Updated rule
This commit is contained in:
Mara Kiefer
@@ -1,38 +1,30 @@
|
|||||||
module.exports = {
|
module.exports = {
|
||||||
meta: {
|
meta: {
|
||||||
docs: {
|
docs: {
|
||||||
description: "Service without `@requires/restrict` should not expose fields `createdBy` and `modifiedBy`.",
|
description: "Service without `@requires/restrict` should not expose fields with personal data.",
|
||||||
version: "1.0.0"
|
version: "1.0.0"
|
||||||
},
|
},
|
||||||
fixable: "code",
|
fixable: "code",
|
||||||
model: "inferred"
|
model: "inferred"
|
||||||
},
|
},
|
||||||
create: function (context) {
|
create: function (context) {
|
||||||
|
const services = context.getModel().services;
|
||||||
|
const unprotectedServices = services.filter(s => !s["@requires"] && !s["@restrict"]).map(s => s.name)
|
||||||
|
if (!unprotectedServices.length) return
|
||||||
return { entity: checkForExposedFields };
|
return { entity: checkForExposedFields };
|
||||||
|
|
||||||
function checkForExposedFields(e) {
|
function checkForExposedFields(entity) {
|
||||||
const services = context.getModel().services;
|
const entityInUnprotectedService = unprotectedServices.some(service => entity.name.includes(service))
|
||||||
const unauthorizedServices = services
|
if (entityInUnprotectedService) {
|
||||||
.map((s) => {
|
const elements = Object.keys(entity.elements).filter((name) => ["createdBy", "modifiedBy"].includes(name))
|
||||||
if (!s["@requires"] && !s["@restrict"]) {
|
for (let element of elements) {
|
||||||
return s.name;
|
context.report({
|
||||||
}
|
message: `Field '${element}' in '${entity.name}' exposes personal data. Remove field or add \`@restrict/requires\`.`,
|
||||||
})
|
node: context.getNode(entity),
|
||||||
.filter((item) => !!item);
|
file: entity.$location.file
|
||||||
const found = Object.keys(e.elements).find((r) => ["createdBy", "modifiedBy"].indexOf(r) >= 0);
|
})
|
||||||
const isUnauthorizedService = unauthorizedServices.some((r) => {
|
|
||||||
if (e.name.includes(r)) {
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
return false;
|
|
||||||
});
|
|
||||||
if (found && isUnauthorizedService) {
|
|
||||||
context.report({
|
|
||||||
message: `Danger - exposed field '${found}' with '${e.name}' Either remove these or add add \`@restrict/requires\`.`,
|
|
||||||
node: context.getNode(e),
|
|
||||||
file: e.$location.file
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
};
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user