You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
112 lines
3.3 KiB
112 lines
3.3 KiB
import type { GetWacRuleSuccess } from "./results/GetWacRuleSuccess";
|
|
import { guaranteeFetch } from "../../util/guaranteeFetch";
|
|
import type { BasicRequestOptions } from "../../requester/requests/requestOptions";
|
|
import type { HttpErrorResultType } from "../../requester/results/error/HttpErrorResult";
|
|
import { HttpErrorResult } from "../../requester/results/error/HttpErrorResult";
|
|
import type { NoncompliantPodError } from "../../requester/results/error/NoncompliantPodError";
|
|
import type { UnexpectedResourceError } from "../../requester/results/error/ErrorResult";
|
|
import { rawTurtleToDataset } from "../../util/rdfUtils";
|
|
import { AuthorizationShapeType } from "../../.ldo/wac.shapeTypes";
|
|
import type { AccessModeList, WacRule } from "./WacRule";
|
|
import type { Authorization } from "../../.ldo/wac.typings";
|
|
import type { WacRuleAbsent } from "./results/WacRuleAbsent";
|
|
|
|
export type GetWacRuleError =
|
|
| HttpErrorResultType
|
|
| NoncompliantPodError
|
|
| UnexpectedResourceError;
|
|
export type GetWacRuleResult =
|
|
| GetWacRuleSuccess
|
|
| GetWacRuleError
|
|
| WacRuleAbsent;
|
|
|
|
export async function getWacRuleWithAclUri(
|
|
aclUri: string,
|
|
options?: BasicRequestOptions,
|
|
): Promise<GetWacRuleResult> {
|
|
const fetch = guaranteeFetch(options?.fetch);
|
|
const response = await fetch(aclUri);
|
|
const errorResult = HttpErrorResult.checkResponse(aclUri, response);
|
|
if (errorResult) return errorResult;
|
|
|
|
if (response.status === 404) {
|
|
return {
|
|
type: "wacRuleAbsent",
|
|
uri: aclUri,
|
|
isError: false,
|
|
};
|
|
}
|
|
|
|
// Parse Turtle
|
|
const rawTurtle = await response.text();
|
|
const rawTurtleResult = await rawTurtleToDataset(rawTurtle, aclUri);
|
|
if (rawTurtleResult.isError) return rawTurtleResult;
|
|
const dataset = rawTurtleResult.dataset;
|
|
const authorizations = dataset
|
|
.usingType(AuthorizationShapeType)
|
|
.matchSubject(
|
|
"http://www.w3.org/1999/02/22-rdf-syntax-ns#type",
|
|
"http://www.w3.org/ns/auth/acl#Authorization",
|
|
);
|
|
|
|
const wacRule: WacRule = {
|
|
public: {
|
|
read: false,
|
|
write: false,
|
|
append: false,
|
|
control: false,
|
|
},
|
|
authenticated: {
|
|
read: false,
|
|
write: false,
|
|
append: false,
|
|
control: false,
|
|
},
|
|
agent: {},
|
|
};
|
|
|
|
function applyAccessModesToList(
|
|
accessModeList: AccessModeList,
|
|
authorization: Authorization,
|
|
): void {
|
|
authorization.mode?.forEach((mode) => {
|
|
accessModeList[mode["@id"].toLowerCase()] = true;
|
|
});
|
|
}
|
|
|
|
authorizations.forEach((authorization) => {
|
|
if (
|
|
authorization.agentClass?.some(
|
|
(agentClass) => agentClass["@id"] === "Agent",
|
|
)
|
|
) {
|
|
applyAccessModesToList(wacRule.public, authorization);
|
|
applyAccessModesToList(wacRule.authenticated, authorization);
|
|
}
|
|
if (
|
|
authorization.agentClass?.some(
|
|
(agentClass) => agentClass["@id"] === "AuthenticatedAgent",
|
|
)
|
|
) {
|
|
applyAccessModesToList(wacRule.authenticated, authorization);
|
|
}
|
|
authorization.agent?.forEach((agent) => {
|
|
if (!wacRule.agent[agent["@id"]]) {
|
|
wacRule.agent[agent["@id"]] = {
|
|
read: false,
|
|
write: false,
|
|
append: false,
|
|
control: false,
|
|
};
|
|
}
|
|
applyAccessModesToList(wacRule.agent[agent["@id"]], authorization);
|
|
});
|
|
});
|
|
|
|
return {
|
|
type: "getWacRuleSuccess",
|
|
uri: aclUri,
|
|
isError: false,
|
|
wacRule,
|
|
};
|
|
}
|
|
|