mark-bradshaw / mrhorse Goto Github PK

Is there a way to tell mrhorse I want a policy applied to every route? Combined with a negative policy expression ("don't apply policy x to route y") It could be very powerful.

Upon running a route, it would be nice to cache the policies to be run on each apply point for that route. The cache can be keyed by sort(methods)::path. Unknown if the sorting is required, or if hapi already sorts it for this exact reason. It would also be nice to create something like a MrHorse.warmPolicies(server) method that can be called to generate this cache whenever a developer sees fit (say, once the developer registers all routes).

Hi @mark-bradshaw, so I'm running some e2e tests where I'm creating mulitple hapi servers and registering the mrhorse plugin multiple times. However on the second round of plugin registrations, I get a duplicate policy error because the data object in index.js still contains the policies from the previous registration. I've tried clearing the require cache but can't get anything to work. Any advice? Thanks in advance!

Is this project being maintained? Especially with Hapi's rapid development pace I'm a bit afraid to get dependent on something that could become incompatible. Maybe there just haven't been any changes needed recently but I'm a bit wary with the last commit being 5 months ago.

Is there a way to pass information to policies? I have a database connection (essentially) that I would like to pass to the policies once it has been started in the main app logic, as reinstantiating it in the policies would cause new pools of connections to be started.

Overview

If you are not aware yet, Hapi v17 is making the transition from callbacks to async/await, as well as deprecating some other rarely used functionality. This is a breaking change that may make your plugin no longer compatible with the Hapi API.

Changelog

Draft release notes can be found here: hapijs/hapi#3658

Target Release

The target release date for v17 is the beginning of November.

Tasks

• Reply to this to acknowledge that you are actively maintaining this module and are willing to update it
• Update plugin to be fully async/await compatible using the v17 branch from Hapi for testing

  Possible dev flow for updating

  • Clone Hapi
  • npm link within the Hapi repo
  • npm link hapi within your plugin repo
  • Your plugin will now be using v17 of Hapi branch for tests
• Release new major version of your plugin on npm. Please use a major version increment as this will be a breaking change and it would be terrible for it to sneak into current versions of Hapi.

Notes

• Support is being dropped for all versions of Node <8.0.0.
• Hapi v16 will continue to be supported for as long as there exists a Node LTS actively being supported that is not compatible with v17.
• Targeted release date is November 1st, 2017. Please try to have your plugin updated before then.
• This issue is being opened because your plugin is listed on the official hapi website

I have some validation configured together with my route:

"saveClientData": {
    "path"      : "",
    "method"    : ["POST"],
    "handler"   : "save",
    "validation": true,
    "filter"    : true,
    "config"    : {
      "plugins": {
        "policies": ["user-with-app"]
      }
    }
  }

And, I see that validation takes place before the mrhorse. If the validation passes, but policy does not - then we see the expected result.

I don't think it's logical. Do we have any way to put the mrhorse infront?

Regards,

Make sure any policy that is named in the route config object is actually executed.

It would be nice if we could emulate the functionality from hapi route prerequisites to indicate that policies are allowed to run in parallel or in series when they're part of the same request lifecycle extension.

See

• hapi code for this
• hapi syntax for this

What if we supported a route-level trumps-all configuration, where the route reports a list of policies per apply point. But maybe it's too confusing to allow the plugin, the policy, and the route to report an apply point. Found myself brainstorming :P

server.route({
    method: 'GET',
    path: '/admin',
    handler: function(request, reply) {},
    config: {
        plugins: {
            policies: {
                onPreHandler: [
                    ['isLoggedIn', 'isAnAdmin'], // Do these two in parallel
                    'onlyInUS'
                ]
            }
        }
    }
});

Is there any way to OR two policies? Say I have two policies isAdmin and isServerAdmin, and certain routes I want to be accessible to both, but certain routes should be restricted to just one.

It looks like hapi is aiming to provide lifecycle hooks on routes: hapijs/hapi#2566. This is wonderful, and will be able to offer performance that is hard to achieve in the form of a plugin due to access to hapi internals. In some ways it's also very validating for MrHorse!

I'm wondering what we think this could mean for the feature-set of MrHorse. If there's a "native" way to add lifecycle hooks per route, the interface/usage/benefits of MrHorse may look quite different in the future! Just wanted to bring this up, and hopefully get some ideas going.

lab -L

Hello there, I think it might be usefull to have some applyPoint which would be called beforeHandler but after route.pre , not sure if it is doable, but it would be handy to have available what is inside of request.pre

I think I have found a bug.

I am using mrHorse mainly with dynamic functions, and I have discovered that when there are no normal policies available in the policies folder with the same applyPoint as the dynamic functions, the applyPoint within the dynamic functions does not work.

Here is a very simple repo to showcase the error. If you run the code as is, it will correctly print:

pre handler policy
pre handler policy function
hello world
post handler policy
post handler policy function

However, is I remove the policies/postHandler, it will print the following:

pre handler policy function
hello world

Intead of this:

pre handler policy function
hello world
post handler policy function

I can easily fix this error by creating a fake normal policy with the hook I need, I just wanted to report this issue so that others are aware of it.

Say I have one policy called isLoggedIn and then one policy called isUsingMac. If i pass them to mrhorse using policies: ['isLoggedIn','isUsingMac'], do these policies execute in order, parallel, or random?

Mistake issue

Currently if you use mrhorse only with function policies, they are not applied. Only when you create a policy file using a particular apply point does that apply point become active. This is the crucial line that is not run: https://github.com/mark-bradshaw/mrhorse/blob/master/lib/index.js#L220

Hi guys,

First of all, nice job, I really appreciate what you did. I just have a problem to make policies work dynamically as functions. I don't understand why because I entirely followed your example. Did anything change since the documentation was written?

Thanks,

If i need to use this plugin with auth (for example JWT strategy) do I have to set all routes to auth: false and do my own check with request.auth.credentials inside mrhorse policies?

So basically I wouldnt have to set hapi scopes at all?

Hi,

What I want to do is to redirect the customer, when some policy does not match.
What I'm trying to do:

return next(reply.redirect('/auth'),false);

It doesn't work:

However, this works:

return reply.redirect('/auth');

Question - is there any way to match the redirect with next() ?