mirror of
https://github.com/verdaccio/verdaccio.git
synced 2025-01-06 22:40:26 -05:00
52 lines
1.7 KiB
TypeScript
52 lines
1.7 KiB
TypeScript
import { API_ERROR, errorUtils } from '@verdaccio/core';
|
|
import { getVersionFromTarball } from '@verdaccio/utils';
|
|
|
|
import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types';
|
|
|
|
export function allow<T>(
|
|
auth: T,
|
|
options = {
|
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
beforeAll: (_a: any, _b: any) => {},
|
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
afterAll: (_a: any, _b: any) => {},
|
|
}
|
|
): Function {
|
|
const { beforeAll, afterAll } = options;
|
|
return function (action: string): Function {
|
|
return function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
|
|
req.pause();
|
|
const packageName = req.params.scope
|
|
? `@${req.params.scope}/${req.params.package}`
|
|
: req.params.package;
|
|
const packageVersion = req.params.filename
|
|
? getVersionFromTarball(req.params.filename)
|
|
: undefined;
|
|
const remote = req.remote_user;
|
|
beforeAll?.(
|
|
{ action, user: remote?.name },
|
|
`[middleware/allow][@{action}] allow for @{user}`
|
|
);
|
|
auth['allow_' + action](
|
|
{ packageName, packageVersion },
|
|
remote,
|
|
function (error, allowed): void {
|
|
req.resume();
|
|
if (error) {
|
|
next(error);
|
|
} else if (allowed) {
|
|
afterAll?.(
|
|
{ action, user: remote?.name },
|
|
`[middleware/allow][@{action}] allowed for @{user}`
|
|
);
|
|
next();
|
|
} else {
|
|
// last plugin (that's our built-in one) returns either
|
|
// cb(err) or cb(null, true), so this should never happen
|
|
throw errorUtils.getInternalError(API_ERROR.PLUGIN_ERROR);
|
|
}
|
|
}
|
|
);
|
|
};
|
|
};
|
|
}
|