
setRights(user : IUser, path : string, rights : SimpleBasicPrivilege[]) | ||
{ | ||
if(!this.rights[user.uid]) | ||
this.rights[user.uid] = {}; | ||
|
||
this.rights[user.uid][standarizePath(path)] = rights; | ||
} | ||
getRights(user : IUser, path : string) : SimpleBasicPrivilege[] | ||
{ | ||
if(!this.rights[user.uid]) | ||
return []; | ||
|
||
return this.rights[user.uid][standarizePath(path)]; | ||
} | ||
can(user : IUser, path : string, right : SimpleBasicPrivilege) : boolean | ||
{ | ||
const rights = this.getRights(user, path); | ||
const r = rights && (rights.indexOf('all') !== -1 || rights.indexOf(right) !== -1); | ||
return r; | ||
} | ||
|
||
canCreate = checker(this, 'canCreate') | ||
canDelete = checkerNoLock(this, 'canDelete') | ||
canWrite = checkerNoLock(this, 'canWrite') | ||
canSource = checker(this, 'canSource') | ||
canRead = checker(this, 'canRead') | ||
canListLocks = checker(this, 'canListLocks') | ||
canSetLock = checkerNoLock(this, 'canSetLock') | ||
canGetAvailableLocks = checker(this, 'canGetAvailableLocks') | ||
canAddChild = checkerNoLock(this, 'canAddChild') | ||
canRemoveChild = checkerNoLock(this, 'canRemoveChild') | ||
canGetChildren = checker(this, 'canGetChildren') | ||
canSetProperty = checkerNoLock(this, 'canSetProperty') | ||
canGetProperty = checker(this, 'canGetProperty') | ||
} |