Search…
⌃K

Policy

@policy({
name: 'effective policy',
action: 'Script',
weight: 1
})
myPolicy({ runtime }) {
return true
}

@policy(options)

Arguments
  • options { Object } Options object
    • name { String }
    • environment { String = "*" }
    • weight { Number = 0 }
    • action { String } Policy action (Script, Transform)

Method Options

  • methodOptions { Object } Options passed to the method
    • req { Object }
    • body { Object }
    • halt {Function} When called, haults the policy and exits the script
    • runtime { Object }
      • name { String }
      • environment { String = "*" }
      • weight { Number = 0 }
      • metadata { Object }
        • resource { String }
        • className { String }
        • methodName { String }
        • static { Boolean }
        • loc { Object }
          • line { String }
          • column { String }

Method Options (Transform Action)

  • methodOptions { Object } Options passed to the method
    • runtime { Object }
      • name { String }
      • environment { String = "*" }
      • weight { Number = 0 }
      • metadata { Object }
        • resource { String }
        • className { String }
        • methodName { String }
        • static { Boolean }
        • loc { Object }
          • line { String }
          • column { String }

Examples

const { policy, route, log, transform } = require('decorators'),
{ Transform } = require('runtime.transform')
class RoutePolicies {
@policy
static redirectPolicy = {
name: 'c_redirect',
priority: 1,
methods: 'get',
paths: '/routes/test-policy-redirect',
action: 'Redirect',
redirectUrl: '/routes/test-policy-after-redirect',
weight: 1,
trace: true
}
@log({ traceError: true })
@route('POST test-route', { priority: 1 })
testRoute({ body }) {
return { text: 'Hi!', ...body() }
}
@log({ traceError: true })
@route('GET test-route-halt', { priority: 1 })
testHaltRoute() {
return 'Hello!'
}
@log({ trace: true })
@policy({ methods: ['post'], paths: '/routes/test-route', action: 'Script', trace: true, weight: 1 })
testRoutePolicy({ body }) {
if (body('end')) {
return 'ended!'
}
if (body('end_throw')) {
throw Fault.create('cortex.accessDenied.policy', { reason: 'Because!' })
}
if (body('end_response')) {
return require('response').end()
}
body('param', 'this is a param from policy')
}
@log({ trace: true })
@policy({ methods: ['get'], paths: '/routes/test-route-halt', priority: 1 })
routeHaltPolicy({ halt }) {
return halt()
}
@log({ trace: true })
@policy({ methods: ['get'], paths: '/routes/test-route-halt' })
routeHaltPolicy2({ halt }) {
const res = require('response')
res.setStatusCode(404)
res.setHeader('Content-Type', 'application/json')
res.end(JSON.stringify(new RangeError('no way, jesus maria!').toJSON()))
}
@route('GET get-all-accounts')
getAllAccounts({ req, res, body, runtime }) {
return org.objects.accounts.find().skipAcl(true).grant(8)
}
@policy
static accountsTransform = {
methods: ['get'],
paths: '/routes/get-all-accounts',
action: 'Transform',
priority: 999,
transform: 'c_accounts_transform'
}
}
@transform('c_accounts_transform')
class AccountsTransform extends Transform {
each(object) {
if (object.object === 'account' && object.email !== script.principal.email) {
object.name.first = '*******'
object.name.last = '*******'
}
return object
}
}
Last modified 1yr ago