Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
app.use(authz(async () => {
// load the casbin model and policy from files, database is also supported.
const enforcer = await newEnforcer('examples/authz_model.conf', 'examples/authz_policy.csv')
return enforcer
}))
newEnforcer: async () => {
// load the casbin model and policy from files, database is also supported.
const enforcer = await casbin.newEnforcer('examples/authz_model.conf', 'examples/authz_policy.csv')
return enforcer
}
}))
});
removeResult = await Promise.all(promises);
if (removeResult.length !== totalPolicies) {
result.error = `Rollback transaction - could delete ${removeResult.length} of ${totalPolicies} policies`;
}
}
// add (after remove)
if (action === 'add' && removeResult.length === totalPolicies) {
result = await addPolicy(serviceId, policies, enforcer);
}
}
} else { //only add (nothing to remove)
if (action === 'add') {
conn = await dbConnection(config);
enforcer = await casbin.newEnforcer('./config/rbac_model.conf', conn);
result = await addPolicy(serviceId, policies, enforcer);
if (conn) {
await conn.close();
}
}
}
} catch (err) {
logger.error(err.message);
result.error = err.message;
} finally {
if (totalPolicies) {
await conn.close();
}
}
return result;
newEnforcer: async () => {
// load the casbin model and policy from files, database is also supported.
const enforcer = await newEnforcer('examples/authz_model.conf', 'examples/authz_policy.csv')
return enforcer
}
}
useFactory: async (a: Adapter) => {
const e = await newEnforcer(join(__dirname, 'rbac_model.conf'), a);
await e.loadPolicy();
return e;
},
inject: [
async function checkPermissions(userId, serviceId, category, permission, config) {
let result = {};
let conn;
try {
if (userId === config.SERVICE_USER) {
result.authorized = true;
} else {
conn = await dbConnection(config);
const user_id = userId.toLowerCase()
const enforcer = await casbin.newEnforcer('./config/rbac_model.conf', conn);
result.authorized = enforcer.enforce(user_id, `${serviceId}_${category}`, permission);
}
logger.debug("result in checkPermissions: " + JSON.stringify(result));
} catch (err) {
logger.error(err.message);
result = {
error: err.message
};
} finally {
if (conn) {
await conn.close();
}
}
return result;
}
export async function createEnforcer() {
const conf = path.resolve(__dirname, '../../fixtures/casbin/rbac_model.conf');
const policy = path.resolve(
__dirname,
'../../fixtures/casbin/rbac_policy.csv',
);
return casbin.newEnforcer(conf, policy);
}
async function getFilteredPolicy(index, values, config) {
let result = {};
let conn, enforcer;
try {
conn = await dbConnection(config);
enforcer = await casbin.newEnforcer("./config/rbac_model.conf", conn);
const promisedPolicies = values.map(async value => await enforcer.getFilteredPolicy(index, value));
const policies = await Promise.all(promisedPolicies);
result = policies;
} catch (err) {
logger.error(err.message);
result.error = err.message;
} finally {
if (conn) {
await conn.close();
}
}
return result;
}
useFactory: async () => {
const adapter = await MongoAdapter.newAdapter({
uri: 'mongodb://localhost:27017',
collectionName: 'casbin',
databaseName: 'node-casbin-official',
option: clientOptions,
});
const enforcer = await newEnforcer(casbinModelPath, adapter);
await enforcer.loadPolicy();
return enforcer;
},
};