feat: adds support for access rules and containers (#240)

Basis-Theory · Oct 21, 2022 · b5cced4 · b5cced4
1 parent aab8f86
commit b5cced4
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 18 deletions.
diff --git a/src/types/models/applications.ts b/src/types/models/applications.ts
@@ -1,27 +1,41 @@
 import type { Auditable } from './shared';
 
 const APPLICATION_TYPES = ['private', 'public', 'management'] as const;
+const TRANSFORM_TYPES = ['mask', 'redact', 'reveal'] as const;
 
 type ApplicationType = typeof APPLICATION_TYPES[number];
+type TransformType = typeof TRANSFORM_TYPES[number];
 
 interface Application extends Auditable {
   id: string;
   tenantId: string;
   name: string;
   key?: string;
   type: ApplicationType;
+  permissions?: string[];
+  rules?: AccessRule[];
+}
+
+interface AccessRule {
+  description: string;
+  priority: number;
+  container: string;
+  transform: TransformType;
   permissions: string[];
 }
 
 type CreateApplication = Pick<Application, 'name' | 'type'> &
-  Partial<Pick<Application, 'permissions'>>;
+  Partial<Pick<Application, 'permissions' | 'rules'>>;
 
-type UpdateApplication = Partial<Pick<Application, 'name' | 'permissions'>>;
+type UpdateApplication = Partial<
+  Pick<Application, 'name' | 'permissions' | 'rules'>
+>;
 
 export type {
   ApplicationType,
   Application,
   CreateApplication,
+  TransformType,
   UpdateApplication,
 };
-export { APPLICATION_TYPES };
+export { APPLICATION_TYPES, TRANSFORM_TYPES };
diff --git a/src/types/models/tokens.ts b/src/types/models/tokens.ts
@@ -47,7 +47,7 @@ interface TokenPrivacy {
 interface Token<DataType = Primitive> extends TokenBase {
   data: TokenData<DataType>;
   privacy?: TokenPrivacy;
-  container?: string;
+  containers?: string[];
   encryption?: TokenEncryption;
   searchIndexes?: string[];
   fingerprintExpression?: string;
@@ -60,7 +60,7 @@ type CreateToken<DataType = Primitive> = Pick<
   | 'type'
   | 'data'
   | 'privacy'
-  | 'container'
+  | 'containers'
   | 'metadata'
   | 'encryption'
   | 'searchIndexes'
@@ -76,7 +76,7 @@ type UpdateToken<DataType = Primitive> = Partial<
   Pick<
     Token<DataType>,
     | 'data'
-    | 'container'
+    | 'containers'
     | 'metadata'
     | 'encryption'
     | 'searchIndexes'

diff --git a/test/applications.test.ts b/test/applications.test.ts
@@ -2,7 +2,7 @@ import type MockAdapter from 'axios-mock-adapter';
 import { Chance } from 'chance';
 import { BasisTheory } from '@/BasisTheory';
 import { API_KEY_HEADER, BT_TRACE_ID_HEADER } from '@/common';
-import type { ApplicationType } from '@/types/models';
+import type { ApplicationType, TransformType } from '@/types/models';
 import type { BasisTheory as IBasisTheory } from '@/types/sdk';
 import {
   testCRUD,
@@ -29,7 +29,7 @@ describe('Applications', () => {
     client.resetHistory();
   });
 
-  describe('CRUD', () => {
+  describe('CRUD with permissions', () => {
     testCRUD(() => ({
       service: bt.applications,
       client,
@@ -45,6 +45,46 @@ describe('Applications', () => {
     }));
   });
 
+  describe('CRUD with access rules', () => {
+    testCRUD(() => ({
+      service: bt.applications,
+      client,
+      createPayload: {
+        name: chance.string(),
+        type: chance.string() as ApplicationType,
+        rules: [
+          {
+            description: chance.string(),
+            priority: chance.integer(),
+            container: chance.string(),
+            transform: chance.pickone<TransformType>([
+              'mask',
+              'redact',
+              'reveal',
+            ]),
+            permissions: [chance.string()],
+          },
+        ],
+      },
+      updatePayload: {
+        name: chance.string(),
+        rules: [
+          {
+            description: chance.string(),
+            priority: chance.integer(),
+            container: chance.string(),
+            transform: chance.pickone<TransformType>([
+              'mask',
+              'redact',
+              'reveal',
+            ]),
+            permissions: [chance.string()],
+          },
+        ],
+      },
+    }));
+  });
+
   describe('get by key', () => {
     test('should get by key', async () => {
       const id = chance.string();

diff --git a/test/tokens.test.ts b/test/tokens.test.ts
@@ -58,7 +58,7 @@ describe('Tokens', () => {
       const fingerprint = chance.string();
       const tenantId = chance.string();
       const type = chance.string() as TokenType;
-      const container = `/${chance.string()}/`;
+      const containers = [`/${chance.string()}/`];
 
       /* eslint-disable camelcase */
       const data = {
@@ -86,7 +86,7 @@ describe('Tokens', () => {
           type,
           data,
           metadata,
-          container,
+          containers,
           created_at: createdAt,
           created_by: createdBy,
           modified_at: modifiedAt,
@@ -102,7 +102,7 @@ describe('Tokens', () => {
         type,
         data,
         metadata,
-        container,
+        containers,
         createdAt,
         createdBy,
         modifiedAt,
@@ -122,7 +122,7 @@ describe('Tokens', () => {
       const fingerprint = chance.string();
       const type = chance.string() as TokenType;
       const data = chance.string();
-      const container = `/${chance.string()}/`;
+      const containers = [`/${chance.string()}/`];
       const createdBy = chance.string();
       const createdAt = chance.string();
       const modifiedBy = chance.string();
@@ -137,7 +137,7 @@ describe('Tokens', () => {
           fingerprint,
           type,
           data,
-          container,
+          containers,
           created_at: createdAt,
           created_by: createdBy,
           modified_at: modifiedAt,
@@ -157,7 +157,7 @@ describe('Tokens', () => {
         fingerprint,
         type,
         data,
-        container,
+        containers,
         createdAt,
         createdBy,
         modifiedAt,
@@ -635,7 +635,7 @@ describe('Tokens', () => {
           impactLevel: _chance.pickone([...DATA_IMPACT_LEVELS]),
           restrictionPolicy: _chance.pickone([...DATA_RESTRICTION_POLICIES]),
         },
-        container: `/${chance.string()}/`,
+        containers: [`/${chance.string()}/`],
         encryption: {
           cek: {
             key: _chance.string(),
@@ -665,7 +665,7 @@ describe('Tokens', () => {
           impactLevel: _chance.pickone([...DATA_IMPACT_LEVELS]),
           restrictionPolicy: _chance.pickone([...DATA_RESTRICTION_POLICIES]),
         },
-        container: `/${chance.string()}/`,
+        containers: [`/${chance.string()}/`],
         searchIndexes: [_chance.string(), _chance.string()],
         fingerprintExpression: _chance.string(),
         mask: _chance.string(),
@@ -702,7 +702,7 @@ describe('Tokens', () => {
           impactLevel: _chance.pickone([...DATA_IMPACT_LEVELS]),
           restrictionPolicy: _chance.pickone([...DATA_RESTRICTION_POLICIES]),
         },
-        container: `/${chance.string()}/`,
+        containers: [`/${chance.string()}/`],
         metadata: {
           camelCaseParameter: _chance.string(),
           snake_case_parameter: _chance.string(),
@@ -720,7 +720,7 @@ describe('Tokens', () => {
           impactLevel: _chance.pickone([...DATA_IMPACT_LEVELS]),
           restrictionPolicy: _chance.pickone([...DATA_RESTRICTION_POLICIES]),
         },
-        container: `/${chance.string()}/`,
+        containers: [`/${chance.string()}/`],
         searchIndexes: [_chance.string(), _chance.string()],
         fingerprintExpression: _chance.string(),
       };