feat: Use PermissionReaders to determine available permissions

These readers will determine which permissions are available for the incoming credentials. Their results then get combined in a UnionReader and authorized in a PermissionBasedAuthorizer
2024-10-03 14:55:10 +00:00 · 2021-09-20 11:24:38 +02:00
parent e8dedf5c23
commit bf28c83ffa
50 changed files with 714 additions and 445 deletions
--- a/src/authorization/AllStaticReader.ts
+++ b/src/authorization/AllStaticReader.ts
@@ -0,0 +1,32 @@
+import type { CredentialGroup } from '../authentication/Credentials';
+import type { Permission, PermissionSet } from '../ldp/permissions/Permissions';
+import type { PermissionReaderInput } from './PermissionReader';
+import { PermissionReader } from './PermissionReader';
+
+/**
+ * PermissionReader which sets all permissions to true or false
+ * independently of the identifier and requested permissions.
+ */
+export class AllStaticReader extends PermissionReader {
+  private readonly permissions: Permission;
+
+  public constructor(allow: boolean) {
+    super();
+    this.permissions = Object.freeze({
+      read: allow,
+      write: allow,
+      append: allow,
+      control: allow,
+    });
+  }
+
+  public async handle({ credentials }: PermissionReaderInput): Promise<PermissionSet> {
+    const result: PermissionSet = {};
+    for (const [ key, value ] of Object.entries(credentials) as [CredentialGroup, Permission][]) {
+      if (value) {
+        result[key] = this.permissions;
+      }
+    }
+    return result;
+  }
+}