Private
Readonly
authProtected
Readonly
loggerPrivate
Readonly
readerChecks if the input can be handled by this class. If it cannot handle the input, rejects with an error explaining why.
Input that could potentially be handled.
A promise resolving if the input can be handled, rejecting with an Error if not.
Private
findFinds all authorization resource identifiers and maps them to their subject identifier and the requested modes.
Handles the given input. This may only be called if canHandle did not reject. When unconditionally calling both in sequence, consider handleSafe instead.
Input that needs to be handled.
A promise resolving when handling is finished.
Helper function that first runs canHandle followed by handle. Throws the error of canHandle if the data cannot be handled, or returns the result of handle otherwise.
Input data that will be handled if it can be handled.
A promise resolving if the input can be handled, rejecting with an Error if not.
Protected
interpretUpdates the permissions for an authorization resource by interpreting the Control access mode as allowing full access.
Determines the permission for authorization resources (such as ACL or ACR). In contrast to the regular resource mechanism, read/write access to authorization resources is obtained by setting Control permissions on the corresponding subject resource rather than directly setting permissions for the authorization resource itself. Hence, this class transforms Control permissions on the subject resource to Read/Write permissions on the authorization resource.