New version

s5rw · May 8, 2023 · 059bd8d · 059bd8d
1 parent eb75807
commit 059bd8d
Show file tree

Hide file tree

Showing 23 changed files with 495 additions and 92 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 ## AccessControl - Change Log
 
+
+### v2.3.0 (2023-05-08)
+
+- Switched to forked notation: @s5rw/notation.
+- **(Dev)** Updated dev-dependencies to latest versions.
+
+**-- Fork --**
 ### v2.2.1 (2018-02-24)
 
 - **Fixed** an issue with attribute filtering caused by the core dependency Notation. Now [fixed](https://github.com/onury/notation/issues/7) and updated.

diff --git a/lib/AccessControl.d.ts b/lib/AccessControl.d.ts
@@ -68,7 +68,7 @@ import { Access, IAccessInfo, Query, IQueryInfo, Permission } from './core';
  *  // since these permissions have common resources, there is an alternative way:
  *  ac.grant('admin')
  *      .resource('profile').createAny().readAny(null, ["*", "!password"])
- *      .resource('video').readAny()..deleteAny();
+ *      .resource('video').readAny().deleteAny();
  *
  *  ac.grant('user')
  *      .readOwn('profile', ["uid", "email", "address.*", "account.*", "!account.roles"])
@@ -118,7 +118,7 @@ declare class AccessControl {
      *  @name AccessControl#isLocked
      *  @type {Boolean}
      */
-    readonly isLocked: boolean;
+    get isLocked(): boolean;
     /**
      *  Gets the internal grants object that stores all current grants.
      *
@@ -509,17 +509,17 @@ declare class AccessControl {
      *  Documented separately in enums/Action
      *  @private
      */
-    static readonly Action: any;
+    static get Action(): any;
     /**
      *  Documented separately in enums/Possession
      *  @private
      */
-    static readonly Possession: any;
+    static get Possession(): any;
     /**
      *  Documented separately in AccessControlError
      *  @private
      */
-    static readonly Error: any;
+    static get Error(): any;
     /**
      *  A utility method for deep cloning the given data object(s) while
      *  filtering its properties by the given attribute (glob) notations.

diff --git a/lib/AccessControl.js b/lib/AccessControl.js
@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessControl = void 0;
 var core_1 = require("./core");
 var enums_1 = require("./enums");
 var utils_1 = require("./utils");
@@ -72,7 +73,7 @@ var utils_1 = require("./utils");
  *  // since these permissions have common resources, there is an alternative way:
  *  ac.grant('admin')
  *      .resource('profile').createAny().readAny(null, ["*", "!password"])
- *      .resource('video').readAny()..deleteAny();
+ *      .resource('video').readAny().deleteAny();
  *
  *  ac.grant('user')
  *      .readOwn('profile', ["uid", "email", "address.*", "account.*", "!account.roles"])
@@ -130,7 +131,7 @@ var AccessControl = /** @class */ (function () {
         get: function () {
             return this._isLocked && Object.isFrozen(this._grants);
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     // -------------------------------
@@ -289,11 +290,11 @@ var AccessControl = /** @class */ (function () {
             throw new core_1.AccessControlError(utils_1.ERR_LOCK);
         var rolesToRemove = utils_1.utils.toStringArray(roles);
         if (rolesToRemove.length === 0 || !utils_1.utils.isFilledStringArray(rolesToRemove)) {
-            throw new core_1.AccessControlError("Invalid role(s): " + JSON.stringify(roles));
+            throw new core_1.AccessControlError("Invalid role(s): ".concat(JSON.stringify(roles)));
         }
         rolesToRemove.forEach(function (roleName) {
             if (!_this._grants[roleName]) {
-                throw new core_1.AccessControlError("Cannot remove a non-existing role: \"" + roleName + "\"");
+                throw new core_1.AccessControlError("Cannot remove a non-existing role: \"".concat(roleName, "\""));
             }
             delete _this._grants[roleName];
         });
@@ -634,13 +635,13 @@ var AccessControl = /** @class */ (function () {
         resources = utils_1.utils.toStringArray(resources);
         // resources is set but returns empty array.
         if (resources.length === 0 || !utils_1.utils.isFilledStringArray(resources)) {
-            throw new core_1.AccessControlError("Invalid resource(s): " + JSON.stringify(resources));
+            throw new core_1.AccessControlError("Invalid resource(s): ".concat(JSON.stringify(resources)));
         }
         if (roles !== undefined) {
             roles = utils_1.utils.toStringArray(roles);
             // roles is set but returns empty array.
             if (roles.length === 0 || !utils_1.utils.isFilledStringArray(roles)) {
-                throw new core_1.AccessControlError("Invalid role(s): " + JSON.stringify(roles));
+                throw new core_1.AccessControlError("Invalid role(s): ".concat(JSON.stringify(roles)));
             }
         }
         utils_1.utils.eachRoleResource(this._grants, function (role, resource, permissions) {
@@ -673,7 +674,7 @@ var AccessControl = /** @class */ (function () {
         get: function () {
             return enums_1.Action;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     Object.defineProperty(AccessControl, "Possession", {
@@ -684,7 +685,7 @@ var AccessControl = /** @class */ (function () {
         get: function () {
             return enums_1.Possession;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     Object.defineProperty(AccessControl, "Error", {
@@ -695,7 +696,7 @@ var AccessControl = /** @class */ (function () {
         get: function () {
             return core_1.AccessControlError;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     // -------------------------------

diff --git a/lib/core/Access.d.ts b/lib/core/Access.d.ts
@@ -51,7 +51,7 @@ declare class Access {
      *  @type {Boolean}
      *  @readonly
      */
-    readonly denied: boolean;
+    get denied(): boolean;
     /**
      *  A chainer method that sets the role(s) for this `Access` instance.
      *  @param {String|Array<String>} value
@@ -362,6 +362,6 @@ declare class Access {
      *  @returns {Access}
      *           Self instance of `Access`.
      */
-    private _prepareAndCommit(action, possession, resource?, attributes?);
+    private _prepareAndCommit;
 }
 export { Access };
diff --git a/lib/core/Access.js b/lib/core/Access.js
@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Access = void 0;
 var core_1 = require("../core");
 var enums_1 = require("../enums");
 var utils_1 = require("../utils");
@@ -73,7 +74,7 @@ var Access = /** @class */ (function () {
         get: function () {
             return this._.denied;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     // -------------------------------

diff --git a/lib/core/AccessControlError.js b/lib/core/AccessControlError.js
@@ -1,15 +1,21 @@
 "use strict";
 var __extends = (this && this.__extends) || (function () {
-    var extendStatics = Object.setPrototypeOf ||
-        ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-        function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
     return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
         extendStatics(d, b);
         function __() { this.constructor = d; }
         d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessControlError = void 0;
 /**
  *  Error class specific to `AccessControl`.
  *  @readonly

diff --git a/lib/core/IAccessInfo.d.ts b/lib/core/IAccessInfo.d.ts
@@ -39,10 +39,40 @@ interface IAccessInfo {
      */
     possession?: string;
     /**
-     *  Single or multiple roles for this access information.
+     *  Flag for denied access.
      *  @private
      *  @type {String|Array<String>}
      */
     denied?: boolean;
 }
 export { IAccessInfo };
+/**
+ *  An interface that defines an access information to be granted or denied.
+ *  When you start a method chain with `AccessControl#grant` or `AccessControl#deny`
+ *  methods, you're actually building this  object which will eventually be
+ *  committed to the underlying grants model.
+ *  @name AccessControl~IAccessInfo
+ *  @type {Object}
+ *
+ *  @property {String|Array<String>} role
+ *  Indicates a single or multiple roles for this access information.
+ *
+ *  @property {String|Array<String>} resource
+ *  Indicates a single or multiple target resources for this access
+ *  information.
+ *
+ *  @property {String|Array<String>} attributes
+ *  Defines the resource attributes which are granted. If denied, this will
+ *  default to an empty array.
+ *
+ *  @property {String} action
+ *  Defines the type of the operation that is (or not) to be performed on
+ *  the resource(s) by the defined role(s).
+ *  See {@link ?api=ac#AccessControl.Action|`AccessControl.Action` enumeration}
+ *  for possible values.
+ *
+ *  @property {String} possession
+ *  Defines the possession of the resource(s) for the specified action.
+ *  See {@link ?api=ac#AccessControl.Possession|`AccessControl.Possession` enumeration}
+ *  for possible values.
+ */
diff --git a/lib/core/IQueryInfo.d.ts b/lib/core/IQueryInfo.d.ts
@@ -33,3 +33,28 @@ interface IQueryInfo {
     possession?: string;
 }
 export { IQueryInfo };
+/**
+ *  An interface that defines an access information to be queried.
+ *  When you start a method chain with `AccessControl#can` method, you're
+ *  actually building this query object which will be used to check the access
+ *  permissions.
+ *  @name AccessControl~IQueryInfo
+ *  @type {Object}
+ *
+ *  @property {String|Array<String>} role
+ *  Indicates a single or multiple roles to be queried.
+ *
+ *  @property {String} resource
+ *  Indicates the resource to be queried.
+ *
+ *  @property {String} action
+ *  Defines the type of the operation that is (or not) to be performed on
+ *  the resource by the defined role(s).
+ *  See {@link ?api=ac#AccessControl.Action|`AccessControl.Action` enumeration}
+ *  for possible values.
+ *
+ *  @property {String} possession
+ *  Defines the possession of the resource for the specified action.
+ *  See {@link ?api=ac#AccessControl.Possession|`AccessControl.Possession` enumeration}
+ *  for possible values.
+ */
diff --git a/lib/core/Permission.d.ts b/lib/core/Permission.d.ts
@@ -60,15 +60,15 @@ declare class Permission {
      *  @type {Array<String>}
      *  @readonly
      */
-    readonly roles: string[];
+    get roles(): string[];
     /**
      *  Specifies the target resource for which the permission is queried for.
      *
      *  @name AccessControl~Permission#resource
      *  @type {String}
      *  @readonly
      */
-    readonly resource: string;
+    get resource(): string;
     /**
      *  Gets an array of allowed attributes which are defined via
      *  Glob notation. If access is not granted, this will be an empty array.
@@ -81,7 +81,7 @@ declare class Permission {
      *  @type {Array<String>}
      *  @readonly
      */
-    readonly attributes: string[];
+    get attributes(): string[];
     /**
      *  Specifies whether the permission is granted. If `true`, this means at
      *  least one attribute of the target resource is allowed.
@@ -90,7 +90,7 @@ declare class Permission {
      *  @type {Boolean}
      *  @readonly
      */
-    readonly granted: boolean;
+    get granted(): boolean;
     /**
      *  Filters the given data object (or array of objects) by the permission
      *  attributes and returns this data with allowed attributes.

diff --git a/lib/core/Permission.js b/lib/core/Permission.js
@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Permission = void 0;
 var utils_1 = require("../utils");
 /**
  *  Represents the inner `Permission` class that defines the granted or denied
@@ -71,7 +72,7 @@ var Permission = /** @class */ (function () {
         get: function () {
             return this._.role;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     Object.defineProperty(Permission.prototype, "resource", {
@@ -85,7 +86,7 @@ var Permission = /** @class */ (function () {
         get: function () {
             return this._.resource;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     Object.defineProperty(Permission.prototype, "attributes", {
@@ -104,7 +105,7 @@ var Permission = /** @class */ (function () {
         get: function () {
             return this._.attributes;
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     Object.defineProperty(Permission.prototype, "granted", {
@@ -124,7 +125,7 @@ var Permission = /** @class */ (function () {
                 return attr.trim().slice(0, 1) !== '!';
             });
         },
-        enumerable: true,
+        enumerable: false,
         configurable: true
     });
     /**

diff --git a/lib/core/Query.d.ts b/lib/core/Query.d.ts
@@ -212,6 +212,6 @@ declare class Query {
      *  @param {String} [resource]
      *  @returns {Permission}
      */
-    private _getPermission(action, possession, resource?);
+    private _getPermission;
 }
 export { Query };
diff --git a/lib/core/Query.js b/lib/core/Query.js
@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Query = void 0;
 var core_1 = require("../core");
 var enums_1 = require("../enums");
 var utils_1 = require("../utils");

diff --git a/lib/core/index.js b/lib/core/index.js
@@ -1,9 +1,22 @@
 "use strict";
-function __export(m) {
-    for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
-}
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-__export(require("./AccessControlError"));
-__export(require("./Access"));
-__export(require("./Query"));
-__export(require("./Permission"));
+__exportStar(require("./AccessControlError"), exports);
+__exportStar(require("./IAccessInfo"), exports);
+__exportStar(require("./Access"), exports);
+__exportStar(require("./IQueryInfo"), exports);
+__exportStar(require("./Query"), exports);
+__exportStar(require("./Permission"), exports);