diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index abaaddc4add120bd8299586dbb3e65af1a6fb0b4..80adf30adb810c2f80b5eb6cf03028495a80b41e 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -31,6 +31,10 @@ "memcachedURL": "MEMCACHED_URL", "lifetime": "METADATA_CACHE_LIFETIME" }, + "memcached": { + "url": "MEMCACHED_URL", + "lifetime": "METADATA_CACHE_LIFETIME" + }, "apiKeys": { "youtube": "YOUTUBE_API_KEY", "vimeo": "VIMEO_ACCESS_TOKEN" diff --git a/config/default.json b/config/default.json index 1e9aa8e7c3a3fd59a4651c1762fbe9a8d1e92778..d744efaf7bf6d63ebb328487f0df60281d589f06 100644 --- a/config/default.json +++ b/config/default.json @@ -33,6 +33,10 @@ "memcachedURL": null, "lifetime": 86400 }, + "memcached": { + "url": null, + "lifetime": 86400 + }, "auth": { "jwks": { "cache": true, diff --git a/config/dev.json b/config/dev.json index 6ee7138500553cb5b4ffa40de23996208eff118c..351532e3789e768830e59c83b51d026f56a3d510 100644 --- a/config/dev.json +++ b/config/dev.json @@ -31,6 +31,10 @@ "memcachedURL": null, "lifetime": 86400 }, + "memcached": { + "url": null, + "lifetime": 86400 + }, "auth": { "jwks": { "cache": true, diff --git a/package-lock.json b/package-lock.json index 3129959fbf96fbf87b45dad4b910b48fd73e0261..9b0494d748f56c7dc855b3766f6f2dffc63e0b5e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -182,9 +182,9 @@ "integrity": "sha512-A2TAGbTFdBw9azHbpVd+/FkdW2T6msN1uct1O9bH3vTerEHKZhTXJUQXy+hNq1B0RagfU8U+KBdqiZpxjhOUQA==" }, "@types/node": { - "version": "10.7.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-10.7.1.tgz", - "integrity": "sha512-EGoI4ylB/lPOaqXqtzAyL8HcgOuCtH2hkEaLmkueOYufsTFWBn4VCvlCDC2HW8Q+9iF+QVC3sxjDKQYjHQeZ9w==" + "version": "10.9.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-10.9.3.tgz", + "integrity": "sha512-DOzWZKUnmFYG0KUOs+9HEBju2QhBU6oM2zeluunQNt0vnJvnkHvtDNlQPZDkTrkC5pZrNx1TPqeL137zciXZMQ==" }, "@types/range-parser": { "version": "1.2.2", @@ -859,6 +859,11 @@ "resolved": "https://registry.npmjs.org/connected/-/connected-0.0.2.tgz", "integrity": "sha1-e1dVshbOMf+rzMOOn04d/Bw7fG0=" }, + "connection-parse": { + "version": "0.0.7", + "resolved": "https://registry.npmjs.org/connection-parse/-/connection-parse-0.0.7.tgz", + "integrity": "sha1-GOcxiqsGppkmc3KxDFIm0locmmk=" + }, "contains-path": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz", @@ -1611,6 +1616,15 @@ "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", "dev": true }, + "hashring": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/hashring/-/hashring-3.2.0.tgz", + "integrity": "sha1-/aTv3oqiLNuX+x0qZeiEAeHBRM4=", + "requires": { + "connection-parse": "0.0.x", + "simple-lru-cache": "0.0.x" + } + }, "hosted-git-info": { "version": "2.7.1", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.7.1.tgz", @@ -1822,6 +1836,14 @@ "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" }, + "jackpot": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/jackpot/-/jackpot-0.0.6.tgz", + "integrity": "sha1-PP8GQoXL9m9OqyWTyQvOgWqCGEk=", + "requires": { + "retry": "0.6.0" + } + }, "js-tokens": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz", @@ -2214,9 +2236,9 @@ } }, "mbjs-generic-api": { - "version": "0.0.11", - "resolved": "https://registry.npmjs.org/mbjs-generic-api/-/mbjs-generic-api-0.0.11.tgz", - "integrity": "sha512-2s/vma3Pn0wYKrGG/zYY7RWd/dWl8WQdSlS8HBkryP+dRVx5XFYyd7FphfiAK90OKwHSYlou9sqVsMX4MhoY7A==", + "version": "0.0.15", + "resolved": "https://registry.npmjs.org/mbjs-generic-api/-/mbjs-generic-api-0.0.15.tgz", + "integrity": "sha512-TrVIXVPxAtK8cb6ysDTnpiY5sR05bfJGAQtDxBxl4YfIDchK3z7dQWEyd/KTPU+jXvv+/WDAejAROCuyL94o2w==", "requires": { "@polka/send-type": "^0.4.0", "acl": "^0.4.11", @@ -2227,6 +2249,7 @@ "express-jwt": "^5.3.1", "jwks-rsa": "^1.3.0", "mbjs-utils": "0.0.5", + "memcached": "^2.2.2", "mongodb": "^3.1.1", "morgan": "^1.9.0", "polka": "^0.4.0", @@ -2308,6 +2331,15 @@ "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" }, + "memcached": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/memcached/-/memcached-2.2.2.tgz", + "integrity": "sha1-aPhsz9hLz5PMJe1G1tf8DHUhydU=", + "requires": { + "hashring": "3.2.x", + "jackpot": ">=0.0.6" + } + }, "metapak": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/metapak/-/metapak-1.0.3.tgz", @@ -2992,6 +3024,11 @@ "signal-exit": "^3.0.2" } }, + "retry": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/retry/-/retry-0.6.0.tgz", + "integrity": "sha1-HAEHEyeab9Ho3vKK8MP/GHHKpTc=" + }, "rimraf": { "version": "2.6.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz", @@ -3133,6 +3170,11 @@ "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=", "dev": true }, + "simple-lru-cache": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/simple-lru-cache/-/simple-lru-cache-0.0.2.tgz", + "integrity": "sha1-1ZzDoZPBpdAyD4Tucy9uRxPlEd0=" + }, "simple-swizzle": { "version": "0.2.2", "resolved": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", diff --git a/package.json b/package.json index 375582bbf9e5f08fcec6ea9be89dc7eb8e2fbb96..100e83a9b045daec95c8674769c25f825ebfb58c 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "config": "^2.0.1", "luxon": "^1.3.3", "mbjs-data-models": "0.0.8", - "mbjs-generic-api": "0.0.11", + "mbjs-generic-api": "0.0.15", "mbjs-persistence": "^0.2.0", "mbjs-utils": "0.0.6", "mongodb": "^3.1.1", diff --git a/src/lib/service.js b/src/lib/service.js index 161cf2b662727192cd1952c1a53b3344b65dff53..841ac4d0d54ecdca277192fc49d6857bd65020c3 100644 --- a/src/lib/service.js +++ b/src/lib/service.js @@ -29,14 +29,14 @@ class Service extends TinyEmitter { async findHandler (req, res) { let results = await this._client.find(JSON.parse(req.query.query || '{}'), req.params) const userId = req.user ? req.user.uuid : 'anon' - const roles = req.user ? req.user.profile[`${config.api.auth0AppMetadataPrefix}roles`] || [] : [] + const roles = req.user ? req.user.profile.roles : ['public'] const items = [] for (let entry of results) { let allowed = false if (req.user && entry.author && entry.author.id === userId) allowed = true else { try { - allowed = await this._acl.areAnyRolesAllowed(['public'].concat(roles), entry.uuid, ['get']) + allowed = await this._acl.areAnyRolesAllowed(roles, entry.uuid, ['get']) } catch (err) { this._logger.error(`ACL error: ${err.message}`) @@ -49,7 +49,7 @@ class Service extends TinyEmitter { async getHandler (req, res) { const result = await this.client.get(req.params.id, req.params) - const roles = req.user ? req.user[`${config.api.auth0AppMetadataPrefix}roles`] || [] : [] + const roles = req.user ? req.user.profile.roles : ['public'] if (result) { let allowed = false if (req.user && result.author && result.author.id === req.user.uuid) allowed = true