-
Notifications
You must be signed in to change notification settings - Fork 5
/
getWacRule.ts
118 lines (110 loc) · 3.56 KB
/
getWacRule.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
import type { GetWacRuleSuccess } from "./results/GetWacRuleSuccess";
import { guaranteeFetch } from "../../util/guaranteeFetch";
import type { BasicRequestOptions } from "../../requester/requests/requestOptions";
import type { HttpErrorResultType } from "../../requester/results/error/HttpErrorResult";
import { HttpErrorResult } from "../../requester/results/error/HttpErrorResult";
import type { NoncompliantPodError } from "../../requester/results/error/NoncompliantPodError";
import type { UnexpectedResourceError } from "../../requester/results/error/ErrorResult";
import { rawTurtleToDataset } from "../../util/rdfUtils";
import { AuthorizationShapeType } from "../../.ldo/wac.shapeTypes";
import type { AccessModeList, WacRule } from "./WacRule";
import type { Authorization } from "../../.ldo/wac.typings";
import type { WacRuleAbsent } from "./results/WacRuleAbsent";
export type GetWacRuleError =
| HttpErrorResultType
| NoncompliantPodError
| UnexpectedResourceError;
export type GetWacRuleResult =
| GetWacRuleSuccess
| GetWacRuleError
| WacRuleAbsent;
/**
* Given the URI of an ACL document, return the Web Access Control (WAC) rules
* @param aclUri: The URI for the ACL document
* @param options: Options object to include an authenticated fetch function
* @returns GetWacRuleResult
*/
export async function getWacRuleWithAclUri(
aclUri: string,
options?: BasicRequestOptions,
): Promise<GetWacRuleResult> {
const fetch = guaranteeFetch(options?.fetch);
const response = await fetch(aclUri);
const errorResult = HttpErrorResult.checkResponse(aclUri, response);
if (errorResult) return errorResult;
if (response.status === 404) {
return {
type: "wacRuleAbsent",
uri: aclUri,
isError: false,
};
}
// Parse Turtle
const rawTurtle = await response.text();
const rawTurtleResult = await rawTurtleToDataset(rawTurtle, aclUri);
if (rawTurtleResult.isError) return rawTurtleResult;
const dataset = rawTurtleResult.dataset;
const authorizations = dataset
.usingType(AuthorizationShapeType)
.matchSubject(
"http://www.w3.org/1999/02/22-rdf-syntax-ns#type",
"http://www.w3.org/ns/auth/acl#Authorization",
);
const wacRule: WacRule = {
public: {
read: false,
write: false,
append: false,
control: false,
},
authenticated: {
read: false,
write: false,
append: false,
control: false,
},
agent: {},
};
function applyAccessModesToList(
accessModeList: AccessModeList,
authorization: Authorization,
): void {
authorization.mode?.forEach((mode) => {
accessModeList[mode["@id"].toLowerCase()] = true;
});
}
authorizations.forEach((authorization) => {
if (
authorization.agentClass?.some(
(agentClass) => agentClass["@id"] === "Agent",
)
) {
applyAccessModesToList(wacRule.public, authorization);
applyAccessModesToList(wacRule.authenticated, authorization);
}
if (
authorization.agentClass?.some(
(agentClass) => agentClass["@id"] === "AuthenticatedAgent",
)
) {
applyAccessModesToList(wacRule.authenticated, authorization);
}
authorization.agent?.forEach((agent) => {
if (!wacRule.agent[agent["@id"]]) {
wacRule.agent[agent["@id"]] = {
read: false,
write: false,
append: false,
control: false,
};
}
applyAccessModesToList(wacRule.agent[agent["@id"]], authorization);
});
});
return {
type: "getWacRuleSuccess",
uri: aclUri,
isError: false,
wacRule,
};
}