รูปแบบ Proxy ของโมดูล JavaScript: การควบคุมการเข้าถึงอย่างเชี่ยวชาญ

            var myModule = (function() {
  // Private variables and functions
  var privateCounter = 0;

  function privateIncrement() {
    privateCounter++;
    console.log('Private counter:', privateCounter);
  }

  // Publicly accessible methods and properties
  function publicIncrement() {
    privateIncrement();
  }

  function getCounter() {
    return privateCounter;
  }

  // Revealing the public interface
  return {
    increment: publicIncrement,
    count: getCounter
  };
})();

// Usage:
myModule.increment(); // Logs: Private counter: 1
console.log(myModule.count()); // Logs: 1
// console.log(myModule.privateCounter); // undefined (private)
// myModule.privateIncrement(); // TypeError: myModule.privateIncrement is not a function (private)

            

              
                Copy
              
            
          

            // Imagine a complex subsystem for user authentication
var AuthSubsystem = {
  login: function(username, password) {
    console.log(`Authenticating user: ${username}`);
    // ... complex authentication logic ...
    return true;
  },
  logout: function(userId) {
    console.log(`Logging out user: ${userId}`);
    // ... complex logout logic ...
    return true;
  },
  resetPassword: function(email) {
    console.log(`Resetting password for: ${email}`);
    // ... password reset logic ...
    return true;
  }
};

// The Facade module
var AuthFacade = (function() {
  function authenticateUser(username, password) {
    // Basic validation before calling subsystem
    if (!username || !password) {
      console.error('Username and password are required.');
      return false;
    }
    return AuthSubsystem.login(username, password);
  }

  function endSession(userId) {
    if (!userId) {
      console.error('User ID is required to end session.');
      return false;
    }
    return AuthSubsystem.logout(userId);
  }

  // We choose NOT to expose resetPassword directly via the facade for this example
  // Perhaps it requires a different security context.

  return {
    login: authenticateUser,
    logout: endSession
  };
})();

// Usage:
AuthFacade.login('globalUser', 'securePass123'); // Authenticating user: globalUser
AuthFacade.logout(12345);
// AuthFacade.resetPassword('test@example.com'); // TypeError: AuthFacade.resetPassword is not a function

            

              
                Copy
              
            
          

            // Original Module (could be using Revealing Module Pattern internally)
var ConfigModule = (function() {
  var config = {
    apiKey: 'super-secret-api-key-12345',
    databaseUrl: 'mongodb://localhost:27017/mydb',
    debugMode: false,
    featureFlags: ['newUI', 'betaFeature']
  };

  function toggleDebugMode() {
    config.debugMode = !config.debugMode;
    console.log(`Debug mode is now: ${config.debugMode}`);
  }

  function addFeatureFlag(flag) {
    if (!config.featureFlags.includes(flag)) {
      config.featureFlags.push(flag);
      console.log(`Added feature flag: ${flag}`);
    }
  }

  return {
    settings: config,
    toggleDebug: toggleDebugMode,
    addFlag: addFeatureFlag
  };
})();

// --- Now, let's apply a Proxy for access control ---

function createConfigProxy(module, userRole) {
  const protectedProperties = ['apiKey', 'databaseUrl'];

  const handler = {
    get: function(target, property) {
      // If the property is protected and the user is not an admin
      if (protectedProperties.includes(property) && userRole !== 'admin') {
        console.warn(`Access denied: Cannot read protected property '${property}' as a ${userRole}.`);
        return undefined; // Or throw an error
      }
      // If the property is a function, ensure it's called in the correct context
      if (typeof target[property] === 'function') {
        return target[property].bind(target); // Bind to ensure 'this' is correct
      }
      return target[property];
    },
    set: function(target, property, value) {
      // Prevent modification of protected properties by non-admins
      if (protectedProperties.includes(property) && userRole !== 'admin') {
        console.warn(`Access denied: Cannot write to protected property '${property}' as a ${userRole}.`);
        return false; // Indicate failure
      }
      // Prevent adding properties that are not part of the original schema (optional)
      if (!target.hasOwnProperty(property)) {
         console.warn(`Access denied: Cannot add new property '${property}'.`);
         return false;
      }
      target[property] = value;
      console.log(`Property '${property}' set to:`, value);
      return true;
    }
  };

  // We proxy the 'settings' object within the module
  const proxiedConfig = new Proxy(module.settings, handler);

  // Return a new object that exposes the proxied settings and the allowed methods
  return {
    getSetting: function(key) { return proxiedConfig[key]; }, // Use getSetting for explicit read access
    setSetting: function(key, val) { proxiedConfig[key] = val; }, // Use setSetting for explicit write access
    toggleDebug: module.toggleDebug,
    addFlag: module.addFlag
  };
}

// --- Usage with different roles ---

const regularUserConfig = createConfigProxy(ConfigModule, 'user');
const adminUserConfig = createConfigProxy(ConfigModule, 'admin');

console.log('--- Regular User Access ---');
console.log('API Key:', regularUserConfig.getSetting('apiKey')); // Logs warning, returns undefined
console.log('Debug Mode:', regularUserConfig.getSetting('debugMode')); // Logs: false
regularUserConfig.toggleDebug(); // Logs: Debug mode is now: true
console.log('Debug Mode after toggle:', regularUserConfig.getSetting('debugMode')); // Logs: true
regularUserConfig.addFlag('newFeature'); // Adds flag

console.log('\n--- Admin User Access ---');
console.log('API Key:', adminUserConfig.getSetting('apiKey')); // Logs: super-secret-api-key-12345
adminUserConfig.setSetting('apiKey', 'new-admin-key-98765'); // Logs: Property 'apiKey' set to: new-admin-key-98765
console.log('Updated API Key:', adminUserConfig.getSetting('apiKey')); // Logs: new-admin-key-98765
adminUserConfig.setSetting('databaseUrl', 'sqlite://localhost'); // Allowed

// Attempting to add a new property as a regular user
// regularUserConfig.setSetting('newProp', 'value'); // Logs warning, fails silently

            

              
                Copy
              
            
          

            // A module simulating financial transactions
var TransactionModule = (function() {
  var balance = 1000;
  var transactionLimit = 500;
  var historicalTransactions = [];

  function processDeposit(amount) {
    if (amount <= 0) {
      console.error('Deposit amount must be positive.');
      return false;
    }
    balance += amount;
    historicalTransactions.push({ type: 'deposit', amount: amount });
    console.log(`Deposit successful. New balance: ${balance}`);
    return true;
  }

  function processWithdrawal(amount) {
    if (amount <= 0) {
      console.error('Withdrawal amount must be positive.');
      return false;
    }
    if (amount > balance) {
      console.error('Insufficient funds.');
      return false;
    }
    if (amount > transactionLimit) {
      console.error(`Withdrawal amount exceeds transaction limit of ${transactionLimit}.`);
      return false;
    }
    balance -= amount;
    historicalTransactions.push({ type: 'withdrawal', amount: amount });
    console.log(`Withdrawal successful. New balance: ${balance}`);
    return true;
  }

  function getBalance() {
    return balance;
  }

  function getTransactionHistory() {
    // Might want to return a copy to prevent external modification
    return [...historicalTransactions];
  }

  return {
    deposit: processDeposit,
    withdraw: processWithdrawal,
    balance: getBalance,
    history: getTransactionHistory
  };
})();

// --- Proxy for controlling transactions based on user session ---

function createTransactionProxy(module, isAuthenticated) {
  const handler = {
    // Intercepting function calls
    get: function(target, property, receiver) {
      const originalMethod = target[property];

      if (typeof originalMethod === 'function') {
        // If it's a transaction method, wrap it with authentication check
        if (property === 'deposit' || property === 'withdraw') {
          return function(...args) {
            if (!isAuthenticated) {
              console.warn(`Access denied: User is not authenticated to perform '${property}'.`);
              return false;
            }
            // Pass the arguments to the original method
            return originalMethod.apply(this, args);
          };
        }
        // For other methods like getBalance, history, allow access if they exist
        return originalMethod.bind(this);
      }
      // For properties like 'balance', 'history', return them directly
      return originalMethod;
    }
    // We could also implement 'set' for properties like transactionLimit if needed
  };

  return new Proxy(module, handler);
}

// --- Usage ---

console.log('\n--- Transaction Module with Proxy ---');

const unauthenticatedTransactions = createTransactionProxy(TransactionModule, false);
const authenticatedTransactions = createTransactionProxy(TransactionModule, true);

console.log('Initial Balance:', unauthenticatedTransactions.balance()); // 1000

console.log('\n--- Performing Transactions (Unauthenticated) ---');
unauthenticatedTransactions.deposit(200);
// Logs warning: Access denied: User is not authenticated to perform 'deposit'. Returns false.
unauthenticatedTransactions.withdraw(100);
// Logs warning: Access denied: User is not authenticated to perform 'withdraw'. Returns false.
console.log('Balance after attempted transactions:', unauthenticatedTransactions.balance()); // 1000

console.log('\n--- Performing Transactions (Authenticated) ---');
authenticatedTransactions.deposit(300);
// Logs: Deposit successful. New balance: 1300
authenticatedTransactions.withdraw(150);
// Logs: Withdrawal successful. New balance: 1150
console.log('Balance after successful transactions:', authenticatedTransactions.balance()); // 1150

console.log('Transaction History:', authenticatedTransactions.history());
// Logs: [ { type: 'deposit', amount: 300 }, { type: 'withdrawal', amount: 150 } ]

// Attempting withdrawal exceeding limit
authenticatedTransactions.withdraw(600);
// Logs: Withdrawal amount exceeds transaction limit of 500. Returns false.

            

              
                Copy
              
            
          

            // Example: Combining Revealing Module Pattern with a Proxy for access control

function createSecureDataAccessModule(initialData, userPermissions) {
  // Use Revealing Module Pattern for internal structure and basic encapsulation
  var privateData = initialData;
  var permissions = userPermissions;

  function readData(key) {
    if (permissions.read.includes(key)) {
      return privateData[key];
    }
    console.warn(`Read access denied for key: ${key}`);
    return undefined;
  }

  function writeData(key, value) {
    if (permissions.write.includes(key)) {
      privateData[key] = value;
      console.log(`Successfully wrote to key: ${key}`);
      return true;
    }
    console.warn(`Write access denied for key: ${key}`);
    return false;
  }

  function deleteData(key) {
    if (permissions.delete.includes(key)) {
      delete privateData[key];
      console.log(`Successfully deleted key: ${key}`);
      return true;
    }
    console.warn(`Delete access denied for key: ${key}`);
    return false;
  }

  // Return the public API
  return {
    getData: readData,
    setData: writeData,
    deleteData: deleteData,
    listKeys: function() { return Object.keys(privateData); }
  };
}

// Now, wrap this module's public API with a Proxy for even finer-grained control or dynamic adjustments

function createProxyWithExtraChecks(module, role) {
  const handler = {
    get: function(target, property) {
      // Additional check: maybe 'listKeys' is only allowed for admin roles
      if (property === 'listKeys' && role !== 'admin') {
        console.warn('Operation listKeys is restricted to admin role.');
        return () => undefined; // Return a dummy function
      }
      // Delegate to the original module's methods
      return target[property];
    },
    set: function(target, property, value) {
      // Ensure we are only setting through setData, not directly on the returned object
      if (property === 'setData') {
        // This trap intercepts attempts to assign to target.setData itself
        console.warn('Cannot directly reassign the setData method.');
        return false;
      }
      // For other properties (like methods themselves), we want to prevent reassignment
      if (typeof target[property] === 'function') {
        console.warn(`Attempted to reassign method '${property}'.`);
        return false;
      }
      return target[property] = value;
    }
  };

  return new Proxy(module, handler);
}


// --- Usage ---

const userPermissions = {
  read: ['username', 'email'],
  write: ['email'],
  delete: []
};

const userDataModule = createSecureDataAccessModule({
  username: 'globalUser',
  email: 'user@example.com',
  preferences: { theme: 'dark' }
}, userPermissions);

const proxiedUserData = createProxyWithExtraChecks(userDataModule, 'user');
const proxiedAdminData = createProxyWithExtraChecks(userDataModule, 'admin'); // Assuming admin has full access implicitly by higher permissions passed in real scenario

console.log('\n--- Combined Pattern Usage ---');

console.log('User Data:', proxiedUserData.getData('username')); // globalUser
console.log('User Prefs:', proxiedUserData.getData('preferences')); // undefined (not in read permissions)

proxiedUserData.setData('email', 'new.email@example.com'); // Allowed
proxiedUserData.setData('username', 'anotherUser'); // Denied

console.log('User Email:', proxiedUserData.getData('email')); // new.email@example.com

console.log('Keys (User):', proxiedUserData.listKeys()); // Logs warning: Operation listKeys is restricted to admin role. Returns undefined.

console.log('Keys (Admin):', proxiedAdminData.listKeys()); // [ 'username', 'email', 'preferences' ]

// Attempt to reassign a method
// proxiedUserData.getData = function() { return 'hacked'; }; // Logs warning, fails

            

              
                Copy