Security object

src/kuzzle.js

@@ -1,6 +1,8 @@
 var
   uuid = require('node-uuid'),
-  KuzzleDataCollection = require('./kuzzleDataCollection');
+  KuzzleDataCollection = require('./kuzzleDataCollection'),
+  KuzzleSecurity = require('./security/kuzzleSecurity'),
+  KuzzleUser = require('./security/kuzzleUser');
 
 /**
  * This is a global callback pattern, called by all asynchronous functions of the Kuzzle object.
@@ -18,6 +20,7 @@ var
  * @param {responseCallback} [cb] - Handles connection response
  * @constructor
  */
+
 module.exports = Kuzzle = function (url, options, cb) {
   var self = this;
 
@@ -111,7 +114,6 @@ module.exports = Kuzzle = function (url, options, cb) {
       value: url,
       enumerable: true
     },
-    // writable properties
     autoQueue: {
       value: false,
       enumerable: true,
@@ -219,7 +221,7 @@ module.exports = Kuzzle = function (url, options, cb) {
     }
   });
 
-  /*
+  /**
    * Some methods (mainly read queries) require a callback function. This function exists to avoid repetition of code,
    * and is called by these methods
    */
@@ -231,7 +233,15 @@ module.exports = Kuzzle = function (url, options, cb) {
     }
   });
 
-  /*
+  /**
+   * Create an attribute security that embed all methods to manage Role, Profile and User
+   */
+  Object.defineProperty(this, 'security', {
+    value: new KuzzleSecurity(this),
+    enumerable: true
+  });
+
+  /**
    * Emit an event to all registered listeners
    * An event cannot be emitted multiple times before a timeout has been reached.
    */
@@ -273,7 +283,6 @@ module.exports = Kuzzle = function (url, options, cb) {
     });
   }
 
-  return this;
 };
 
 
@@ -504,13 +513,18 @@ Kuzzle.prototype.checkToken = function (token, callback) {
 Kuzzle.prototype.whoAmI = function (callback) {
   var self = this;
 
-  this.callbackRequired('Kuzzle.whoAmI', callback);
+  self.callbackRequired('Kuzzle.whoAmI', callback);
 
-  this.query({controller: 'auth', action: 'getCurrentUser'}, {}, {}, callback);
+  self.query({controller: 'auth', action: 'getCurrentUser'}, {}, {}, function (err, response) {
+    if (err) {
+      return callback(err);
+    }
+
+    callback(null, new KuzzleUser(self.security, response.result._id, response.result._source));
+  });
 
   return self;
 };
-
 /**
  * Clean up the queue, ensuring the queryTTL and queryMaxSize properties are respected
  */
@@ -724,10 +738,9 @@ Kuzzle.prototype.getStatistics = function (timestamp, options, cb) {
  *
  * @param {string} [index] - The name of the data index containing the data collection
  * @param {string} collection - The name of the data collection you want to manipulate
- * @param headers {object} [headers] - Common properties for all future write documents queries
  * @returns {object} A KuzzleDataCollection instance
  */
-Kuzzle.prototype.dataCollectionFactory = function(index, collection, headers) {
+Kuzzle.prototype.dataCollectionFactory = function(index, collection) {
   this.isValid();
 
   if (arguments.length === 1) {
@@ -749,7 +762,7 @@ Kuzzle.prototype.dataCollectionFactory = function(index, collection, headers) {
   }
 
   if (!this.collections[index][collection]) {
-    this.collections[index][collection] = new KuzzleDataCollection(this, index, collection, headers);
+    this.collections[index][collection] = new KuzzleDataCollection(this, index, collection);
   }
 
   return this.collections[index][collection];
@@ -976,7 +989,7 @@ Kuzzle.prototype.query = function (queryArgs, query, options, cb) {
    * Do not add the token for the checkToken route, to avoid getting a token error when
    * a developer simply wish to verify his token
    */
-  if (self.jwtToken !== undefined && object.controller !== 'auth' && object.action !== 'checkToken') {
+  if (self.jwtToken !== undefined && !(object.controller === 'auth' && object.action === 'checkToken')) {
     object.headers = object.headers || {};
     object.headers.authorization = 'Bearer ' + self.jwtToken;
   }
@@ -1126,7 +1139,6 @@ Kuzzle.prototype.startQueuing = function () {
   if (this.state === 'offline' && !this.autoQueue) {
     this.queuing = true;
   }
-
   return this;
 };
 

src/kuzzleDataCollection.js

@@ -226,7 +226,6 @@ KuzzleDataCollection.prototype.createDocument = function (id, document, options,
     data._id = id;
   }
 
-  data.persist = true;
   data = self.kuzzle.addHeaders(data, self.headers);
 
   if (cb) {

src/security/kuzzleProfile.js

@@ -0,0 +1,199 @@
+var
+  KuzzleSecurityDocument = require('./kuzzleSecurityDocument'),
+  KuzzleRole = require('./kuzzleRole');
+
+function KuzzleProfile(kuzzleSecurity, id, content) {
+
+  KuzzleSecurityDocument.call(this, kuzzleSecurity, id, content);
+
+  // Define properties
+  Object.defineProperties(this, {
+    // private properties
+    deleteActionName: {
+      value: 'deleteProfile'
+    }
+  });
+
+  // Hydrate profile with roles if roles are not only string but objects with `_id` and `_source`
+  if (content && content.roles) {
+    content.roles = content.roles.map(function (role) {
+      if (!role._id || !role._source) {
+        return role;
+      }
+
+      return new KuzzleRole(kuzzleSecurity, role._id, role._source);
+    });
+  }
+
+  // promisifying
+  if (kuzzleSecurity.kuzzle.bluebird) {
+    return kuzzleSecurity.kuzzle.bluebird.promisifyAll(this, {
+      suffix: 'Promise',
+      filter: function (name, func, target, passes) {
+        var whitelist = ['hydrate', 'save'];
+
+        return passes && whitelist.indexOf(name) !== -1;
+      }
+    });
+  }
+
+}
+
+KuzzleProfile.prototype = Object.create(KuzzleSecurityDocument.prototype, {
+  constructor: {
+    value: KuzzleProfile
+  }
+});
+
+/**
+ * Persist to the persistent layer the current profile
+ *
+ * @param {object} [options] - Optional parameters
+ * @param {responseCallback} [cb] - Handles the query response
+ * @returns {Object} this
+ */
+KuzzleProfile.prototype.save = function (options, cb) {
+  var
+    data,
+    self = this;
+
+  if (!this.content.roles) {
+    throw new Error('Argument "roles" is mandatory in a profile. This argument contains an array of KuzzleRole or an array of id string');
+  }
+
+  if (options && cb === undefined && typeof options === 'function') {
+    cb = options;
+    options = null;
+  }
+
+  data = this.serialize();
+
+  self.kuzzle.query(self.kuzzleSecurity.buildQueryArgs('createOrReplaceProfile'), data, options, function (error) {
+    if (error) {
+      return cb ? cb(error) : false;
+    }
+
+    if (cb) {
+      cb(null, self);
+    }
+  });
+
+  return self;
+};
+
+
+/**
+ * Add a role in the roles list
+ * @param {KuzzleRole|string} role - can be an instance of KuzzleRole or an id in string
+ *
+ * @returns {KuzzleProfile} this
+ */
+KuzzleProfile.prototype.addRole = function (role) {
+
+  if (typeof role !== 'string' && !(role instanceof KuzzleRole)) {
+    throw new Error('Parameter "roles" must be a KuzzleRole or a id string');
+  }
+
+  if (!this.content.roles) {
+    this.content.roles = [];
+  }
+
+  this.content.roles.push(role);
+
+  return this;
+};
+
+/**
+ * Set roles list
+ * @param {Array} roles - can be an array of KuzzleRole or an array of string
+ *
+ * @returns {KuzzleProfile} this
+ */
+KuzzleProfile.prototype.setRoles = function (roles) {
+
+  if (!Array.isArray(roles)) {
+    throw new Error('Parameter "roles" must be an array of KuzzleRole or an array of string');
+  }
+
+  roles.map(function (role) {
+    if (typeof role !== 'string' && !(role instanceof KuzzleRole)) {
+      throw new Error('Parameter "roles" must be an array of KuzzleRole or an array of string');
+    }
+  });
+
+  this.content.roles = roles;
+
+  return this;
+};
+
+
+/**
+ * Hydrate the profile - get real KuzzleRole and not just ids
+ * Warning: do not try to hydrate a profile with newly added role which is not created in kuzzle
+ *
+ * @param {object} [options] - Optional parameters
+ * @param {responseCallback} [cb] - Handles the query response
+ */
+KuzzleProfile.prototype.hydrate = function (options, cb) {
+
+  var
+    self = this,
+    data = {ids: []};
+
+  data.ids = this.content.roles.map(function (role) {
+    if (typeof role === 'string') {
+      return role;
+    }
+
+    if (role instanceof KuzzleRole) {
+      return role.id;
+    }
+  });
+
+  if (options && cb === undefined && typeof options === 'function') {
+    cb = options;
+    options = null;
+  }
+
+  self.kuzzle.callbackRequired('KuzzleProfile.hydrate', cb);
+
+  self.kuzzle.query(self.kuzzleSecurity.buildQueryArgs('mGetRoles'), {body: data}, options, function (error, response) {
+    if (error) {
+      return cb(error);
+    }
+
+    cb(null, new KuzzleProfile(self, response.result._id, response.result._source));
+  });
+};
+
+/**
+ * Serialize this object into a JSON object
+ *
+ * @return {object} JSON object representing this securityDocument
+ */
+KuzzleProfile.prototype.serialize = function () {
+  var
+    data = {};
+
+  if (this.id) {
+    data._id = this.id;
+  }
+
+  data.body = this.content;
+  if (!data.body.roles || !Array.isArray(data.body.roles)) {
+    return data;
+  }
+
+  data.body.roles = data.body.roles.map(function(role) {
+    if (role instanceof KuzzleRole) {
+      return role.id;
+    }
+
+    return role;
+  });
+
+  return data;
+};
+
+
+module.exports = KuzzleProfile;

src/security/kuzzleRole.js

@@ -0,0 +1,66 @@
+var KuzzleSecurityDocument = require('./kuzzleSecurityDocument');
+
+function KuzzleRole(kuzzleSecurity, id, content) {
+
+  KuzzleSecurityDocument.call(this, kuzzleSecurity, id, content);
+
+  // Define properties
+  Object.defineProperties(this, {
+    // private properties
+    deleteActionName: {
+      value: 'deleteRole'
+    }
+  });
+
+  // promisifying
+  if (kuzzleSecurity.kuzzle.bluebird) {
+    return kuzzleSecurity.kuzzle.bluebird.promisifyAll(this, {
+      suffix: 'Promise',
+      filter: function (name, func, target, passes) {
+        var whitelist = ['save'];
+
+        return passes && whitelist.indexOf(name) !== -1;
+      }
+    });
+  }
+
+}
+
+KuzzleRole.prototype = Object.create(KuzzleSecurityDocument.prototype, {
+  constructor: {
+    value: KuzzleRole
+  }
+});
+
+/**
+ * Saves this role into Kuzzle.
+ *
+ * If this is a new role, this function will create it in Kuzzle.
+ * Otherwise, this method will replace the latest version of this role in Kuzzle by the current content
+ * of this object.
+ *
+ * @param {object} [options] - Optional parameters
+ * @param {responseCallback} [cb] - Handles the query response
+ */
+KuzzleRole.prototype.save = function (options, cb) {
+  var
+    data = this.serialize(),
+    self = this;
+
+  if (options && cb === undefined && typeof options === 'function') {
+    cb = options;
+    options = null;
+  }
+
+  self.kuzzle.query(this.kuzzleSecurity.buildQueryArgs('createOrReplaceRole'), data, options, function (error) {
+    if (error) {
+      return cb ? cb(error) : false;
+    }
+
+    if (cb) {
+      cb(null, self);
+    }
+  });
+};
+
+module.exports = KuzzleRole;