implemented route to get grants for all sites

2017-06-30 16:33:51 -06:00 · 2017-06-30 16:33:51 -06:00 · f260b5afc0
parent 4d326726db
commit f260b5afc0
2 changed files with 36 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -128,4 +128,12 @@ the same privileges multiple times on different machines.
    * `sub`: The same `sub` from the url
    * `azp`: The same `azp` from the url
    * `scope`: A comma separated list of the permissions granted
-    * `updatedAt`: The timestamp for the most recent change to the grants
+    * `updatedAt`: The ms timestamp for the most recent change to the grants
+
+### Retrieving All Grants ###
+  * **URL** `:scheme//:hostname/api/issuer@oauth3.org/grants/:sub`
+  * **Method** `GET`
+  * **Url Params**
+    * `sub`: The [subject](#subject) using the issuer hostname as the `azp`
+  * **Response**: An array of objects with the same values as the simple grant
+    get response.
--- a/rest.js
+++ b/rest.js
@ -122,23 +122,41 @@ module.exports.create = function (bigconf, deps, app) {
    });
  };

-  Grants.restful.get = function (req, res) {
+  Grants.restful.getOne = function (req, res) {
    var promise = Grants.authorizeReq(req).then(function (sub) {
      return req.Store.get(sub+'/'+req.params.azp);
-    }).then(function (result) {
-      if (!result) {
+    }).then(function (grant) {
+      if (!grant) {
        throw new Error('no grants found');
      }
      return {
-        sub:   result.sub,
-        azp:   result.azp,
-        scope: result.scope,
-        updatedAt:  result.updatedAt
+        sub:   grant.sub,
+        azp:   grant.azp,
+        scope: grant.scope,
+        updatedAt: parseInt(grant.updatedAt, 10),
      };
    });

    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
  };
+  Grants.restful.getAll = function (req, res) {
+    var promise = Grants.authorizeReq(req).then(function (sub) {
+      return req.Store.find({ sub: sub });
+    }).then(function (results) {
+      return results.map(function (grant) {
+        return {
+          sub:   grant.sub,
+          azp:   grant.azp,
+          scope: grant.scope,
+          updatedAt: parseInt(grant.updatedAt, 10),
+        };
+      }).sort(function (grantA, grantB) {
+        return (grantA.azp < grantB.azp) ? -1 : 1;
+      });
+    });
+
+    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
+  };
  Grants.restful.saveNew = function (req, res) {
    var promise = Grants.authorizeReq(req).then(function (sub) {
      if (typeof req.body.scope !== 'string') {
@ -164,7 +182,8 @@ module.exports.create = function (bigconf, deps, app) {
  app.post(  '/jwks/:sub', Jwks.restful.saveNew);

  app.use(   '/grants', attachSiteStore.bind(null, 'IssuerOauth3OrgGrants'));
-  app.get(   '/grants/:sub/:azp', Grants.restful.get);
+  app.get(   '/grants/:sub', Grants.restful.getAll);
+  app.get(   '/grants/:sub/:azp', Grants.restful.getOne);
  app.post(  '/grants/:sub/:azp', Grants.restful.saveNew);

  app.use(detachSiteStore);