Map warrants to correct params before making access check request

stanleyphu · stanleyphu · commit 434e10e41e91 · 2023-07-13T12:43:55.000-07:00
diff --git a/src/modules/Authorization.ts b/src/modules/Authorization.ts
@@ -1,17 +1,16 @@
 import Feature from "./Feature";
 import Permission from "./Permission";
-import Check, { AccessCheckRequest, CheckMany, CheckWarrantRequest, FeatureCheck, PermissionCheck } from "../types/Check";
+import Check, { AccessCheckRequest, CheckMany, CheckWarrant, FeatureCheck, PermissionCheck } from "../types/Check";
 import Warrant, { isSubject, isWarrantObject } from "../types/Warrant";
 import WarrantClient from "../WarrantClient";
 
 export default class Authorization {
     public static async check(check: Check): Promise<boolean> {
         const accessCheckRequest: AccessCheckRequest = {
             warrants: [{
-                objectType: isWarrantObject(check.object) ? check.object.getObjectType() : check.object.objectType,
-                objectId: isWarrantObject(check.object) ? check.object.getObjectId() : check.object.objectId,
+                object: check.object,
                 relation: check.relation,
-                subject: isSubject(check.subject) ? check.subject : { objectType: check.subject.getObjectType(), objectId: check.subject.getObjectId() },
+                subject: check.subject,
                 context: check.context
             }],
             debug: check.debug
@@ -24,12 +23,11 @@ export default class Authorization {
     }
 
     public static async checkMany(check: CheckMany): Promise<boolean> {
-        let warrants: CheckWarrantRequest[] = check.warrants.map((warrant) => {
+        let warrants: CheckWarrant[] = check.warrants.map((warrant) => {
             return {
-                objectType: isWarrantObject(warrant.object) ? warrant.object.getObjectType() : warrant.object.objectType,
-                objectId: isWarrantObject(warrant.object) ? warrant.object.getObjectId() : warrant.object.objectId,
+                object: warrant.object,
                 relation: warrant.relation,
-                subject: isSubject(warrant.subject) ? warrant.subject : { objectType: warrant.subject.getObjectType(), objectId: warrant.subject.getObjectId() },
+                subject: warrant.subject,
                 context: warrant.context
             }
         })
@@ -69,9 +67,13 @@ export default class Authorization {
     // Private methods
     private static async authorize(accessCheckRequest: AccessCheckRequest): Promise<boolean> {
         try {
+
             const response = await WarrantClient.httpClient.post({
                 url: "/v2/authorize",
-                data: accessCheckRequest,
+                data: {
+                    ...accessCheckRequest,
+                    warrants: this.mapWarrantsForRequest(accessCheckRequest.warrants),
+                },
             });
 
             return response.code === 200;
@@ -80,21 +82,36 @@ export default class Authorization {
         }
     }
 
-    private static async edgeAuthorize(warrantCheck: AccessCheckRequest): Promise<boolean> {
+    private static async edgeAuthorize(accessCheckRequest: AccessCheckRequest): Promise<boolean> {
         try {
             const response = await WarrantClient.httpClient.post({
                 baseUrl: WarrantClient.config.authorizeEndpoint,
                 url: "/v2/authorize",
-                data: warrantCheck,
+                data: {
+                    ...accessCheckRequest,
+                    warrants: this.mapWarrantsForRequest(accessCheckRequest.warrants),
+                },
             });
 
             return response.code === 200;
         } catch (e) {
             if (e.code === "cache_not_ready") {
-                return this.authorize(warrantCheck);
+                return this.authorize(accessCheckRequest);
             }
 
             throw e;
         }
     }
+
+    private static mapWarrantsForRequest(warrants: CheckWarrant[]): any[] {
+        return warrants.map((warrant) => {
+            return {
+                objectType: isWarrantObject(warrant.object) ? warrant.object.getObjectType() : warrant.object.objectType,
+                objectId: isWarrantObject(warrant.object) ? warrant.object.getObjectId() : warrant.object.objectId,
+                relation: warrant.relation,
+                subject: isSubject(warrant.subject) ? warrant.subject : { objectType: warrant.subject.getObjectType(), objectId: warrant.subject.getObjectId() },
+                context: warrant.context
+            }
+        })
+    }
 }
diff --git a/src/types/Check.ts b/src/types/Check.ts
@@ -36,16 +36,8 @@ export interface PermissionCheck {
     debug?: boolean;
 }
 
-export interface CheckWarrantRequest {
-    objectType: string;
-    objectId: string;
-    relation: string;
-    subject: WarrantObject | Subject;
-    context?: PolicyContext;
-}
-
 export interface AccessCheckRequest {
     op?: CheckOp;
-    warrants: CheckWarrantRequest[];
+    warrants: CheckWarrant[];
     debug?: boolean;
 }
