Clean up and standardie terminology

Tom Kirkpatrick · Tom Kirkpatrick · commit 1fb38a8bc9b1 · 2016-02-04T01:31:20.000-05:00
diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 This loopback component enables you to add multi-tenant style access controls to a loopback application. It enables you
 to restrict access to model data based on a users roles within a specific context.
 
-# Usage
+## Usage
 
 **Installation**
 
@@ -35,37 +35,39 @@ Options:
 
   [String] : The name of the model that should be used to register group access role resolvers. *(default: 'Role')*
 
-- `accessGroupModel`
-
-  [String] : The name of the model that should be used to store and check group access roles. *(default: 'AccessGroup')*
-
 - `groupModel`
 
   [String] : The model that is considered as a group. *(default: 'Group')*
 
-- `foreignKey`
+- `groupAccessModel`
 
-  [String] : The foreign key that should be used to determine which access group a model belongs to. *(default: 'groupId')*
+  [String] : The name of the model that should be used to store and check group access roles. *(default: 'GroupAccess')*
 
-- `accessGroups`
+- `groupRoles`
 
   [Array] : A list of group names. *(default: [ '$group:admin', '$group:member' ])*
 
-# Tests
+- `foreignKey`
+
+  [String] : The foreign key that should be used to determine which access group a model belongs to. *(default: 'groupId')*
+
+## Tests
 
 ### Roles
 
-**everyone**
-  noinvoice
+The following group roles roles are configured in the test data.
+
+ - **everyone**  
+none
 
-**authenticated**
-  noinvoice
+ - **authenticated**  
+none
 
-**$group:admin**
-  create, read, update, delete
+ - **$group:member**  
+read
 
-**$group:manager**
-  create, read, update, delete
+ - **$group:manager**  
+create, read, update
 
-**$group:member**
-  create, read, update
+ - **$group:admin**  
+create, read, update, delete
diff --git a/lib/utils.js b/lib/utils.js
@@ -12,18 +12,18 @@ module.exports = class AccessUtils {
     this.options = _defaults({ }, options, {
       userModel: 'User',
       roleModel: 'Role',
-      accessGroupModel: 'AccessGroup',
       groupModel: 'Group',
-      accessGroups: [
+      groupAccessModel: 'GroupAccess',
+      groupRoles: [
         '$group:admin',
         '$group:member'
       ]
     });
     // Default the foreignKey to the group model name + Id.
     this.options.foreignKey = this.options.foreignKey || `${this.options.groupModel.toLowerCase()}Id`;
 
-    // Validate the format of options.accessGroups ($group:[role]).
-    this.options.accessGroups.forEach(name => {
+    // Validate the format of options.groupRoles ($group:[role]).
+    this.options.groupRoles.forEach(name => {
       if (!this.isValidPrincipalId(name)) {
         throw new Error('$name is an invalid access group name.');
       }
@@ -38,7 +38,7 @@ module.exports = class AccessUtils {
    * Register a dynamic role resolver for each defined access group.
    */
   setupRoleResolvers() {
-    this.options.accessGroups.forEach(accessGroup => {
+    this.options.groupRoles.forEach(accessGroup => {
       this.setupRoleResolver(accessGroup);
     });
   }
@@ -137,7 +137,7 @@ module.exports = class AccessUtils {
       const modelClass = this.app.models[modelName];
 
       // TODO: Should we allow the access group model to be treated as a group content model too?
-      if (modelName === this.options.accessGroupModel) {
+      if (modelName === this.options.groupAccessModel) {
         return;
       }
 
@@ -177,7 +177,7 @@ module.exports = class AccessUtils {
     }
 
     // Otherwise lookup from the datastore.
-    this.app.models[this.options.accessGroupModel].find({
+    this.app.models[this.options.groupAccessModel].find({
       where: {
         userId
       }
@@ -263,7 +263,7 @@ module.exports = class AccessUtils {
     Role.registerResolver(accessGroup, (role, context, cb) => {
       const currentUserId = context.accessToken.userId;
       const roleName = this.extractRoleName(role);
-      const AccessGroup = this.app.models[this.options.accessGroupModel];
+      const GroupAccess = this.app.models[this.options.groupAccessModel];
       const scope = { };
 
       // Do not allow anonymous users.
@@ -289,12 +289,12 @@ module.exports = class AccessUtils {
           const conditions = { userId: currentUserId, role: roleName };
 
           conditions[this.options.foreignKey] = currentGroupId;
-          actions.push(AccessGroup.count(conditions));
+          actions.push(GroupAccess.count(conditions));
 
           // If this is an attempt to save the item into a new group, check the user has access to the target group.
           if (targetGroupId && targetGroupId !== currentGroupId) {
             conditions[this.options.foreignKey] = targetGroupId;
-            actions.push(AccessGroup.count(conditions));
+            actions.push(GroupAccess.count(conditions));
           }
 
           return actions;
diff --git a/test/fixtures/simple-app/server/component-config.json b/test/fixtures/simple-app/server/component-config.json
@@ -10,15 +10,15 @@
   "../../../../lib": {
     "userModel": "user",
     "roleModel": "Role",
-    "accessGroupModel": "Team",
+    "groupAccessModel": "Team",
     "groupModel": "Store",
     "foreignKey": "storeId",
-    "accessGroups": [
+    "groupRoles": [
       "$group:admin",
       "$group:manager",
       "$group:member"
     ],
-    "accessGroupModels": [
+    "groupAccessModels": [
       "Invoice",
       "Transaction"
     ]
