@api-client/core 0.18.51 → 0.18.53

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@api-client/core",
   "description": "The API Client's core client library. Works in NodeJS and in a ES enabled browser.",
-  "version": "0.18.51",
+  "version": "0.18.53",
   "license": "Apache-2.0",
   "exports": {
     "./browser.js": {

package/src/amf/definitions/Shapes.ts

@@ -26,7 +26,7 @@ export type IShapeUnion =
 
 export interface IApiAssociationShape {
   /**
-   * This is custom property not available in AMF and used with data associations.
+   * This is a custom property that not available in the AMF library and is used with data associations.
    *
    * Whether the target entity should be embedded under the property name.
    * When false, this association is just an information that one entity depend on another.

package/src/modeling/Semantics.ts

@@ -71,6 +71,12 @@ export enum SemanticType {
    * we may add more automation related to the `title` property in the future.
    */
   Title = 'Semantic#Title',
+  /**
+   * A semantic that describes a name of a person or pet. This semantic is used with
+   * the `PublicUniqueName` to determine which field is responsible for the slug generation. However,
+   * we may add more automation related to the `name` property in the future.
+   */
+  Name = 'Semantic#Name',
   /**
    * Designates a Data Property as the `role` of a user within the system.
    * This is used to define the user's permissions and access levels.
@@ -314,9 +320,13 @@ export enum SemanticOperation {
   Update = 'Update',
   Delete = 'Delete',
   /**
-   * Special operation for list/query operations
+   * Special operation for list operations
    */
   List = 'List',
+  /**
+   * Special operation for search operations
+   */
+  Search = 'Search',
 }
 
 /**
@@ -814,6 +824,19 @@ export const DataSemantics: Record<SemanticType, DataSemantic> = {
       operations: [],
     },
   },
+  [SemanticType.Name]: {
+    id: SemanticType.Name,
+    displayName: 'Name',
+    scope: SemanticScope.Property,
+    description: 'A person or pet name',
+    category: SemanticCategory.Content,
+    applicableDataTypes: ['string'],
+    hasConfig: false,
+    runtime: {
+      timing: SemanticTiming.None,
+      operations: [],
+    },
+  },
   [SemanticType.Description]: {
     id: SemanticType.Description,
     displayName: 'Description',

package/src/models/store/Permission.ts

@@ -15,6 +15,8 @@ const orderedRoles: PermissionRole[] = ['reader', 'commenter', 'writer', 'owner'
  * A predefined set of rules that can be used to determine the source of the permission.
  * - `direct_user_grant`: The permission is granted directly to the user.
  * - `creator_default_owner`: The permission is granted to the creator of the item as the default owner.
+ * - `parent_owner_editor_rule`: The object is placed in a folder and the owner of the folder
+ *                               has automatically granted role to the object.
  */
 export type PermissionSourceRule = 'direct_user_grant' | 'creator_default_owner' | 'parent_owner_editor_rule'
 
@@ -338,8 +340,61 @@ export class Permission {
    * Link to the `Permission.hasRole(minimumLevel, currentRole)`.
    * @see {@link Permission.hasRole}
    */
-  hasRole(minimumLevel: PermissionRole, currentRole: PermissionRole): boolean {
-    return Permission.hasRole(minimumLevel, currentRole)
+  hasRole(minimumLevel: PermissionRole): boolean {
+    return Permission.hasRole(minimumLevel, this.role)
+  }
+
+  /**
+   * Checks if the user has the required role in the list of permissions.
+   * The permissions list must be filtered for the user, user's organization, and user's groups.
+   *
+   * @param minimumLevel The minimum requested role
+   * @param permissions The list of permissions to check.
+   * @returns True if the user has the required role.
+   */
+  static hasRoleIn(minimumLevel: PermissionRole, permissions: IPermission[]): boolean {
+    if (!permissions || !permissions.length) {
+      return false
+    }
+    // 1. Sort/Group permissions by depth (ascending).
+    // We want to process the closest permissions first.
+    const sorted = [...permissions].sort((a, b) => a.depth - b.depth)
+    const closestDepth = sorted[0].depth
+    const closestPermissions = sorted.filter((p) => p.depth === closestDepth)
+
+    // 2. Specificity: User > Group > Organization
+    let effectivePermission: IPermission | undefined
+
+    // Check for user permissions
+    const userPermissions = closestPermissions.filter((p) => p.type === 'user')
+    if (userPermissions.length) {
+      // Pick highest role if multiple user permissions exist at same depth (unlikely but safe)
+      effectivePermission = userPermissions.sort((a, b) => {
+        return orderedRoles.indexOf(b.role) - orderedRoles.indexOf(a.role)
+      })[0]
+    } else {
+      // Check for group permissions
+      const groupPermissions = closestPermissions.filter((p) => p.type === 'group')
+      if (groupPermissions.length) {
+        effectivePermission = groupPermissions.sort((a, b) => {
+          return orderedRoles.indexOf(b.role) - orderedRoles.indexOf(a.role)
+        })[0]
+      } else {
+        // Check for organization permissions
+        const orgPermissions = closestPermissions.filter((p) => p.type === 'organization')
+        if (orgPermissions.length) {
+          effectivePermission = orgPermissions.sort((a, b) => {
+            return orderedRoles.indexOf(b.role) - orderedRoles.indexOf(a.role)
+          })[0]
+        }
+      }
+    }
+
+    if (!effectivePermission) {
+      return false
+    }
+
+    return Permission.hasRole(minimumLevel, effectivePermission.role)
   }
 
   toJSON(): IPermission {

package/src/runtime/http-engine/ntlm/MD4.ts

@@ -14,7 +14,7 @@ export class MD4 {
   }
 
   static core(x: number[], len: number): number[] {
-    x[len >> 5] |= 0x80 << len % 32
+    x[len >> 5] |= 0x80 << (len % 32)
     x[(((len + 64) >>> 9) << 4) + 14] = len
 
     let a = 1732584193
@@ -117,7 +117,7 @@ export class MD4 {
     const bin: number[] = []
     const mask = (1 << MD4.chrsz) - 1
     for (let i = 0; i < str.length * MD4.chrsz; i += MD4.chrsz) {
-      bin[i >> 5] |= (str.charCodeAt(i / MD4.chrsz) & mask) << i % 32
+      bin[i >> 5] |= (str.charCodeAt(i / MD4.chrsz) & mask) << (i % 32)
     }
     return bin
   }
@@ -126,7 +126,7 @@ export class MD4 {
     let str = ''
     const mask = (1 << MD4.chrsz) - 1
     for (let i = 0; i < bin.length * 32; i += MD4.chrsz) {
-      str += String.fromCharCode((bin[i >> 5] >>> i % 32) & mask)
+      str += String.fromCharCode((bin[i >> 5] >>> (i % 32)) & mask)
     }
     return str
   }

package/tests/unit/models/store/Permission.spec.ts

@@ -0,0 +1,278 @@
+import { test } from '@japa/runner'
+import { IPermission, Permission, PermissionRole, PermissionType } from '../../../../src/models/store/Permission.js'
+
+test.group('Permission.hasRoleIn()', () => {
+  const createPerm = (role: PermissionRole, depth: number, type: PermissionType = 'user', id = 'id'): IPermission => ({
+    kind: 'Core#Permission',
+    key: 'key',
+    role,
+    depth,
+    type,
+    granteeId: id,
+    itemId: 'item',
+    addingUser: 'user',
+    sourceRule: 'direct_user_grant',
+  })
+
+  test('returns false for empty permissions', ({ assert }) => {
+    assert.isFalse(Permission.hasRoleIn('reader', []))
+  })
+
+  test('returns true when user has direct role meeting requirement', ({ assert }) => {
+    const perms = [createPerm('writer', 0)]
+    assert.isTrue(Permission.hasRoleIn('reader', perms))
+    assert.isTrue(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('returns false when user does not meet requirement', ({ assert }) => {
+    const perms = [createPerm('reader', 0)]
+    assert.isFalse(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('prioritizes closer depth (depth 0 overrides depth 1)', ({ assert }) => {
+    // Depth 0: Reader (Direct), Depth 1: Owner (Inherited)
+    // Expectation: Reader wins (Specificity of depth) -> returns false for Writer check
+    const perms = [createPerm('reader', 0), createPerm('owner', 1)]
+    assert.isFalse(Permission.hasRoleIn('writer', perms))
+    assert.isTrue(Permission.hasRoleIn('reader', perms))
+  })
+
+  test('prioritizes closer depth (depth 1 overrides depth 2)', ({ assert }) => {
+    // Depth 1: Writer, Depth 2: Reader
+    // Expectation: Writer wins
+    const perms = [createPerm('writer', 1), createPerm('reader', 2)]
+    assert.isTrue(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('prioritizes user over group at same depth', ({ assert }) => {
+    // Depth 0: User=Reader, Group=Owner
+    // Expectation: User wins -> Reader
+    const perms = [createPerm('reader', 0, 'user'), createPerm('owner', 0, 'group')]
+    assert.isFalse(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('prioritizes group over organization at same depth', ({ assert }) => {
+    // Depth 0: Group=Reader, Org=Owner
+    // Expectation: Group wins -> Reader
+    const perms = [createPerm('reader', 0, 'group'), createPerm('owner', 0, 'organization')]
+    assert.isFalse(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('uses highest role when multiple groups at same depth', ({ assert }) => {
+    // Depth 0: GroupA=Reader, GroupB=Writer
+    // Expectation: Writer wins (Union)
+    const perms = [createPerm('reader', 0, 'group', 'A'), createPerm('writer', 0, 'group', 'B')]
+    assert.isTrue(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('uses highest role when multiple users at same depth (theoretical)', ({ assert }) => {
+    // Depth 0: User=Reader, User=Writer
+    // Expectation: Writer wins
+    const perms = [createPerm('reader', 0, 'user'), createPerm('writer', 0, 'user')]
+    assert.isTrue(Permission.hasRoleIn('writer', perms))
+  })
+
+  test('ignores deeper permissions even if they are more specific types', ({ assert }) => {
+    // Depth 0: Org=Reader
+    // Depth 1: User=Owner
+    // Expectation: Depth 0 (Org=Reader) wins because it's closer.
+    // User assumption: "closest to the item directly set... should be considered first"
+    const perms = [createPerm('reader', 0, 'organization'), createPerm('owner', 1, 'user')]
+    assert.isFalse(Permission.hasRoleIn('writer', perms))
+  })
+})
+
+test.group('Permission.constructor()', () => {
+  test('creates a default permission when no input', ({ assert }) => {
+    const p = new Permission()
+    assert.equal(p.kind, 'Core#Permission')
+    assert.typeOf(p.key, 'string')
+    assert.equal(p.role, 'reader')
+    assert.equal(p.type, 'user')
+    assert.equal(p.depth, 0)
+  })
+
+  test('creates from string JSON', ({ assert }) => {
+    const json = JSON.stringify({
+      kind: 'Core#Permission',
+      key: 'key',
+      role: 'writer',
+      type: 'group',
+      granteeId: 'group-id',
+      itemId: 'item-id',
+      addingUser: 'adder',
+    })
+    const p = new Permission(json)
+    assert.equal(p.role, 'writer')
+    assert.equal(p.type, 'group')
+  })
+
+  test('creates from object', ({ assert }) => {
+    const init: IPermission = {
+      kind: 'Core#Permission',
+      key: 'key',
+      role: 'owner',
+      type: 'user',
+      granteeId: 'user-id',
+      itemId: 'item-id',
+      addingUser: 'adder',
+      depth: 0,
+      sourceRule: 'direct_user_grant',
+    }
+    const p = new Permission(init)
+    assert.equal(p.role, 'owner')
+    assert.equal(p.granteeId, 'user-id')
+  })
+
+  test('throws when input is not a permission', ({ assert }) => {
+    assert.throws(() => new Permission({ kind: 'Wrong' } as unknown as IPermission), /Not a permission/)
+  })
+
+  test('restores optional fields', ({ assert }) => {
+    const init: IPermission = {
+      kind: 'Core#Permission',
+      key: 'key',
+      role: 'owner',
+      type: 'user',
+      granteeId: 'user-id',
+      itemId: 'item-id',
+      addingUser: 'adder',
+      displayName: 'Name',
+      expirationTime: 12345,
+      depth: 0,
+      sourceRule: 'direct_user_grant',
+    }
+    const p = new Permission(init)
+    assert.equal(p.displayName, 'Name')
+    assert.equal(p.expirationTime, 12345)
+  })
+})
+
+test.group('Permission static factories', () => {
+  test('fromUserRole creates valid permission', ({ assert }) => {
+    const p = Permission.fromUserRole('writer', 'item', 'user', 'adder')
+    assert.equal(p.type, 'user')
+    assert.equal(p.role, 'writer')
+    assert.equal(p.itemId, 'item')
+    assert.equal(p.granteeId, 'user')
+    assert.equal(p.addingUser, 'adder')
+    assert.typeOf(p.key, 'string')
+  })
+
+  test('fromGroupRole creates valid permission', ({ assert }) => {
+    const p = Permission.fromGroupRole('commenter', 'item', 'group', 'adder')
+    assert.equal(p.type, 'group')
+    assert.equal(p.role, 'commenter')
+    assert.equal(p.itemId, 'item')
+    assert.equal(p.granteeId, 'group')
+  })
+
+  test('fromOrganizationRole creates valid permission', ({ assert }) => {
+    const p = Permission.fromOrganizationRole('reader', 'item', 'org', 'adder')
+    assert.equal(p.type, 'organization')
+    assert.equal(p.role, 'reader')
+    assert.equal(p.itemId, 'item')
+    assert.equal(p.granteeId, 'org')
+  })
+
+  test('fromValues creates permission with new key', ({ assert }) => {
+    const base = {
+      role: 'owner',
+      type: 'user',
+      granteeId: 'u',
+      itemId: 'i',
+      addingUser: 'a',
+      depth: 0,
+      sourceRule: 'direct_user_grant',
+    } as unknown as IPermission as unknown as IPermission
+    const p = Permission.fromValues(base)
+    assert.equal(p.role, 'owner')
+    // fromValues generates a new key
+    assert.typeOf(p.key, 'string')
+  })
+})
+
+test.group('Permission.isPermission()', () => {
+  test('returns true for valid permission interface', ({ assert }) => {
+    const p = { kind: 'Core#Permission' }
+    assert.isTrue(Permission.isPermission(p))
+  })
+
+  test('returns false for null', ({ assert }) => {
+    assert.isFalse(Permission.isPermission(null))
+  })
+
+  test('returns false for wrong kind', ({ assert }) => {
+    assert.isFalse(Permission.isPermission({ kind: 'Wrong' }))
+  })
+})
+
+test.group('Permission.hasRole()', () => {
+  test('returns false when current role is missing', ({ assert }) => {
+    assert.isFalse(Permission.hasRole('reader', undefined))
+  })
+
+  test('owner satisfies all', ({ assert }) => {
+    assert.isTrue(Permission.hasRole('owner', 'owner'))
+    assert.isTrue(Permission.hasRole('writer', 'owner'))
+    assert.isTrue(Permission.hasRole('commenter', 'owner'))
+    assert.isTrue(Permission.hasRole('reader', 'owner'))
+  })
+
+  test('writer satisfies lower', ({ assert }) => {
+    assert.isFalse(Permission.hasRole('owner', 'writer'))
+    assert.isTrue(Permission.hasRole('writer', 'writer'))
+    assert.isTrue(Permission.hasRole('commenter', 'writer'))
+    assert.isTrue(Permission.hasRole('reader', 'writer'))
+  })
+
+  test('reader only satisfies reader', ({ assert }) => {
+    assert.isFalse(Permission.hasRole('writer', 'reader'))
+    assert.isTrue(Permission.hasRole('reader', 'reader'))
+  })
+
+  test('instance method calls static', ({ assert }) => {
+    const p = Permission.fromUserRole('writer', 'item', 'user', 'adder')
+    assert.isTrue(p.hasRole('reader'))
+  })
+})
+
+test.group('Permission.isHigherRole()', () => {
+  test('owner > writer', ({ assert }) => {
+    assert.isTrue(Permission.isHigherRole('owner', 'writer'))
+  })
+
+  test('writer > reader', ({ assert }) => {
+    assert.isTrue(Permission.isHigherRole('writer', 'reader'))
+  })
+
+  test('reader !> writer', ({ assert }) => {
+    assert.isFalse(Permission.isHigherRole('reader', 'writer'))
+  })
+
+  test('same role returns false', ({ assert }) => {
+    assert.isFalse(Permission.isHigherRole('owner', 'owner'))
+  })
+})
+
+test.group('Permission.toJSON()', () => {
+  test('returns plain object with all fields', ({ assert }) => {
+    const p = Permission.fromUserRole('owner', 'item', 'user', 'adder')
+    p.displayName = 'User Name'
+    p.expirationTime = 1000
+
+    const json = p.toJSON()
+    assert.equal(json.kind, 'Core#Permission')
+    assert.equal(json.role, 'owner')
+    assert.equal(json.displayName, 'User Name')
+    assert.equal(json.expirationTime, 1000)
+    assert.typeOf(json.key, 'string')
+  })
+
+  test('omits optional fields if undefined', ({ assert }) => {
+    const p = Permission.fromUserRole('owner', 'item', 'user', 'adder')
+    const json = p.toJSON()
+    assert.isUndefined(json.displayName)
+    assert.isUndefined(json.expirationTime)
+  })
+})