Added sorting keys before checking. #3

artzub · 2019-06-21T05:46:47Z

The reason is

const roles = [
  {
    roles: ['readonly'],
    allows: [{
      resources: ['/api/v1/user/.*'],
      permissions: ['get'],
    }],
  },
  {
    roles: ['admin'],
    allows: [
      {
        resources: ['/api/v1/user(/.*)?'],
        permissions: ['get', 'put', 'post', 'delete'],
      }
    ],
  },
  {
    roles: ['superadmin'],
    allows: [{
      resources: '.*',
      permissions: '*'
    }]
  }
];

Keys of buckets will be incorrectly sorted.

if make a request (role admin or superadmin):

DELETE /api/v1/user/someid,

then union method will find a wrong bucket /api/v1/user/.* that has just only one role readonly,
but it is not expected behavior.

After keys sorting we have at least the needed bucket = allows_/api/v1/user(/.*)? or for superadmin allows_.*

The reason is ``` const roles = [ { roles: ['readonly'], allows: [{ resources: ['/api/v1/user/.*'], permissions: ['get'], }], }, { roles: ['admin'], allows: [ { resources: ['/api/v1/user(/.*)?'], permissions: ['get', 'put', 'post', 'delete'], } ], }, { roles: ['superadmin'], allows: [{ resources: '.*', permissions: '*' }] } ]; ``` Keys of buckets will be incorrectly sorted. if make a request (role `admin` or `superadmin`): `DELETE /api/v1/user/someid` then `union` method will find a wrong `bucket` `/api/v1/user/.*` that has just only one role `readonly` but it is not expected behavior. After keys sorting we have at least the needed `bucket` = `allows_/api/v1/user(/.*)?` or for superadmin `allows_.*`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added sorting keys before checking. #3

Added sorting keys before checking. #3

artzub commented Jun 21, 2019

Added sorting keys before checking. #3

Are you sure you want to change the base?

Added sorting keys before checking. #3

Conversation

artzub commented Jun 21, 2019