Kata

In this kata, you must implement a function that verifies if with certain credentials you can access some resources.

Access to resources is protected with a very flexible access configuration.

For example, in the following code, only the user root can access the resource (in this case, the resource is an object with a value equals 1)

const config = [
    {
      resource: { value: 1 },
      allow: {
        user: 'root',
      },
    },
  ]
const mychecker = resourceChecker(config)

Credentials is an object with some key-value pairs. Only if the credentials contain the user root the resource can be accessed:

const rootCredentials = { user: 'root' }
mychecker(rootCredentials) // returns { value: [1]}

const guessCredentials = { user: 'guess' }
mychecker(guessCredentials) // returns null. This means that the resource is not allowed

const guessCredentials = { }
mychecker(guessCredentials) // returns null. If you do not pass the user, the resource is denied

The resource configuration can have an arbitrary number of keys:

const config = [
    {
      resource: { value: 1 },
      allow: {
        user: 'root',
        ip: '127.0.0.1'
      },
    },
  ]
const mychecker = resourceChecker(config)

mychecker({user: 'root', ip: '127.0.0.1'}) // returns { value: [1] }
mychecker({user: 'guess', ip: '127.0.0.1'}) // returns null
mychecker({user: 'root'}) // returns null

Note that the resource results are keys that allways contain plain arrays of simple values.

The resource configuration can have multiple resource configs:

const config = [
    {
      resource: { value: 1 },
      allow: {
        user: 'root'
      },
    },
    {
      resource: { value: [2, 3] },
      allow: {
        ip: '127.0.0.1'
      },
    },
  ]
const mychecker = resourceChecker(config)

mychecker({user: 'root'}) // returns { value: [1] }
mychecker({ip: '127.0.0.1'}) // returns { value: [2, 3] }
mychecker({user: 'root', ip: '127.0.0.1'}) // returns { value: [1, 2, 3] }
mychecker({user: 'guess', ip: '127.0.0.1'}) // returns { value: [2, 3] }
mychecker({user: 'john', ip: '127.0.0.2'}) // returns null

allow key could be an array in which case the resource can be accessed if the credentials match one of its values

const config = [
    {
      resource: { value: 1 },
      allow: [
       {user: 'root'},
       {ip: '127.0.0.1'},
      ],
    },
  ]
const mychecker = resourceChecker(config)

mychecker({user: 'root', ip: '127.0.0.1'}) // returns { value: [1] }
mychecker({user: 'guess', ip: '127.0.0.1'}) // returns { value: [1] }
mychecker({user: 'root'}) // returns { value: [1] }
mychecker({user: 'guess'}) // returns null

By default, resources are denied:

const config = [
    {
      resource: { value: 1 },
    },
  ]
const mychecker = resourceChecker(config)
mychecker({user: 'root', ip: '127.0.0.1'}) // returns null

But you can give explicit access to any credentials even to empty credentials

const config = [
    {
      allow: {},
      resource: { value: 1 },
    },
  ]
const mychecker = resourceChecker(config)
mychecker({}) // returns { value: [1] }

Resources may be empty and that is ok:

const config = [
    {
      allow: { user: 'root' },
      resource: {},
    },
  ]
const mychecker = resourceChecker(config)
mychecker({ user: 'root' }) // returns {}
mychecker({ user: 'guess' }) // returns null

There are many more configuration possibilities that are explained in the tests. Here I am simply going to list the main ones:

• You can explicitly deny access to some credentials
• There may be nested resource configurations
• Access checking is not limited to comparing text strings or other simple types, but you can use regular expressions, objects, arrays, and functions.

Note: Keep in mind that to solve this kata I have used the TDD methodology, so the tests follow a bottom-up approach.