Add support for creating / deleting warrants with a policy

stanleyphu · stanleyphu · commit 254164a677ad · 2023-07-12T01:56:42.000-07:00
diff --git a/src/modules/Authorization.ts b/src/modules/Authorization.ts
@@ -1,6 +1,6 @@
 import Feature from "./Feature";
 import Permission from "./Permission";
-import Check, { AccessCheckRequest, CheckMany, FeatureCheck, PermissionCheck } from "../types/Check";
+import Check, { AccessCheckRequest, CheckMany, CheckWarrantRequest, FeatureCheck, PermissionCheck } from "../types/Check";
 import Warrant, { isSubject, isWarrantObject } from "../types/Warrant";
 import WarrantClient from "../WarrantClient";
 
@@ -24,7 +24,7 @@ export default class Authorization {
     }
 
     public static async checkMany(check: CheckMany): Promise<boolean> {
-        let warrants: Warrant[] = check.warrants.map((warrant) => {
+        let warrants: CheckWarrantRequest[] = check.warrants.map((warrant) => {
             return {
                 objectType: isWarrantObject(warrant.object) ? warrant.object.getObjectType() : warrant.object.objectType,
                 objectId: isWarrantObject(warrant.object) ? warrant.object.getObjectId() : warrant.object.objectId,
diff --git a/src/modules/PricingTier.ts b/src/modules/PricingTier.ts
@@ -5,7 +5,7 @@ import WarrantClient from "../WarrantClient";
 import { ListFeatureOptions } from "../types/Feature";
 import { ObjectType } from "../types/ObjectType";
 import { CreatePricingTierParams, ListPricingTierOptions } from "../types/PricingTier";
-import Warrant, { Context, WarrantObject } from "../types/Warrant";
+import Warrant, { PolicyContext, WarrantObject } from "../types/Warrant";
 
 export default class PricingTier implements WarrantObject {
     pricingTierId: string;
@@ -160,7 +160,7 @@ export default class PricingTier implements WarrantObject {
         return Feature.removeFeatureFromPricingTier(this.pricingTierId, featureId);
     }
 
-    public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {
+    public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {
         return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.PricingTier, objectId: this.pricingTierId }, context: context });
     }
 
diff --git a/src/modules/Role.ts b/src/modules/Role.ts
@@ -5,7 +5,7 @@ import WarrantClient from "../WarrantClient";
 import { ObjectType } from "../types/ObjectType";
 import { ListPermissionOptions } from "../types/Permission";
 import { CreateRoleParams, ListRoleOptions, UpdateRoleParams } from "../types/Role";
-import Warrant, { Context, WarrantObject } from "../types/Warrant";
+import Warrant, { PolicyContext, WarrantObject } from "../types/Warrant";
 
 export default class Role implements WarrantObject {
     roleId: string;
@@ -136,7 +136,7 @@ export default class Role implements WarrantObject {
         return Permission.removePermissionFromRole(this.roleId, permissionId);
     }
 
-    public async hasPermission(permissionId: string, context: Context = {}): Promise<boolean> {
+    public async hasPermission(permissionId: string, context: PolicyContext = {}): Promise<boolean> {
         return Authorization.hasPermission({ permissionId: permissionId, subject: { objectType: ObjectType.Role, objectId: this.roleId }, context: context });
     }
 
diff --git a/src/modules/Tenant.ts b/src/modules/Tenant.ts
@@ -9,7 +9,7 @@ import { ObjectType } from "../types/ObjectType";
 import { ListPricingTierOptions } from "../types/PricingTier";
 import { CreateTenantParams, ListTenantOptions, UpdateTenantParams } from "../types/Tenant";
 import { ListUserOptions } from "../types/User";
-import { Context, WarrantObject } from "../types/Warrant";
+import { PolicyContext, WarrantObject } from "../types/Warrant";
 
 export default class Tenant implements WarrantObject {
     // Tenant properties
@@ -150,7 +150,7 @@ export default class Tenant implements WarrantObject {
         return Feature.removeFeatureFromTenant(this.tenantId, featureId);
     }
 
-    public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {
+    public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {
         return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.Tenant, objectId: this.tenantId }, context: context });
     }
 
diff --git a/src/modules/User.ts b/src/modules/User.ts
@@ -13,7 +13,7 @@ import { ListPricingTierOptions } from "../types/PricingTier";
 import { ListRoleOptions } from "../types/Role";
 import { CreateUserParams, ListUserOptions, UpdateUserParams } from "../types/User";
 import { ListTenantOptions } from "../types/Tenant";
-import { Context, WarrantObject } from "../types/Warrant";
+import { PolicyContext, WarrantObject } from "../types/Warrant";
 import WarrantModule from "./WarrantModule";
 
 export default class User implements WarrantObject {
@@ -174,7 +174,7 @@ export default class User implements WarrantObject {
         return Permission.removePermissionFromUser(this.userId, permissionId);
     }
 
-    public async hasPermission(permissionId: string, context: Context = {}): Promise<boolean> {
+    public async hasPermission(permissionId: string, context: PolicyContext = {}): Promise<boolean> {
         return Authorization.hasPermission({ permissionId: permissionId, subject: { objectType: ObjectType.User, objectId: this.userId }, context: context });
     }
 
@@ -202,7 +202,7 @@ export default class User implements WarrantObject {
         return Feature.removeFeatureFromUser(this.userId, featureId);
     }
 
-    public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {
+    public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {
         return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.User, objectId: this.userId }, context: context });
     }
 
diff --git a/src/modules/WarrantModule.ts b/src/modules/WarrantModule.ts
@@ -12,7 +12,7 @@ export default class WarrantModule {
                     objectId: isWarrantObject(warrant.object) ? warrant.object.getObjectId() : warrant.object.objectId,
                     relation: warrant.relation,
                     subject: isSubject(warrant.subject) ? warrant.subject : { objectType: warrant.subject.getObjectType(), objectId: warrant.subject.getObjectId() },
-                    context: warrant.context
+                    policy: warrant.policy
                 },
             });
         } catch (e) {
@@ -29,7 +29,7 @@ export default class WarrantModule {
                     objectId: isWarrantObject(warrant.object) ? warrant.object.getObjectId() : warrant.object.objectId,
                     relation: warrant.relation,
                     subject: isSubject(warrant.subject) ? warrant.subject : { objectType: warrant.subject.getObjectType(), objectId: warrant.subject.getObjectId() },
-                    context: warrant.context
+                    policy: warrant.policy
                 },
             });
         } catch (e) {
diff --git a/src/types/Check.ts b/src/types/Check.ts
@@ -1,4 +1,4 @@
-import Warrant, { Context, Subject, WarrantObject, WarrantObjectLiteral } from "./Warrant";
+import Warrant, { PolicyContext, Subject, WarrantObject, WarrantObjectLiteral } from "./Warrant";
 
 export enum CheckOp {
     AllOf = "allOf",
@@ -9,7 +9,7 @@ export interface CheckWarrant {
     object: WarrantObject | WarrantObjectLiteral;
     relation: string;
     subject: WarrantObject | Subject;
-    context?: Context;
+    context?: PolicyContext;
 }
 
 export default interface Check extends CheckWarrant {
@@ -25,19 +25,27 @@ export interface CheckMany {
 export interface FeatureCheck {
     featureId: string;
     subject: WarrantObject | Subject;
-    context?: Context;
+    context?: PolicyContext;
     debug?: boolean;
 }
 
 export interface PermissionCheck {
     permissionId: string;
     subject: WarrantObject | Subject;
-    context?: Context;
+    context?: PolicyContext;
     debug?: boolean;
 }
 
+export interface CheckWarrantRequest {
+    objectType: string;
+    objectId: string;
+    relation: string;
+    subject: WarrantObject | Subject;
+    context?: PolicyContext;
+}
+
 export interface AccessCheckRequest {
     op?: CheckOp;
-    warrants: Warrant[];
+    warrants: CheckWarrantRequest[];
     debug?: boolean;
 }
diff --git a/src/types/Query.ts b/src/types/Query.ts
@@ -1,17 +1,17 @@
-import { Context, isSubject, isWarrantObject, Subject, WarrantObject, WarrantObjectLiteral } from "./Warrant";
+import { isSubject, isWarrantObject, PolicyContext, Subject, WarrantObject, WarrantObjectLiteral } from "./Warrant";
 
 export interface ForClause {
     object?: WarrantObject | WarrantObjectLiteral;
     relation?: string;
     subject?: Subject | WarrantObject;
-    context?: Context;
+    context?: PolicyContext;
 }
 
 export interface WhereClause {
     object?: WarrantObject | WarrantObjectLiteral;
     relation?: string;
     subject?: Subject | WarrantObject;
-    context?: Context;
+    context?: PolicyContext;
 }
 
 export default class Query {
diff --git a/src/types/Session.ts b/src/types/Session.ts
@@ -1,9 +1,9 @@
-import { Context } from "./Warrant";
+import { PolicyContext } from "./Warrant";
 
 export interface SessionParams {
     userId: string;
     ttl?: number;
-    context?: Context;
+    context?: PolicyContext;
 }
 
 export interface SelfServiceSessionParams extends SessionParams {
diff --git a/src/types/Warrant.ts b/src/types/Warrant.ts
@@ -7,8 +7,8 @@ export interface ListWarrantOptions extends ListOptions {
     userId?: string;
 }
 
-export interface Context {
-    [key: string]: string;
+export interface PolicyContext {
+    [key: string]: any;
 }
 
 export interface Subject {
@@ -27,7 +27,7 @@ export default interface Warrant {
     objectId: string;
     relation: string;
     subject: Subject;
-    context?: Context;
+    policy?: string;
 }
 
 export interface WarrantObject {
@@ -48,5 +48,5 @@ export interface WarrantParams {
     object: WarrantObject | WarrantObjectLiteral;
     relation: string;
     subject: WarrantObject | Subject;
-    context?: Context;
+    policy?: string;
 }
diff --git a/src/types/index.ts b/src/types/index.ts
@@ -8,5 +8,5 @@ export { CreateRoleParams, ListRoleOptions, UpdateRoleParams } from "./Role";
 export { SessionParams, SelfServiceSessionParams, SelfServiceStrategy } from "./Session";
 export { CreateTenantParams, ListTenantOptions, UpdateTenantParams } from "./Tenant";
 export { CreateUserParams, ListUserOptions, UpdateUserParams } from "./User";
-export { default as Warrant, ListWarrantOptions, Context, Subject, WarrantObject } from "./Warrant";
+export { default as Warrant, ListWarrantOptions, PolicyContext, Subject, WarrantObject } from "./Warrant";
 export { default as Check, CheckMany, CheckOp, CheckWarrant, FeatureCheck, PermissionCheck } from "./Check";

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ import WarrantClient from "../WarrantClient";`
`5`	`5`	`import { ListFeatureOptions } from "../types/Feature";`
`6`	`6`	`import { ObjectType } from "../types/ObjectType";`
`7`	`7`	`import { CreatePricingTierParams, ListPricingTierOptions } from "../types/PricingTier";`
`8`		`-import Warrant, { Context, WarrantObject } from "../types/Warrant";`
	`8`	`+import Warrant, { PolicyContext, WarrantObject } from "../types/Warrant";`
`9`	`9`
`10`	`10`	`export default class PricingTier implements WarrantObject {`
`11`	`11`	`pricingTierId: string;`
`@@ -160,7 +160,7 @@ export default class PricingTier implements WarrantObject {`
`160`	`160`	`return Feature.removeFeatureFromPricingTier(this.pricingTierId, featureId);`
`161`	`161`	`}`
`162`	`162`
`163`		`- public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {`
	`163`	`+ public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {`
`164`	`164`	`return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.PricingTier, objectId: this.pricingTierId }, context: context });`
`165`	`165`	`}`
`166`	`166`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ import WarrantClient from "../WarrantClient";`
`5`	`5`	`import { ObjectType } from "../types/ObjectType";`
`6`	`6`	`import { ListPermissionOptions } from "../types/Permission";`
`7`	`7`	`import { CreateRoleParams, ListRoleOptions, UpdateRoleParams } from "../types/Role";`
`8`		`-import Warrant, { Context, WarrantObject } from "../types/Warrant";`
	`8`	`+import Warrant, { PolicyContext, WarrantObject } from "../types/Warrant";`
`9`	`9`
`10`	`10`	`export default class Role implements WarrantObject {`
`11`	`11`	`roleId: string;`
`@@ -136,7 +136,7 @@ export default class Role implements WarrantObject {`
`136`	`136`	`return Permission.removePermissionFromRole(this.roleId, permissionId);`
`137`	`137`	`}`
`138`	`138`
`139`		`- public async hasPermission(permissionId: string, context: Context = {}): Promise<boolean> {`
	`139`	`+ public async hasPermission(permissionId: string, context: PolicyContext = {}): Promise<boolean> {`
`140`	`140`	`return Authorization.hasPermission({ permissionId: permissionId, subject: { objectType: ObjectType.Role, objectId: this.roleId }, context: context });`
`141`	`141`	`}`
`142`	`142`
Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ import { ObjectType } from "../types/ObjectType";`
`9`	`9`	`import { ListPricingTierOptions } from "../types/PricingTier";`
`10`	`10`	`import { CreateTenantParams, ListTenantOptions, UpdateTenantParams } from "../types/Tenant";`
`11`	`11`	`import { ListUserOptions } from "../types/User";`
`12`		`-import { Context, WarrantObject } from "../types/Warrant";`
	`12`	`+import { PolicyContext, WarrantObject } from "../types/Warrant";`
`13`	`13`
`14`	`14`	`export default class Tenant implements WarrantObject {`
`15`	`15`	`// Tenant properties`
`@@ -150,7 +150,7 @@ export default class Tenant implements WarrantObject {`
`150`	`150`	`return Feature.removeFeatureFromTenant(this.tenantId, featureId);`
`151`	`151`	`}`
`152`	`152`
`153`		`- public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {`
	`153`	`+ public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {`
`154`	`154`	`return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.Tenant, objectId: this.tenantId }, context: context });`
`155`	`155`	`}`
`156`	`156`
Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ import { ListPricingTierOptions } from "../types/PricingTier";`
`13`	`13`	`import { ListRoleOptions } from "../types/Role";`
`14`	`14`	`import { CreateUserParams, ListUserOptions, UpdateUserParams } from "../types/User";`
`15`	`15`	`import { ListTenantOptions } from "../types/Tenant";`
`16`		`-import { Context, WarrantObject } from "../types/Warrant";`
	`16`	`+import { PolicyContext, WarrantObject } from "../types/Warrant";`
`17`	`17`	`import WarrantModule from "./WarrantModule";`
`18`	`18`
`19`	`19`	`export default class User implements WarrantObject {`
`@@ -174,7 +174,7 @@ export default class User implements WarrantObject {`
`174`	`174`	`return Permission.removePermissionFromUser(this.userId, permissionId);`
`175`	`175`	`}`
`176`	`176`
`177`		`- public async hasPermission(permissionId: string, context: Context = {}): Promise<boolean> {`
	`177`	`+ public async hasPermission(permissionId: string, context: PolicyContext = {}): Promise<boolean> {`
`178`	`178`	`return Authorization.hasPermission({ permissionId: permissionId, subject: { objectType: ObjectType.User, objectId: this.userId }, context: context });`
`179`	`179`	`}`
`180`	`180`
`@@ -202,7 +202,7 @@ export default class User implements WarrantObject {`
`202`	`202`	`return Feature.removeFeatureFromUser(this.userId, featureId);`
`203`	`203`	`}`
`204`	`204`
`205`		`- public async hasFeature(featureId: string, context: Context = {}): Promise<boolean> {`
	`205`	`+ public async hasFeature(featureId: string, context: PolicyContext = {}): Promise<boolean> {`
`206`	`206`	`return Authorization.hasFeature({ featureId: featureId, subject: { objectType: ObjectType.User, objectId: this.userId }, context: context });`
`207`	`207`	`}`
`208`	`208`
Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,8 @@ export interface ListWarrantOptions extends ListOptions {`
`7`	`7`	`userId?: string;`
`8`	`8`	`}`
`9`	`9`
`10`		`-export interface Context {`
`11`		`- [key: string]: string;`
	`10`	`+export interface PolicyContext {`
	`11`	`+ [key: string]: any;`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`export interface Subject {`
`@@ -27,7 +27,7 @@ export default interface Warrant {`
`27`	`27`	`objectId: string;`
`28`	`28`	`relation: string;`
`29`	`29`	`subject: Subject;`
`30`		`- context?: Context;`
	`30`	`+ policy?: string;`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`export interface WarrantObject {`
`@@ -48,5 +48,5 @@ export interface WarrantParams {`
`48`	`48`	`object: WarrantObject \| WarrantObjectLiteral;`
`49`	`49`	`relation: string;`
`50`	`50`	`subject: WarrantObject \| Subject;`
`51`		`- context?: Context;`
	`51`	`+ policy?: string;`
`52`	`52`	`}`