Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add support for pod owners

Browse Source
This commit is contained in:
Joachim Van Herwegen
2023-09-27 10:14:43 +02:00
parent 4230db5038
commit cd07338ce7
22 changed files with 821 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/authorization/OwnerPermissionReader.ts
View File

@@ -1,7 +1,6 @@
import type { AuxiliaryIdentifierStrategy } from '../http/auxiliary/AuxiliaryIdentifierStrategy';
import type { ResourceIdentifier } from '../http/representation/ResourceIdentifier';
import type { PodStore } from '../identity/interaction/pod/util/PodStore';
import type { WebIdStore } from '../identity/interaction/webid/util/WebIdStore';
import { getLoggerFor } from '../logging/LogUtil';
import type { StorageLocationStrategy } from '../server/description/StorageLocationStrategy';
import { filter } from '../util/IterableUtil';
@@ -12,21 +11,19 @@ import type { AclPermissionSet } from './permissions/AclPermissionSet';
import type { PermissionMap } from './permissions/Permissions';
/**
* Allows control access if the request is being made by the owner of the pod containing the resource.
* Allows control access if the request is being made by an owner of the pod containing the resource.
*/
export class OwnerPermissionReader extends PermissionReader {
protected readonly logger = getLoggerFor(this);
private readonly podStore: PodStore;
private readonly webIdStore: WebIdStore;
private readonly authStrategy: AuxiliaryIdentifierStrategy;
private readonly storageStrategy: StorageLocationStrategy;
public constructor(podStore: PodStore, webIdStore: WebIdStore, authStrategy: AuxiliaryIdentifierStrategy,
public constructor(podStore: PodStore, authStrategy: AuxiliaryIdentifierStrategy,
storageStrategy: StorageLocationStrategy) {
super();
this.podStore = podStore;
this.webIdStore = webIdStore;
this.authStrategy = authStrategy;
this.storageStrategy = storageStrategy;
}
@@ -95,14 +92,19 @@ export class OwnerPermissionReader extends PermissionReader {
protected async findOwners(pods: string[]): Promise<Record<string, string[]>> {
const owners: Record<string, string[]> = {};
// Set to only have the unique values
for (const pod of new Set(pods)) {
const owner = await this.podStore.findAccount(pod);
if (!owner) {
this.logger.error(`Unable to find owner for ${pod}`);
for (const baseUrl of new Set(pods)) {
const pod = await this.podStore.findByBaseUrl(baseUrl);
if (!pod) {
this.logger.error(`Unable to find pod ${baseUrl}`);
continue;
}
owners[pod] = (await this.webIdStore.findLinks(owner)).map((link): string => link.webId);
const podOwners = await this.podStore.getOwners(pod.id);
if (!podOwners) {
this.logger.error(`Unable to find owners for ${baseUrl}`);
continue;
}
owners[baseUrl] = podOwners.map((owner): string => owner.webId);
}
return owners;
}