@api-client/core 0.18.60 → 0.18.61

package/build/src/modeling/rules/MatchResourceOwner.d.ts

@@ -7,13 +7,21 @@ import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
 export interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {
     type: 'matchResourceOwner';
     /**
-     * The property on the resource that should match the authenticated user's ID.
-     * This is typically the ID of the user who owns the resource.
+     * The property on the resource that references the user's ID (the key in the semantically annotated `User` entity).
+     *
+     * When the current exposed entity has a property annotated with the "ResourceOwnerIdentifier" semantic,
+     * this property should be used. It directly references the user's key.
      *
      * The domain model should annotate this property with the "ResourceOwnerIdentifier" semantic
      * to indicate that it is used for ownership checks.
      */
-    property: string;
+    property?: string;
+    /**
+     * The target for the ownership check.
+     * - `property`: The check is performed against a specific property on the resource (default).
+     * - `user-entity`: The check is performed against the entity itself (used when the entity represents the user).
+     */
+    target?: 'property' | 'user-entity';
 }
 /**
  * The action is allowed if the authenticated user's ID matches a specific property on the resource.
@@ -22,7 +30,8 @@ export interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {
  */
 export declare class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {
     readonly type: 'matchResourceOwner';
-    accessor property: string;
+    accessor property: string | undefined;
+    accessor target: 'property' | 'user-entity';
     constructor(state?: Partial<MatchResourceOwnerAccessRuleSchema>);
     toJSON(): MatchResourceOwnerAccessRuleSchema;
 }

package/build/src/modeling/rules/MatchResourceOwner.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"MatchResourceOwner.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;IAC1B;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;IAEhC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;gBAEzB,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;IAM1D,MAAM,IAAI,kCAAkC;CAMtD"}
+{"version":3,"file":"MatchResourceOwner.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;IAC1B;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IAEjB;;;;OAIG;IACH,MAAM,CAAC,EAAE,UAAU,GAAG,aAAa,CAAA;CACpC;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;IAEhC,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IACrC,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,aAAa,CAAA;gBAE3C,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;IAO1D,MAAM,IAAI,kCAAkC;CAUtD"}

package/build/src/modeling/rules/MatchResourceOwner.js

@@ -11,28 +11,41 @@ let MatchResourceOwnerAccessRule = (() => {
     let _property_decorators;
     let _property_initializers = [];
     let _property_extraInitializers = [];
+    let _target_decorators;
+    let _target_initializers = [];
+    let _target_extraInitializers = [];
     return class MatchResourceOwnerAccessRule extends _classSuper {
         static {
             const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
             _property_decorators = [observed()];
+            _target_decorators = [observed()];
             __esDecorate(this, null, _property_decorators, { kind: "accessor", name: "property", static: false, private: false, access: { has: obj => "property" in obj, get: obj => obj.property, set: (obj, value) => { obj.property = value; } }, metadata: _metadata }, _property_initializers, _property_extraInitializers);
+            __esDecorate(this, null, _target_decorators, { kind: "accessor", name: "target", static: false, private: false, access: { has: obj => "target" in obj, get: obj => obj.target, set: (obj, value) => { obj.target = value; } }, metadata: _metadata }, _target_initializers, _target_extraInitializers);
             if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
         }
         type;
         #property_accessor_storage = __runInitializers(this, _property_initializers, void 0);
         get property() { return this.#property_accessor_storage; }
         set property(value) { this.#property_accessor_storage = value; }
+        #target_accessor_storage = (__runInitializers(this, _property_extraInitializers), __runInitializers(this, _target_initializers, void 0));
+        get target() { return this.#target_accessor_storage; }
+        set target(value) { this.#target_accessor_storage = value; }
         constructor(state = {}) {
             super(state);
-            __runInitializers(this, _property_extraInitializers);
+            __runInitializers(this, _target_extraInitializers);
             this.type = 'matchResourceOwner';
-            this.property = state.property ?? '';
+            this.property = state.property;
+            this.target = state.target ?? 'property';
         }
         toJSON() {
-            return {
+            const json = {
                 ...super.toJSON(),
-                property: this.property,
+                target: this.target,
             };
+            if (this.property) {
+                json.property = this.property;
+            }
+            return json;
         }
     };
 })();

package/build/src/modeling/rules/MatchResourceOwner.js.map

@@ -1 +1 @@
-{"version":3,"file":"MatchResourceOwner.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAmBvD;;;;GAIG;IACU,4BAA4B;sBAAS,UAAU;;;;iBAA/C,4BAA6B,SAAQ,WAAU;;;oCAGzD,QAAQ,EAAE;YAAC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAQ;;;QAFnB,IAAI,CAAsB;QAEhC,qFAAyB;QAAzB,IAAS,QAAQ,8CAAQ;QAAzB,IAAS,QAAQ,oDAAQ;QAErC,YAAY,QAAqD,EAAE;YACjE,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAA;YAChC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAA;SACrC;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAyC;gBACzD,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAA;QACH,CAAC;;;SAhBU,4BAA4B","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {\n  type: 'matchResourceOwner'\n  /**\n   * The property on the resource that should match the authenticated user's ID.\n   * This is typically the ID of the user who owns the resource.\n   *\n   * The domain model should annotate this property with the \"ResourceOwnerIdentifier\" semantic\n   * to indicate that it is used for ownership checks.\n   */\n  property: string\n}\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {\n  override readonly type: 'matchResourceOwner'\n\n  @observed() accessor property: string\n\n  constructor(state: Partial<MatchResourceOwnerAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'matchResourceOwner'\n    this.property = state.property ?? ''\n  }\n\n  override toJSON(): MatchResourceOwnerAccessRuleSchema {\n    return {\n      ...(super.toJSON() as MatchResourceOwnerAccessRuleSchema),\n      property: this.property,\n    }\n  }\n}\n"]}
+{"version":3,"file":"MatchResourceOwner.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AA4BvD;;;;GAIG;IACU,4BAA4B;sBAAS,UAAU;;;;;;;iBAA/C,4BAA6B,SAAQ,WAAU;;;oCAGzD,QAAQ,EAAE;kCACV,QAAQ,EAAE;YADC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAoB;YACrC,uKAAS,MAAM,6BAAN,MAAM,uFAA4B;;;QAHrC,IAAI,CAAsB;QAEhC,qFAAqC;QAArC,IAAS,QAAQ,8CAAoB;QAArC,IAAS,QAAQ,oDAAoB;QACrC,yIAA2C;QAA3C,IAAS,MAAM,4CAA4B;QAA3C,IAAS,MAAM,kDAA4B;QAEvD,YAAY,QAAqD,EAAE;YACjE,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAA;YAChC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAA;YAC9B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,UAAU,CAAA;SACzC;QAEQ,MAAM;YACb,MAAM,IAAI,GAAuC;gBAC/C,GAAI,KAAK,CAAC,MAAM,EAAyC;gBACzD,MAAM,EAAE,IAAI,CAAC,MAAM;aACpB,CAAA;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;YAC/B,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;;;SAtBU,4BAA4B","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {\n  type: 'matchResourceOwner'\n  /**\n   * The property on the resource that references the user's ID (the key in the semantically annotated `User` entity).\n   *\n   * When the current exposed entity has a property annotated with the \"ResourceOwnerIdentifier\" semantic,\n   * this property should be used. It directly references the user's key.\n   *\n   * The domain model should annotate this property with the \"ResourceOwnerIdentifier\" semantic\n   * to indicate that it is used for ownership checks.\n   */\n  property?: string\n\n  /**\n   * The target for the ownership check.\n   * - `property`: The check is performed against a specific property on the resource (default).\n   * - `user-entity`: The check is performed against the entity itself (used when the entity represents the user).\n   */\n  target?: 'property' | 'user-entity'\n}\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {\n  override readonly type: 'matchResourceOwner'\n\n  @observed() accessor property: string | undefined\n  @observed() accessor target: 'property' | 'user-entity'\n\n  constructor(state: Partial<MatchResourceOwnerAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'matchResourceOwner'\n    this.property = state.property\n    this.target = state.target ?? 'property'\n  }\n\n  override toJSON(): MatchResourceOwnerAccessRuleSchema {\n    const json: MatchResourceOwnerAccessRuleSchema = {\n      ...(super.toJSON() as MatchResourceOwnerAccessRuleSchema),\n      target: this.target,\n    }\n    if (this.property) {\n      json.property = this.property\n    }\n    return json\n  }\n}\n"]}