Context set in policy does not register for IdentityBasedPolicy and ResourceBasedPolicy #43

yaser-ali-s · 2021-04-09T16:46:34Z

Really sorry to be annoying but I'm working heavily with your project and really appreciate all the effort you've put into it.

It seems the context set during instantiation of IdentityBasedPolicy and ResourceBasedPolicy is not respected, as seen:

// IdentityBasedPolicy.ts
  can(
    this: IdentityBasedPolicy<T>,
    { action, resource, context }: EvaluateIdentityBasedInterface<T>
  ): boolean {
    return this.allowStatements.some((s) =>
      s.matches({
        action,
        resource,
        context, // <-- Not using this.context
        conditionResolver: this.conditionResolver
      })
    );
  }

  cannot(
    this: IdentityBasedPolicy<T>,
    { action, resource, context }: EvaluateIdentityBasedInterface<T>
  ): boolean {
    return this.denyStatements.some((s) =>
      s.matches({
        action,
        resource,
        context, // <-- Not using this.context
        conditionResolver: this.conditionResolver
      })
    );
  }
}

// ResourceBasedPolicy.ts
  can(
    this: ResourceBasedPolicy<T>,
    {
      principal,
      action,
      resource,
      principalType,
      context
    }: EvaluateResourceBasedInterface<T>
  ): boolean {
    return this.allowStatements.some((s) =>
      s.matches({
        principal,
        action,
        resource,
        principalType,
        context, // <-- Not using this.context
        conditionResolver: this.conditionResolver
      })
    );
  }

  cannot(
    this: ResourceBasedPolicy<T>,
    {
      principal,
      action,
      resource,
      principalType,
      context
    }: EvaluateResourceBasedInterface<T>
  ): boolean {
    return this.denyStatements.some((s) =>
      s.matches({
        principal,
        action,
        resource,
        principalType,
        context, // <-- Not using this.context
        conditionResolver: this.conditionResolver
      })
    );
  }
}

It is, however, respected in the ActionBasedPolicy:

// ActionBasedPolicy.ts
  can(
    this: ActionBasedPolicy<T>,
    { action, context }: EvaluateActionBasedInterface<T>
  ): boolean {
    return this.allowStatements.some((s) =>
      s.matches({
        action,
        context: context || this.context,
        conditionResolver: this.conditionResolver
      })
    );
  }

  cannot(
    this: ActionBasedPolicy<T>,
    { action, context }: EvaluateActionBasedInterface<T>
  ): boolean {
    return this.denyStatements.some((s) =>
      s.matches({
        action,
        context: context || this.context,
        conditionResolver: this.conditionResolver
      })
    );
  }

The text was updated successfully, but these errors were encountered:

roggervalf · 2021-04-11T02:21:59Z

Hi @yaser-ali-s, thanks for submitting this bug, let me take a look on this.

## [4.8.2](v4.8.1...v4.8.2) (2021-04-11) ### Bug Fixes * **evaluate:** using context in instantiation in IdentityBasedPolicy and ResourceBasedPolicy ([c0f3561](c0f3561)), closes [#43](#43)

roggervalf · 2021-04-11T03:06:12Z

🎉 This issue has been resolved in version 4.8.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

roggervalf closed this as completed in c0f3561 Apr 11, 2021

roggervalf added released bug Something isn't working labels Apr 11, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Context set in policy does not register for IdentityBasedPolicy and ResourceBasedPolicy #43

Context set in policy does not register for IdentityBasedPolicy and ResourceBasedPolicy #43

yaser-ali-s commented Apr 9, 2021

roggervalf commented Apr 11, 2021

roggervalf commented Apr 11, 2021

Context set in policy does not register for IdentityBasedPolicy and ResourceBasedPolicy #43

Context set in policy does not register for IdentityBasedPolicy and ResourceBasedPolicy #43

Comments

yaser-ali-s commented Apr 9, 2021

roggervalf commented Apr 11, 2021

roggervalf commented Apr 11, 2021