npm - @ahksolution/permissions-sdk - Versions diffs - 1.0.0 - Mend

@ahksolution/permissions-sdk 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (56) hide show

package/README.md +290 -0
package/dist/client/index.d.ts +3 -0
package/dist/client/index.d.ts.map +1 -0
package/dist/client/index.js +19 -0
package/dist/client/index.js.map +1 -0
package/dist/client/permissions-client.module.d.ts +74 -0
package/dist/client/permissions-client.module.d.ts.map +1 -0
package/dist/client/permissions-client.module.js +109 -0
package/dist/client/permissions-client.module.js.map +1 -0
package/dist/client/permissions-grpc.client.d.ts +45 -0
package/dist/client/permissions-grpc.client.d.ts.map +1 -0
package/dist/client/permissions-grpc.client.js +182 -0
package/dist/client/permissions-grpc.client.js.map +1 -0
package/dist/constants.d.ts +44 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +48 -0
package/dist/constants.js.map +1 -0
package/dist/decorators/index.d.ts +2 -0
package/dist/decorators/index.d.ts.map +1 -0
package/dist/decorators/index.js +18 -0
package/dist/decorators/index.js.map +1 -0
package/dist/decorators/require-permissions.decorator.d.ts +51 -0
package/dist/decorators/require-permissions.decorator.d.ts.map +1 -0
package/dist/decorators/require-permissions.decorator.js +69 -0
package/dist/decorators/require-permissions.decorator.js.map +1 -0
package/dist/guards/index.d.ts +2 -0
package/dist/guards/index.d.ts.map +1 -0
package/dist/guards/index.js +18 -0
package/dist/guards/index.js.map +1 -0
package/dist/guards/permissions.guard.d.ts +55 -0
package/dist/guards/permissions.guard.d.ts.map +1 -0
package/dist/guards/permissions.guard.js +139 -0
package/dist/guards/permissions.guard.js.map +1 -0
package/dist/index.d.ts +6 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +27 -0
package/dist/index.js.map +1 -0
package/dist/proto/permissions.proto +150 -0
package/dist/types/evaluation.types.d.ts +80 -0
package/dist/types/evaluation.types.d.ts.map +1 -0
package/dist/types/evaluation.types.js +14 -0
package/dist/types/evaluation.types.js.map +1 -0
package/dist/types/grpc.types.d.ts +97 -0
package/dist/types/grpc.types.d.ts.map +1 -0
package/dist/types/grpc.types.js +15 -0
package/dist/types/grpc.types.js.map +1 -0
package/dist/types/index.d.ts +4 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +20 -0
package/dist/types/index.js.map +1 -0
package/dist/types/permission.types.d.ts +51 -0
package/dist/types/permission.types.d.ts.map +1 -0
package/dist/types/permission.types.js +8 -0
package/dist/types/permission.types.js.map +1 -0
package/package.json +60 -0
package/src/proto/permissions.proto +150 -0

package/dist/types/permission.types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"permission.types.js","sourceRoot":"","sources":["../../src/types/permission.types.ts"],"names":[],"mappings":";;;AA4CA;;GAEG;AACU,QAAA,wBAAwB,GAAG,sBAAsB,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,60 @@
+{
+  "name": "@ahksolution/permissions-sdk",
+  "version": "1.0.0",
+  "description": "gRPC client SDK for AHK Solution Permissions Microservice - provides NestJS guard, decorators, and client for inter-service permission checks",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist",
+    "src/proto"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json && npm run copy:proto",
+    "copy:proto": "node -e \"const fs=require('fs');const path=require('path');fs.mkdirSync('dist/proto',{recursive:true});fs.copyFileSync('src/proto/permissions.proto','dist/proto/permissions.proto');\"",
+    "clean": "rimraf dist",
+    "prebuild": "npm run clean",
+    "prepublishOnly": "npm run build",
+    "lint": "eslint \"src/**/*.ts\"",
+    "lint:fix": "eslint \"src/**/*.ts\" --fix"
+  },
+  "keywords": [
+    "permissions",
+    "rbac",
+    "abac",
+    "grpc",
+    "nestjs",
+    "microservice",
+    "authorization"
+  ],
+  "author": "AHK",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ahksolution/permissions-sdk"
+  },
+  "peerDependencies": {
+    "@nestjs/common": "^11.0.0",
+    "@nestjs/core": "^11.0.0",
+    "@nestjs/microservices": "^11.0.0",
+    "@grpc/grpc-js": "^1.12.0",
+    "@grpc/proto-loader": "^0.7.0",
+    "rxjs": "^7.0.0"
+  },
+  "devDependencies": {
+    "@nestjs/common": "^11.0.1",
+    "@nestjs/core": "^11.0.1",
+    "@nestjs/microservices": "^11.0.1",
+    "@grpc/grpc-js": "^1.12.5",
+    "@grpc/proto-loader": "^0.7.13",
+    "@types/node": "^22.10.7",
+    "rimraf": "^6.1.2",
+    "rxjs": "^7.8.1",
+    "typescript": "^5.7.3"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}

package/src/proto/permissions.proto ADDED Viewed

@@ -0,0 +1,150 @@
+syntax = "proto3";
+package permissions;
+/**
+ * Permissions Service
+ * Provides gRPC endpoints for permission evaluation in a microservice architecture.
+ * Supports RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control).
+ */
+service PermissionsService {
+  /**
+   * Check a single permission for a user with optional ABAC context
+   */
+  rpc CheckPermission(CheckPermissionRequest) returns (CheckPermissionResponse);
+  /**
+   * Check multiple permissions at once for efficiency
+   */
+  rpc CheckBulkPermissions(CheckBulkPermissionsRequest) returns (CheckBulkPermissionsResponse);
+  /**
+   * Get all effective permissions for a user (computed from roles + custom assignments)
+   */
+  rpc GetEffectivePermissions(GetEffectivePermissionsRequest) returns (GetEffectivePermissionsResponse);
+  /**
+   * Simple boolean check - does user have this permission?
+   */
+  rpc HasPermission(HasPermissionRequest) returns (HasPermissionResponse);
+  /**
+   * Check if user has ALL of the specified permissions
+   */
+  rpc HasAllPermissions(HasMultiplePermissionsRequest) returns (HasPermissionResponse);
+  /**
+   * Check if user has ANY of the specified permissions
+   */
+  rpc HasAnyPermission(HasMultiplePermissionsRequest) returns (HasPermissionResponse);
+}
+// ============================================================================
+// Request Messages
+// ============================================================================
+message CheckPermissionRequest {
+  string user_id = 1;
+  string permission_code = 2;
+  optional ResourceContext resource_context = 3;
+  optional RequestContext request_context = 4;
+}
+message CheckBulkPermissionsRequest {
+  string user_id = 1;
+  repeated string permission_codes = 2;
+  optional ResourceContext resource_context = 3;
+  optional RequestContext request_context = 4;
+}
+message GetEffectivePermissionsRequest {
+  string user_id = 1;
+}
+message HasPermissionRequest {
+  string user_id = 1;
+  string permission_code = 2;
+}
+message HasMultiplePermissionsRequest {
+  string user_id = 1;
+  repeated string permission_codes = 2;
+}
+// ============================================================================
+// Response Messages
+// ============================================================================
+message CheckPermissionResponse {
+  bool allowed = 1;
+  EvaluationSource source = 2;
+  repeated string matched_roles = 3;
+  repeated string matched_policies = 4;
+  string reason = 5;
+  int32 evaluation_time_ms = 6;
+}
+message CheckBulkPermissionsResponse {
+  map<string, CheckPermissionResponse> results = 1;
+  int32 total_time_ms = 2;
+}
+message GetEffectivePermissionsResponse {
+  repeated string permissions = 1;
+  repeated RoleInfo roles = 2;
+  int32 version = 3;
+  string computed_at = 4;
+}
+message HasPermissionResponse {
+  bool has_permission = 1;
+}
+// ============================================================================
+// Shared Types
+// ============================================================================
+/**
+ * Source of the permission decision
+ */
+enum EvaluationSource {
+  EVALUATION_SOURCE_UNSPECIFIED = 0;
+  EVALUATION_SOURCE_RBAC = 1;
+  EVALUATION_SOURCE_ABAC = 2;
+  EVALUATION_SOURCE_BREAK_GLASS = 3;
+  EVALUATION_SOURCE_DENIED = 4;
+}
+/**
+ * Role information
+ */
+message RoleInfo {
+  string id = 1;
+  string code = 2;
+  string name = 3;
+  bool is_system = 4;
+}
+/**
+ * Resource context for ABAC evaluation
+ * Contains attributes about the resource being accessed
+ */
+message ResourceContext {
+  optional string id = 1;
+  optional string type = 2;
+  optional string owner_id = 3;
+  optional string department = 4;
+  map<string, string> attributes = 5;
+}
+/**
+ * Request context for ABAC evaluation
+ * Contains attributes about the request itself
+ */
+message RequestContext {
+  optional string ip = 1;
+  optional string user_agent = 2;
+  optional string method = 3;
+  optional string path = 4;
+  map<string, string> attributes = 5;
+}