You're Invited:Meet the Socket Team at RSAC and BSidesSF 2026, March 23–26.RSVP →
@contember/authorization
Advanced tools
@contember/authorization - npm Package Compare versions
+7
-2
| { | ||
| "name": "@contember/authorization", | ||
| "version": "2.1.0-alpha.30", | ||
| "version": "2.1.0-alpha.35", | ||
| "license": "Apache-2.0", | ||
@@ -25,3 +25,8 @@ "main": "./dist/production/index.js", | ||
| }, | ||
| "type": "module" | ||
| "type": "module", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/contember/contember.git", | ||
| "directory": "packages/authorization" | ||
| } | ||
| } |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const Authorizator = require("./src/Authorizator.cjs"); | ||
| const AccessEvaluator = require("./src/AccessEvaluator.cjs"); | ||
| const AccessNode = require("./src/AccessNode.cjs"); | ||
| const AuthorizationScope = require("./src/AuthorizationScope.cjs"); | ||
| const Permissions = require("./src/Permissions.cjs"); | ||
| Object.defineProperty(exports, "Authorizator", { | ||
| enumerable: true, | ||
| get: () => Authorizator.Authorizator | ||
| }); | ||
| Object.defineProperty(exports, "AccessEvaluator", { | ||
| enumerable: true, | ||
| get: () => AccessEvaluator.AccessEvaluator | ||
| }); | ||
| Object.defineProperty(exports, "AccessNode", { | ||
| enumerable: true, | ||
| get: () => AccessNode.AccessNode | ||
| }); | ||
| Object.defineProperty(exports, "AuthorizationScope", { | ||
| enumerable: true, | ||
| get: () => AuthorizationScope.AuthorizationScope | ||
| }); | ||
| Object.defineProperty(exports, "Permissions", { | ||
| enumerable: true, | ||
| get: () => Permissions.Permissions | ||
| }); | ||
| //# sourceMappingURL=index.cjs.map |
| {"version":3,"file":"index.cjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;"} |
| import { Authorizator } from "./src/Authorizator.js"; | ||
| import { AccessEvaluator } from "./src/AccessEvaluator.js"; | ||
| import { AccessNode } from "./src/AccessNode.js"; | ||
| import { AuthorizationScope } from "./src/AuthorizationScope.js"; | ||
| import { Permissions } from "./src/Permissions.js"; | ||
| export { | ||
| AccessEvaluator, | ||
| AccessNode, | ||
| AuthorizationScope, | ||
| Authorizator, | ||
| Permissions | ||
| }; | ||
| //# sourceMappingURL=index.js.map |
| {"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.AccessEvaluator = void 0; | ||
| ((AccessEvaluator2) => { | ||
| class PermissionEvaluator { | ||
| constructor(permissions) { | ||
| this.permissions = permissions; | ||
| } | ||
| async evaluate(accessNode, { resource, privilege, meta }) { | ||
| if (!(accessNode instanceof AccessNode.AccessNode.Roles)) { | ||
| throw new UnsupportedAccessNodeError(); | ||
| } | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| AccessEvaluator2.PermissionEvaluator = PermissionEvaluator; | ||
| class UnsupportedAccessNodeError extends Error { | ||
| } | ||
| })(exports.AccessEvaluator || (exports.AccessEvaluator = {})); | ||
| //# sourceMappingURL=AccessEvaluator.cjs.map |
| {"version":3,"file":"AccessEvaluator.cjs","sources":["../../../../packages/authorization/src/AccessEvaluator.ts"],"sourcesContent":["import { Permissions } from './Permissions'\nimport { AccessNode } from './AccessNode'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessEvaluator {\n\tevaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessEvaluator {\n\texport class PermissionEvaluator implements AccessEvaluator {\n\t\tconstructor(private readonly permissions: Permissions) {}\n\n\t\tasync evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean> {\n\t\t\tif (!(accessNode instanceof AccessNode.Roles)) {\n\t\t\t\tthrow new UnsupportedAccessNodeError()\n\t\t\t}\n\t\t\tfor (let role of accessNode.roles) {\n\t\t\t\tif (this.permissions.isAllowed(role, resource, privilege, meta)) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn false\n\t\t}\n\t}\n\n\tclass UnsupportedAccessNodeError extends Error {}\n}\n\nexport { AccessEvaluator }\n"],"names":["AccessEvaluator","AccessNode"],"mappings":";;;AAQUA,QAAAA,kBAAAA;AAAAA,CAAV,CAAUA,qBAAV;AAAA,EACQ,MAAM,oBAA+C;AAAA,IAC3D,YAA6B,aAA0B;AAA1B,WAAA,cAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,SAAS,YAAwB,EAAE,UAAU,WAAW,QAAoD;AAC7G,UAAA,EAAE,sBAAsBC,sBAAW,QAAQ;AAC9C,cAAM,IAAI,2BAA2B;AAAA,MAAA;AAE7B,eAAA,QAAQ,WAAW,OAAO;AAClC,YAAI,KAAK,YAAY,UAAU,MAAM,UAAU,WAAW,IAAI,GAAG;AACzD,iBAAA;AAAA,QAAA;AAAA,MACR;AAEM,aAAA;AAAA,IAAA;AAAA,EACR;AAbMD,mBAAM,sBAAA;AAAA,EAgBb,MAAM,mCAAmC,MAAM;AAAA,EAAA;AAAC,GAjBvCA,QAAA,oBAAAA,0BAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var AccessEvaluator; | ||
| ((AccessEvaluator2) => { | ||
| class PermissionEvaluator { | ||
| constructor(permissions) { | ||
| this.permissions = permissions; | ||
| } | ||
| async evaluate(accessNode, { resource, privilege, meta }) { | ||
| if (!(accessNode instanceof AccessNode.Roles)) { | ||
| throw new UnsupportedAccessNodeError(); | ||
| } | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| AccessEvaluator2.PermissionEvaluator = PermissionEvaluator; | ||
| class UnsupportedAccessNodeError extends Error { | ||
| } | ||
| })(AccessEvaluator || (AccessEvaluator = {})); | ||
| export { | ||
| AccessEvaluator | ||
| }; | ||
| //# sourceMappingURL=AccessEvaluator.js.map |
| {"version":3,"file":"AccessEvaluator.js","sources":["../../../../packages/authorization/src/AccessEvaluator.ts"],"sourcesContent":["import { Permissions } from './Permissions'\nimport { AccessNode } from './AccessNode'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessEvaluator {\n\tevaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessEvaluator {\n\texport class PermissionEvaluator implements AccessEvaluator {\n\t\tconstructor(private readonly permissions: Permissions) {}\n\n\t\tasync evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean> {\n\t\t\tif (!(accessNode instanceof AccessNode.Roles)) {\n\t\t\t\tthrow new UnsupportedAccessNodeError()\n\t\t\t}\n\t\t\tfor (let role of accessNode.roles) {\n\t\t\t\tif (this.permissions.isAllowed(role, resource, privilege, meta)) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn false\n\t\t}\n\t}\n\n\tclass UnsupportedAccessNodeError extends Error {}\n}\n\nexport { AccessEvaluator }\n"],"names":["AccessEvaluator"],"mappings":";AAQU,IAAA;AAAA,CAAV,CAAUA,qBAAV;AAAA,EACQ,MAAM,oBAA+C;AAAA,IAC3D,YAA6B,aAA0B;AAA1B,WAAA,cAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,SAAS,YAAwB,EAAE,UAAU,WAAW,QAAoD;AAC7G,UAAA,EAAE,sBAAsB,WAAW,QAAQ;AAC9C,cAAM,IAAI,2BAA2B;AAAA,MAAA;AAE7B,eAAA,QAAQ,WAAW,OAAO;AAClC,YAAI,KAAK,YAAY,UAAU,MAAM,UAAU,WAAW,IAAI,GAAG;AACzD,iBAAA;AAAA,QAAA;AAAA,MACR;AAEM,aAAA;AAAA,IAAA;AAAA,EACR;AAbMA,mBAAM,sBAAA;AAAA,EAgBb,MAAM,mCAAmC,MAAM;AAAA,EAAA;AAAC,GAjBvC,oBAAA,kBAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| exports.AccessNode = void 0; | ||
| ((AccessNode2) => { | ||
| class Fixed { | ||
| constructor(result) { | ||
| this.result = result; | ||
| } | ||
| static allowed() { | ||
| return new Fixed(true); | ||
| } | ||
| static denied() { | ||
| return new Fixed(false); | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return Promise.resolve(this.result); | ||
| } | ||
| } | ||
| AccessNode2.Fixed = Fixed; | ||
| class Intersection { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| if (this.nodes.length === 0) { | ||
| return Promise.resolve(false); | ||
| } | ||
| for (let node of this.nodes) { | ||
| if (!await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(false); | ||
| } | ||
| } | ||
| return Promise.resolve(true); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| for (let node of this.nodes) { | ||
| if (await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(true); | ||
| } | ||
| } | ||
| return Promise.resolve(false); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Union = Union; | ||
| class Negate { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| return !await this.node.isAllowed(accessEvaluator, action); | ||
| } | ||
| } | ||
| AccessNode2.Negate = Negate; | ||
| class Roles { | ||
| constructor(roles) { | ||
| this.roles = roles; | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return accessEvaluator.evaluate(this, action); | ||
| } | ||
| } | ||
| AccessNode2.Roles = Roles; | ||
| })(exports.AccessNode || (exports.AccessNode = {})); | ||
| //# sourceMappingURL=AccessNode.cjs.map |
| {"version":3,"file":"AccessNode.cjs","sources":["../../../../packages/authorization/src/AccessNode.ts"],"sourcesContent":["import { AccessEvaluator } from './AccessEvaluator'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessNode {\n\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessNode {\n\tinterface Composite extends AccessNode {\n\t\tgetNodes(): AccessNode[]\n\t}\n\n\texport class Fixed implements AccessNode {\n\t\tconstructor(private readonly result: boolean) {}\n\n\t\tpublic static allowed(): Fixed {\n\t\t\treturn new Fixed(true)\n\t\t}\n\n\t\tpublic static denied(): Fixed {\n\t\t\treturn new Fixed(false)\n\t\t}\n\n\t\tpublic isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn Promise.resolve(this.result)\n\t\t}\n\t}\n\n\texport class Intersection implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tif (this.nodes.length === 0) {\n\t\t\t\treturn Promise.resolve(false)\n\t\t\t}\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (!(await node.isAllowed(accessEvaluator, action))) {\n\t\t\t\t\treturn Promise.resolve(false)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(true)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Union implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (await node.isAllowed(accessEvaluator, action)) {\n\t\t\t\t\treturn Promise.resolve(true)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(false)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Negate implements AccessNode {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn !(await this.node.isAllowed(accessEvaluator, action))\n\t\t}\n\t}\n\n\texport class Roles implements AccessNode {\n\t\tconstructor(public readonly roles: readonly string[]) {}\n\n\t\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn accessEvaluator.evaluate(this, action)\n\t\t}\n\t}\n}\n\nexport { AccessNode }\n"],"names":["AccessNode"],"mappings":";;AAOUA,QAAAA,aAAAA;AAAAA,CAAV,CAAUA,gBAAV;AAAA,EAKQ,MAAM,MAA4B;AAAA,IACxC,YAA6B,QAAiB;AAAjB,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,OAAc,UAAiB;AACvB,aAAA,IAAI,MAAM,IAAI;AAAA,IAAA;AAAA,IAGtB,OAAc,SAAgB;AACtB,aAAA,IAAI,MAAM,KAAK;AAAA,IAAA;AAAA,IAGhB,UAAU,iBAAkC,QAA+C;AAC1F,aAAA,QAAQ,QAAQ,KAAK,MAAM;AAAA,IAAA;AAAA,EACnC;AAbMA,cAAM,QAAA;AAAA,EAgBN,MAAM,aAAkC;AAAA,IAC9C,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AACnG,UAAA,KAAK,MAAM,WAAW,GAAG;AACrB,eAAA,QAAQ,QAAQ,KAAK;AAAA,MAAA;AAEpB,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,CAAE,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAI;AAC9C,iBAAA,QAAQ,QAAQ,KAAK;AAAA,QAAA;AAAA,MAC7B;AAEM,aAAA,QAAQ,QAAQ,IAAI;AAAA,IAAA;AAAA,IAGrB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAjBMA,cAAM,eAAA;AAAA,EAoBN,MAAM,MAA2B;AAAA,IACvC,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AAC9F,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAG;AAC3C,iBAAA,QAAQ,QAAQ,IAAI;AAAA,QAAA;AAAA,MAC5B;AAEM,aAAA,QAAQ,QAAQ,KAAK;AAAA,IAAA;AAAA,IAGtB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAdMA,cAAM,QAAA;AAAA,EAiBN,MAAM,OAA6B;AAAA,IACzC,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,UAAU,iBAAkC,QAA+C;AAChG,aAAO,CAAE,MAAM,KAAK,KAAK,UAAU,iBAAiB,MAAM;AAAA,IAAA;AAAA,EAC3D;AALMA,cAAM,SAAA;AAAA,EAQN,MAAM,MAA4B;AAAA,IACxC,YAA4B,OAA0B;AAA1B,WAAA,QAAA;AAAA,IAAA;AAAA,IAE5B,UAAU,iBAAkC,QAA+C;AACnF,aAAA,gBAAgB,SAAS,MAAM,MAAM;AAAA,IAAA;AAAA,EAC7C;AALMA,cAAM,QAAA;AAAA,GAlEJA,QAAA,eAAAA,qBAAA,CAAA,EAAA;"} |
| var AccessNode; | ||
| ((AccessNode2) => { | ||
| class Fixed { | ||
| constructor(result) { | ||
| this.result = result; | ||
| } | ||
| static allowed() { | ||
| return new Fixed(true); | ||
| } | ||
| static denied() { | ||
| return new Fixed(false); | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return Promise.resolve(this.result); | ||
| } | ||
| } | ||
| AccessNode2.Fixed = Fixed; | ||
| class Intersection { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| if (this.nodes.length === 0) { | ||
| return Promise.resolve(false); | ||
| } | ||
| for (let node of this.nodes) { | ||
| if (!await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(false); | ||
| } | ||
| } | ||
| return Promise.resolve(true); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| for (let node of this.nodes) { | ||
| if (await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(true); | ||
| } | ||
| } | ||
| return Promise.resolve(false); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Union = Union; | ||
| class Negate { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| return !await this.node.isAllowed(accessEvaluator, action); | ||
| } | ||
| } | ||
| AccessNode2.Negate = Negate; | ||
| class Roles { | ||
| constructor(roles) { | ||
| this.roles = roles; | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return accessEvaluator.evaluate(this, action); | ||
| } | ||
| } | ||
| AccessNode2.Roles = Roles; | ||
| })(AccessNode || (AccessNode = {})); | ||
| export { | ||
| AccessNode | ||
| }; | ||
| //# sourceMappingURL=AccessNode.js.map |
| {"version":3,"file":"AccessNode.js","sources":["../../../../packages/authorization/src/AccessNode.ts"],"sourcesContent":["import { AccessEvaluator } from './AccessEvaluator'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessNode {\n\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessNode {\n\tinterface Composite extends AccessNode {\n\t\tgetNodes(): AccessNode[]\n\t}\n\n\texport class Fixed implements AccessNode {\n\t\tconstructor(private readonly result: boolean) {}\n\n\t\tpublic static allowed(): Fixed {\n\t\t\treturn new Fixed(true)\n\t\t}\n\n\t\tpublic static denied(): Fixed {\n\t\t\treturn new Fixed(false)\n\t\t}\n\n\t\tpublic isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn Promise.resolve(this.result)\n\t\t}\n\t}\n\n\texport class Intersection implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tif (this.nodes.length === 0) {\n\t\t\t\treturn Promise.resolve(false)\n\t\t\t}\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (!(await node.isAllowed(accessEvaluator, action))) {\n\t\t\t\t\treturn Promise.resolve(false)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(true)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Union implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (await node.isAllowed(accessEvaluator, action)) {\n\t\t\t\t\treturn Promise.resolve(true)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(false)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Negate implements AccessNode {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn !(await this.node.isAllowed(accessEvaluator, action))\n\t\t}\n\t}\n\n\texport class Roles implements AccessNode {\n\t\tconstructor(public readonly roles: readonly string[]) {}\n\n\t\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn accessEvaluator.evaluate(this, action)\n\t\t}\n\t}\n}\n\nexport { AccessNode }\n"],"names":["AccessNode"],"mappings":"AAOU,IAAA;AAAA,CAAV,CAAUA,gBAAV;AAAA,EAKQ,MAAM,MAA4B;AAAA,IACxC,YAA6B,QAAiB;AAAjB,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,OAAc,UAAiB;AACvB,aAAA,IAAI,MAAM,IAAI;AAAA,IAAA;AAAA,IAGtB,OAAc,SAAgB;AACtB,aAAA,IAAI,MAAM,KAAK;AAAA,IAAA;AAAA,IAGhB,UAAU,iBAAkC,QAA+C;AAC1F,aAAA,QAAQ,QAAQ,KAAK,MAAM;AAAA,IAAA;AAAA,EACnC;AAbMA,cAAM,QAAA;AAAA,EAgBN,MAAM,aAAkC;AAAA,IAC9C,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AACnG,UAAA,KAAK,MAAM,WAAW,GAAG;AACrB,eAAA,QAAQ,QAAQ,KAAK;AAAA,MAAA;AAEpB,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,CAAE,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAI;AAC9C,iBAAA,QAAQ,QAAQ,KAAK;AAAA,QAAA;AAAA,MAC7B;AAEM,aAAA,QAAQ,QAAQ,IAAI;AAAA,IAAA;AAAA,IAGrB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAjBMA,cAAM,eAAA;AAAA,EAoBN,MAAM,MAA2B;AAAA,IACvC,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AAC9F,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAG;AAC3C,iBAAA,QAAQ,QAAQ,IAAI;AAAA,QAAA;AAAA,MAC5B;AAEM,aAAA,QAAQ,QAAQ,KAAK;AAAA,IAAA;AAAA,IAGtB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAdMA,cAAM,QAAA;AAAA,EAiBN,MAAM,OAA6B;AAAA,IACzC,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,UAAU,iBAAkC,QAA+C;AAChG,aAAO,CAAE,MAAM,KAAK,KAAK,UAAU,iBAAiB,MAAM;AAAA,IAAA;AAAA,EAC3D;AALMA,cAAM,SAAA;AAAA,EAQN,MAAM,MAA4B;AAAA,IACxC,YAA4B,OAA0B;AAA1B,WAAA,QAAA;AAAA,IAAA;AAAA,IAE5B,UAAU,iBAAkC,QAA+C;AACnF,aAAA,gBAAgB,SAAS,MAAM,MAAM;AAAA,IAAA;AAAA,EAC7C;AALMA,cAAM,QAAA;AAAA,GAlEJ,eAAA,aAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.AuthorizationScope = void 0; | ||
| ((AuthorizationScope2) => { | ||
| class Fixed { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async getIdentityAccess() { | ||
| return this.node; | ||
| } | ||
| } | ||
| AuthorizationScope2.Fixed = Fixed; | ||
| class Global { | ||
| async getIdentityAccess(identity) { | ||
| return AccessNode.AccessNode.Fixed.denied(); | ||
| } | ||
| } | ||
| AuthorizationScope2.Global = Global; | ||
| class Intersection { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.AccessNode.Intersection(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.AccessNode.Union(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Union = Union; | ||
| })(exports.AuthorizationScope || (exports.AuthorizationScope = {})); | ||
| //# sourceMappingURL=AuthorizationScope.cjs.map |
| {"version":3,"file":"AuthorizationScope.cjs","sources":["../../../../packages/authorization/src/AuthorizationScope.ts"],"sourcesContent":["import { AccessNode } from './AccessNode'\n\ninterface AuthorizationScope<Identity> {\n\tgetIdentityAccess(identity: Identity): Promise<AccessNode>\n}\n\nnamespace AuthorizationScope {\n\texport class Fixed implements AuthorizationScope<any> {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync getIdentityAccess(): Promise<AccessNode> {\n\t\t\treturn this.node\n\t\t}\n\t}\n\n\texport class Global implements AuthorizationScope<any> {\n\t\tasync getIdentityAccess(identity: any): Promise<AccessNode> {\n\t\t\treturn AccessNode.Fixed.denied()\n\t\t}\n\t}\n\n\texport class Intersection<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Intersection(await Promise.all(nodes))\n\t\t}\n\t}\n\n\texport class Union<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Union(await Promise.all(nodes))\n\t\t}\n\t}\n}\n\nexport { AuthorizationScope }\n"],"names":["AuthorizationScope","AccessNode"],"mappings":";;;AAMUA,QAAAA,qBAAAA;AAAAA,CAAV,CAAUA,wBAAV;AAAA,EACQ,MAAM,MAAyC;AAAA,IACrD,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,oBAAyC;AAC9C,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AALMA,sBAAM,QAAA;AAAA,EAQN,MAAM,OAA0C;AAAA,IACtD,MAAM,kBAAkB,UAAoC;AACpD,aAAAC,WAAA,WAAW,MAAM,OAAO;AAAA,IAAA;AAAA,EAChC;AAHMD,sBAAM,SAAA;AAAA,EAMN,MAAM,aAA+D;AAAA,IAC3E,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAIC,WAAW,WAAA,aAAa,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EAC5D;AATMD,sBAAM,eAAA;AAAA,EAYN,MAAM,MAAwD;AAAA,IACpE,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAIC,WAAW,WAAA,MAAM,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EACrD;AATMD,sBAAM,QAAA;AAAA,GA3BJA,QAAA,uBAAAA,6BAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var AuthorizationScope; | ||
| ((AuthorizationScope2) => { | ||
| class Fixed { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async getIdentityAccess() { | ||
| return this.node; | ||
| } | ||
| } | ||
| AuthorizationScope2.Fixed = Fixed; | ||
| class Global { | ||
| async getIdentityAccess(identity) { | ||
| return AccessNode.Fixed.denied(); | ||
| } | ||
| } | ||
| AuthorizationScope2.Global = Global; | ||
| class Intersection { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.Intersection(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.Union(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Union = Union; | ||
| })(AuthorizationScope || (AuthorizationScope = {})); | ||
| export { | ||
| AuthorizationScope | ||
| }; | ||
| //# sourceMappingURL=AuthorizationScope.js.map |
| {"version":3,"file":"AuthorizationScope.js","sources":["../../../../packages/authorization/src/AuthorizationScope.ts"],"sourcesContent":["import { AccessNode } from './AccessNode'\n\ninterface AuthorizationScope<Identity> {\n\tgetIdentityAccess(identity: Identity): Promise<AccessNode>\n}\n\nnamespace AuthorizationScope {\n\texport class Fixed implements AuthorizationScope<any> {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync getIdentityAccess(): Promise<AccessNode> {\n\t\t\treturn this.node\n\t\t}\n\t}\n\n\texport class Global implements AuthorizationScope<any> {\n\t\tasync getIdentityAccess(identity: any): Promise<AccessNode> {\n\t\t\treturn AccessNode.Fixed.denied()\n\t\t}\n\t}\n\n\texport class Intersection<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Intersection(await Promise.all(nodes))\n\t\t}\n\t}\n\n\texport class Union<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Union(await Promise.all(nodes))\n\t\t}\n\t}\n}\n\nexport { AuthorizationScope }\n"],"names":["AuthorizationScope"],"mappings":";AAMU,IAAA;AAAA,CAAV,CAAUA,wBAAV;AAAA,EACQ,MAAM,MAAyC;AAAA,IACrD,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,oBAAyC;AAC9C,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AALMA,sBAAM,QAAA;AAAA,EAQN,MAAM,OAA0C;AAAA,IACtD,MAAM,kBAAkB,UAAoC;AACpD,aAAA,WAAW,MAAM,OAAO;AAAA,IAAA;AAAA,EAChC;AAHMA,sBAAM,SAAA;AAAA,EAMN,MAAM,aAA+D;AAAA,IAC3E,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAI,WAAW,aAAa,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EAC5D;AATMA,sBAAM,eAAA;AAAA,EAYN,MAAM,MAAwD;AAAA,IACpE,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAI,WAAW,MAAM,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EACrD;AATMA,sBAAM,QAAA;AAAA,GA3BJ,uBAAA,qBAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.Authorizator = void 0; | ||
| ((Authorizator2) => { | ||
| function createAction(resource, privilege, meta) { | ||
| return { | ||
| resource, | ||
| privilege, | ||
| meta | ||
| }; | ||
| } | ||
| Authorizator2.createAction = createAction; | ||
| class Default { | ||
| constructor(accessEvaluator) { | ||
| this.accessEvaluator = accessEvaluator; | ||
| } | ||
| async isAllowed(identity, scope, action) { | ||
| const scopeNode = await scope.getIdentityAccess(identity); | ||
| const globalNode = new AccessNode.AccessNode.Roles(identity.roles); | ||
| const node = new AccessNode.AccessNode.Union([scopeNode, globalNode]); | ||
| return await node.isAllowed(this.accessEvaluator, action); | ||
| } | ||
| } | ||
| Authorizator2.Default = Default; | ||
| })(exports.Authorizator || (exports.Authorizator = {})); | ||
| //# sourceMappingURL=Authorizator.cjs.map |
| {"version":3,"file":"Authorizator.cjs","sources":["../../../../packages/authorization/src/Authorizator.ts"],"sourcesContent":["import { AuthorizationScope } from './AuthorizationScope'\nimport { AccessEvaluator } from './AccessEvaluator'\nimport { AccessNode } from './AccessNode'\n\ninterface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> {\n\tisAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace Authorizator {\n\texport type Resource = string\n\texport type Privilege = string\n\texport type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {}\n\t\t? { resource: Resource; privilege: Privilege; meta: Meta }\n\t\t: { resource: Resource; privilege: Privilege; meta?: Meta }\n\n\ttype ActionCreator =\n\t\t| ((resource: Resource, privilege: Privilege) => Action)\n\t\t| (<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>)\n\n\texport function createAction(resource: Resource, privilege: Privilege): Action<undefined>\n\texport function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>\n\texport function createAction<Meta>(resource: Resource, privilege: Privilege, meta?: Meta) {\n\t\treturn {\n\t\t\tresource,\n\t\t\tprivilege,\n\t\t\tmeta,\n\t\t}\n\t}\n\texport class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> {\n\t\tconstructor(private readonly accessEvaluator: AccessEvaluator) {}\n\n\t\tpublic async isAllowed(\n\t\t\tidentity: Identity,\n\t\t\tscope: AuthorizationScope<Identity>,\n\t\t\taction: Authorizator.Action,\n\t\t): Promise<boolean> {\n\t\t\tconst scopeNode = await scope.getIdentityAccess(identity)\n\t\t\tconst globalNode = new AccessNode.Roles(identity.roles)\n\t\t\tconst node = new AccessNode.Union([scopeNode, globalNode])\n\n\t\t\treturn await node.isAllowed(this.accessEvaluator, action)\n\t\t}\n\t}\n\n\texport interface Identity {\n\t\troles: readonly string[]\n\t}\n}\n\nexport { Authorizator }\n"],"names":["Authorizator","AccessNode"],"mappings":";;;AAQUA,QAAAA,eAAAA;AAAAA,CAAV,CAAUA,kBAAV;AAaiB,WAAA,aAAmB,UAAoB,WAAsB,MAAa;AAClF,WAAA;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,IACD;AAAA,EAAA;AALMA,gBAAS,eAAA;AAAA,EAOT,MAAM,QAAkF;AAAA,IAC9F,YAA6B,iBAAkC;AAAlC,WAAA,kBAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UACZ,UACA,OACA,QACmB;AACnB,YAAM,YAAY,MAAM,MAAM,kBAAkB,QAAQ;AACxD,YAAM,aAAa,IAAIC,WAAAA,WAAW,MAAM,SAAS,KAAK;AACtD,YAAM,OAAO,IAAIA,WAAA,WAAW,MAAM,CAAC,WAAW,UAAU,CAAC;AAEzD,aAAO,MAAM,KAAK,UAAU,KAAK,iBAAiB,MAAM;AAAA,IAAA;AAAA,EACzD;AAbMD,gBAAM,UAAA;AAAA,GApBJA,QAAA,iBAAAA,uBAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var Authorizator; | ||
| ((Authorizator2) => { | ||
| function createAction(resource, privilege, meta) { | ||
| return { | ||
| resource, | ||
| privilege, | ||
| meta | ||
| }; | ||
| } | ||
| Authorizator2.createAction = createAction; | ||
| class Default { | ||
| constructor(accessEvaluator) { | ||
| this.accessEvaluator = accessEvaluator; | ||
| } | ||
| async isAllowed(identity, scope, action) { | ||
| const scopeNode = await scope.getIdentityAccess(identity); | ||
| const globalNode = new AccessNode.Roles(identity.roles); | ||
| const node = new AccessNode.Union([scopeNode, globalNode]); | ||
| return await node.isAllowed(this.accessEvaluator, action); | ||
| } | ||
| } | ||
| Authorizator2.Default = Default; | ||
| })(Authorizator || (Authorizator = {})); | ||
| export { | ||
| Authorizator | ||
| }; | ||
| //# sourceMappingURL=Authorizator.js.map |
| {"version":3,"file":"Authorizator.js","sources":["../../../../packages/authorization/src/Authorizator.ts"],"sourcesContent":["import { AuthorizationScope } from './AuthorizationScope'\nimport { AccessEvaluator } from './AccessEvaluator'\nimport { AccessNode } from './AccessNode'\n\ninterface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> {\n\tisAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace Authorizator {\n\texport type Resource = string\n\texport type Privilege = string\n\texport type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {}\n\t\t? { resource: Resource; privilege: Privilege; meta: Meta }\n\t\t: { resource: Resource; privilege: Privilege; meta?: Meta }\n\n\ttype ActionCreator =\n\t\t| ((resource: Resource, privilege: Privilege) => Action)\n\t\t| (<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>)\n\n\texport function createAction(resource: Resource, privilege: Privilege): Action<undefined>\n\texport function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>\n\texport function createAction<Meta>(resource: Resource, privilege: Privilege, meta?: Meta) {\n\t\treturn {\n\t\t\tresource,\n\t\t\tprivilege,\n\t\t\tmeta,\n\t\t}\n\t}\n\texport class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> {\n\t\tconstructor(private readonly accessEvaluator: AccessEvaluator) {}\n\n\t\tpublic async isAllowed(\n\t\t\tidentity: Identity,\n\t\t\tscope: AuthorizationScope<Identity>,\n\t\t\taction: Authorizator.Action,\n\t\t): Promise<boolean> {\n\t\t\tconst scopeNode = await scope.getIdentityAccess(identity)\n\t\t\tconst globalNode = new AccessNode.Roles(identity.roles)\n\t\t\tconst node = new AccessNode.Union([scopeNode, globalNode])\n\n\t\t\treturn await node.isAllowed(this.accessEvaluator, action)\n\t\t}\n\t}\n\n\texport interface Identity {\n\t\troles: readonly string[]\n\t}\n}\n\nexport { Authorizator }\n"],"names":["Authorizator"],"mappings":";AAQU,IAAA;AAAA,CAAV,CAAUA,kBAAV;AAaiB,WAAA,aAAmB,UAAoB,WAAsB,MAAa;AAClF,WAAA;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,IACD;AAAA,EAAA;AALMA,gBAAS,eAAA;AAAA,EAOT,MAAM,QAAkF;AAAA,IAC9F,YAA6B,iBAAkC;AAAlC,WAAA,kBAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UACZ,UACA,OACA,QACmB;AACnB,YAAM,YAAY,MAAM,MAAM,kBAAkB,QAAQ;AACxD,YAAM,aAAa,IAAI,WAAW,MAAM,SAAS,KAAK;AACtD,YAAM,OAAO,IAAI,WAAW,MAAM,CAAC,WAAW,UAAU,CAAC;AAEzD,aAAO,MAAM,KAAK,UAAU,KAAK,iBAAiB,MAAM;AAAA,IAAA;AAAA,EACzD;AAbMA,gBAAM,UAAA;AAAA,GApBJ,iBAAA,eAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| var __defProp = Object.defineProperty; | ||
| var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value; | ||
| var __publicField = (obj, key, value) => __defNormalProp(obj, key + "", value); | ||
| class Permissions { | ||
| constructor() { | ||
| __publicField(this, "permissions", {}); | ||
| } | ||
| allow(role, { resource, privilege }, verifier = () => true) { | ||
| var _a, _b; | ||
| (_a = this.permissions)[role] ?? (_a[role] = {}); | ||
| (_b = this.permissions[role])[resource] ?? (_b[resource] = {}); | ||
| this.permissions[role][resource][privilege] = verifier; | ||
| } | ||
| isAllowed(role, resource, action, meta) { | ||
| const rolePermissions = this.permissions[role]; | ||
| if (!rolePermissions) { | ||
| return false; | ||
| } | ||
| for (let tmpResource of [resource, Permissions.ALL]) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) { | ||
| return true; | ||
| } | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| ((Permissions2) => { | ||
| Permissions2.ALL = "*"; | ||
| })(Permissions || (Permissions = {})); | ||
| exports.Permissions = Permissions; | ||
| //# sourceMappingURL=Permissions.cjs.map |
| {"version":3,"file":"Permissions.cjs","sources":["../../../../packages/authorization/src/Permissions.ts"],"sourcesContent":["import { Authorizator } from './Authorizator'\n\nclass Permissions {\n\tprivate permissions: Permissions.PermissionsMap = {}\n\n\tpublic allow<Meta extends {} | undefined = undefined>(\n\t\trole: string,\n\t\t{ resource, privilege }: Authorizator.Action<Meta>,\n\t\tverifier: (meta: Meta) => boolean = () => true,\n\t) {\n\t\tthis.permissions[role] ??= {}\n\t\tthis.permissions[role][resource] ??= {}\n\t\tthis.permissions[role][resource][privilege] = verifier\n\t}\n\n\tpublic isAllowed(role: string, resource: string, action: string, meta: any): boolean {\n\t\tconst rolePermissions = this.permissions[role]\n\t\tif (!rolePermissions) {\n\t\t\treturn false\n\t\t}\n\t\tfor (let tmpResource of [resource, Permissions.ALL]) {\n\t\t\tfor (let tmpAction of [action, Permissions.ALL]) {\n\t\t\t\tif (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn false\n\t}\n}\n\nnamespace Permissions {\n\texport const ALL = '*'\n\texport type PermissionsMap = {\n\t\t[role: string]: {\n\t\t\t[resource: string]: {\n\t\t\t\t[privilege: string]: (meta: any) => boolean\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport { Permissions }\n"],"names":["Permissions"],"mappings":";;;;;AAEA,MAAM,YAAY;AAAA,EAAlB,cAAA;AACC,kBAAA,MAAQ,eAA0C,EAAC;AAAA,EAAA;AAAA,EAE5C,MACN,MACA,EAAE,UAAU,aACZ,WAAoC,MAAM,MACzC;AATH,QAAA,IAAA;AAUO,KAAA,KAAA,KAAA,aAAL,qBAA2B;AAC3B,KAAA,KAAA,KAAK,YAAY,IAAI,GAArB,QAAA,MAAA,GAAA,QAAA,IAAqC;AACrC,SAAK,YAAY,IAAI,EAAE,QAAQ,EAAE,SAAS,IAAI;AAAA,EAAA;AAAA,EAGxC,UAAU,MAAc,UAAkB,QAAgB,MAAoB;AAC9E,UAAA,kBAAkB,KAAK,YAAY,IAAI;AAC7C,QAAI,CAAC,iBAAiB;AACd,aAAA;AAAA,IAAA;AAER,aAAS,eAAe,CAAC,UAAU,YAAY,GAAG,GAAG;AACpD,eAAS,aAAa,CAAC,QAAQ,YAAY,GAAG,GAAG;AAChD,YAAI,gBAAgB,WAAW,IAAI,SAAS,IAAI,IAAI,MAAM,MAAM;AACxD,iBAAA;AAAA,QAAA;AAAA,MACR;AAAA,IACD;AAEM,WAAA;AAAA,EAAA;AAET;AAAA,CAEA,CAAUA,iBAAV;AACcA,eAAA,MAAM;AAAA,GADV,gBAAA,cAAA,CAAA,EAAA;;"} |
| var __defProp = Object.defineProperty; | ||
| var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value; | ||
| var __publicField = (obj, key, value) => __defNormalProp(obj, key + "", value); | ||
| class Permissions { | ||
| constructor() { | ||
| __publicField(this, "permissions", {}); | ||
| } | ||
| allow(role, { resource, privilege }, verifier = () => true) { | ||
| var _a, _b; | ||
| (_a = this.permissions)[role] ?? (_a[role] = {}); | ||
| (_b = this.permissions[role])[resource] ?? (_b[resource] = {}); | ||
| this.permissions[role][resource][privilege] = verifier; | ||
| } | ||
| isAllowed(role, resource, action, meta) { | ||
| const rolePermissions = this.permissions[role]; | ||
| if (!rolePermissions) { | ||
| return false; | ||
| } | ||
| for (let tmpResource of [resource, Permissions.ALL]) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) { | ||
| return true; | ||
| } | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| ((Permissions2) => { | ||
| Permissions2.ALL = "*"; | ||
| })(Permissions || (Permissions = {})); | ||
| export { | ||
| Permissions | ||
| }; | ||
| //# sourceMappingURL=Permissions.js.map |
| {"version":3,"file":"Permissions.js","sources":["../../../../packages/authorization/src/Permissions.ts"],"sourcesContent":["import { Authorizator } from './Authorizator'\n\nclass Permissions {\n\tprivate permissions: Permissions.PermissionsMap = {}\n\n\tpublic allow<Meta extends {} | undefined = undefined>(\n\t\trole: string,\n\t\t{ resource, privilege }: Authorizator.Action<Meta>,\n\t\tverifier: (meta: Meta) => boolean = () => true,\n\t) {\n\t\tthis.permissions[role] ??= {}\n\t\tthis.permissions[role][resource] ??= {}\n\t\tthis.permissions[role][resource][privilege] = verifier\n\t}\n\n\tpublic isAllowed(role: string, resource: string, action: string, meta: any): boolean {\n\t\tconst rolePermissions = this.permissions[role]\n\t\tif (!rolePermissions) {\n\t\t\treturn false\n\t\t}\n\t\tfor (let tmpResource of [resource, Permissions.ALL]) {\n\t\t\tfor (let tmpAction of [action, Permissions.ALL]) {\n\t\t\t\tif (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn false\n\t}\n}\n\nnamespace Permissions {\n\texport const ALL = '*'\n\texport type PermissionsMap = {\n\t\t[role: string]: {\n\t\t\t[resource: string]: {\n\t\t\t\t[privilege: string]: (meta: any) => boolean\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport { Permissions }\n"],"names":["Permissions"],"mappings":";;;AAEA,MAAM,YAAY;AAAA,EAAlB,cAAA;AACC,kBAAA,MAAQ,eAA0C,EAAC;AAAA,EAAA;AAAA,EAE5C,MACN,MACA,EAAE,UAAU,aACZ,WAAoC,MAAM,MACzC;AATH,QAAA,IAAA;AAUO,KAAA,KAAA,KAAA,aAAL,qBAA2B;AAC3B,KAAA,KAAA,KAAK,YAAY,IAAI,GAArB,QAAA,MAAA,GAAA,QAAA,IAAqC;AACrC,SAAK,YAAY,IAAI,EAAE,QAAQ,EAAE,SAAS,IAAI;AAAA,EAAA;AAAA,EAGxC,UAAU,MAAc,UAAkB,QAAgB,MAAoB;AAC9E,UAAA,kBAAkB,KAAK,YAAY,IAAI;AAC7C,QAAI,CAAC,iBAAiB;AACd,aAAA;AAAA,IAAA;AAER,aAAS,eAAe,CAAC,UAAU,YAAY,GAAG,GAAG;AACpD,eAAS,aAAa,CAAC,QAAQ,YAAY,GAAG,GAAG;AAChD,YAAI,gBAAgB,WAAW,IAAI,SAAS,IAAI,IAAI,MAAM,MAAM;AACxD,iBAAA;AAAA,QAAA;AAAA,MACR;AAAA,IACD;AAEM,WAAA;AAAA,EAAA;AAET;AAAA,CAEA,CAAUA,iBAAV;AACcA,eAAA,MAAM;AAAA,GADV,gBAAA,cAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const Authorizator = require("./src/Authorizator.cjs"); | ||
| const AccessEvaluator = require("./src/AccessEvaluator.cjs"); | ||
| const AccessNode = require("./src/AccessNode.cjs"); | ||
| const AuthorizationScope = require("./src/AuthorizationScope.cjs"); | ||
| const Permissions = require("./src/Permissions.cjs"); | ||
| Object.defineProperty(exports, "Authorizator", { | ||
| enumerable: true, | ||
| get: () => Authorizator.Authorizator | ||
| }); | ||
| Object.defineProperty(exports, "AccessEvaluator", { | ||
| enumerable: true, | ||
| get: () => AccessEvaluator.AccessEvaluator | ||
| }); | ||
| Object.defineProperty(exports, "AccessNode", { | ||
| enumerable: true, | ||
| get: () => AccessNode.AccessNode | ||
| }); | ||
| Object.defineProperty(exports, "AuthorizationScope", { | ||
| enumerable: true, | ||
| get: () => AuthorizationScope.AuthorizationScope | ||
| }); | ||
| Object.defineProperty(exports, "Permissions", { | ||
| enumerable: true, | ||
| get: () => Permissions.Permissions | ||
| }); | ||
| //# sourceMappingURL=index.cjs.map |
| {"version":3,"file":"index.cjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;"} |
| import { Authorizator } from "./src/Authorizator.js"; | ||
| import { AccessEvaluator } from "./src/AccessEvaluator.js"; | ||
| import { AccessNode } from "./src/AccessNode.js"; | ||
| import { AuthorizationScope } from "./src/AuthorizationScope.js"; | ||
| import { Permissions } from "./src/Permissions.js"; | ||
| export { | ||
| AccessEvaluator, | ||
| AccessNode, | ||
| AuthorizationScope, | ||
| Authorizator, | ||
| Permissions | ||
| }; | ||
| //# sourceMappingURL=index.js.map |
| {"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.AccessEvaluator = void 0; | ||
| ((AccessEvaluator2) => { | ||
| class PermissionEvaluator { | ||
| constructor(permissions) { | ||
| this.permissions = permissions; | ||
| } | ||
| async evaluate(accessNode, { resource, privilege, meta }) { | ||
| if (!(accessNode instanceof AccessNode.AccessNode.Roles)) { | ||
| throw new UnsupportedAccessNodeError(); | ||
| } | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| AccessEvaluator2.PermissionEvaluator = PermissionEvaluator; | ||
| class UnsupportedAccessNodeError extends Error { | ||
| } | ||
| })(exports.AccessEvaluator || (exports.AccessEvaluator = {})); | ||
| //# sourceMappingURL=AccessEvaluator.cjs.map |
| {"version":3,"file":"AccessEvaluator.cjs","sources":["../../../../packages/authorization/src/AccessEvaluator.ts"],"sourcesContent":["import { Permissions } from './Permissions'\nimport { AccessNode } from './AccessNode'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessEvaluator {\n\tevaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessEvaluator {\n\texport class PermissionEvaluator implements AccessEvaluator {\n\t\tconstructor(private readonly permissions: Permissions) {}\n\n\t\tasync evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean> {\n\t\t\tif (!(accessNode instanceof AccessNode.Roles)) {\n\t\t\t\tthrow new UnsupportedAccessNodeError()\n\t\t\t}\n\t\t\tfor (let role of accessNode.roles) {\n\t\t\t\tif (this.permissions.isAllowed(role, resource, privilege, meta)) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn false\n\t\t}\n\t}\n\n\tclass UnsupportedAccessNodeError extends Error {}\n}\n\nexport { AccessEvaluator }\n"],"names":["AccessEvaluator","AccessNode"],"mappings":";;;AAQUA,QAAAA,kBAAAA;AAAAA,CAAV,CAAUA,qBAAV;AAAA,EACQ,MAAM,oBAA+C;AAAA,IAC3D,YAA6B,aAA0B;AAA1B,WAAA,cAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,SAAS,YAAwB,EAAE,UAAU,WAAW,QAAoD;AAC7G,UAAA,EAAE,sBAAsBC,sBAAW,QAAQ;AAC9C,cAAM,IAAI,2BAA2B;AAAA,MAAA;AAE7B,eAAA,QAAQ,WAAW,OAAO;AAClC,YAAI,KAAK,YAAY,UAAU,MAAM,UAAU,WAAW,IAAI,GAAG;AACzD,iBAAA;AAAA,QAAA;AAAA,MACR;AAEM,aAAA;AAAA,IAAA;AAAA,EACR;AAbMD,mBAAM,sBAAA;AAAA,EAgBb,MAAM,mCAAmC,MAAM;AAAA,EAAA;AAAC,GAjBvCA,QAAA,oBAAAA,0BAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var AccessEvaluator; | ||
| ((AccessEvaluator2) => { | ||
| class PermissionEvaluator { | ||
| constructor(permissions) { | ||
| this.permissions = permissions; | ||
| } | ||
| async evaluate(accessNode, { resource, privilege, meta }) { | ||
| if (!(accessNode instanceof AccessNode.Roles)) { | ||
| throw new UnsupportedAccessNodeError(); | ||
| } | ||
| for (let role of accessNode.roles) { | ||
| if (this.permissions.isAllowed(role, resource, privilege, meta)) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| AccessEvaluator2.PermissionEvaluator = PermissionEvaluator; | ||
| class UnsupportedAccessNodeError extends Error { | ||
| } | ||
| })(AccessEvaluator || (AccessEvaluator = {})); | ||
| export { | ||
| AccessEvaluator | ||
| }; | ||
| //# sourceMappingURL=AccessEvaluator.js.map |
| {"version":3,"file":"AccessEvaluator.js","sources":["../../../../packages/authorization/src/AccessEvaluator.ts"],"sourcesContent":["import { Permissions } from './Permissions'\nimport { AccessNode } from './AccessNode'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessEvaluator {\n\tevaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessEvaluator {\n\texport class PermissionEvaluator implements AccessEvaluator {\n\t\tconstructor(private readonly permissions: Permissions) {}\n\n\t\tasync evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean> {\n\t\t\tif (!(accessNode instanceof AccessNode.Roles)) {\n\t\t\t\tthrow new UnsupportedAccessNodeError()\n\t\t\t}\n\t\t\tfor (let role of accessNode.roles) {\n\t\t\t\tif (this.permissions.isAllowed(role, resource, privilege, meta)) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn false\n\t\t}\n\t}\n\n\tclass UnsupportedAccessNodeError extends Error {}\n}\n\nexport { AccessEvaluator }\n"],"names":["AccessEvaluator"],"mappings":";AAQU,IAAA;AAAA,CAAV,CAAUA,qBAAV;AAAA,EACQ,MAAM,oBAA+C;AAAA,IAC3D,YAA6B,aAA0B;AAA1B,WAAA,cAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,SAAS,YAAwB,EAAE,UAAU,WAAW,QAAoD;AAC7G,UAAA,EAAE,sBAAsB,WAAW,QAAQ;AAC9C,cAAM,IAAI,2BAA2B;AAAA,MAAA;AAE7B,eAAA,QAAQ,WAAW,OAAO;AAClC,YAAI,KAAK,YAAY,UAAU,MAAM,UAAU,WAAW,IAAI,GAAG;AACzD,iBAAA;AAAA,QAAA;AAAA,MACR;AAEM,aAAA;AAAA,IAAA;AAAA,EACR;AAbMA,mBAAM,sBAAA;AAAA,EAgBb,MAAM,mCAAmC,MAAM;AAAA,EAAA;AAAC,GAjBvC,oBAAA,kBAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| exports.AccessNode = void 0; | ||
| ((AccessNode2) => { | ||
| class Fixed { | ||
| constructor(result) { | ||
| this.result = result; | ||
| } | ||
| static allowed() { | ||
| return new Fixed(true); | ||
| } | ||
| static denied() { | ||
| return new Fixed(false); | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return Promise.resolve(this.result); | ||
| } | ||
| } | ||
| AccessNode2.Fixed = Fixed; | ||
| class Intersection { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| if (this.nodes.length === 0) { | ||
| return Promise.resolve(false); | ||
| } | ||
| for (let node of this.nodes) { | ||
| if (!await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(false); | ||
| } | ||
| } | ||
| return Promise.resolve(true); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| for (let node of this.nodes) { | ||
| if (await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(true); | ||
| } | ||
| } | ||
| return Promise.resolve(false); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Union = Union; | ||
| class Negate { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| return !await this.node.isAllowed(accessEvaluator, action); | ||
| } | ||
| } | ||
| AccessNode2.Negate = Negate; | ||
| class Roles { | ||
| constructor(roles) { | ||
| this.roles = roles; | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return accessEvaluator.evaluate(this, action); | ||
| } | ||
| } | ||
| AccessNode2.Roles = Roles; | ||
| })(exports.AccessNode || (exports.AccessNode = {})); | ||
| //# sourceMappingURL=AccessNode.cjs.map |
| {"version":3,"file":"AccessNode.cjs","sources":["../../../../packages/authorization/src/AccessNode.ts"],"sourcesContent":["import { AccessEvaluator } from './AccessEvaluator'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessNode {\n\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessNode {\n\tinterface Composite extends AccessNode {\n\t\tgetNodes(): AccessNode[]\n\t}\n\n\texport class Fixed implements AccessNode {\n\t\tconstructor(private readonly result: boolean) {}\n\n\t\tpublic static allowed(): Fixed {\n\t\t\treturn new Fixed(true)\n\t\t}\n\n\t\tpublic static denied(): Fixed {\n\t\t\treturn new Fixed(false)\n\t\t}\n\n\t\tpublic isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn Promise.resolve(this.result)\n\t\t}\n\t}\n\n\texport class Intersection implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tif (this.nodes.length === 0) {\n\t\t\t\treturn Promise.resolve(false)\n\t\t\t}\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (!(await node.isAllowed(accessEvaluator, action))) {\n\t\t\t\t\treturn Promise.resolve(false)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(true)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Union implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (await node.isAllowed(accessEvaluator, action)) {\n\t\t\t\t\treturn Promise.resolve(true)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(false)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Negate implements AccessNode {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn !(await this.node.isAllowed(accessEvaluator, action))\n\t\t}\n\t}\n\n\texport class Roles implements AccessNode {\n\t\tconstructor(public readonly roles: readonly string[]) {}\n\n\t\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn accessEvaluator.evaluate(this, action)\n\t\t}\n\t}\n}\n\nexport { AccessNode }\n"],"names":["AccessNode"],"mappings":";;AAOUA,QAAAA,aAAAA;AAAAA,CAAV,CAAUA,gBAAV;AAAA,EAKQ,MAAM,MAA4B;AAAA,IACxC,YAA6B,QAAiB;AAAjB,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,OAAc,UAAiB;AACvB,aAAA,IAAI,MAAM,IAAI;AAAA,IAAA;AAAA,IAGtB,OAAc,SAAgB;AACtB,aAAA,IAAI,MAAM,KAAK;AAAA,IAAA;AAAA,IAGhB,UAAU,iBAAkC,QAA+C;AAC1F,aAAA,QAAQ,QAAQ,KAAK,MAAM;AAAA,IAAA;AAAA,EACnC;AAbMA,cAAM,QAAA;AAAA,EAgBN,MAAM,aAAkC;AAAA,IAC9C,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AACnG,UAAA,KAAK,MAAM,WAAW,GAAG;AACrB,eAAA,QAAQ,QAAQ,KAAK;AAAA,MAAA;AAEpB,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,CAAE,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAI;AAC9C,iBAAA,QAAQ,QAAQ,KAAK;AAAA,QAAA;AAAA,MAC7B;AAEM,aAAA,QAAQ,QAAQ,IAAI;AAAA,IAAA;AAAA,IAGrB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAjBMA,cAAM,eAAA;AAAA,EAoBN,MAAM,MAA2B;AAAA,IACvC,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AAC9F,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAG;AAC3C,iBAAA,QAAQ,QAAQ,IAAI;AAAA,QAAA;AAAA,MAC5B;AAEM,aAAA,QAAQ,QAAQ,KAAK;AAAA,IAAA;AAAA,IAGtB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAdMA,cAAM,QAAA;AAAA,EAiBN,MAAM,OAA6B;AAAA,IACzC,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,UAAU,iBAAkC,QAA+C;AAChG,aAAO,CAAE,MAAM,KAAK,KAAK,UAAU,iBAAiB,MAAM;AAAA,IAAA;AAAA,EAC3D;AALMA,cAAM,SAAA;AAAA,EAQN,MAAM,MAA4B;AAAA,IACxC,YAA4B,OAA0B;AAA1B,WAAA,QAAA;AAAA,IAAA;AAAA,IAE5B,UAAU,iBAAkC,QAA+C;AACnF,aAAA,gBAAgB,SAAS,MAAM,MAAM;AAAA,IAAA;AAAA,EAC7C;AALMA,cAAM,QAAA;AAAA,GAlEJA,QAAA,eAAAA,qBAAA,CAAA,EAAA;"} |
| var AccessNode; | ||
| ((AccessNode2) => { | ||
| class Fixed { | ||
| constructor(result) { | ||
| this.result = result; | ||
| } | ||
| static allowed() { | ||
| return new Fixed(true); | ||
| } | ||
| static denied() { | ||
| return new Fixed(false); | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return Promise.resolve(this.result); | ||
| } | ||
| } | ||
| AccessNode2.Fixed = Fixed; | ||
| class Intersection { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| if (this.nodes.length === 0) { | ||
| return Promise.resolve(false); | ||
| } | ||
| for (let node of this.nodes) { | ||
| if (!await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(false); | ||
| } | ||
| } | ||
| return Promise.resolve(true); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(nodes) { | ||
| this.nodes = nodes; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| for (let node of this.nodes) { | ||
| if (await node.isAllowed(accessEvaluator, action)) { | ||
| return Promise.resolve(true); | ||
| } | ||
| } | ||
| return Promise.resolve(false); | ||
| } | ||
| getNodes() { | ||
| return this.nodes; | ||
| } | ||
| } | ||
| AccessNode2.Union = Union; | ||
| class Negate { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async isAllowed(accessEvaluator, action) { | ||
| return !await this.node.isAllowed(accessEvaluator, action); | ||
| } | ||
| } | ||
| AccessNode2.Negate = Negate; | ||
| class Roles { | ||
| constructor(roles) { | ||
| this.roles = roles; | ||
| } | ||
| isAllowed(accessEvaluator, action) { | ||
| return accessEvaluator.evaluate(this, action); | ||
| } | ||
| } | ||
| AccessNode2.Roles = Roles; | ||
| })(AccessNode || (AccessNode = {})); | ||
| export { | ||
| AccessNode | ||
| }; | ||
| //# sourceMappingURL=AccessNode.js.map |
| {"version":3,"file":"AccessNode.js","sources":["../../../../packages/authorization/src/AccessNode.ts"],"sourcesContent":["import { AccessEvaluator } from './AccessEvaluator'\nimport { Authorizator } from './Authorizator'\n\ninterface AccessNode {\n\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace AccessNode {\n\tinterface Composite extends AccessNode {\n\t\tgetNodes(): AccessNode[]\n\t}\n\n\texport class Fixed implements AccessNode {\n\t\tconstructor(private readonly result: boolean) {}\n\n\t\tpublic static allowed(): Fixed {\n\t\t\treturn new Fixed(true)\n\t\t}\n\n\t\tpublic static denied(): Fixed {\n\t\t\treturn new Fixed(false)\n\t\t}\n\n\t\tpublic isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn Promise.resolve(this.result)\n\t\t}\n\t}\n\n\texport class Intersection implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tif (this.nodes.length === 0) {\n\t\t\t\treturn Promise.resolve(false)\n\t\t\t}\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (!(await node.isAllowed(accessEvaluator, action))) {\n\t\t\t\t\treturn Promise.resolve(false)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(true)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Union implements Composite {\n\t\tconstructor(private readonly nodes: AccessNode[]) {}\n\n\t\tpublic async isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\tfor (let node of this.nodes) {\n\t\t\t\tif (await node.isAllowed(accessEvaluator, action)) {\n\t\t\t\t\treturn Promise.resolve(true)\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn Promise.resolve(false)\n\t\t}\n\n\t\tpublic getNodes(): AccessNode[] {\n\t\t\treturn this.nodes\n\t\t}\n\t}\n\n\texport class Negate implements AccessNode {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn !(await this.node.isAllowed(accessEvaluator, action))\n\t\t}\n\t}\n\n\texport class Roles implements AccessNode {\n\t\tconstructor(public readonly roles: readonly string[]) {}\n\n\t\tisAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean> {\n\t\t\treturn accessEvaluator.evaluate(this, action)\n\t\t}\n\t}\n}\n\nexport { AccessNode }\n"],"names":["AccessNode"],"mappings":"AAOU,IAAA;AAAA,CAAV,CAAUA,gBAAV;AAAA,EAKQ,MAAM,MAA4B;AAAA,IACxC,YAA6B,QAAiB;AAAjB,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,OAAc,UAAiB;AACvB,aAAA,IAAI,MAAM,IAAI;AAAA,IAAA;AAAA,IAGtB,OAAc,SAAgB;AACtB,aAAA,IAAI,MAAM,KAAK;AAAA,IAAA;AAAA,IAGhB,UAAU,iBAAkC,QAA+C;AAC1F,aAAA,QAAQ,QAAQ,KAAK,MAAM;AAAA,IAAA;AAAA,EACnC;AAbMA,cAAM,QAAA;AAAA,EAgBN,MAAM,aAAkC;AAAA,IAC9C,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AACnG,UAAA,KAAK,MAAM,WAAW,GAAG;AACrB,eAAA,QAAQ,QAAQ,KAAK;AAAA,MAAA;AAEpB,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,CAAE,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAI;AAC9C,iBAAA,QAAQ,QAAQ,KAAK;AAAA,QAAA;AAAA,MAC7B;AAEM,aAAA,QAAQ,QAAQ,IAAI;AAAA,IAAA;AAAA,IAGrB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAjBMA,cAAM,eAAA;AAAA,EAoBN,MAAM,MAA2B;AAAA,IACvC,YAA6B,OAAqB;AAArB,WAAA,QAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UAAU,iBAAkC,QAA+C;AAC9F,eAAA,QAAQ,KAAK,OAAO;AAC5B,YAAI,MAAM,KAAK,UAAU,iBAAiB,MAAM,GAAG;AAC3C,iBAAA,QAAQ,QAAQ,IAAI;AAAA,QAAA;AAAA,MAC5B;AAEM,aAAA,QAAQ,QAAQ,KAAK;AAAA,IAAA;AAAA,IAGtB,WAAyB;AAC/B,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AAdMA,cAAM,QAAA;AAAA,EAiBN,MAAM,OAA6B;AAAA,IACzC,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,UAAU,iBAAkC,QAA+C;AAChG,aAAO,CAAE,MAAM,KAAK,KAAK,UAAU,iBAAiB,MAAM;AAAA,IAAA;AAAA,EAC3D;AALMA,cAAM,SAAA;AAAA,EAQN,MAAM,MAA4B;AAAA,IACxC,YAA4B,OAA0B;AAA1B,WAAA,QAAA;AAAA,IAAA;AAAA,IAE5B,UAAU,iBAAkC,QAA+C;AACnF,aAAA,gBAAgB,SAAS,MAAM,MAAM;AAAA,IAAA;AAAA,EAC7C;AALMA,cAAM,QAAA;AAAA,GAlEJ,eAAA,aAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.AuthorizationScope = void 0; | ||
| ((AuthorizationScope2) => { | ||
| class Fixed { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async getIdentityAccess() { | ||
| return this.node; | ||
| } | ||
| } | ||
| AuthorizationScope2.Fixed = Fixed; | ||
| class Global { | ||
| async getIdentityAccess(identity) { | ||
| return AccessNode.AccessNode.Fixed.denied(); | ||
| } | ||
| } | ||
| AuthorizationScope2.Global = Global; | ||
| class Intersection { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.AccessNode.Intersection(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.AccessNode.Union(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Union = Union; | ||
| })(exports.AuthorizationScope || (exports.AuthorizationScope = {})); | ||
| //# sourceMappingURL=AuthorizationScope.cjs.map |
| {"version":3,"file":"AuthorizationScope.cjs","sources":["../../../../packages/authorization/src/AuthorizationScope.ts"],"sourcesContent":["import { AccessNode } from './AccessNode'\n\ninterface AuthorizationScope<Identity> {\n\tgetIdentityAccess(identity: Identity): Promise<AccessNode>\n}\n\nnamespace AuthorizationScope {\n\texport class Fixed implements AuthorizationScope<any> {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync getIdentityAccess(): Promise<AccessNode> {\n\t\t\treturn this.node\n\t\t}\n\t}\n\n\texport class Global implements AuthorizationScope<any> {\n\t\tasync getIdentityAccess(identity: any): Promise<AccessNode> {\n\t\t\treturn AccessNode.Fixed.denied()\n\t\t}\n\t}\n\n\texport class Intersection<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Intersection(await Promise.all(nodes))\n\t\t}\n\t}\n\n\texport class Union<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Union(await Promise.all(nodes))\n\t\t}\n\t}\n}\n\nexport { AuthorizationScope }\n"],"names":["AuthorizationScope","AccessNode"],"mappings":";;;AAMUA,QAAAA,qBAAAA;AAAAA,CAAV,CAAUA,wBAAV;AAAA,EACQ,MAAM,MAAyC;AAAA,IACrD,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,oBAAyC;AAC9C,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AALMA,sBAAM,QAAA;AAAA,EAQN,MAAM,OAA0C;AAAA,IACtD,MAAM,kBAAkB,UAAoC;AACpD,aAAAC,WAAA,WAAW,MAAM,OAAO;AAAA,IAAA;AAAA,EAChC;AAHMD,sBAAM,SAAA;AAAA,EAMN,MAAM,aAA+D;AAAA,IAC3E,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAIC,WAAW,WAAA,aAAa,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EAC5D;AATMD,sBAAM,eAAA;AAAA,EAYN,MAAM,MAAwD;AAAA,IACpE,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAIC,WAAW,WAAA,MAAM,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EACrD;AATMD,sBAAM,QAAA;AAAA,GA3BJA,QAAA,uBAAAA,6BAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var AuthorizationScope; | ||
| ((AuthorizationScope2) => { | ||
| class Fixed { | ||
| constructor(node) { | ||
| this.node = node; | ||
| } | ||
| async getIdentityAccess() { | ||
| return this.node; | ||
| } | ||
| } | ||
| AuthorizationScope2.Fixed = Fixed; | ||
| class Global { | ||
| async getIdentityAccess(identity) { | ||
| return AccessNode.Fixed.denied(); | ||
| } | ||
| } | ||
| AuthorizationScope2.Global = Global; | ||
| class Intersection { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.Intersection(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Intersection = Intersection; | ||
| class Union { | ||
| constructor(scopes) { | ||
| this.scopes = scopes; | ||
| } | ||
| async getIdentityAccess(identity) { | ||
| const nodes = []; | ||
| for (let scope of this.scopes) { | ||
| nodes.push(scope.getIdentityAccess(identity)); | ||
| } | ||
| return new AccessNode.Union(await Promise.all(nodes)); | ||
| } | ||
| } | ||
| AuthorizationScope2.Union = Union; | ||
| })(AuthorizationScope || (AuthorizationScope = {})); | ||
| export { | ||
| AuthorizationScope | ||
| }; | ||
| //# sourceMappingURL=AuthorizationScope.js.map |
| {"version":3,"file":"AuthorizationScope.js","sources":["../../../../packages/authorization/src/AuthorizationScope.ts"],"sourcesContent":["import { AccessNode } from './AccessNode'\n\ninterface AuthorizationScope<Identity> {\n\tgetIdentityAccess(identity: Identity): Promise<AccessNode>\n}\n\nnamespace AuthorizationScope {\n\texport class Fixed implements AuthorizationScope<any> {\n\t\tconstructor(private readonly node: AccessNode) {}\n\n\t\tasync getIdentityAccess(): Promise<AccessNode> {\n\t\t\treturn this.node\n\t\t}\n\t}\n\n\texport class Global implements AuthorizationScope<any> {\n\t\tasync getIdentityAccess(identity: any): Promise<AccessNode> {\n\t\t\treturn AccessNode.Fixed.denied()\n\t\t}\n\t}\n\n\texport class Intersection<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Intersection(await Promise.all(nodes))\n\t\t}\n\t}\n\n\texport class Union<Identity> implements AuthorizationScope<Identity> {\n\t\tconstructor(private readonly scopes: AuthorizationScope<Identity>[]) {}\n\n\t\tasync getIdentityAccess(identity: Identity): Promise<AccessNode> {\n\t\t\tconst nodes: Promise<AccessNode>[] = []\n\t\t\tfor (let scope of this.scopes) {\n\t\t\t\tnodes.push(scope.getIdentityAccess(identity))\n\t\t\t}\n\t\t\treturn new AccessNode.Union(await Promise.all(nodes))\n\t\t}\n\t}\n}\n\nexport { AuthorizationScope }\n"],"names":["AuthorizationScope"],"mappings":";AAMU,IAAA;AAAA,CAAV,CAAUA,wBAAV;AAAA,EACQ,MAAM,MAAyC;AAAA,IACrD,YAA6B,MAAkB;AAAlB,WAAA,OAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,oBAAyC;AAC9C,aAAO,KAAK;AAAA,IAAA;AAAA,EACb;AALMA,sBAAM,QAAA;AAAA,EAQN,MAAM,OAA0C;AAAA,IACtD,MAAM,kBAAkB,UAAoC;AACpD,aAAA,WAAW,MAAM,OAAO;AAAA,IAAA;AAAA,EAChC;AAHMA,sBAAM,SAAA;AAAA,EAMN,MAAM,aAA+D;AAAA,IAC3E,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAI,WAAW,aAAa,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EAC5D;AATMA,sBAAM,eAAA;AAAA,EAYN,MAAM,MAAwD;AAAA,IACpE,YAA6B,QAAwC;AAAxC,WAAA,SAAA;AAAA,IAAA;AAAA,IAE7B,MAAM,kBAAkB,UAAyC;AAChE,YAAM,QAA+B,CAAC;AAC7B,eAAA,SAAS,KAAK,QAAQ;AAC9B,cAAM,KAAK,MAAM,kBAAkB,QAAQ,CAAC;AAAA,MAAA;AAE7C,aAAO,IAAI,WAAW,MAAM,MAAM,QAAQ,IAAI,KAAK,CAAC;AAAA,IAAA;AAAA,EACrD;AATMA,sBAAM,QAAA;AAAA,GA3BJ,uBAAA,qBAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| const AccessNode = require("./AccessNode.cjs"); | ||
| exports.Authorizator = void 0; | ||
| ((Authorizator2) => { | ||
| function createAction(resource, privilege, meta) { | ||
| return { | ||
| resource, | ||
| privilege, | ||
| meta | ||
| }; | ||
| } | ||
| Authorizator2.createAction = createAction; | ||
| class Default { | ||
| constructor(accessEvaluator) { | ||
| this.accessEvaluator = accessEvaluator; | ||
| } | ||
| async isAllowed(identity, scope, action) { | ||
| const scopeNode = await scope.getIdentityAccess(identity); | ||
| const globalNode = new AccessNode.AccessNode.Roles(identity.roles); | ||
| const node = new AccessNode.AccessNode.Union([scopeNode, globalNode]); | ||
| return await node.isAllowed(this.accessEvaluator, action); | ||
| } | ||
| } | ||
| Authorizator2.Default = Default; | ||
| })(exports.Authorizator || (exports.Authorizator = {})); | ||
| //# sourceMappingURL=Authorizator.cjs.map |
| {"version":3,"file":"Authorizator.cjs","sources":["../../../../packages/authorization/src/Authorizator.ts"],"sourcesContent":["import { AuthorizationScope } from './AuthorizationScope'\nimport { AccessEvaluator } from './AccessEvaluator'\nimport { AccessNode } from './AccessNode'\n\ninterface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> {\n\tisAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace Authorizator {\n\texport type Resource = string\n\texport type Privilege = string\n\texport type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {}\n\t\t? { resource: Resource; privilege: Privilege; meta: Meta }\n\t\t: { resource: Resource; privilege: Privilege; meta?: Meta }\n\n\ttype ActionCreator =\n\t\t| ((resource: Resource, privilege: Privilege) => Action)\n\t\t| (<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>)\n\n\texport function createAction(resource: Resource, privilege: Privilege): Action<undefined>\n\texport function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>\n\texport function createAction<Meta>(resource: Resource, privilege: Privilege, meta?: Meta) {\n\t\treturn {\n\t\t\tresource,\n\t\t\tprivilege,\n\t\t\tmeta,\n\t\t}\n\t}\n\texport class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> {\n\t\tconstructor(private readonly accessEvaluator: AccessEvaluator) {}\n\n\t\tpublic async isAllowed(\n\t\t\tidentity: Identity,\n\t\t\tscope: AuthorizationScope<Identity>,\n\t\t\taction: Authorizator.Action,\n\t\t): Promise<boolean> {\n\t\t\tconst scopeNode = await scope.getIdentityAccess(identity)\n\t\t\tconst globalNode = new AccessNode.Roles(identity.roles)\n\t\t\tconst node = new AccessNode.Union([scopeNode, globalNode])\n\n\t\t\treturn await node.isAllowed(this.accessEvaluator, action)\n\t\t}\n\t}\n\n\texport interface Identity {\n\t\troles: readonly string[]\n\t}\n}\n\nexport { Authorizator }\n"],"names":["Authorizator","AccessNode"],"mappings":";;;AAQUA,QAAAA,eAAAA;AAAAA,CAAV,CAAUA,kBAAV;AAaiB,WAAA,aAAmB,UAAoB,WAAsB,MAAa;AAClF,WAAA;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,IACD;AAAA,EAAA;AALMA,gBAAS,eAAA;AAAA,EAOT,MAAM,QAAkF;AAAA,IAC9F,YAA6B,iBAAkC;AAAlC,WAAA,kBAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UACZ,UACA,OACA,QACmB;AACnB,YAAM,YAAY,MAAM,MAAM,kBAAkB,QAAQ;AACxD,YAAM,aAAa,IAAIC,WAAAA,WAAW,MAAM,SAAS,KAAK;AACtD,YAAM,OAAO,IAAIA,WAAA,WAAW,MAAM,CAAC,WAAW,UAAU,CAAC;AAEzD,aAAO,MAAM,KAAK,UAAU,KAAK,iBAAiB,MAAM;AAAA,IAAA;AAAA,EACzD;AAbMD,gBAAM,UAAA;AAAA,GApBJA,QAAA,iBAAAA,uBAAA,CAAA,EAAA;"} |
| import { AccessNode } from "./AccessNode.js"; | ||
| var Authorizator; | ||
| ((Authorizator2) => { | ||
| function createAction(resource, privilege, meta) { | ||
| return { | ||
| resource, | ||
| privilege, | ||
| meta | ||
| }; | ||
| } | ||
| Authorizator2.createAction = createAction; | ||
| class Default { | ||
| constructor(accessEvaluator) { | ||
| this.accessEvaluator = accessEvaluator; | ||
| } | ||
| async isAllowed(identity, scope, action) { | ||
| const scopeNode = await scope.getIdentityAccess(identity); | ||
| const globalNode = new AccessNode.Roles(identity.roles); | ||
| const node = new AccessNode.Union([scopeNode, globalNode]); | ||
| return await node.isAllowed(this.accessEvaluator, action); | ||
| } | ||
| } | ||
| Authorizator2.Default = Default; | ||
| })(Authorizator || (Authorizator = {})); | ||
| export { | ||
| Authorizator | ||
| }; | ||
| //# sourceMappingURL=Authorizator.js.map |
| {"version":3,"file":"Authorizator.js","sources":["../../../../packages/authorization/src/Authorizator.ts"],"sourcesContent":["import { AuthorizationScope } from './AuthorizationScope'\nimport { AccessEvaluator } from './AccessEvaluator'\nimport { AccessNode } from './AccessNode'\n\ninterface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> {\n\tisAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>\n}\n\nnamespace Authorizator {\n\texport type Resource = string\n\texport type Privilege = string\n\texport type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {}\n\t\t? { resource: Resource; privilege: Privilege; meta: Meta }\n\t\t: { resource: Resource; privilege: Privilege; meta?: Meta }\n\n\ttype ActionCreator =\n\t\t| ((resource: Resource, privilege: Privilege) => Action)\n\t\t| (<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta) => Action<Meta>)\n\n\texport function createAction(resource: Resource, privilege: Privilege): Action<undefined>\n\texport function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>\n\texport function createAction<Meta>(resource: Resource, privilege: Privilege, meta?: Meta) {\n\t\treturn {\n\t\t\tresource,\n\t\t\tprivilege,\n\t\t\tmeta,\n\t\t}\n\t}\n\texport class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> {\n\t\tconstructor(private readonly accessEvaluator: AccessEvaluator) {}\n\n\t\tpublic async isAllowed(\n\t\t\tidentity: Identity,\n\t\t\tscope: AuthorizationScope<Identity>,\n\t\t\taction: Authorizator.Action,\n\t\t): Promise<boolean> {\n\t\t\tconst scopeNode = await scope.getIdentityAccess(identity)\n\t\t\tconst globalNode = new AccessNode.Roles(identity.roles)\n\t\t\tconst node = new AccessNode.Union([scopeNode, globalNode])\n\n\t\t\treturn await node.isAllowed(this.accessEvaluator, action)\n\t\t}\n\t}\n\n\texport interface Identity {\n\t\troles: readonly string[]\n\t}\n}\n\nexport { Authorizator }\n"],"names":["Authorizator"],"mappings":";AAQU,IAAA;AAAA,CAAV,CAAUA,kBAAV;AAaiB,WAAA,aAAmB,UAAoB,WAAsB,MAAa;AAClF,WAAA;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,IACD;AAAA,EAAA;AALMA,gBAAS,eAAA;AAAA,EAOT,MAAM,QAAkF;AAAA,IAC9F,YAA6B,iBAAkC;AAAlC,WAAA,kBAAA;AAAA,IAAA;AAAA,IAE7B,MAAa,UACZ,UACA,OACA,QACmB;AACnB,YAAM,YAAY,MAAM,MAAM,kBAAkB,QAAQ;AACxD,YAAM,aAAa,IAAI,WAAW,MAAM,SAAS,KAAK;AACtD,YAAM,OAAO,IAAI,WAAW,MAAM,CAAC,WAAW,UAAU,CAAC;AAEzD,aAAO,MAAM,KAAK,UAAU,KAAK,iBAAiB,MAAM;AAAA,IAAA;AAAA,EACzD;AAbMA,gBAAM,UAAA;AAAA,GApBJ,iBAAA,eAAA,CAAA,EAAA;"} |
| "use strict"; | ||
| Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" }); | ||
| var __defProp = Object.defineProperty; | ||
| var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value; | ||
| var __publicField = (obj, key, value) => __defNormalProp(obj, key + "", value); | ||
| class Permissions { | ||
| constructor() { | ||
| __publicField(this, "permissions", {}); | ||
| } | ||
| allow(role, { resource, privilege }, verifier = () => true) { | ||
| var _a, _b; | ||
| (_a = this.permissions)[role] ?? (_a[role] = {}); | ||
| (_b = this.permissions[role])[resource] ?? (_b[resource] = {}); | ||
| this.permissions[role][resource][privilege] = verifier; | ||
| } | ||
| isAllowed(role, resource, action, meta) { | ||
| const rolePermissions = this.permissions[role]; | ||
| if (!rolePermissions) { | ||
| return false; | ||
| } | ||
| for (let tmpResource of [resource, Permissions.ALL]) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) { | ||
| return true; | ||
| } | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| ((Permissions2) => { | ||
| Permissions2.ALL = "*"; | ||
| })(Permissions || (Permissions = {})); | ||
| exports.Permissions = Permissions; | ||
| //# sourceMappingURL=Permissions.cjs.map |
| {"version":3,"file":"Permissions.cjs","sources":["../../../../packages/authorization/src/Permissions.ts"],"sourcesContent":["import { Authorizator } from './Authorizator'\n\nclass Permissions {\n\tprivate permissions: Permissions.PermissionsMap = {}\n\n\tpublic allow<Meta extends {} | undefined = undefined>(\n\t\trole: string,\n\t\t{ resource, privilege }: Authorizator.Action<Meta>,\n\t\tverifier: (meta: Meta) => boolean = () => true,\n\t) {\n\t\tthis.permissions[role] ??= {}\n\t\tthis.permissions[role][resource] ??= {}\n\t\tthis.permissions[role][resource][privilege] = verifier\n\t}\n\n\tpublic isAllowed(role: string, resource: string, action: string, meta: any): boolean {\n\t\tconst rolePermissions = this.permissions[role]\n\t\tif (!rolePermissions) {\n\t\t\treturn false\n\t\t}\n\t\tfor (let tmpResource of [resource, Permissions.ALL]) {\n\t\t\tfor (let tmpAction of [action, Permissions.ALL]) {\n\t\t\t\tif (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn false\n\t}\n}\n\nnamespace Permissions {\n\texport const ALL = '*'\n\texport type PermissionsMap = {\n\t\t[role: string]: {\n\t\t\t[resource: string]: {\n\t\t\t\t[privilege: string]: (meta: any) => boolean\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport { Permissions }\n"],"names":["Permissions"],"mappings":";;;;;AAEA,MAAM,YAAY;AAAA,EAAlB,cAAA;AACC,kBAAA,MAAQ,eAA0C,EAAC;AAAA,EAAA;AAAA,EAE5C,MACN,MACA,EAAE,UAAU,aACZ,WAAoC,MAAM,MACzC;AATH,QAAA,IAAA;AAUO,KAAA,KAAA,KAAA,aAAL,qBAA2B;AAC3B,KAAA,KAAA,KAAK,YAAY,IAAI,GAArB,QAAA,MAAA,GAAA,QAAA,IAAqC;AACrC,SAAK,YAAY,IAAI,EAAE,QAAQ,EAAE,SAAS,IAAI;AAAA,EAAA;AAAA,EAGxC,UAAU,MAAc,UAAkB,QAAgB,MAAoB;AAC9E,UAAA,kBAAkB,KAAK,YAAY,IAAI;AAC7C,QAAI,CAAC,iBAAiB;AACd,aAAA;AAAA,IAAA;AAER,aAAS,eAAe,CAAC,UAAU,YAAY,GAAG,GAAG;AACpD,eAAS,aAAa,CAAC,QAAQ,YAAY,GAAG,GAAG;AAChD,YAAI,gBAAgB,WAAW,IAAI,SAAS,IAAI,IAAI,MAAM,MAAM;AACxD,iBAAA;AAAA,QAAA;AAAA,MACR;AAAA,IACD;AAEM,WAAA;AAAA,EAAA;AAET;AAAA,CAEA,CAAUA,iBAAV;AACcA,eAAA,MAAM;AAAA,GADV,gBAAA,cAAA,CAAA,EAAA;;"} |
| var __defProp = Object.defineProperty; | ||
| var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value; | ||
| var __publicField = (obj, key, value) => __defNormalProp(obj, key + "", value); | ||
| class Permissions { | ||
| constructor() { | ||
| __publicField(this, "permissions", {}); | ||
| } | ||
| allow(role, { resource, privilege }, verifier = () => true) { | ||
| var _a, _b; | ||
| (_a = this.permissions)[role] ?? (_a[role] = {}); | ||
| (_b = this.permissions[role])[resource] ?? (_b[resource] = {}); | ||
| this.permissions[role][resource][privilege] = verifier; | ||
| } | ||
| isAllowed(role, resource, action, meta) { | ||
| const rolePermissions = this.permissions[role]; | ||
| if (!rolePermissions) { | ||
| return false; | ||
| } | ||
| for (let tmpResource of [resource, Permissions.ALL]) { | ||
| for (let tmpAction of [action, Permissions.ALL]) { | ||
| if (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) { | ||
| return true; | ||
| } | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
| } | ||
| ((Permissions2) => { | ||
| Permissions2.ALL = "*"; | ||
| })(Permissions || (Permissions = {})); | ||
| export { | ||
| Permissions | ||
| }; | ||
| //# sourceMappingURL=Permissions.js.map |
| {"version":3,"file":"Permissions.js","sources":["../../../../packages/authorization/src/Permissions.ts"],"sourcesContent":["import { Authorizator } from './Authorizator'\n\nclass Permissions {\n\tprivate permissions: Permissions.PermissionsMap = {}\n\n\tpublic allow<Meta extends {} | undefined = undefined>(\n\t\trole: string,\n\t\t{ resource, privilege }: Authorizator.Action<Meta>,\n\t\tverifier: (meta: Meta) => boolean = () => true,\n\t) {\n\t\tthis.permissions[role] ??= {}\n\t\tthis.permissions[role][resource] ??= {}\n\t\tthis.permissions[role][resource][privilege] = verifier\n\t}\n\n\tpublic isAllowed(role: string, resource: string, action: string, meta: any): boolean {\n\t\tconst rolePermissions = this.permissions[role]\n\t\tif (!rolePermissions) {\n\t\t\treturn false\n\t\t}\n\t\tfor (let tmpResource of [resource, Permissions.ALL]) {\n\t\t\tfor (let tmpAction of [action, Permissions.ALL]) {\n\t\t\t\tif (rolePermissions[tmpResource]?.[tmpAction]?.(meta) === true) {\n\t\t\t\t\treturn true\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\treturn false\n\t}\n}\n\nnamespace Permissions {\n\texport const ALL = '*'\n\texport type PermissionsMap = {\n\t\t[role: string]: {\n\t\t\t[resource: string]: {\n\t\t\t\t[privilege: string]: (meta: any) => boolean\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport { Permissions }\n"],"names":["Permissions"],"mappings":";;;AAEA,MAAM,YAAY;AAAA,EAAlB,cAAA;AACC,kBAAA,MAAQ,eAA0C,EAAC;AAAA,EAAA;AAAA,EAE5C,MACN,MACA,EAAE,UAAU,aACZ,WAAoC,MAAM,MACzC;AATH,QAAA,IAAA;AAUO,KAAA,KAAA,KAAA,aAAL,qBAA2B;AAC3B,KAAA,KAAA,KAAK,YAAY,IAAI,GAArB,QAAA,MAAA,GAAA,QAAA,IAAqC;AACrC,SAAK,YAAY,IAAI,EAAE,QAAQ,EAAE,SAAS,IAAI;AAAA,EAAA;AAAA,EAGxC,UAAU,MAAc,UAAkB,QAAgB,MAAoB;AAC9E,UAAA,kBAAkB,KAAK,YAAY,IAAI;AAC7C,QAAI,CAAC,iBAAiB;AACd,aAAA;AAAA,IAAA;AAER,aAAS,eAAe,CAAC,UAAU,YAAY,GAAG,GAAG;AACpD,eAAS,aAAa,CAAC,QAAQ,YAAY,GAAG,GAAG;AAChD,YAAI,gBAAgB,WAAW,IAAI,SAAS,IAAI,IAAI,MAAM,MAAM;AACxD,iBAAA;AAAA,QAAA;AAAA,MACR;AAAA,IACD;AAEM,WAAA;AAAA,EAAA;AAET;AAAA,CAEA,CAAUA,iBAAV;AACcA,eAAA,MAAM;AAAA,GADV,gBAAA,cAAA,CAAA,EAAA;"} |
| import { Permissions } from './Permissions'; | ||
| import { AccessNode } from './AccessNode'; | ||
| import { Authorizator } from './Authorizator'; | ||
| interface AccessEvaluator { | ||
| evaluate(accessNode: AccessNode, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| declare namespace AccessEvaluator { | ||
| class PermissionEvaluator implements AccessEvaluator { | ||
| private readonly permissions; | ||
| constructor(permissions: Permissions); | ||
| evaluate(accessNode: AccessNode, { resource, privilege, meta }: Authorizator.Action<any>): Promise<boolean>; | ||
| } | ||
| } | ||
| export { AccessEvaluator }; | ||
| //# sourceMappingURL=AccessEvaluator.d.ts.map |
| {"version":3,"file":"AccessEvaluator.d.ts","sourceRoot":"","sources":["../../src/AccessEvaluator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAE7C,UAAU,eAAe;IACxB,QAAQ,CAAC,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/E;AAED,kBAAU,eAAe,CAAC;IACzB,MAAa,mBAAoB,YAAW,eAAe;QAC9C,OAAO,CAAC,QAAQ,CAAC,WAAW;oBAAX,WAAW,EAAE,WAAW;QAE/C,QAAQ,CAAC,UAAU,EAAE,UAAU,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;KAWjH;CAGD;AAED,OAAO,EAAE,eAAe,EAAE,CAAA"} |
| import { AccessEvaluator } from './AccessEvaluator'; | ||
| import { Authorizator } from './Authorizator'; | ||
| interface AccessNode { | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| declare namespace AccessNode { | ||
| interface Composite extends AccessNode { | ||
| getNodes(): AccessNode[]; | ||
| } | ||
| export class Fixed implements AccessNode { | ||
| private readonly result; | ||
| constructor(result: boolean); | ||
| static allowed(): Fixed; | ||
| static denied(): Fixed; | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| export class Intersection implements Composite { | ||
| private readonly nodes; | ||
| constructor(nodes: AccessNode[]); | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| getNodes(): AccessNode[]; | ||
| } | ||
| export class Union implements Composite { | ||
| private readonly nodes; | ||
| constructor(nodes: AccessNode[]); | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| getNodes(): AccessNode[]; | ||
| } | ||
| export class Negate implements AccessNode { | ||
| private readonly node; | ||
| constructor(node: AccessNode); | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| export class Roles implements AccessNode { | ||
| readonly roles: readonly string[]; | ||
| constructor(roles: readonly string[]); | ||
| isAllowed(accessEvaluator: AccessEvaluator, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| export {}; | ||
| } | ||
| export { AccessNode }; | ||
| //# sourceMappingURL=AccessNode.d.ts.map |
| {"version":3,"file":"AccessNode.d.ts","sourceRoot":"","sources":["../../src/AccessNode.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAE7C,UAAU,UAAU;IACnB,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC1F;AAED,kBAAU,UAAU,CAAC;IACpB,UAAU,SAAU,SAAQ,UAAU;QACrC,QAAQ,IAAI,UAAU,EAAE,CAAA;KACxB;IAED,MAAM,OAAO,KAAM,YAAW,UAAU;QAC3B,OAAO,CAAC,QAAQ,CAAC,MAAM;oBAAN,MAAM,EAAE,OAAO;eAE9B,OAAO,IAAI,KAAK;eAIhB,MAAM,IAAI,KAAK;QAItB,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;KAGjG;IAED,MAAM,OAAO,YAAa,YAAW,SAAS;QACjC,OAAO,CAAC,QAAQ,CAAC,KAAK;oBAAL,KAAK,EAAE,UAAU,EAAE;QAEnC,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;QAYhG,QAAQ,IAAI,UAAU,EAAE;KAG/B;IAED,MAAM,OAAO,KAAM,YAAW,SAAS;QAC1B,OAAO,CAAC,QAAQ,CAAC,KAAK;oBAAL,KAAK,EAAE,UAAU,EAAE;QAEnC,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;QAShG,QAAQ,IAAI,UAAU,EAAE;KAG/B;IAED,MAAM,OAAO,MAAO,YAAW,UAAU;QAC5B,OAAO,CAAC,QAAQ,CAAC,IAAI;oBAAJ,IAAI,EAAE,UAAU;QAEvC,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;KAGhG;IAED,MAAM,OAAO,KAAM,YAAW,UAAU;iBACX,KAAK,EAAE,SAAS,MAAM,EAAE;oBAAxB,KAAK,EAAE,SAAS,MAAM,EAAE;QAEpD,SAAS,CAAC,eAAe,EAAE,eAAe,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;KAG1F;;CACD;AAED,OAAO,EAAE,UAAU,EAAE,CAAA"} |
| import { AccessNode } from './AccessNode'; | ||
| interface AuthorizationScope<Identity> { | ||
| getIdentityAccess(identity: Identity): Promise<AccessNode>; | ||
| } | ||
| declare namespace AuthorizationScope { | ||
| class Fixed implements AuthorizationScope<any> { | ||
| private readonly node; | ||
| constructor(node: AccessNode); | ||
| getIdentityAccess(): Promise<AccessNode>; | ||
| } | ||
| class Global implements AuthorizationScope<any> { | ||
| getIdentityAccess(identity: any): Promise<AccessNode>; | ||
| } | ||
| class Intersection<Identity> implements AuthorizationScope<Identity> { | ||
| private readonly scopes; | ||
| constructor(scopes: AuthorizationScope<Identity>[]); | ||
| getIdentityAccess(identity: Identity): Promise<AccessNode>; | ||
| } | ||
| class Union<Identity> implements AuthorizationScope<Identity> { | ||
| private readonly scopes; | ||
| constructor(scopes: AuthorizationScope<Identity>[]); | ||
| getIdentityAccess(identity: Identity): Promise<AccessNode>; | ||
| } | ||
| } | ||
| export { AuthorizationScope }; | ||
| //# sourceMappingURL=AuthorizationScope.d.ts.map |
| {"version":3,"file":"AuthorizationScope.d.ts","sourceRoot":"","sources":["../../src/AuthorizationScope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAEzC,UAAU,kBAAkB,CAAC,QAAQ;IACpC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;CAC1D;AAED,kBAAU,kBAAkB,CAAC;IAC5B,MAAa,KAAM,YAAW,kBAAkB,CAAC,GAAG,CAAC;QACxC,OAAO,CAAC,QAAQ,CAAC,IAAI;oBAAJ,IAAI,EAAE,UAAU;QAEvC,iBAAiB,IAAI,OAAO,CAAC,UAAU,CAAC;KAG9C;IAED,MAAa,MAAO,YAAW,kBAAkB,CAAC,GAAG,CAAC;QAC/C,iBAAiB,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC;KAG3D;IAED,MAAa,YAAY,CAAC,QAAQ,CAAE,YAAW,kBAAkB,CAAC,QAAQ,CAAC;QAC9D,OAAO,CAAC,QAAQ,CAAC,MAAM;oBAAN,MAAM,EAAE,kBAAkB,CAAC,QAAQ,CAAC,EAAE;QAE7D,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC;KAOhE;IAED,MAAa,KAAK,CAAC,QAAQ,CAAE,YAAW,kBAAkB,CAAC,QAAQ,CAAC;QACvD,OAAO,CAAC,QAAQ,CAAC,MAAM;oBAAN,MAAM,EAAE,kBAAkB,CAAC,QAAQ,CAAC,EAAE;QAE7D,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC;KAOhE;CACD;AAED,OAAO,EAAE,kBAAkB,EAAE,CAAA"} |
| import { AuthorizationScope } from './AuthorizationScope'; | ||
| import { AccessEvaluator } from './AccessEvaluator'; | ||
| interface Authorizator<Identity extends Authorizator.Identity = Authorizator.Identity> { | ||
| isAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| declare namespace Authorizator { | ||
| type Resource = string; | ||
| type Privilege = string; | ||
| type Action<Meta extends undefined | {} = undefined | Record<string, unknown>> = Meta extends {} ? { | ||
| resource: Resource; | ||
| privilege: Privilege; | ||
| meta: Meta; | ||
| } : { | ||
| resource: Resource; | ||
| privilege: Privilege; | ||
| meta?: Meta; | ||
| }; | ||
| function createAction(resource: Resource, privilege: Privilege): Action<undefined>; | ||
| function createAction<Meta extends {} | undefined>(resource: Resource, privilege: Privilege, meta: Meta): Action<Meta>; | ||
| class Default<Identity extends Authorizator.Identity> implements Authorizator<Identity> { | ||
| private readonly accessEvaluator; | ||
| constructor(accessEvaluator: AccessEvaluator); | ||
| isAllowed(identity: Identity, scope: AuthorizationScope<Identity>, action: Authorizator.Action): Promise<boolean>; | ||
| } | ||
| interface Identity { | ||
| roles: readonly string[]; | ||
| } | ||
| } | ||
| export { Authorizator }; | ||
| //# sourceMappingURL=Authorizator.d.ts.map |
| {"version":3,"file":"Authorizator.d.ts","sourceRoot":"","sources":["../../src/Authorizator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAGnD,UAAU,YAAY,CAAC,QAAQ,SAAS,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC,QAAQ;IACpF,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CACjH;AAED,kBAAU,YAAY,CAAC;IACtB,KAAY,QAAQ,GAAG,MAAM,CAAA;IAC7B,KAAY,SAAS,GAAG,MAAM,CAAA;IAC9B,KAAY,MAAM,CAAC,IAAI,SAAS,SAAS,GAAG,EAAE,GAAG,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,IAAI,SAAS,EAAE,GACpG;QAAE,QAAQ,EAAE,QAAQ,CAAC;QAAC,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,IAAI,CAAA;KAAE,GACxD;QAAE,QAAQ,EAAE,QAAQ,CAAC;QAAC,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,CAAA;IAM5D,SAAgB,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,CAAA;IACzF,SAAgB,YAAY,CAAC,IAAI,SAAS,EAAE,GAAG,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;IAQ7H,MAAa,OAAO,CAAC,QAAQ,SAAS,YAAY,CAAC,QAAQ,CAAE,YAAW,YAAY,CAAC,QAAQ,CAAC;QACjF,OAAO,CAAC,QAAQ,CAAC,eAAe;oBAAf,eAAe,EAAE,eAAe;QAEhD,SAAS,CACrB,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,kBAAkB,CAAC,QAAQ,CAAC,EACnC,MAAM,EAAE,YAAY,CAAC,MAAM,GACzB,OAAO,CAAC,OAAO,CAAC;KAOnB;IAED,UAAiB,QAAQ;QACxB,KAAK,EAAE,SAAS,MAAM,EAAE,CAAA;KACxB;CACD;AAED,OAAO,EAAE,YAAY,EAAE,CAAA"} |
| export * from './Authorizator'; | ||
| export * from './AccessEvaluator'; | ||
| export * from './AccessNode'; | ||
| export * from './AuthorizationScope'; | ||
| export * from './Permissions'; | ||
| //# sourceMappingURL=index.d.ts.map |
| {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,mBAAmB,CAAA;AACjC,cAAc,cAAc,CAAA;AAC5B,cAAc,sBAAsB,CAAA;AACpC,cAAc,eAAe,CAAA"} |
| import { Authorizator } from './Authorizator'; | ||
| declare class Permissions { | ||
| private permissions; | ||
| allow<Meta extends {} | undefined = undefined>(role: string, { resource, privilege }: Authorizator.Action<Meta>, verifier?: (meta: Meta) => boolean): void; | ||
| isAllowed(role: string, resource: string, action: string, meta: any): boolean; | ||
| } | ||
| declare namespace Permissions { | ||
| const ALL = "*"; | ||
| type PermissionsMap = { | ||
| [role: string]: { | ||
| [resource: string]: { | ||
| [privilege: string]: (meta: any) => boolean; | ||
| }; | ||
| }; | ||
| }; | ||
| } | ||
| export { Permissions }; | ||
| //# sourceMappingURL=Permissions.d.ts.map |
| {"version":3,"file":"Permissions.d.ts","sourceRoot":"","sources":["../../src/Permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAE7C,cAAM,WAAW;IAChB,OAAO,CAAC,WAAW,CAAiC;IAE7C,KAAK,CAAC,IAAI,SAAS,EAAE,GAAG,SAAS,GAAG,SAAS,EACnD,IAAI,EAAE,MAAM,EACZ,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAClD,QAAQ,GAAE,CAAC,IAAI,EAAE,IAAI,KAAK,OAAoB;IAOxC,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO;CAcpF;AAED,kBAAU,WAAW,CAAC;IACd,MAAM,GAAG,MAAM,CAAA;IACtB,KAAY,cAAc,GAAG;QAC5B,CAAC,IAAI,EAAE,MAAM,GAAG;YACf,CAAC,QAAQ,EAAE,MAAM,GAAG;gBACnB,CAAC,SAAS,EAAE,MAAM,GAAG,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAA;aAC3C,CAAA;SACD,CAAA;KACD,CAAA;CACD;AAED,OAAO,EAAE,WAAW,EAAE,CAAA"} |
Sorry, the diff of this file is not supported yet
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
0
-100%Worsened metrics
- Total package byte prevSize
8885
-94.53%- Number of package files
11
-84.72%- Lines of code
227
-82.48%- Number of medium supply chain risk alerts
1
Infinity%No dependency changes