chore: refactor createAnonymousRemoteUser and createRemoteUser

src/api/endpoint/api/user.ts

@@ -2,11 +2,12 @@ import Cookies from 'cookies';
 import express, { Response, Router } from 'express';
 import _ from 'lodash';
 
+import { createRemoteUser } from '@verdaccio/config';
 import { rateLimit } from '@verdaccio/middleware';
 import { Config, RemoteUser } from '@verdaccio/types';
 import { createSessionToken, getAuthenticatedMessage } from '@verdaccio/utils';
 
-import { createRemoteUser, getApiToken, validatePassword } from '../../../lib/auth-utils';
+import { getApiToken, validatePassword } from '../../../lib/auth-utils';
 import { API_ERROR, API_MESSAGE, HEADERS, HTTP_STATUS } from '../../../lib/constants';
 import { logger } from '../../../lib/logger';
 import { ErrorCode } from '../../../lib/utils';

src/lib/auth-utils.ts

@@ -1,6 +1,7 @@
 import buildDebug from 'debug';
 import _ from 'lodash';
 
+import { createAnonymousRemoteUser } from '@verdaccio/config';
 import { aesDecryptDeprecated as aesDecrypt, verifyPayload } from '@verdaccio/signature';
 import {
   APITokenOptions,
@@ -14,18 +15,11 @@ import {
 } from '@verdaccio/types';
 import { buildUserBuffer } from '@verdaccio/utils';
 
-import {
-  AuthMiddlewarePayload,
-  AuthTokenHeader,
-  BasicPayload,
-  CookieSessionToken,
-  IAuthWebUI,
-} from '../types';
+import { AuthMiddlewarePayload, AuthTokenHeader, BasicPayload, IAuthWebUI } from '../types';
 import {
   API_ERROR,
   DEFAULT_MIN_LIMIT_PASSWORD,
   HTTP_STATUS,
-  ROLES,
   TIME_EXPIRATION_1H,
   TOKEN_BASIC,
   TOKEN_BEARER,
@@ -42,44 +36,6 @@ export function validatePassword(
   return typeof password === 'string' && password.length >= minLength;
 }
 
-/**
- * Create a RemoteUser object
- * @return {Object} { name: xx, pluginGroups: [], real_groups: [] }
- */
-export function createRemoteUser(name: string, pluginGroups: string[]): RemoteUser {
-  const isGroupValid: boolean = Array.isArray(pluginGroups);
-  const groups = Array.from(
-    new Set(
-      (isGroupValid ? pluginGroups : []).concat([
-        ROLES.$ALL,
-        ROLES.$AUTH,
-        ROLES.DEPRECATED_ALL,
-        ROLES.DEPRECATED_AUTH,
-        ROLES.ALL,
-      ])
-    )
-  );
-
-  return {
-    name,
-    groups,
-    real_groups: pluginGroups,
-  };
-}
-
-/**
- * Builds an anonymous remote user in case none is logged in.
- * @return {Object} { name: xx, groups: [], real_groups: [] }
- */
-export function createAnonymousRemoteUser(): RemoteUser {
-  return {
-    name: undefined,
-    // groups without '$' are going to be deprecated eventually
-    groups: [ROLES.$ALL, ROLES.$ANONYMOUS, ROLES.DEPRECATED_ALL, ROLES.DEPRECATED_ANONYMOUS],
-    real_groups: [],
-  };
-}
-
 export function allow_action(action: string): Function {
   return function (user: RemoteUser, pkg: Package, callback: Callback): void {
     debug('[auth/allow_action]: user: %o', user?.name);

src/lib/auth.ts

@@ -2,6 +2,7 @@ import buildDebug from 'debug';
 import { NextFunction } from 'express';
 import _ from 'lodash';
 
+import { createAnonymousRemoteUser, createRemoteUser } from '@verdaccio/config';
 import { aesEncryptDeprecated as aesEncrypt, signPayload } from '@verdaccio/signature';
 import {
   AllowAccess,
@@ -20,8 +21,6 @@ import { getMatchedPackagesSpec } from '@verdaccio/utils';
 import loadPlugin from '../lib/plugin-loader';
 import { $RequestExtend, $ResponseExtend, AESPayload, IAuth } from '../types';
 import {
-  createAnonymousRemoteUser,
-  createRemoteUser,
   getDefaultPlugins,
   getMiddlewareCredentials,
   getSecurity,

src/lib/constants.ts

@@ -10,7 +10,7 @@ export {
   SUPPORT_ERRORS,
   APP_ERROR,
 } from '@verdaccio/core';
-export { ROLES, PACKAGE_ACCESS } from '@verdaccio/utils';
+export { PACKAGE_ACCESS } from '@verdaccio/utils';
 
 export const DEFAULT_PORT = '4873';
 export const DEFAULT_PROTOCOL = 'http';

src/types/index.ts

@@ -67,10 +67,6 @@ export interface ProxyList {
   [key: string]: IProxy;
 }
 
-export interface CookieSessionToken {
-  expires: Date;
-}
-
 export interface Utils {
   ErrorCode: any;
   getLatestVersion: Callback;

test/unit/modules/auth/auth-utils.spec.ts

@@ -5,13 +5,7 @@ import { Config, RemoteUser, Security } from '@verdaccio/types';
 import { buildUserBuffer } from '@verdaccio/utils';
 
 import Auth from '../../../../src/lib/auth';
-import {
-  createAnonymousRemoteUser,
-  createRemoteUser,
-  getApiToken,
-  getMiddlewareCredentials,
-  getSecurity,
-} from '../../../../src/lib/auth-utils';
+import { getApiToken, getMiddlewareCredentials, getSecurity } from '../../../../src/lib/auth-utils';
 import AppConfig from '../../../../src/lib/config';
 import { CHARACTER_ENCODING, TOKEN_BEARER } from '../../../../src/lib/constants';
 import { setup } from '../../../../src/lib/logger';
@@ -101,30 +95,6 @@ describe('Auth utilities', () => {
     expect(content[0]).toBe(password);
   };
 
-  describe('createRemoteUser', () => {
-    test('create remote user', () => {
-      expect(createRemoteUser('test', [])).toEqual({
-        name: 'test',
-        real_groups: [],
-        groups: ['$all', '$authenticated', '@all', '@authenticated', 'all'],
-      });
-    });
-    test('create remote user with groups', () => {
-      expect(createRemoteUser('test', ['group1', 'group2'])).toEqual({
-        name: 'test',
-        real_groups: ['group1', 'group2'],
-        groups: ['group1', 'group2', '$all', '$authenticated', '@all', '@authenticated', 'all'],
-      });
-    });
-    test('create anonymous remote user', () => {
-      expect(createAnonymousRemoteUser()).toEqual({
-        name: undefined,
-        real_groups: [],
-        groups: ['$all', '$anonymous', '@all', '@anonymous'],
-      });
-    });
-  });
-
   describe('getApiToken test', () => {
     test('should sign token with aes and security missing', async () => {
       const token = await signCredentials(