Simplified/shrunk configuration output, support loading explicitly defined user rights.

coreybutler · coreybutler · commit 6e3fed358e2d · 2020-10-10T23:23:20.000-05:00
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@author.io/iam",
-  "version": "1.0.0-alpha.4",
+  "version": "1.0.0-alpha.5",
   "description": "A Identification and Authorization Management library.",
   "main": "src/index.js",
   "module": "index.js",
diff --git a/src/lib/actors/user.js b/src/lib/actors/user.js
@@ -67,9 +67,9 @@ export default class User extends Trace {
     })
 
     if (this.#explicitResourceRights.size > 0) {
-      result.assignedRights = {}
+      result.rights = {}
       for (const [resource, rights] of this.#explicitResourceRights.entries()) {
-        result.assignedRights[resource] = rights.map(r => r.data)
+        result.rights[resource] = rights.map(r => r.data)
       }
     }
 
diff --git a/src/lib/registry.js b/src/lib/registry.js
@@ -60,11 +60,91 @@ class Registry extends Base {
   }
 
   get configuration () {
+    function serializeRights (rights) {
+      return rights.map(r => {
+        return {
+          name: r.right === 'all' ? '*' : r.right.replace(':all', ':*'),
+          description: r.description
+        }
+      })
+    }
+
+    const roles = this.#roles.data.roles.map(r => {
+      const rights = {}
+      Object.keys(r.rights).forEach(name => { rights[name] = serializeRights(r.rights[name]).map(rt => rt.name) })
+      const result = {
+        name: r.name,
+        rights
+      }
+
+      if (r.description.trim().length > 0) {
+        result.description = r.description
+      }
+
+      return result
+    })
+
     const result = Object.assign({}, super.data, {
-      resources: this.#resources.data.resources,
-      roles: this.#roles.data.roles,
-      groups: this.#groups.data.groups,
-      users: this.#users.data.users
+      resources: this.#resources.data.resources.map(r => {
+        delete r.type
+        r.rights = serializeRights(r.rights)
+
+        if (!r.description || r.description.trim().length === 0) {
+          delete r.description
+        }
+
+        return r
+      }),
+      roles,
+      groups: this.#groups.data.groups.map(g => {
+        delete g.memberOf
+        delete g.type
+
+        if (g.description.trim().length === 0) {
+          delete g.description
+        }
+
+        if (g.members.length === 0) {
+          delete g.members
+        } else {
+          g.members = g.members.map(m => { return { name: m.name, type: m.type } })
+        }
+
+        g.roles = g.roles.map(r => r.name)
+        if (g.roles.length === 0) {
+          delete g.roles
+        }
+
+        return g
+      }),
+      users: this.#users.data.users.map(u => {
+        delete u.type
+
+        if (u.description.trim().length === 0) {
+          delete u.description
+        }
+
+        if (u.roles.length === 0) {
+          delete u.roles
+        }
+
+        if (u.groups.length === 0) {
+          delete u.groups
+        }
+
+        if (u.rights) {
+          const rights = {}
+          Object.keys(u.rights).forEach(name => { rights[name] = serializeRights(u.rights[name]).map(rt => rt.name) })
+
+          u.rights = rights
+
+          if (Object.keys(u.rights).length === 0) {
+            delete u.rights
+          }
+        }
+
+        return u
+      })
     })
 
     delete result.type
@@ -552,7 +632,7 @@ class Registry extends Base {
     if (cfg.resources) {
       for (const resource of cfg.resources) {
         const r = this.createResource(resource.name, resource.rights)
-        r.description = resource.description
+        r.description = resource.description || ''
       }
     }
 
@@ -583,7 +663,7 @@ class Registry extends Base {
           }
 
           if (Array.isArray(group.roles)) {
-            group.roles.forEach(r => g.assign(r.name))
+            group.roles.forEach(r => g.assign(r.name ? r.name : r))
           }
 
           if (Array.isArray(group.members) && group.members.filter(m => m.type === 'group').length > 0) {
@@ -616,7 +696,11 @@ class Registry extends Base {
         }
 
         if (Array.isArray(user.groups)) {
-          user.groups.forEach(g => u.join(g))
+          u.join(...user.groups)
+        }
+
+        if (typeof user.rights === 'object') {
+          u.setRight(user.rights)
         }
       }
     }

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@author.io/iam",`
`3`		`- "version": "1.0.0-alpha.4",`
	`3`	`+ "version": "1.0.0-alpha.5",`
`4`	`4`	`"description": "A Identification and Authorization Management library.",`
`5`	`5`	`"main": "src/index.js",`
`6`	`6`	`"module": "index.js",`
Original file line number	Diff line number	Diff line change
`@@ -67,9 +67,9 @@ export default class User extends Trace {`
`67`	`67`	`})`
`68`	`68`
`69`	`69`	`if (this.#explicitResourceRights.size > 0) {`
`70`		`- result.assignedRights = {}`
	`70`	`+ result.rights = {}`
`71`	`71`	`for (const [resource, rights] of this.#explicitResourceRights.entries()) {`
`72`		`- result.assignedRights[resource] = rights.map(r => r.data)`
	`72`	`+ result.rights[resource] = rights.map(r => r.data)`
`73`	`73`	`}`
`74`	`74`	`}`
`75`	`75`