1- /*jslint node: true*/
2- /*jshint loopfunc:true */
3- "use strict" ;
4- var glob = require ( 'glob' ) ;
5- var path = require ( 'path' ) ;
6- var $rdf = require ( 'rdflib' ) ;
7- var request = require ( 'request' ) ;
8- var S = require ( 'string' ) ;
9- var url = require ( 'url' ) ;
10- var async = require ( 'async' ) ;
11-
12- var debug = require ( './debug' ) . ACL ;
13- var utils = require ( './utils.js' ) ;
14- var ns = require ( './vocab/ns.js' ) . ns ;
15- var rdfVocab = require ( './vocab/rdf.js' ) ;
16- var HttpError = require ( './http-error' ) ;
17- var ACL = require ( 'solid-acl' ) ;
1+ exports . allow = allow
2+
3+ var path = require ( 'path' )
4+ var $rdf = require ( 'rdflib' )
5+ var S = require ( 'string' )
6+ var url = require ( 'url' )
7+ var async = require ( 'async' )
8+ var debug = require ( './debug' ) . ACL
9+ var utils = require ( './utils.js' )
10+ var rdfVocab = require ( './vocab/rdf.js' )
1811
1912// TODO should this be set?
20- process . env . NODE_TLS_REJECT_UNAUTHORIZED = '0' ;
13+ process . env . NODE_TLS_REJECT_UNAUTHORIZED = '0'
2114
2215function match ( graph , s , p , o ) {
23- var matches = graph . statementsMatching (
24- s ? $rdf . sym ( s ) : undefined ,
25- p ? $rdf . sym ( p ) : undefined ,
26- o ? $rdf . sym ( o ) : undefined ) ;
27- return matches
16+ var matches = graph . statementsMatching (
17+ s ? $rdf . sym ( s ) : undefined ,
18+ p ? $rdf . sym ( p ) : undefined ,
19+ o ? $rdf . sym ( o ) : undefined )
20+ return matches
2821}
2922
3023function ACL ( opts ) {
@@ -66,7 +59,7 @@ ACL.prototype.can = function (user, mode, resource, callback, options) {
6659 // we should not be able to do that!
6760 // Control is only to Read and Write the current file!
6861 // if (mode === 'Control') {
69- // return next(new Error(" You can't Control an unexisting file" ))
62+ // return next(new Error(' You can\ 't Control an unexisting file' ))
7063 // }
7164 if ( err ) debug ( 'Error: ' + err )
7265 accessType = 'defaultForNew'
@@ -224,8 +217,8 @@ ACL.prototype.matchAccessType = function matchAccessType (graph, rule, accessTyp
224217 'http://www.w3.org/ns/auth/acl#' + accessType ,
225218 undefined )
226219
227- return matches . some ( function ( match ) {
228- return S ( uri ) . startsWith ( match . object . uri ) ;
220+ return matches . some ( function ( match ) {
221+ return S ( uri ) . startsWith ( match . object . uri )
229222 } )
230223
231224}
@@ -265,66 +258,67 @@ function possibleACLs (uri, suffix) {
265258}
266259
267260function fetchDocument ( host , ldp , baseUri ) {
268- return function ( uri , callback ) {
269- var graph = $rdf . graph ( ) ;
270- async . waterfall ( [
271- function ( cb ) {
272- // URL is local
273- var newPath = S ( uri ) . chompLeft ( baseUri ) . s ;
274- // TODO prettify this
275- var root = ! ldp . idp ? ldp . root : ldp . root + host + '/' ;
276- var documentPath = utils . uriToFilename ( newPath , root ) ;
277- var documentUri = url . parse ( documentPath ) ;
278- documentPath = documentUri . pathname ;
279- return ldp . readFile ( documentPath , cb ) ;
280- } ,
281- function ( body , cb ) {
282- try {
283- $rdf . parse ( body , graph , uri , 'text/turtle' ) ;
284- } catch ( err ) {
285- return cb ( err , graph ) ;
286- }
287- return cb ( null , graph ) ;
288- }
289- ] , callback ) ;
290- }
261+ return function ( uri , callback ) {
262+ var graph = $rdf . graph ( )
263+ async . waterfall ( [
264+ function ( cb ) {
265+ // URL is local
266+ var newPath = S ( uri ) . chompLeft ( baseUri ) . s
267+ // TODO prettify this
268+ var root = ! ldp . idp ? ldp . root : ldp . root + host + '/'
269+ var documentPath = utils . uriToFilename ( newPath , root )
270+ var documentUri = url . parse ( documentPath )
271+ documentPath = documentUri . pathname
272+ return ldp . readFile ( documentPath , cb )
273+ } ,
274+ function ( body , cb ) {
275+ try {
276+ $rdf . parse ( body , graph , uri , 'text/turtle' )
277+ } catch ( err ) {
278+ return cb ( err , graph )
279+ }
280+ return cb ( null , graph )
281+ }
282+ ] , callback )
283+ }
291284}
292285
293286function getUserId ( req , callback ) {
294- var onBehalfOf = req . get ( 'On-Behalf-Of' )
295- if ( ! onBehalfOf ) {
296- return callback ( null , req . session . userId ) ;
297- }
287+ var onBehalfOf = req . get ( 'On-Behalf-Of' )
288+ if ( ! onBehalfOf ) {
289+ return callback ( null , req . session . userId )
290+ }
298291
299- var delegator = rdfVocab . debrack ( onBehalfOf ) ;
300- verifyDelegator ( req . hostname , delegator , req . session . userId , function ( err , res ) {
301- if ( res ) {
302- debug ( " Request User ID (delegation) :" + delegator ) ;
303- return callback ( null , delegator ) ;
304- }
305- return callback ( null , req . session . userId ) ;
306- } ) ;
307- } ;
292+ var delegator = rdfVocab . debrack ( onBehalfOf )
293+ verifyDelegator ( req . hostname , delegator , req . session . userId , function ( err , res ) {
294+ if ( res ) {
295+ debug ( ' Request User ID (delegation) :' + delegator )
296+ return callback ( null , delegator )
297+ }
298+ return callback ( null , req . session . userId )
299+ } )
300+ }
308301
309302function verifyDelegator ( host , ldp , baseUri , delegator , delegatee , callback ) {
310- fetchDocument ( host , ldp , baseUri ) ( delegator , function ( err , delegatorGraph ) {
311-
312- // TODO handle error
313- var delegatesStatements = delegatorGraph
314- . each ( delegatorGraph . sym ( delegator ) ,
315- delegatorGraph . sym ( "http://www.w3.org/ns/auth/acl#delegates" ) ,
316- undefined ) ;
317-
318- for ( var delegateeIndex in delegatesStatements ) {
319- var delegateeValue = delegatesStatements [ delegateeIndex ] ;
320- if ( rdfVocab . debrack ( delegateeValue . toString ( ) ) === delegatee ) {
321- callback ( null , true ) ;
322- }
323- }
324- // TODO check if this should be false
325- return callback ( null , false ) ;
326- } ) ;
327- } ;
303+ fetchDocument ( host , ldp , baseUri ) ( delegator , function ( err , delegatorGraph ) {
304+
305+ // TODO handle error
306+
307+ var delegatesStatements = delegatorGraph
308+ . each ( delegatorGraph . sym ( delegator ) ,
309+ delegatorGraph . sym ( 'http://www.w3.org/ns/auth/acl#delegates' ) ,
310+ undefined )
311+
312+ for ( var delegateeIndex in delegatesStatements ) {
313+ var delegateeValue = delegatesStatements [ delegateeIndex ]
314+ if ( rdfVocab . debrack ( delegateeValue . toString ( ) ) === delegatee ) {
315+ callback ( null , true )
316+ }
317+ }
318+ // TODO check if this should be false
319+ return callback ( null , false )
320+ } )
321+ }
328322/**
329323 * Callback used by verifyDelegator.
330324 * @callback ACL~verifyDelegator_cb
@@ -335,29 +329,27 @@ function verifyDelegator (host, ldp, baseUri, delegator, delegatee, callback) {
335329 */
336330
337331function allow ( mode ) {
338- return function ( req , res , next ) {
339- var ldp = req . app . locals . ldp ;
340- if ( ! ldp . webid ) {
341- return next ( ) ;
342- }
343- var baseUri = utils . uriBase ( req )
344-
345- var acl = new ACL ( {
346- fetch : fetchDocument ( req . hostname , ldp , baseUri ) ,
347- match : match ,
348- suffix : ldp . suffixAcl
349- } )
350-
351- getUserId ( req , function ( err , userId ) {
352- if ( err ) return callback ( err ) ;
353-
354- var reqPath = res && res . locals && res . locals . path ? res . locals . path : req . path ;
355- var options = {
356- origin : req . get ( 'origin' )
357- }
358- return acl . can ( userId , mode , baseUri + reqPath , next , options )
359- } )
332+ return function ( req , res , next ) {
333+ var ldp = req . app . locals . ldp
334+ if ( ! ldp . webid ) {
335+ return next ( )
360336 }
361- }
337+ var baseUri = utils . uriBase ( req )
362338
363- exports . allow = allow ;
339+ var acl = new ACL ( {
340+ fetch : fetchDocument ( req . hostname , ldp , baseUri ) ,
341+ match : match ,
342+ suffix : ldp . suffixAcl
343+ } )
344+
345+ getUserId ( req , function ( err , userId ) {
346+ if ( err ) return next ( err )
347+
348+ var reqPath = res && res . locals && res . locals . path ? res . locals . path : req . path
349+ var options = {
350+ origin : req . get ( 'origin' )
351+ }
352+ return acl . can ( userId , mode , baseUri + reqPath , next , options )
353+ } )
354+ }
355+ }
0 commit comments