RFIT-188 adding resource value modifier function

vineet-suri · vineet-suri · commit 40f6ae5e0ec3 · 2020-09-09T17:20:39.000+05:30
diff --git a/src/keys.ts b/src/keys.ts
@@ -8,6 +8,7 @@ import {
   CasbinEnforcerFn,
   CasbinAuthorizeFn,
   CasbinEnforcerConfigGetterFn,
+  CasbinResourceModifierFn,
 } from './types';
 import { CoreBindings } from '@loopback/core';
 import { AuthorizationComponent } from './component';
@@ -45,6 +46,10 @@ export namespace AuthorizationBindings {
     'sf.userCasbinAuthorization.casbinEnforcerConfigGetter',
   );
 
+  export const CASBIN_RESOURCE_MODIFIER_FN = BindingKey.create<CasbinResourceModifierFn>(
+    'sf.userCasbinAuthorization.casbinResourceModifierFn',
+  );
+
   export const CONFIG = BindingKey.create<AuthorizationConfig>(
     'sf.userAuthorization.config',
   );
diff --git a/src/providers/casbin-authorization-action.provider.ts b/src/providers/casbin-authorization-action.provider.ts
@@ -18,17 +18,17 @@ export class CasbinAuthorizationProvider implements Provider<CasbinAuthorizeFn>
   ) { }
 
   value(): CasbinAuthorizeFn {
-    return (response) => this.action(response);
+    return (response, resource) => this.action(response, resource);
   }
 
-  async action(user: IAuthUserWithPermissions): Promise<boolean> {
+  async action(user: IAuthUserWithPermissions, resource: string): Promise<boolean> {
     let authDecision = false;
     try {
       const metadata: AuthorizationMetadata = await this.getCasbinMetadata();
 
       const subject = this.getUserName(`${user.id}`);
 
-      const object = metadata.resource;
+      const object = resource;
 
       const action = metadata.permissions && metadata.permissions.length > 0 ? metadata.permissions[0] : DEFAULT_SCOPE;
 
diff --git a/src/types.ts b/src/types.ts
@@ -20,7 +20,7 @@ export interface CasbinAuthorizeFn {
   // userPermissions - Array of permission keys granted to the user
   // This is actually a union of permissions picked up based on role
   // attached to the user and allowed permissions at specific user level
-  (user: IAuthUserWithPermissions): Promise<boolean>;
+  (user: IAuthUserWithPermissions, resVal: string): Promise<boolean>;
 }
 /**
  * Authorization metadata interface for the method decorator
@@ -91,7 +91,7 @@ export interface CasbinEnforcerConfigGetterFn {
 }
 
 export interface CasbinResourceModifierFn {
-  (authUser: IAuthUserWithPermissions, resource: string, isCasbinPolicy?: boolean): Promise<CasbinConfig>;
+  (pathParams: string[]): Promise<string>;
 }
 
 export interface CasbinConfig {

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ export interface CasbinAuthorizeFn {`
`20`	`20`	`// userPermissions - Array of permission keys granted to the user`
`21`	`21`	`// This is actually a union of permissions picked up based on role`
`22`	`22`	`// attached to the user and allowed permissions at specific user level`
`23`		`- (user: IAuthUserWithPermissions): Promise<boolean>;`
	`23`	`+ (user: IAuthUserWithPermissions, resVal: string): Promise<boolean>;`
`24`	`24`	`}`
`25`	`25`	`/**`
`26`	`26`	`* Authorization metadata interface for the method decorator`
`@@ -91,7 +91,7 @@ export interface CasbinEnforcerConfigGetterFn {`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`export interface CasbinResourceModifierFn {`
`94`		`- (authUser: IAuthUserWithPermissions, resource: string, isCasbinPolicy?: boolean): Promise<CasbinConfig>;`
	`94`	`+ (pathParams: string[]): Promise<string>;`
`95`	`95`	`}`
`96`	`96`
`97`	`97`	`export interface CasbinConfig {`