feature/user-api-calls (#80)

* initial changes for jwt auth

* return permissions as an array of string

* basic GET, POST, DELETE user api calls

* add permission checks

* hide hashed_password

* cleanup

* add check if admin user is active

* return account and serviceProvider sid un user object

* add more values to user PUT

* logout user after self delete, fix scope assignment

* add admin scope user tests

* fix test case and align jwt and api key data model in req.user

* fixes for ibm speech

* add limits license_count and voice_call_minutes

* update limits enum again

* rebase to main

* allow predefined carriers and speech credentials for Account user

* reverse the hasAccountPermissions changes

* SpeechCredentials permissions

* fix /Users/me api non-saas jambonz

Co-authored-by: Dave Horton <daveh@beachdognet.com>
Co-authored-by: eglehelms <e.helms@cognigy.com>
This commit is contained in:
EgleH
2022-12-10 15:12:05 +01:00
committed by GitHub
parent fadbe116c2
commit dd2176bf89
14 changed files with 759 additions and 133 deletions
+12 -8
View File
@@ -76,24 +76,28 @@ const checkApiTokens = (logger, token, done) => {
}
// found api key
const scope = [];
let scope;
//const scope = [];
if (results[0].account_sid === null && results[0].service_provider_sid === null) {
scope.push.apply(scope, ['admin', 'service_provider', 'account']);
//scope.push.apply(scope, ['admin', 'service_provider', 'account']);
scope = 'admin';
}
else if (results[0].service_provider_sid) {
scope.push.apply(scope, ['service_provider', 'account']);
//scope.push.apply(scope, ['service_provider', 'account']);
scope = 'service_provider';
}
else {
scope.push('account');
//scope.push('account');
scope = 'account';
}
const user = {
account_sid: results[0].account_sid,
service_provider_sid: results[0].service_provider_sid,
hasScope: (s) => scope.includes(s),
hasAdminAuth: scope.length === 3,
hasServiceProviderAuth: scope.includes('service_provider'),
hasAccountAuth: scope.includes('account') && !scope.includes('service_provider')
hasScope: (s) => s === scope,
hasAdminAuth: scope === 'admin',
hasServiceProviderAuth: scope === 'service_provider',
hasAccountAuth: scope === 'account'
};
logger.info(user, `successfully validated with scope ${scope}`);
return done(null, user, {scope});