Commit a30f38bc authored by A. Koch's avatar A. Koch

update roles and cache config, update dependencies

parent b36737aa
...@@ -31,6 +31,10 @@ ...@@ -31,6 +31,10 @@
"memcachedURL": "MEMCACHED_URL", "memcachedURL": "MEMCACHED_URL",
"lifetime": "METADATA_CACHE_LIFETIME" "lifetime": "METADATA_CACHE_LIFETIME"
}, },
"memcached": {
"url": "MEMCACHED_URL",
"lifetime": "METADATA_CACHE_LIFETIME"
},
"apiKeys": { "apiKeys": {
"youtube": "YOUTUBE_API_KEY", "youtube": "YOUTUBE_API_KEY",
"vimeo": "VIMEO_ACCESS_TOKEN" "vimeo": "VIMEO_ACCESS_TOKEN"
......
...@@ -33,6 +33,10 @@ ...@@ -33,6 +33,10 @@
"memcachedURL": null, "memcachedURL": null,
"lifetime": 86400 "lifetime": 86400
}, },
"memcached": {
"url": null,
"lifetime": 86400
},
"auth": { "auth": {
"jwks": { "jwks": {
"cache": true, "cache": true,
......
...@@ -31,6 +31,10 @@ ...@@ -31,6 +31,10 @@
"memcachedURL": null, "memcachedURL": null,
"lifetime": 86400 "lifetime": 86400
}, },
"memcached": {
"url": null,
"lifetime": 86400
},
"auth": { "auth": {
"jwks": { "jwks": {
"cache": true, "cache": true,
......
...@@ -182,9 +182,9 @@ ...@@ -182,9 +182,9 @@
"integrity": "sha512-A2TAGbTFdBw9azHbpVd+/FkdW2T6msN1uct1O9bH3vTerEHKZhTXJUQXy+hNq1B0RagfU8U+KBdqiZpxjhOUQA==" "integrity": "sha512-A2TAGbTFdBw9azHbpVd+/FkdW2T6msN1uct1O9bH3vTerEHKZhTXJUQXy+hNq1B0RagfU8U+KBdqiZpxjhOUQA=="
}, },
"@types/node": { "@types/node": {
"version": "10.7.1", "version": "10.9.3",
"resolved": "https://registry.npmjs.org/@types/node/-/node-10.7.1.tgz", "resolved": "https://registry.npmjs.org/@types/node/-/node-10.9.3.tgz",
"integrity": "sha512-EGoI4ylB/lPOaqXqtzAyL8HcgOuCtH2hkEaLmkueOYufsTFWBn4VCvlCDC2HW8Q+9iF+QVC3sxjDKQYjHQeZ9w==" "integrity": "sha512-DOzWZKUnmFYG0KUOs+9HEBju2QhBU6oM2zeluunQNt0vnJvnkHvtDNlQPZDkTrkC5pZrNx1TPqeL137zciXZMQ=="
}, },
"@types/range-parser": { "@types/range-parser": {
"version": "1.2.2", "version": "1.2.2",
...@@ -859,6 +859,11 @@ ...@@ -859,6 +859,11 @@
"resolved": "https://registry.npmjs.org/connected/-/connected-0.0.2.tgz", "resolved": "https://registry.npmjs.org/connected/-/connected-0.0.2.tgz",
"integrity": "sha1-e1dVshbOMf+rzMOOn04d/Bw7fG0=" "integrity": "sha1-e1dVshbOMf+rzMOOn04d/Bw7fG0="
}, },
"connection-parse": {
"version": "0.0.7",
"resolved": "https://registry.npmjs.org/connection-parse/-/connection-parse-0.0.7.tgz",
"integrity": "sha1-GOcxiqsGppkmc3KxDFIm0locmmk="
},
"contains-path": { "contains-path": {
"version": "0.1.0", "version": "0.1.0",
"resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz", "resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz",
...@@ -1611,6 +1616,15 @@ ...@@ -1611,6 +1616,15 @@
"integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=",
"dev": true "dev": true
}, },
"hashring": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/hashring/-/hashring-3.2.0.tgz",
"integrity": "sha1-/aTv3oqiLNuX+x0qZeiEAeHBRM4=",
"requires": {
"connection-parse": "0.0.x",
"simple-lru-cache": "0.0.x"
}
},
"hosted-git-info": { "hosted-git-info": {
"version": "2.7.1", "version": "2.7.1",
"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.7.1.tgz", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.7.1.tgz",
...@@ -1822,6 +1836,14 @@ ...@@ -1822,6 +1836,14 @@
"resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
"integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo="
}, },
"jackpot": {
"version": "0.0.6",
"resolved": "https://registry.npmjs.org/jackpot/-/jackpot-0.0.6.tgz",
"integrity": "sha1-PP8GQoXL9m9OqyWTyQvOgWqCGEk=",
"requires": {
"retry": "0.6.0"
}
},
"js-tokens": { "js-tokens": {
"version": "3.0.2", "version": "3.0.2",
"resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz",
...@@ -2214,9 +2236,9 @@ ...@@ -2214,9 +2236,9 @@
} }
}, },
"mbjs-generic-api": { "mbjs-generic-api": {
"version": "0.0.11", "version": "0.0.15",
"resolved": "https://registry.npmjs.org/mbjs-generic-api/-/mbjs-generic-api-0.0.11.tgz", "resolved": "https://registry.npmjs.org/mbjs-generic-api/-/mbjs-generic-api-0.0.15.tgz",
"integrity": "sha512-2s/vma3Pn0wYKrGG/zYY7RWd/dWl8WQdSlS8HBkryP+dRVx5XFYyd7FphfiAK90OKwHSYlou9sqVsMX4MhoY7A==", "integrity": "sha512-TrVIXVPxAtK8cb6ysDTnpiY5sR05bfJGAQtDxBxl4YfIDchK3z7dQWEyd/KTPU+jXvv+/WDAejAROCuyL94o2w==",
"requires": { "requires": {
"@polka/send-type": "^0.4.0", "@polka/send-type": "^0.4.0",
"acl": "^0.4.11", "acl": "^0.4.11",
...@@ -2227,6 +2249,7 @@ ...@@ -2227,6 +2249,7 @@
"express-jwt": "^5.3.1", "express-jwt": "^5.3.1",
"jwks-rsa": "^1.3.0", "jwks-rsa": "^1.3.0",
"mbjs-utils": "0.0.5", "mbjs-utils": "0.0.5",
"memcached": "^2.2.2",
"mongodb": "^3.1.1", "mongodb": "^3.1.1",
"morgan": "^1.9.0", "morgan": "^1.9.0",
"polka": "^0.4.0", "polka": "^0.4.0",
...@@ -2308,6 +2331,15 @@ ...@@ -2308,6 +2331,15 @@
"resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz",
"integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g="
}, },
"memcached": {
"version": "2.2.2",
"resolved": "https://registry.npmjs.org/memcached/-/memcached-2.2.2.tgz",
"integrity": "sha1-aPhsz9hLz5PMJe1G1tf8DHUhydU=",
"requires": {
"hashring": "3.2.x",
"jackpot": ">=0.0.6"
}
},
"metapak": { "metapak": {
"version": "1.0.3", "version": "1.0.3",
"resolved": "https://registry.npmjs.org/metapak/-/metapak-1.0.3.tgz", "resolved": "https://registry.npmjs.org/metapak/-/metapak-1.0.3.tgz",
...@@ -2992,6 +3024,11 @@ ...@@ -2992,6 +3024,11 @@
"signal-exit": "^3.0.2" "signal-exit": "^3.0.2"
} }
}, },
"retry": {
"version": "0.6.0",
"resolved": "https://registry.npmjs.org/retry/-/retry-0.6.0.tgz",
"integrity": "sha1-HAEHEyeab9Ho3vKK8MP/GHHKpTc="
},
"rimraf": { "rimraf": {
"version": "2.6.2", "version": "2.6.2",
"resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz",
...@@ -3133,6 +3170,11 @@ ...@@ -3133,6 +3170,11 @@
"integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=", "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=",
"dev": true "dev": true
}, },
"simple-lru-cache": {
"version": "0.0.2",
"resolved": "https://registry.npmjs.org/simple-lru-cache/-/simple-lru-cache-0.0.2.tgz",
"integrity": "sha1-1ZzDoZPBpdAyD4Tucy9uRxPlEd0="
},
"simple-swizzle": { "simple-swizzle": {
"version": "0.2.2", "version": "0.2.2",
"resolved": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", "resolved": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz",
......
...@@ -29,14 +29,14 @@ class Service extends TinyEmitter { ...@@ -29,14 +29,14 @@ class Service extends TinyEmitter {
async findHandler (req, res) { async findHandler (req, res) {
let results = await this._client.find(JSON.parse(req.query.query || '{}'), req.params) let results = await this._client.find(JSON.parse(req.query.query || '{}'), req.params)
const userId = req.user ? req.user.uuid : 'anon' const userId = req.user ? req.user.uuid : 'anon'
const roles = req.user ? req.user.profile[`${config.api.auth0AppMetadataPrefix}roles`] || [] : [] const roles = req.user ? req.user.profile.roles : ['public']
const items = [] const items = []
for (let entry of results) { for (let entry of results) {
let allowed = false let allowed = false
if (req.user && entry.author && entry.author.id === userId) allowed = true if (req.user && entry.author && entry.author.id === userId) allowed = true
else { else {
try { try {
allowed = await this._acl.areAnyRolesAllowed(['public'].concat(roles), entry.uuid, ['get']) allowed = await this._acl.areAnyRolesAllowed(roles, entry.uuid, ['get'])
} }
catch (err) { catch (err) {
this._logger.error(`ACL error: ${err.message}`) this._logger.error(`ACL error: ${err.message}`)
...@@ -49,7 +49,7 @@ class Service extends TinyEmitter { ...@@ -49,7 +49,7 @@ class Service extends TinyEmitter {
async getHandler (req, res) { async getHandler (req, res) {
const result = await this.client.get(req.params.id, req.params) const result = await this.client.get(req.params.id, req.params)
const roles = req.user ? req.user[`${config.api.auth0AppMetadataPrefix}roles`] || [] : [] const roles = req.user ? req.user.profile.roles : ['public']
if (result) { if (result) {
let allowed = false let allowed = false
if (req.user && result.author && result.author.id === req.user.uuid) allowed = true if (req.user && result.author && result.author.id === req.user.uuid) allowed = true
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment