Skip to content

Commit

Permalink
Merge branch 'main' into pr/dbauszus-glx/1132
Browse files Browse the repository at this point in the history
  • Loading branch information
RobAndrewHurst committed Mar 22, 2024
2 parents 5135380 + aed8af6 commit 5df8a0b
Show file tree
Hide file tree
Showing 9 changed files with 228 additions and 179 deletions.
75 changes: 52 additions & 23 deletions lib/layer/decorate.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -124,30 +124,59 @@ export default async function decorate(layer) {
// Set layer opacity from style.
layer.L.setOpacity(layer.style?.opacity || 1);

// Handle role-based configurations.
if (Array.isArray(mapp.user?.roles)) {
for (const role in layer.roles || {}) {
if (layer.roles[role] !== null && typeof layer.roles[role] === 'object') {
const negatedRole = role.match(/(?<=^!)(.*)/g)?.[0];
if (mapp.user.roles.includes(role)) {
mapp.utils.merge(layer, layer.roles[role]);
} else if (negatedRole && !mapp.user.roles.includes(negatedRole)) {
mapp.utils.merge(layer, layer.roles[role]);
}
}
}
layer.infoj?.filter(entry => typeof entry.roles === 'object').forEach(entry => {
for (const role in entry.roles) {
if (typeof entry.roles[role] === 'object') {
const roleName = role.match(/(?<=^!)(.*)/g)?.[0];
if (mapp.user.roles.includes(role)) {
mapp.utils.merge(entry, entry.roles[role]);
} else if (roleName && !mapp.user.roles.includes(roleName)) {
mapp.utils.merge(entry, entry.roles[role]);
}
}
}
// Handle deprecated layer.style.hover and layer.style.hovers.
if (layer.style?.hovers && layer.style?.hover) {
console.warn(`Layer: ${layer.key}, cannot use both layer.style.hover and layer.style.hovers. Layer.style.hover has been deleted.`);
delete layer.style.hover;
}

// Handle deprecated layer.style.label and layer.style.labels.
if (layer.style?.labels && layer.style?.label) {
console.warn(`Layer: ${layer.key}, cannot use both layer.style.label and layer.style.labels. Layer.style.label has been deleted.`);
delete layer.style.label;
}

// Handle multiple themes in layer style.
if (layer.style?.themes) {
Object.keys(layer.style.themes).forEach(key => {
layer.style.themes[key].title ??= key;
if (layer.style.themes[key].skip) delete layer.style.themes[key];
});
layer.style.theme = typeof layer.style.theme === 'object'
? layer.style.theme
: layer.style.themes[layer.style.theme || Object.keys(layer.style.themes)[0]];
}

// Handle setLabel and labels in layer style.
if (layer.style?.theme?.setLabel && layer.style?.labels) {
layer.style.label = layer.style.labels[layer.style.theme.setLabel];
}

// Handle deprecated layer.hover configuration.
if (layer.hover) {
console.warn(`Layer: ${layer.key}, layer.hover{} should be defined within layer.style{}.`);
layer.style.hover = layer.hover;
delete layer.hover;
}

// Handle setHover and hovers in layer style.
if (layer.style?.theme?.setHover && layer.style?.hovers) {
layer.style.hover = layer.style.hovers[layer.style.theme.setHover];
}

// Handle multiple hovers in layer style.
if (layer.style?.hovers) {
layer.style.hover = typeof layer.style.hover === 'object' ? layer.style.hover : layer.style.hovers[layer.style.hover || Object.keys(layer.style.hovers)[0]];
}

// Set default featureHover method if not provided.
if (layer.style?.hover) {
layer.style.hover.method ??= mapp.layer.featureHover;
}

// Handle multiple labels in layer style.
if (layer.style?.labels) {
layer.style.label = typeof layer.style.label === 'object' ? layer.style.label : layer.style.labels[layer.style.label || Object.keys(layer.style.labels)[0]];
}

// Call layer and/or plugin methods.
Expand Down
17 changes: 5 additions & 12 deletions mod/query.js
Original file line number Diff line number Diff line change
Expand Up @@ -168,9 +168,7 @@ module.exports = async (req, res) => {
// Change value may only contain a limited set of whitelisted characters.
if (!reserved.has(param) && !/^[A-Za-z0-9,"'._-\s]*$/.test(change)) {

// Err and return empty string if the change value is invalid.
console.error('Change param no bueno')
return ''
throw new Error(`Substitute \${${param}} value rejected: ${change}`);
}

return change
Expand Down Expand Up @@ -302,16 +300,11 @@ async function layerQuery(req, res) {
// Layer queries must have a geom param.
req.params.geom ??= req.params.layer.geom

// Get array of role filter from layer configuration.
const roles = Roles.filter(req.params.layer, req.params.user?.roles)

// Create params filter string from roleFilter filter params.
req.params.filter = `
${req.params.layer.filter?.default && `AND ${sqlFilter(req.params.layer.filter.default, req.params.SQL)}` || ''}
${req.params.filter && `AND ${sqlFilter(JSON.parse(req.params.filter), req.params.SQL)}` || ''}
${roles && Object.values(roles).some(r => !!r)
? `AND ${sqlFilter(Object.values(roles).filter(r => !!r), req.params.SQL)}`
: ''}`
req.params.filter = [
req.params.layer.filter?.default && `AND ${sqlFilter(req.params.layer.filter.default, req.params.SQL)}` || '',
req.params.filter && `AND ${sqlFilter(JSON.parse(req.params.filter), req.params.SQL)}` || '']
.join(' ')

if (req.params.viewport) {

Expand Down
92 changes: 59 additions & 33 deletions mod/utils/roles.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,12 @@
@module /utils/roles
*/

const merge = require('./merge')

module.exports = {
check,
filter,
get
get,
objMerge
}

function check(obj, user_roles) {
Expand All @@ -14,10 +16,9 @@ function check(obj, user_roles) {
if (!obj.roles) return obj;

// Always return object with '*' asterisk role.
if (Object.hasOwn(obj.roles,'*')) return obj;
if (Object.hasOwn(obj.roles, '*')) return obj;

// There are no user roles or user_roles are not an array.
if (!user_roles || !Array.isArray(user_roles)) return false;
if (user_roles === undefined) return false

// Some negated role is included in user_roles[]
const someNegatedRole = Object.keys(obj.roles).some(
Expand All @@ -44,34 +45,6 @@ function check(obj, user_roles) {
return false;
}

// Return an object with filter matching the layer.roles with user_roles.
function filter(layer, user_roles) {

// The layer must have roles.
if (!layer.roles) return;

// user_roles must be an array.
if (!Array.isArray(user_roles)) return;

const roleFilter = Object.keys(layer.roles)

// filter roles with a filter object.
.filter(key => layer.roles[key] && typeof layer.roles[key].filter === 'object')

// filter roles included in the user_roles array.
.filter(key => user_roles.includes(key)

// or negated roles (!) NOT included in the array.
|| !user_roles.includes(key.match(/(?<=^!)(.*)/g)?.[0]))

.reduce((o, key) => {
o[key] = layer.roles[key].filter
return o
}, {})

return roleFilter
}

function get(obj) {

const roles = new Set();
Expand All @@ -98,4 +71,57 @@ function get(obj) {
roles.delete('*')

return Array.from(roles)
}

function objMerge(obj, user_roles) {

if (typeof obj !== 'object') return obj;

if (user_roles === undefined) return obj

if (Array.isArray(obj)) {

return obj.map(arrEntry => objMerge(arrEntry, user_roles))
}

Object.keys(obj)
.filter(key => typeof obj[key] === 'object')
.forEach(key => {

// Cannot convert undefined or null to object.
if (!obj[key]) return;

obj[key] = objMerge(obj[key], user_roles)
})

if (!obj.roles) return obj;

if (typeof obj.roles !== 'object') return obj;

if (Array.isArray(obj.roles)) return obj;

if (typeof obj.roles === 'function') return obj;

const clone = structuredClone(obj)

function notIncludesNegatedRole(role, user_roles) {

return role.match(/(?<=^!)(.*)/g)?.[0]?
!user_roles.includes(role.match(/(?<=^!)(.*)/g)?.[0]):
false
}

Object.keys(clone.roles)
.filter(role => clone.roles[role] !== true)
.filter(role => clone.roles[role] !== null)
.filter(role => typeof clone.roles[role] === 'object')
.filter(role => !Array.isArray(clone.roles[role]))
.filter(role => user_roles.includes(role) || notIncludesNegatedRole(role, user_roles))
.forEach(role => {
merge(clone, clone.roles[role])
})

delete clone.roles

return clone
}
38 changes: 23 additions & 15 deletions mod/workspace/_workspace.js
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ async function layer(req, res) {
const locale = workspace.locales[req.params.locale]

const roles = req.params.user?.roles || []

roles.push('*')

if (!Roles.check(locale, roles)) {
return res.status(403).send('Role access denied for locale.')
Expand All @@ -54,21 +56,21 @@ async function layer(req, res) {
return res.status(400).send(`Unable to validate layer param.`)
}

const layer = await getLayer(req.params)
let layer = await getLayer(req.params)

if (!Roles.check(layer, roles)) {
return res.status(403).send('Role access denied for layer.')
}

layer = Roles.objMerge(layer, roles)

res.json(layer)
}

function locales(req, res) {

const roles = req.params.user?.roles || []

const locales = Object.values(workspace.locales)
.filter(locale => !!Roles.check(locale, roles))
.filter(locale => !!Roles.check(locale, req.params.user?.roles))
.map(locale => ({
key: locale.key,
name: locale.name
Expand Down Expand Up @@ -104,28 +106,34 @@ async function locale(req, res) {
matched => process.env[`SRC_${matched.replace(/(^\${)|(}$)/g, '')}`])
)

const roles = req.params.user?.roles || []

roles.push('*')

// Return layer object instead of array of layer keys
if (req.params.layers) {

const layers = []

for (const key of Object.keys(locale.layers)) {

const layer = await getLayer({
const layers = Object.keys(locale.layers)
.map(async key => await getLayer({
...req.params,
layer: key
})
}))

if (layer instanceof Error) continue;
if(!Roles.check(layer, req.params.user?.roles)) continue;
await Promise.all(layers).then(layers=>{

layers.push(layer)
}
locale.layers = layers
.filter(layer => !!layer)
.filter(layer => !(layer instanceof Error))
.filter(layer => Roles.check(layer, roles))
})

locale.layers = layers
// Also merges roles in layer objects.
locale = Roles.objMerge(locale, roles)

return res.json(locale)
}

locale = Roles.objMerge(locale, roles)

// Check layer access.
locale.layers = locale.layers && Object.entries(locale.layers)
Expand Down
3 changes: 3 additions & 0 deletions mod/workspace/getLayer.js
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,9 @@ module.exports = async (params) => {

let layer = locale.layers[params.layer]

// layer maybe null or undefined.
if (!layer) return;

// Return already merged layer.
if (layer.merged) return layer

Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
},
"devDependencies": {
"clean-jsdoc-theme": "^4.2.17",
"codi-test-framework": "^0.0.8",
"codi-test-framework": "^0.0.10",
"cookie-parser": "^1.4.5",
"dotenv": "^16.4.5",
"esbuild": "^0.19.11",
Expand Down
12 changes: 6 additions & 6 deletions tests/mod/utils/merge.test.mjs
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { describe, it, assertDeepEqual } from 'codi-test-framework';
import { describe, it, assertEqual } from 'codi-test-framework';
import mergeDeep from '../../../mod/utils/merge.js'

describe('mergeDeep', () => {
describe('mergeDeep Module', () => {

it('should merge objects deeply', () => {
const target = {
Expand Down Expand Up @@ -36,7 +36,7 @@ describe('mergeDeep', () => {

const mergedObj = mergeDeep(target, source);

assertDeepEqual(mergedObj, expected)
assertEqual(mergedObj, expected)
});

it('should merge arrays deeply', () => {
Expand All @@ -54,7 +54,7 @@ describe('mergeDeep', () => {

const mergedObj = mergeDeep(target, source);

assertDeepEqual(mergedObj, expected)
assertEqual(mergedObj, expected)
});

it('should handle merging with null or undefined values', () => {
Expand All @@ -74,8 +74,8 @@ describe('mergeDeep', () => {
const mergedObj1 = mergeDeep(target, source1);
const mergedObj2 = mergeDeep(target, source2);

assertDeepEqual(mergedObj1, expected);
assertDeepEqual(mergedObj2, expected);
assertEqual(mergedObj1, expected);
assertEqual(mergedObj2, expected);
});

});
Loading

0 comments on commit 5df8a0b

Please sign in to comment.