mark-bradshaw / mrhorse Goto Github PK
View Code? Open in Web Editor NEWPolicies for Hapi routes
License: MIT License
Policies for Hapi routes
License: MIT License
Is there a way to tell mrhorse I want a policy applied to every route? Combined with a negative policy expression ("don't apply policy x to route y") It could be very powerful.
Upon running a route, it would be nice to cache the policies to be run on each apply point for that route. The cache can be keyed by sort(methods)::path
. Unknown if the sorting is required, or if hapi already sorts it for this exact reason. It would also be nice to create something like a MrHorse.warmPolicies(server)
method that can be called to generate this cache whenever a developer sees fit (say, once the developer registers all routes).
Hi @mark-bradshaw, so I'm running some e2e tests where I'm creating mulitple hapi servers and registering the mrhorse plugin multiple times. However on the second round of plugin registrations, I get a duplicate policy error because the data
object in index.js
still contains the policies from the previous registration. I've tried clearing the require cache but can't get anything to work. Any advice? Thanks in advance!
Is this project being maintained? Especially with Hapi's rapid development pace I'm a bit afraid to get dependent on something that could become incompatible. Maybe there just haven't been any changes needed recently but I'm a bit wary with the last commit being 5 months ago.
Is there a way to pass information to policies? I have a database connection (essentially) that I would like to pass to the policies once it has been started in the main app logic, as reinstantiating it in the policies would cause new pools of connections to be started.
If you are not aware yet, Hapi v17 is making the transition from callbacks to async
/await
, as well as deprecating some other rarely used functionality. This is a breaking change that may make your plugin no longer compatible with the Hapi API.
Draft release notes can be found here: hapijs/hapi#3658
The target release date for v17 is the beginning of November.
async
/await
compatible using the v17
branch from Hapi for testing
npm link
within the Hapi reponpm link hapi
within your plugin repov17
of Hapi branch for testsnpm
. Please use a major version increment as this will be a breaking change and it would be terrible for it to sneak into current versions of Hapi.<8.0.0
.v16
will continue to be supported for as long as there exists a Node LTS actively being supported that is not compatible with v17
.I have some validation configured together with my route:
"saveClientData": {
"path" : "",
"method" : ["POST"],
"handler" : "save",
"validation": true,
"filter" : true,
"config" : {
"plugins": {
"policies": ["user-with-app"]
}
}
}
And, I see that validation takes place before the mrhorse. If the validation passes, but policy does not - then we see the expected result.
I don't think it's logical. Do we have any way to put the mrhorse infront?
Regards,
Make sure any policy that is named in the route config object is actually executed.
It would be nice if we could emulate the functionality from hapi route prerequisites to indicate that policies are allowed to run in parallel or in series when they're part of the same request lifecycle extension.
See
What if we supported a route-level trumps-all configuration, where the route reports a list of policies per apply point. But maybe it's too confusing to allow the plugin, the policy, and the route to report an apply point. Found myself brainstorming :P
server.route({
method: 'GET',
path: '/admin',
handler: function(request, reply) {},
config: {
plugins: {
policies: {
onPreHandler: [
['isLoggedIn', 'isAnAdmin'], // Do these two in parallel
'onlyInUS'
]
}
}
}
});
Is there any way to OR two policies? Say I have two policies isAdmin and isServerAdmin, and certain routes I want to be accessible to both, but certain routes should be restricted to just one.
It looks like hapi is aiming to provide lifecycle hooks on routes: hapijs/hapi#2566. This is wonderful, and will be able to offer performance that is hard to achieve in the form of a plugin due to access to hapi internals. In some ways it's also very validating for MrHorse!
I'm wondering what we think this could mean for the feature-set of MrHorse. If there's a "native" way to add lifecycle hooks per route, the interface/usage/benefits of MrHorse may look quite different in the future! Just wanted to bring this up, and hopefully get some ideas going.
lab -L
Hello there, I think it might be usefull to have some applyPoint which would be called beforeHandler but after route.pre , not sure if it is doable, but it would be handy to have available what is inside of request.pre
I think I have found a bug.
I am using mrHorse mainly with dynamic functions, and I have discovered that when there are no normal policies available in the policies
folder with the same applyPoint
as the dynamic functions, the applyPoint
within the dynamic functions does not work.
Here is a very simple repo to showcase the error. If you run the code as is, it will correctly print:
pre handler policy
pre handler policy function
hello world
post handler policy
post handler policy function
However, is I remove the policies/postHandler
, it will print the following:
pre handler policy function
hello world
Intead of this:
pre handler policy function
hello world
post handler policy function
I can easily fix this error by creating a fake normal policy with the hook I need, I just wanted to report this issue so that others are aware of it.
Say I have one policy called isLoggedIn and then one policy called isUsingMac. If i pass them to mrhorse using policies: ['isLoggedIn','isUsingMac']
, do these policies execute in order, parallel, or random?
Mistake issue
Currently if you use mrhorse only with function policies, they are not applied. Only when you create a policy file using a particular apply point does that apply point become active. This is the crucial line that is not run: https://github.com/mark-bradshaw/mrhorse/blob/master/lib/index.js#L220
Hi guys,
First of all, nice job, I really appreciate what you did. I just have a problem to make policies work dynamically as functions. I don't understand why because I entirely followed your example. Did anything change since the documentation was written?
Thanks,
If i need to use this plugin with auth (for example JWT strategy) do I have to set all routes to auth: false
and do my own check with request.auth.credentials
inside mrhorse policies?
So basically I wouldnt have to set hapi scopes
at all?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.