Reference

class DatumoScopes(Model)
Arguments:
  • Model (Datumo.Model) – The Datumo model for which to generate scopes.
Throws Error:

if the model provided is not a Datumo Model

 
class Person extends Datumo.Model {
  static get schema () {
    return {
      givenName: { type: 'string', required: true },
      middleName: { type: 'string' },
      familyName: { type: 'string', required: true },
      email: { type: 'string', format: 'email' }
    }
  }

  static get propertySets () {
    return {
      name: ['givenName', 'middleName', 'familyName'],
      email: ['email']
    }
  }
}

let personScopes = new DatumoScopes(Person)
DatumoScopes.prototype.getScopes()
Returns:an array of valid scopes for the model for which the current instance of DatumoScopes was defined. 
let scopes = personScopes.getScopes()

console.log(scopes)
// [
//   'person-read-name',
//   'person-write-name',
//   'person-read-email',
//   'person-write-email'
// ]
DatumoScopes.prototype.getPermissions(scopes[, action])
Arguments:
  • scopes (string/array) – A scope or list of scopes to evaluate permissions for.
  • action (string) – Name of an action as defined on the model. If specified, function will only return permissions for the given action.
Returns:

an array of permissions granted by the given scope(s).
Throws Error:

if the model does not have scopes or property sets defined, or if the property sets contain an invalid value.

 
let permissions = personScopes.getPermissions([
  'person-read-name', 'person-read-email', 'person-write-email'
])

console.log(permissions)
// [
//   {
//     action: 'read',
//     properties: ['givenName', 'middleName', 'familyName', 'email']
//   }
//   {
//     action: 'write',
//     properties: ['email']
//   }
// ]

let permissions = personScopes.getPermissions([
  'person-read-name', 'person-read-email', 'person-write-email'
], 'read')

console.log(permissions)
// [
//   {
//     action: 'read',
//     properties: ['givenName', 'middleName', 'familyName', 'email']
//   }
// ]
DatumoScopes.prototype.authorize(scopes[, action, properties])
Arguments:
  • scopes (string/array) – A scope or list of scopes to evaluate permissions for.
  • action (string) – Name of an action as defined on the model. If omitted, function will use the default action (either the first action on the model, or the action marked as default).
  • properties (array) – Array of property names to restrict the authorization check to.
Returns:

an array of property names the scopes grant permission for with the given action.
Throws Error:

if the model does not have scopes or property sets defined, or if the property sets contain an invalid value.

 
let authorizedProperties = personScopes.authorize([
  'person-write-email', 'person-read-name'
])

console.log(authorizedProperties)
// ['givenName', 'middleName', 'familyName']

let authorizedProperties = personScopes.authorize([
  'person-write-email', 'person-read-name'
], 'write')

console.log(authorizedProperties)
// ['email']
DatumoScopes.prototype.scopedSubset(scopes[, action, properties])
Arguments:
  • scopes (string/array) – A scope or list of scopes to evaluate permissions for.
  • action (string) – Name of an action as defined on the model. If omitted, function will use the default action (either the first action on the model, or the action marked as default).
  • properties (array) – Array of property names to restrict the authorization check to.
Returns:

a subset model class with a schema containing only the propertyies that the scopes grant permission for with the given action.
Throws Error:

if the model does not have scopes or property sets defined, or if the property sets contain an invalid value.

 
let ScopedPerson = personScopes.scopedSubset([
  'person-write-email', 'person-read-name'
])

console.log(ScopedPerson.schema)
// {
//   givenName: { type: 'string', required: true },
//   middleName: { type: 'string' },
//   familyName: { type: 'string', required: true }
// }
DatumoScopes.prototype.filter(data, scopes[, action, properties])
Arguments:
  • data (object) – An instance of the model or an object containing model data for the model with which this instance of DatumoScopes was instantiated.
  • scopes (string/array) – A scope or list of scopes to evaluate permissions for.
  • action (string) – Name of an action as defined on the model. If omitted, function will use the default action (either the first action on the model, or the action marked as default).
  • properties (array) – Array of property names to restrict the authorization check to.
Returns:

an object containing only the properties that the scopes grant permission for with the given action.
Throws Error:

if the model does not have scopes or property sets defined, or if the property sets contain an invalid value.

 
let person = {
  givenName: 'Patricia',
  middleName: 'Girard',
  familyName: 'Couturier',
  email: 'pcouturier@example.com'
}

let scopedPerson = personScopes.filter(person, [
  'person-write-email', 'person-read-name'
])

console.log(scopedPerson)
// {
//   givenName: 'Patricia',
//   middleName: 'Girard',
//   familyName: 'Couturier'
// }