added acl basics

e99679cf · A. Koch · 8b2e8b12 · e99679cf · e99679cf · e99679cf
Commit e99679cf authored Jul 03, 2018 by A. Koch
6 changed files
--- a/config/default.json
+++ b/config/default.json
@@ -10,6 +10,14 @@
      "dbName": "motionbank-api"
    }
  },
+  "acl": {
+    "mongodb": {
+      "name": "acl",
+      "prefix": "acl_",
+      "url": "mongodb://localhost:27017/motionbank-api",
+      "dbName": "motionbank-api"
+    }
+  },
  "auth": {
    "jwks": {
      "cache": true,

--- a/package-lock.json
+++ b/package-lock.json
@@ -2203,20 +2203,21 @@
      }
    },
    "mongodb": {
-      "version": "3.0.10",
-      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.0.10.tgz",
-      "integrity": "sha512-jy9s4FgcM4rl8sHNETYHGeWcuRh9AlwQCUuMiTj041t/HD02HwyFgmm2VZdd9/mA9YNHaUJLqj0tzBx2QFivtg==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.0.tgz",
+      "integrity": "sha512-fSDZRq9FomRqeDSM7MpMTLa8sz+STs3nZ7Ib0+xvmaKZ6nquNDN4zGDsVhjto6UozFvHMDYJMAfJwhqUygXs9g==",
      "requires": {
-        "mongodb-core": "3.0.9"
+        "mongodb-core": "3.1.0"
      }
    },
    "mongodb-core": {
-      "version": "3.0.9",
-      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.0.9.tgz",
-      "integrity": "sha512-buOWjdLLBlEqjHDeHYSXqXx173wHMVp7bafhdHxSjxWdB9V6Ri4myTqxjYZwL/eGFZxvd8oRQSuhwuIDbaaB+g==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.0.tgz",
+      "integrity": "sha512-qRjG62Fu//CZhkgn0jA/k8jh5MhACIq8cOJUryH6sck87pgt+C222MSD02tsCq5zNo/B6ZFHtNodZ2qpf8E86g==",
      "requires": {
        "bson": "~1.0.4",
-        "require_optional": "^1.0.1"
+        "require_optional": "^1.0.1",
+        "saslprep": "^1.0.0"
      }
    },
    "morgan": {
@@ -2778,6 +2779,12 @@
      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
      "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
    },
+    "saslprep": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.0.tgz",
+      "integrity": "sha512-5lvKUEQ7lAN5/vPl5d3k8FQeDbEamu9kizfATfLLWV5h6Mkh1xcieR1FSsJkcSRUk49lF2tAW8gzXWVwtwZVhw==",
+      "optional": true
+    },
    "schema-object": {
      "version": "4.0.11",
      "resolved": "https://registry.npmjs.org/schema-object/-/schema-object-4.0.11.tgz",

--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
    "mbjs-data-models": "0.0.4",
    "mbjs-persistence": "^0.2.0",
    "mbjs-utils": "0.0.5",
-    "mongodb": "^3.0.10",
+    "mongodb": "^3.1.0",
    "morgan": "^1.9.0",
    "nedb": "^1.8.0",
    "polka": "^0.4.0",

--- a/src/acl.js
+++ b/src/acl.js
+const
+  Acl = require('acl'),
+  config = require('config'),
+  Backend = Acl.mongodbBackend,
+  { MongoDB } = require('mbjs-persistence')
+
+const setupACL = async function (app) {
+  const cfg = config.get('acl.mongodb')
+  const client = new MongoDB(cfg, 'uuid')
+  await client.connect()
+  const acl = new Acl(new Backend(client.db, cfg.prefix))
+  return acl
+}
+
+module.exports = setupACL
--- a/src/index.js
+++ b/src/index.js
@@ -10,61 +10,72 @@ const
  { json } = require('body-parser'),
  { ObjectUtil } = require('mbjs-utils')

-/**
- * HTTP server
- */
-const
-  host = config.get('http.host'),
-  port = config.get('http.port'),
-  server = http.createServer()
+const setup = async function () {
+  /**
+   * HTTP server
+   */
+  const
+    host = config.get('http.host'),
+    port = config.get('http.port'),
+    server = http.createServer()

-/**
- * Logger
- */
-const winston = require('winston')
-winston.level = process.env.NODE_ENV === 'production' ? 'error' : 'info'
-winston.level = process.env.LOG_LEVEL || winston.level
+  /**
+   * Logger
+   */
+  const winston = require('winston')
+  winston.level = process.env.NODE_ENV === 'production' ? 'error' : 'info'
+  winston.level = process.env.LOG_LEVEL || winston.level

-/**
- * Set up WebSockets (Primus)
- */
-const primus = new Primus(server, { transformer: 'uws' })
+  /**
+   * Set up WebSockets (Primus)
+   */
+  const primus = new Primus(server, { transformer: 'uws' })

-primus.on('connection', spark => {
-  winston.log('debug', `Spark ${spark.id} connected with address ${spark.address}`)
-})
+  primus.on('connection', spark => {
+    winston.log('debug', `Spark ${spark.id} connected with address ${spark.address}`)
+  })

-primus.on('disconnection', spark => {
-  winston.log('debug', `Spark ${spark.id} disconnected with address ${spark.address}`)
-})
+  primus.on('disconnection', spark => {
+    winston.log('debug', `Spark ${spark.id} disconnected with address ${spark.address}`)
+  })

-/**
- * Setup API server (Polka)
- */
-const
-  models = require('mbjs-data-models'),
-  Service = require('./service'),
-  app = polka({ server })
+  /**
+   * Setup API server (Polka)
+   */
+  const
+    models = require('mbjs-data-models'),
+    Service = require('./service'),
+    app = polka({ server })
+
+  const jwtCheck = jwt(ObjectUtil.merge({
+    secret: jwks.expressJwtSecret(config.get('auth.jwks'))
+  }, config.get('auth.jwt')))
+
+  app.use(cors, jwtCheck, json(), morgan(process.env.NODE_ENV === 'production' ? 'common' : 'dev'))

-const jwtCheck = jwt(ObjectUtil.merge({
-  secret: jwks.expressJwtSecret(config.get('auth.jwks'))
-}, config.get('auth.jwt')))
+  /**
+   * Set up ACL
+   */
+  const
+    setupACL = require('./acl'),
+    acl = await setupACL(app)

-app.use(cors, jwtCheck, json(), morgan(process.env.NODE_ENV === 'production' ? 'common' : 'dev'))
+  /**
+   * Configure resources
+   */
+  const annotations = new Service('annotations', app, models.Annotation, winston, acl)
+  annotations.on('message', message => primus.write(message))

-/**
- * Configure resources
- */
-const annotations = new Service('annotations', app, models.Annotation, winston)
-annotations.on('message', message => primus.write(message))
+  const maps = new Service('maps', app, models.Map, winston, acl)
+  maps.on('message', message => primus.write(message))

-const maps = new Service('maps', app, models.Map, winston)
-maps.on('message', message => primus.write(message))
+  const documents = new Service('documents', app, models.Document, winston, acl)
+  documents.on('message', message => primus.write(message))

-const documents = new Service('documents', app, models.Document, winston)
-documents.on('message', message => primus.write(message))
+  /**
+   * Start server
+   */
+  app.listen(port, host).then(() => winston.log('info', `API started on ${host}:${port}`))
+}

-/**
- * Start server
- */
-app.listen(port, host).then(() => winston.log('info', `API started on ${host}:${port}`))
+setup()
--- a/src/service.js
+++ b/src/service.js
@@ -6,10 +6,11 @@ const
  { MongoDB } = require('mbjs-persistence')

 class Service extends TinyEmitter {
-  constructor (name, app, model, logger) {
+  constructor (name, app, model, logger, acl) {
    super()

    this._name = name
+    this._acl = acl
    this._Model = model
    // TODO: make db adapter configurable (nedb, etc.)
    this._client = new MongoDB(ObjectUtil.merge({ name, logger }, config.get('resources.mongodb')), 'uuid')
@@ -93,6 +94,10 @@ class Service extends TinyEmitter {
    return this._client
  }

+  get acl () {
+    return this._acl
+  }
+
  get ModelConstructor () {
    return this._Model
  }