Skip to content

Commit b0a2ea3

Browse files
Merge pull request #46 from bramcomyn/feat/access-requests
Feat/access requests
2 parents 16a4ed4 + 895bab4 commit b0a2ea3

50 files changed

Lines changed: 20067 additions & 1616 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

controller/package.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,11 +24,13 @@
2424
"node": ">= 20"
2525
},
2626
"dependencies": {
27+
"@comunica/query-sparql": "^4.3.0",
2728
"@inrupt/solid-client": "^2.0.1",
2829
"@inrupt/solid-client-authn-browser": "^2.2.4",
2930
"@inrupt/vocab-common-rdf": "^1.0.5",
3031
"core-js": "^3.38.1",
31-
"loama-common": "^1.0.0"
32+
"loama-common": "^1.0.0",
33+
"n3": "^1.26.0"
3234
},
3335
"devDependencies": {
3436
"@types/core-js": "^2.5.8",
Lines changed: 31 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,32 @@
11
import { getDefaultSession } from "@inrupt/solid-client-authn-browser";
2-
import { BaseSubject, Index, IndexItem, Permission, ResourcePermissions, Resources, SubjectPermissions } from "../types";
2+
import { BaseSubject, Index, IndexItem, Permission, ResourcePermissions, Resources } from "../types";
33
import { IAccessRequest, IController, IInboxConstructor, IStore, IStoreConstructor, SubjectConfig, SubjectConfigs, SubjectKey, SubjectType } from "../types/modules";
4+
import { type AccessRequest as AccessRequestObject } from "../types/modules";
45
import { AccessRequest } from "./accessRequests/AccessRequest";
5-
import { InruptAccessRequest } from "./accessRequests/InruptAccessRequest";
6+
import { ODRLAccessRequest } from "./accessRequests/OdrlAccessRequest";
67
import { Mutex } from "./utils/Mutex";
8+
import { ODRLAccessRequestService } from "./utils/OdrlAccessRequestService";
79

8-
export class Controller<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends Mutex implements IController<T> {
10+
/**
11+
* Controller which makes it calls to the backend AS through ODRL requests.
12+
* Makes use of the Inrupt SDK to authenticate users.
13+
*/
14+
export class ODRLController<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends Mutex implements IController<T> {
915
private index: IStore<Index<T[keyof T & string]>>;
1016
private resources: IStore<Resources>;
1117
private accessRequest: AccessRequest;
1218
private subjectConfigs: SubjectConfigs<T>;
19+
private authorizationServerURL: string;
1320

1421
// TODO : Find a better way of constructing the controller with all the different modules
15-
constructor(storeConstructor: IStoreConstructor, inboxConstructor: IInboxConstructor, subjects: SubjectConfigs<T>) {
22+
constructor(storeConstructor: IStoreConstructor, inboxConstructor: IInboxConstructor, subjects: SubjectConfigs<T>, authorizationServerURL: string) {
1623
super();
1724
// There is currently no "easy" solution to get around the as IStore...
1825
this.index = new storeConstructor("index.json", () => ({ id: "", items: [] })) as IStore<Index<T[keyof T & string]>>;
1926
this.resources = new storeConstructor("resources.json", () => ({ id: "", items: [] })) as IStore<Resources>;;
20-
this.accessRequest = new InruptAccessRequest(this as unknown as Controller<{}>, inboxConstructor, this.resources);
27+
this.accessRequest = new ODRLAccessRequest(this as unknown as ODRLController<{}>, inboxConstructor, this.resources);
2128
this.subjectConfigs = subjects;
29+
this.authorizationServerURL = authorizationServerURL;
2230
}
2331

2432
private getSubjectConfig<K extends SubjectKey<T>>(subject: T[K]): SubjectConfig<T, T[K]> {
@@ -146,4 +154,22 @@ export class Controller<T extends Record<keyof T, BaseSubject<keyof T & string>>
146154
}
147155
return this as unknown as IController<Record<K, B>>
148156
}
157+
158+
// ! added for access requests
159+
async requestAccess(permission: { action: string; resource: string; }): Promise<void> {
160+
const webid = getDefaultSession().info.webId!;
161+
await new ODRLAccessRequestService(this.authorizationServerURL).requestAccess(permission.resource, webid, permission.action);
162+
}
163+
164+
async handleAccessRequest(requestId: string, status: 'accepted' | 'denied'): Promise<void> {
165+
const webid = getDefaultSession().info.webId!;
166+
await new ODRLAccessRequestService(this.authorizationServerURL).acceptOrDenyAccess(requestId, webid, status);
167+
}
168+
169+
async getAccessRequests(): Promise<{
170+
asRequestingParty: AccessRequestObject[];
171+
asResourceOwner: AccessRequestObject[];
172+
}> {
173+
return new ODRLAccessRequestService(this.authorizationServerURL).retrieveAccessRequests(getDefaultSession().info.webId!);
174+
}
149175
}

controller/src/classes/accessRequests/InruptAccessRequest.ts renamed to controller/src/classes/accessRequests/OdrlAccessRequest.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ import { Resources } from "@/types";
44
import { getDefaultSession } from "@inrupt/solid-client-authn-browser";
55
import { deleteFile } from "@inrupt/solid-client";
66

7-
export class InruptAccessRequest extends AccessRequest implements IAccessRequest {
7+
export class ODRLAccessRequest extends AccessRequest implements IAccessRequest {
88
constructor(controller: IController<{}>, inboxConstructor: IInboxConstructor, resourcesStore: IStore<Resources>) {
99
super(controller, inboxConstructor, resourcesStore)
1010
}

controller/src/classes/index.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
export * from './permissionManager/inrupt';
1+
export * from './permissionManager/odrl';
22
export * from './stores/InruptStore';
33
export * from './stores/BaseStore';
44
export * from './subjectResolvers';
5-
export * from './Controller';
5+
export * from './OdrlController';

controller/src/classes/permissionManager/inrupt/GroupManager.ts renamed to controller/src/classes/permissionManager/odrl/GroupManager.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
import { Access, AccessModes, getGroupAccessAll, getResourceInfoWithAcl } from "@inrupt/solid-client";
22
import { BaseSubject, IndexItem, Permission } from "../../../types";
33
import { IPermissionManager, SubjectKey } from "../../../types/modules";
4-
import { InruptPermissionManager } from "./InruptPermissionManager";
4+
import { ODRLPermissionManager } from "./OdrlPermissionManager";
55
import { getDefaultSession } from "@inrupt/solid-client-authn-browser";
66
import { setAgentAccess } from "@inrupt/solid-client/universal";
77
import { cacheBustedSessionFetch } from "../../../util";
88

9-
export class GroupManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends InruptPermissionManager<T> implements IPermissionManager<T> {
9+
export class GroupManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends ODRLPermissionManager<T> implements IPermissionManager<T> {
1010
// This is a replacement for https://github.com/inrupt/solid-client-js/blob/eb8e86f61458ec76fa2244f7b38b7d7983bbd810/src/access/wac.ts#L262 because it is not exposed in the inrupt library
1111
private async getGroupAccessAll(resource: string): Promise<Record<string, Access> | null> {
1212
const session = getDefaultSession();

controller/src/classes/permissionManager/inrupt/InruptPermissionManager.ts renamed to controller/src/classes/permissionManager/odrl/OdrlPermissionManager.ts

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@ import { Access, AccessModes, getSolidDataset, getThingAll } from "@inrupt/solid
22
import { SubjectPermissions, BaseSubject, IndexItem, Permission, ResourcePermissions } from "../../../types";
33
import { SubjectKey, TargetSubjects } from "../../../types/modules";
44
import { getDefaultSession } from "@inrupt/solid-client-authn-browser";
5-
import { ODRL } from "../../../classes/utils/PolicyParser";
6-
import { PolicyInterpreter } from "../../../classes/utils/PolicyInterpreter";
7-
import { PolicyService } from "../../../classes/utils/PolicyService";
5+
import { ODRL } from "../../utils/PolicyParser";
6+
import { PolicyInterpreter } from "../../utils/PolicyInterpreter";
7+
import { ODRLPolicyService } from "../../utils/OdrlPolicyService";
88
import { Store } from 'n3';
99

1010
const ACCESS_MODES_TO_PERMISSION_MAPPING: Record<keyof (AccessModes & Access), Permission> = {
@@ -16,12 +16,13 @@ const ACCESS_MODES_TO_PERMISSION_MAPPING: Record<keyof (AccessModes & Access), P
1616
controlWrite: Permission.Control,
1717
}
1818

19-
/**
20-
* A permission manager implementation using the inrupt sdk to actually update the ACL
21-
* The "Inrupt" prefix is to indicate the usage of the inrupt sdk
22-
* This permission manager can be used without the the InruptStore
23-
*/
24-
export abstract class InruptPermissionManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> {
19+
export abstract class ODRLPermissionManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> {
20+
21+
protected readonly authorizationServerURL: string;
22+
23+
constructor(authorizationServerURL: string) {
24+
this.authorizationServerURL = authorizationServerURL;
25+
}
2526

2627
protected AccessModesToPermissions(accessModes: AccessModes | Access): Permission[] {
2728
const permissions = new Set<Permission>();
@@ -84,7 +85,7 @@ export abstract class InruptPermissionManager<T extends Record<keyof T, BaseSubj
8485
* TODO: split in subject
8586
*/
8687
public async getTargetPermissionsForUser(assignerId: string, assigneeId: string, targetId: string): Promise<Permission[]> {
87-
const store: Store = await new PolicyService().fetchPolicies(assignerId);
88+
const store: Store = await new ODRLPolicyService(this.authorizationServerURL).fetchPolicies(assignerId);
8889
const target: TargetSubjects = new PolicyInterpreter().permissionsForOneResource(targetId, store);
8990

9091
// If there are no private permissions, or no private permissions for the assignee, return the public ones (or nothing if they don't exist)
@@ -105,7 +106,7 @@ export abstract class InruptPermissionManager<T extends Record<keyof T, BaseSubj
105106
}
106107

107108
// Retrieve our policies
108-
const store = await new PolicyService().fetchPolicies(webId);
109+
const store = await new ODRLPolicyService(this.authorizationServerURL).fetchPolicies(webId);
109110

110111
// Get detailed info about the target
111112
const interpreter = new PolicyInterpreter();
@@ -164,7 +165,7 @@ export abstract class InruptPermissionManager<T extends Record<keyof T, BaseSubj
164165
throw new Error("User not logged in");
165166
}
166167

167-
const store = await new PolicyService().fetchPolicies(webId);
168+
const store = await new ODRLPolicyService(this.authorizationServerURL).fetchPolicies(webId);
168169

169170
// Collect target urls
170171
const targetUrls = Array.from(new Set(store.getQuads(null, ODRL('target'), null, null).map(q => q.object.id)));

controller/src/classes/permissionManager/inrupt/PublicManager.ts renamed to controller/src/classes/permissionManager/odrl/PublicManager.ts

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,17 @@
1-
import { PolicyService } from "../../../classes/utils/PolicyService";
1+
import { ODRLPolicyService } from "../../utils/OdrlPolicyService";
22
import { BaseSubject, IndexItem, Permission } from "../../../types";
33
import { IPermissionManager, SubjectKey } from "../../../types/modules";
4-
import { InruptPermissionManager } from "./InruptPermissionManager";
4+
import { ODRLPermissionManager } from "./OdrlPermissionManager";
55

6-
export class PublicManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends InruptPermissionManager<T> implements IPermissionManager<T> {
6+
export class PublicManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends ODRLPermissionManager<T> implements IPermissionManager<T> {
77

88
//. NOTE: Currently, it doesn't do any recursive permission setting on containers
99
async createPermissions<K extends SubjectKey<T>>(resource: string, subject: T[K], permissions: Permission[]): Promise<void> {
10-
await new PolicyService().insertActionRule(resource, permissions)
10+
await new ODRLPolicyService(this.authorizationServerURL).insertActionRule(resource, permissions)
1111
}
1212

1313
async deletePermissions<K extends SubjectKey<T>>(resource: string, subject: T[K], permissions: Permission[]) {
14-
await new PolicyService().deleteActionRule(resource, permissions)
14+
await new ODRLPolicyService(this.authorizationServerURL).deleteActionRule(resource, permissions)
1515

1616
}
1717

controller/src/classes/permissionManager/inrupt/WebIdManager.ts renamed to controller/src/classes/permissionManager/odrl/WebIdManager.ts

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,17 @@
11
import { BaseSubject, IndexItem, Permission } from "../../../types";
22
import { IPermissionManager, SubjectKey } from "../../../types/modules";
3-
import { InruptPermissionManager } from "./InruptPermissionManager";
4-
import { PolicyService } from "../../utils/PolicyService";
3+
import { ODRLPermissionManager } from "./OdrlPermissionManager";
4+
import { ODRLPolicyService } from "../../utils/OdrlPolicyService";
55

6-
export class WebIdManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends InruptPermissionManager<T> implements IPermissionManager<T> {
6+
export class WebIdManager<T extends Record<keyof T, BaseSubject<keyof T & string>>> extends ODRLPermissionManager<T> implements IPermissionManager<T> {
77

88
// Create an action for this resource and this subject with the given permissions
99
async createPermissions<K extends SubjectKey<T>>(resource: string, subject: T[K], permissions: Permission[]): Promise<void> {
10-
await new PolicyService().insertActionRule(resource, permissions, subject.selector!.url);
10+
await new ODRLPolicyService(this.authorizationServerURL).insertActionRule(resource, permissions, subject.selector!.url);
1111
}
1212

1313
async deletePermissions<K extends SubjectKey<T>>(resource: string, subject: T[K], permissions: Permission[]) {
14-
await new PolicyService().deleteActionRule(resource, permissions, subject.selector!.url)
14+
await new ODRLPolicyService(this.authorizationServerURL).deleteActionRule(resource, permissions, subject.selector!.url)
1515
}
1616

1717
async editPermissions<K extends SubjectKey<T>>(resource: string, item: IndexItem, subject: T[K], permissions: Permission[]) {

controller/src/classes/permissionManager/inrupt/index.ts renamed to controller/src/classes/permissionManager/odrl/index.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
export * from './GroupManager';
2-
export * from './InruptPermissionManager';
2+
export * from './OdrlPermissionManager';
33
export * from './PublicManager';
44
export * from './WebIdManager';

0 commit comments

Comments
 (0)