feat: add simple permissions related handlers

2024-10-03 14:55:10 +00:00 · 2020-06-23 10:13:23 +02:00 · 2020-06-23 10:13:23 +02:00 · d983fca8f5
commit d983fca8f5
parent e0343fca54
7 changed files with 133 additions and 1 deletions
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -13,11 +13,13 @@ module.exports = {
  ],
  rules: {
    '@typescript-eslint/no-empty-interface': 'off',
+    '@typescript-eslint/no-unnecessary-condition': 'off', // problems with optional parameters
    '@typescript-eslint/space-before-function-paren': [ 'error', 'never' ],
-    'class-methods-use-this': 'off',
+    'class-methods-use-this': 'off', // conflicts with functions from interfaces that sometimes don't require `this`
    'comma-dangle': ['error', 'always-multiline'],
    'dot-location': ['error', 'property'],
    'lines-between-class-members': ['error', 'always', { exceptAfterSingleLine: true }],
+    'no-underscore-dangle': 'off', // conflicts with external libraries
    'padding-line-between-statements': 'off',
    'tsdoc/syntax': 'error',
  },
--- a/src/authentication/SimpleCredentialsExtractor.ts
+++ b/src/authentication/SimpleCredentialsExtractor.ts
@ -0,0 +1,16 @@
+import { Credentials } from './Credentials';
+import { CredentialsExtractor } from './CredentialsExtractor';
+import { HttpRequest } from '../server/HttpRequest';
+
+export class SimpleCredentialsExtractor extends CredentialsExtractor {
+  public async canHandle(): Promise<void> {
+    return undefined;
+  }
+
+  public async handle(input: HttpRequest): Promise<Credentials> {
+    if (input.headers.authorization) {
+      return { webID: input.headers.authorization };
+    }
+    return undefined;
+  }
+}
--- a/src/authorization/SimpleAuthorizer.ts
+++ b/src/authorization/SimpleAuthorizer.ts
@ -0,0 +1,14 @@
+import { UnsupportedHttpError } from '../util/errors/UnsupportedHttpError';
+import { Authorizer, AuthorizerArgs } from './Authorizer';
+
+export class SimpleAuthorizer extends Authorizer {
+  public async canHandle(input: AuthorizerArgs): Promise<void> {
+    if (!input.identifier || !input.permissions) {
+      throw new UnsupportedHttpError('Authorizer requires an identifier and permissions.');
+    }
+  }
+
+  public async handle(): Promise<void> {
+    return undefined;
+  }
+}
--- a/src/ldp/permissions/SimplePermissionsExtractor.ts
+++ b/src/ldp/permissions/SimplePermissionsExtractor.ts
@ -0,0 +1,18 @@
+import { Operation } from '../operations/Operation';
+import { PermissionSet } from './PermissionSet';
+import { PermissionsExtractor } from './PermissionsExtractor';
+
+export class SimplePermissionsExtractor extends PermissionsExtractor {
+  public async canHandle(): Promise<void> {
+    return undefined;
+  }
+
+  public async handle(input: Operation): Promise<PermissionSet> {
+    return {
+      read: input.method === 'GET',
+      append: false,
+      write: input.method === 'POST' || input.method === 'PUT',
+      delete: input.method === 'DELETE',
+    };
+  }
+}
--- a/test/unit/authentication/SimpleCredentialsExtractor.test.ts
+++ b/test/unit/authentication/SimpleCredentialsExtractor.test.ts
@ -0,0 +1,19 @@
+import { HttpRequest } from '../../../src/server/HttpRequest';
+import { SimpleCredentialsExtractor } from '../../../src/authentication/SimpleCredentialsExtractor';
+
+describe('A SimpleCredentialsExtractor', (): void => {
+  const extractor = new SimpleCredentialsExtractor();
+
+  it('can handle all input.', async(): Promise<void> => {
+    await expect(extractor.canHandle()).resolves.toBeUndefined();
+  });
+
+  it('returns undefined if there is no input.', async(): Promise<void> => {
+    await expect(extractor.handle({ headers: {}} as HttpRequest)).resolves.toBeUndefined();
+  });
+
+  it('returns the authorization header as webID if there is one.', async(): Promise<void> => {
+    await expect(extractor.handle({ headers: { authorization: 'test' }} as HttpRequest))
+      .resolves.toEqual({ webID: 'test' });
+  });
+});
--- a/test/unit/authorization/SimpleAuthorizer.test.ts
+++ b/test/unit/authorization/SimpleAuthorizer.test.ts
@ -0,0 +1,17 @@
+import { AuthorizerArgs } from '../../../src/authorization/Authorizer';
+import { SimpleAuthorizer } from '../../../src/authorization/SimpleAuthorizer';
+import { UnsupportedHttpError } from '../../../src/util/errors/UnsupportedHttpError';
+
+describe('A SimpleAuthorizer', (): void => {
+  const authorizer = new SimpleAuthorizer();
+
+  it('requires input to have an identifier and permissions.', async(): Promise<void> => {
+    await expect(authorizer.canHandle({ identifier: {}, permissions: {}} as AuthorizerArgs)).resolves.toBeUndefined();
+    await expect(authorizer.canHandle({ identifier: {}} as AuthorizerArgs)).rejects.toThrow(UnsupportedHttpError);
+    await expect(authorizer.canHandle({ permissions: {}} as AuthorizerArgs)).rejects.toThrow(UnsupportedHttpError);
+  });
+
+  it('always returns undefined.', async(): Promise<void> => {
+    await expect(authorizer.handle()).resolves.toBeUndefined();
+  });
+});
--- a/test/unit/ldp/permissions/SimplePermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/SimplePermissionsExtractor.test.ts
@ -0,0 +1,46 @@
+import { Operation } from '../../../../src/ldp/operations/Operation';
+import { SimplePermissionsExtractor } from '../../../../src/ldp/permissions/SimplePermissionsExtractor';
+
+describe('A SimplePermissionsExtractor', (): void => {
+  const extractor = new SimplePermissionsExtractor();
+
+  it('can handle all input.', async(): Promise<void> => {
+    await expect(extractor.canHandle()).resolves.toBeUndefined();
+  });
+
+  it('requires read for GET operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual({
+      read: true,
+      append: false,
+      write: false,
+      delete: false,
+    });
+  });
+
+  it('requires write for POST operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual({
+      read: false,
+      append: false,
+      write: true,
+      delete: false,
+    });
+  });
+
+  it('requires write for PUT operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'PUT' } as Operation)).resolves.toEqual({
+      read: false,
+      append: false,
+      write: true,
+      delete: false,
+    });
+  });
+
+  it('requires delete for DELETE operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'DELETE' } as Operation)).resolves.toEqual({
+      read: false,
+      append: false,
+      write: false,
+      delete: true,
+    });
+  });
+});