npm - @ampsec/platform-client - Versions diffs - 12.1.0 → 12.2.0 - Mend

@ampsec/platform-client 12.1.0 → 12.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/build/src/dto/enums/agent.role.d.ts +16 -0
package/build/src/dto/enums/agent.role.js +44 -0
package/build/src/dto/enums/agent.role.js.map +1 -0
package/build/src/dto/enums/index.d.ts +1 -0
package/build/src/dto/enums/index.js +1 -0
package/build/src/dto/enums/index.js.map +1 -1
package/build/src/dto/index.d.ts +1 -0
package/build/src/dto/index.js +1 -0
package/build/src/dto/index.js.map +1 -1
package/build/src/dto/jwt.d.ts +20 -0
package/build/src/dto/jwt.js +3 -0
package/build/src/dto/jwt.js.map +1 -0
package/example/package-lock.json +7 -7
package/example/package.json +1 -1
package/package.json +1 -1
package/src/dto/agents.dto.ts +3 -0
package/src/dto/enums/agent.role.ts +41 -0
package/src/dto/enums/index.ts +1 -0
package/src/dto/index.ts +1 -0
package/src/dto/jwt.ts +20 -0

package/build/src/dto/enums/agent.role.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+export declare enum AgentRole {
+    /** Agent can only read data. */
+    VIEWER = "VIEWER",
+    /** Agent can read and write data. */
+    AGENT = "AGENT",
+    /** Agent can read and write data and manage other agents. */
+    ADMIN = "ADMIN",
+    /** Agent owns organization. */
+    OWNER = "OWNER",
+    /** Token belongs to a service account. */
+    SERVICE_ACCOUNT = "SERVICE_ACCOUNT",
+    /** Unknown role. Used for validation */
+    UNKNOWN = "UNKNOWN"
+}
+export declare function lookupAgentRole(role: string): AgentRole;
+export declare function lookupAgentRoleOrdinal(role: string): number;

package/build/src/dto/enums/agent.role.js ADDED Viewed

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.lookupAgentRoleOrdinal = exports.lookupAgentRole = exports.AgentRole = void 0;
+/* eslint-disable no-unused-vars */
+var AgentRole;
+(function (AgentRole) {
+    /** Agent can only read data. */
+    AgentRole["VIEWER"] = "VIEWER";
+    /** Agent can read and write data. */
+    AgentRole["AGENT"] = "AGENT";
+    /** Agent can read and write data and manage other agents. */
+    AgentRole["ADMIN"] = "ADMIN";
+    /** Agent owns organization. */
+    AgentRole["OWNER"] = "OWNER";
+    /** Token belongs to a service account. */
+    AgentRole["SERVICE_ACCOUNT"] = "SERVICE_ACCOUNT";
+    /** Unknown role. Used for validation */
+    AgentRole["UNKNOWN"] = "UNKNOWN";
+})(AgentRole = exports.AgentRole || (exports.AgentRole = {}));
+const agentRoleLookupMap = {
+    VIEWER: AgentRole.VIEWER,
+    AGENT: AgentRole.AGENT,
+    ADMIN: AgentRole.ADMIN,
+    OWNER: AgentRole.OWNER,
+    SERVICE_ACCOUNT: AgentRole.SERVICE_ACCOUNT,
+};
+function lookupAgentRole(role) {
+    return agentRoleLookupMap[role] || AgentRole.UNKNOWN;
+}
+exports.lookupAgentRole = lookupAgentRole;
+const UNKNOWN_ORDINAL = -99;
+const agentRoleOrdinalMap = new Map([
+    [AgentRole.VIEWER, 0],
+    [AgentRole.AGENT, 1],
+    [AgentRole.ADMIN, 2],
+    [AgentRole.OWNER, 3],
+    [AgentRole.SERVICE_ACCOUNT, -1],
+    [AgentRole.UNKNOWN, UNKNOWN_ORDINAL],
+]);
+function lookupAgentRoleOrdinal(role) {
+    return agentRoleOrdinalMap.get(lookupAgentRole(role)) || UNKNOWN_ORDINAL;
+}
+exports.lookupAgentRoleOrdinal = lookupAgentRoleOrdinal;
+//# sourceMappingURL=agent.role.js.map

package/build/src/dto/enums/agent.role.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"agent.role.js","sourceRoot":"","sources":["../../../../src/dto/enums/agent.role.ts"],"names":[],"mappings":";;;AAAA,mCAAmC;AACnC,IAAY,SAaX;AAbD,WAAY,SAAS;IACnB,gCAAgC;IAChC,8BAAiB,CAAA;IACjB,qCAAqC;IACrC,4BAAe,CAAA;IACf,6DAA6D;IAC7D,4BAAe,CAAA;IACf,+BAA+B;IAC/B,4BAAe,CAAA;IACf,0CAA0C;IAC1C,gDAAmC,CAAA;IACnC,wCAAwC;IACxC,gCAAmB,CAAA;AACrB,CAAC,EAbW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAapB;AAED,MAAM,kBAAkB,GAA+B;IACrD,MAAM,EAAE,SAAS,CAAC,MAAM;IACxB,KAAK,EAAE,SAAS,CAAC,KAAK;IACtB,KAAK,EAAE,SAAS,CAAC,KAAK;IACtB,KAAK,EAAE,SAAS,CAAC,KAAK;IACtB,eAAe,EAAE,SAAS,CAAC,eAAe;CAC3C,CAAC;AAEF,SAAgB,eAAe,CAAC,IAAY;IAC1C,OAAO,kBAAkB,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,OAAO,CAAC;AACvD,CAAC;AAFD,0CAEC;AAED,MAAM,eAAe,GAAG,CAAC,EAAE,CAAC;AAC5B,MAAM,mBAAmB,GAA2B,IAAI,GAAG,CAAC;IAC1D,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IACrB,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;IACpB,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;IACpB,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;IACpB,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC;IAC/B,CAAC,SAAS,CAAC,OAAO,EAAE,eAAe,CAAC;CACrC,CAAC,CAAC;AAEH,SAAgB,sBAAsB,CAAC,IAAY;IACjD,OAAO,mBAAmB,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,IAAI,eAAe,CAAC;AAC3E,CAAC;AAFD,wDAEC"}

package/build/src/dto/enums/index.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+export * from './agent.role';
 export * from './agent.status';
 export * from './connector.status';
 export * from './finding.severity';

package/build/src/dto/enums/index.js CHANGED Viewed

@@ -14,6 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./agent.role"), exports);
 __exportStar(require("./agent.status"), exports);
 __exportStar(require("./connector.status"), exports);
 __exportStar(require("./finding.severity"), exports);

package/build/src/dto/enums/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/dto/enums/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA+B;AAC/B,qDAAmC;AACnC,qDAAmC;AACnC,mDAAiC;AACjC,wDAAsC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/dto/enums/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,iDAA+B;AAC/B,qDAAmC;AACnC,qDAAmC;AACnC,mDAAiC;AACjC,wDAAsC"}

package/build/src/dto/index.d.ts CHANGED Viewed

@@ -6,6 +6,7 @@ export * from './enum.dto';
 export * from './enums';
 export * from './extKeyMap.dto';
 export * from './findings.dto';
+export * from './jwt';
 export * from './message.dto';
 export * from './page.dto';
 export * from './platform';

package/build/src/dto/index.js CHANGED Viewed

@@ -22,6 +22,7 @@ __exportStar(require("./enum.dto"), exports);
 __exportStar(require("./enums"), exports);
 __exportStar(require("./extKeyMap.dto"), exports);
 __exportStar(require("./findings.dto"), exports);
+__exportStar(require("./jwt"), exports);
 __exportStar(require("./message.dto"), exports);
 __exportStar(require("./page.dto"), exports);
 __exportStar(require("./platform"), exports);

package/build/src/dto/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,+CAA6B;AAC7B,6CAA2B;AAC3B,mDAAiC;AACjC,6CAA2B;AAC3B,0CAAwB;AACxB,kDAAgC;AAChC,iDAA+B;AAC/B,gDAA8B;AAC9B,6CAA2B;AAC3B,6CAA2B;AAC3B,kDAAgC;AAChC,sDAAoC;AACpC,yDAAuC;AACvC,mDAAiC;AACjC,uDAAqC;AACrC,kDAAgC;AAChC,gDAA8B;AAC9B,8CAA4B"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,+CAA6B;AAC7B,6CAA2B;AAC3B,mDAAiC;AACjC,6CAA2B;AAC3B,0CAAwB;AACxB,kDAAgC;AAChC,iDAA+B;AAC/B,wCAAsB;AACtB,gDAA8B;AAC9B,6CAA2B;AAC3B,6CAA2B;AAC3B,kDAAgC;AAChC,sDAAoC;AACpC,yDAAuC;AACvC,mDAAiC;AACjC,uDAAqC;AACrC,kDAAgC;AAChC,gDAA8B;AAC9B,8CAA4B"}

package/build/src/dto/jwt.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+export type AmpJwtToken = {
+    /** Constant for now but might change in the future. */
+    iss: 'amp-platform-api';
+    /** UNIX timestamp, i.e. seconds	since January 1, 1970 */
+    exp: number;
+    /** Single tenant ID for scoping requests */
+    tid: string;
+    /** DB PK for authenticated Agent/End User */
+    sub: string;
+    /** Display value for subject. Falls back to email.  */
+    name: string;
+    /** Single role defining Amplifier User Personas */
+    role: string;
+    /** Enables fine grain access controls to actions/data. Defined by ORG admin or SCIM. */
+    group: string[];
+    /** Feature flags and other permissions. Defined by Amplifier Platform. */
+    entitlement: string[];
+    /** OAuth scopes to limit ability of token, e.g. READ_ONLY service accounts. Might overlap too much with `group` field. */
+    scope: string[];
+};

package/build/src/dto/jwt.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=jwt.js.map

package/build/src/dto/jwt.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../src/dto/jwt.ts"],"names":[],"mappings":""}

package/example/package-lock.json CHANGED Viewed

@@ -9,14 +9,14 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "@ampsec/platform-client": "^10.0.0",
+        "@ampsec/platform-client": "^10.4.0",
         "axios": "^1.4.0"
       }
     },
     "node_modules/@ampsec/platform-client": {
-      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/@ampsec/platform-client/-/platform-client-10.0.0.tgz",
-      "integrity": "sha512-RT6yDe83+smIGWrBmTdFj0j5kUOzGmBGyZyPGBjdcqBjfjGpyc41pAoo8kjSsjPKANIX2BxWjNvs5/1NwUeYZA==",
+      "version": "10.4.0",
+      "resolved": "https://registry.npmjs.org/@ampsec/platform-client/-/platform-client-10.4.0.tgz",
+      "integrity": "sha512-KNmFLtDCvsQEQZFdjAlNclII0bcAVPS3VI4sS5ZyDvcimngucgGvlm6jUsndkDXGdv2CRR+wC/3P+riemNWTsQ==",
       "dependencies": {
         "axios": "^1.4.0",
         "blueimp-md5": "^2.19.0",
@@ -132,9 +132,9 @@
   },
   "dependencies": {
     "@ampsec/platform-client": {
-      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/@ampsec/platform-client/-/platform-client-10.0.0.tgz",
-      "integrity": "sha512-RT6yDe83+smIGWrBmTdFj0j5kUOzGmBGyZyPGBjdcqBjfjGpyc41pAoo8kjSsjPKANIX2BxWjNvs5/1NwUeYZA==",
+      "version": "10.4.0",
+      "resolved": "https://registry.npmjs.org/@ampsec/platform-client/-/platform-client-10.4.0.tgz",
+      "integrity": "sha512-KNmFLtDCvsQEQZFdjAlNclII0bcAVPS3VI4sS5ZyDvcimngucgGvlm6jUsndkDXGdv2CRR+wC/3P+riemNWTsQ==",
       "requires": {
         "axios": "^1.4.0",
         "blueimp-md5": "^2.19.0",

package/example/package.json CHANGED Viewed

@@ -10,7 +10,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@ampsec/platform-client": "^10.3.0",
+    "@ampsec/platform-client": "^12.2.0",
     "axios": "^1.4.0"
   }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ampsec/platform-client",
-  "version": "12.1.0",
+  "version": "12.2.0",
   "description": "",
   "main": "build/src/index.js",
   "runkitExampleFilename": "example/main.js",

package/src/dto/agents.dto.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import {AgentStatus} from './enums/agent.status';
 import {BaseDto, BaseUpsertDto} from './base.dto';
+// import {AgentRole} from './enums';
 export type AgentUpsertDto = BaseUpsertDto & {
   /** Agent first name */
@@ -10,6 +11,8 @@ export type AgentUpsertDto = BaseUpsertDto & {
   status: AgentStatus;
   /** External Id */
   email: string;
+  /** Agent role */
+  // TODO: role: AgentRole; // for now all agents are `OWNER`. Need to map role to tenant
 };
 export type AgentDto = BaseDto & AgentUpsertDto;

package/src/dto/enums/agent.role.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/* eslint-disable no-unused-vars */
+export enum AgentRole {
+  /** Agent can only read data. */
+  VIEWER = 'VIEWER',
+  /** Agent can read and write data. */
+  AGENT = 'AGENT',
+  /** Agent can read and write data and manage other agents. */
+  ADMIN = 'ADMIN',
+  /** Agent owns organization. */
+  OWNER = 'OWNER',
+  /** Token belongs to a service account. */
+  SERVICE_ACCOUNT = 'SERVICE_ACCOUNT',
+  /** Unknown role. Used for validation */
+  UNKNOWN = 'UNKNOWN',
+}
+const agentRoleLookupMap: {[key: string]: AgentRole} = {
+  VIEWER: AgentRole.VIEWER,
+  AGENT: AgentRole.AGENT,
+  ADMIN: AgentRole.ADMIN,
+  OWNER: AgentRole.OWNER,
+  SERVICE_ACCOUNT: AgentRole.SERVICE_ACCOUNT,
+};
+export function lookupAgentRole(role: string): AgentRole {
+  return agentRoleLookupMap[role] || AgentRole.UNKNOWN;
+}
+const UNKNOWN_ORDINAL = -99;
+const agentRoleOrdinalMap: Map<AgentRole, number> = new Map([
+  [AgentRole.VIEWER, 0],
+  [AgentRole.AGENT, 1],
+  [AgentRole.ADMIN, 2],
+  [AgentRole.OWNER, 3],
+  [AgentRole.SERVICE_ACCOUNT, -1],
+  [AgentRole.UNKNOWN, UNKNOWN_ORDINAL],
+]);
+export function lookupAgentRoleOrdinal(role: string): number {
+  return agentRoleOrdinalMap.get(lookupAgentRole(role)) || UNKNOWN_ORDINAL;
+}

package/src/dto/enums/index.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+export * from './agent.role';
 export * from './agent.status';
 export * from './connector.status';
 export * from './finding.severity';

package/src/dto/index.ts CHANGED Viewed

@@ -6,6 +6,7 @@ export * from './enum.dto';
 export * from './enums';
 export * from './extKeyMap.dto';
 export * from './findings.dto';
+export * from './jwt';
 export * from './message.dto';
 export * from './page.dto';
 export * from './platform';

package/src/dto/jwt.ts ADDED Viewed

@@ -0,0 +1,20 @@
+export type AmpJwtToken = {
+  /** Constant for now but might change in the future. */
+  iss: 'amp-platform-api';
+  /** UNIX timestamp, i.e. seconds	since January 1, 1970 */
+  exp: number;
+  /** Single tenant ID for scoping requests */
+  tid: string;
+  /** DB PK for authenticated Agent/End User */
+  sub: string;
+  /** Display value for subject. Falls back to email.  */
+  name: string;
+  /** Single role defining Amplifier User Personas */
+  role: string;
+  /** Enables fine grain access controls to actions/data. Defined by ORG admin or SCIM. */
+  group: string[];
+  /** Feature flags and other permissions. Defined by Amplifier Platform. */
+  entitlement: string[];
+  /** OAuth scopes to limit ability of token, e.g. READ_ONLY service accounts. Might overlap too much with `group` field. */
+  scope: string[];
+};