From d09fd7afdbc8ba54c88cec1e2718e4484ca8865e Mon Sep 17 00:00:00 2001 From: Steven Velozo Date: Thu, 10 Dec 2015 14:10:16 -0800 Subject: [PATCH] Adding security authorizers to the meadow base object and package loader --- package.json | 2 +- source/Meadow-PackageLoader.js | 5 +++++ source/Meadow-Schema.js | 28 ++++++++++++++++++++++++++++ source/Meadow.js | 13 +++++++++++++ test/Animal.json | 20 +++++++++++++++++++- test/Meadow-Provider-MySQL_tests.js | 6 ++++++ 6 files changed, 72 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 9fb40be..0b0a7e0 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meadow", - "version": "1.0.1", + "version": "1.0.2", "description": "A data access library.", "main": "source/Meadow.js", "scripts": { diff --git a/source/Meadow-PackageLoader.js b/source/Meadow-PackageLoader.js index 1b20dda..8502e9e 100644 --- a/source/Meadow-PackageLoader.js +++ b/source/Meadow-PackageLoader.js @@ -49,6 +49,11 @@ var loadFromPackage = function(pMeadow, pPackage) tmpNewMeadow.setDefault(tmpPackage.DefaultObject); } + if (typeof(tmpPackage.Authorization) === 'object') + { + tmpNewMeadow.setAuthorizer(tmpPackage.Authorization); + } + return tmpNewMeadow; }; diff --git a/source/Meadow-Schema.js b/source/Meadow-Schema.js index d62d474..4940c62 100644 --- a/source/Meadow-Schema.js +++ b/source/Meadow-Schema.js @@ -79,6 +79,9 @@ var MeadowSchema = function() // The cached validator, which uses the JSONSchema var _Validate = false; + // The authorizers available to this meadow object + var _Authorizers = {}; + /** * Set the Meadow schema @@ -129,6 +132,17 @@ var MeadowSchema = function() }; setDefault(); + /** + * Set the authorizer set + * + * @method setAuthorizer + * @return {Object} This is chainable. + */ + var setAuthorizer = function(pAuthorizer) + { + _Authorizers = (typeof(pAuthorizer) === 'object') ? pAuthorizer : {}; + }; + /** * Validate an object against the current schema * @@ -153,6 +167,7 @@ var MeadowSchema = function() setSchema: setSchema, setJsonSchema: setJsonSchema, setDefault: setDefault, + setAuthorizer: setAuthorizer, validateObject: validateObject, new: createNew @@ -197,6 +212,19 @@ var MeadowSchema = function() }); + /** + * Authorizer + * + * @property defaultObject + * @type object + */ + Object.defineProperty(tmpNewMeadowSchemaObject, 'authorizer', + { + get: function() { return _Authorizers; }, + enumerable: true + }); + + return tmpNewMeadowSchemaObject; } diff --git a/source/Meadow.js b/source/Meadow.js index ebc1cbd..4a9ecc9 100644 --- a/source/Meadow.js +++ b/source/Meadow.js @@ -164,6 +164,18 @@ var Meadow = function() return this; }; + /** + * Set the authorizer set + * + * @method setAuthorizer + * @return {Object} This is chainable. + */ + var setAuthorizer = function(pAuthorizer) + { + _Schema.setAuthorizer(pAuthorizer); + return this; + }; + /** * Set the default identifier * @@ -265,6 +277,7 @@ var Meadow = function() setJsonSchema: setJsonSchema, setDefault: setDefault, setDefaultIdentifier: setDefaultIdentifier, + setAuthorizer: setAuthorizer, // Factory new: createNew diff --git a/test/Animal.json b/test/Animal.json index 9b96d23..63582ac 100644 --- a/test/Animal.json +++ b/test/Animal.json @@ -50,5 +50,23 @@ } }, "required": ["IDAnimal", "Name", "CreatingIDUser"] - } + }, + + "Authorization": { + "SomeSecurity": { + "Create": "Deny", + "Read": "Deny", + "Reads": "Deny", + "ReadsBy": "Deny", + "ReadMax": "Deny", + "ReadSelectList": "Deny", + "Update": "Deny", + "Delete": "Deny", + "Count": "Deny", + "CountBy": "Deny", + "Schema": "Deny", + "Validate": "Deny", + "New": "Deny" + } + } } \ No newline at end of file diff --git a/test/Meadow-Provider-MySQL_tests.js b/test/Meadow-Provider-MySQL_tests.js index 7fed3f3..38167a7 100644 --- a/test/Meadow-Provider-MySQL_tests.js +++ b/test/Meadow-Provider-MySQL_tests.js @@ -367,6 +367,12 @@ suite var testMeadow = require('../source/Meadow.js').new(libFable) .loadFromPackage(__dirname+'/Animal.json').setProvider('MySQL'); + // Make sure the authentication stuff got loaded + Expect(testMeadow.schemaFull.authorizer.SomeSecurity) + .to.be.an('object'); + Expect(testMeadow.schemaFull.authorizer.SomeSecurity.Create) + .to.equal('Deny'); + var tmpQuery = testMeadow.query .addRecord({Name:'Grommet', Type:'Dog'});