@api-client/core 0.19.22 → 0.19.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/src/browser.d.ts +3 -0
- package/build/src/browser.d.ts.map +1 -1
- package/build/src/browser.js +2 -0
- package/build/src/browser.js.map +1 -1
- package/build/src/index.d.ts +3 -0
- package/build/src/index.d.ts.map +1 -1
- package/build/src/index.js +2 -0
- package/build/src/index.js.map +1 -1
- package/build/src/modeling/ApiModel.d.ts.map +1 -1
- package/build/src/modeling/ApiModel.js +37 -13
- package/build/src/modeling/ApiModel.js.map +1 -1
- package/build/src/modeling/ExposedEntity.d.ts.map +1 -1
- package/build/src/modeling/ExposedEntity.js +54 -15
- package/build/src/modeling/ExposedEntity.js.map +1 -1
- package/build/src/modeling/actions/Action.js +2 -2
- package/build/src/modeling/actions/Action.js.map +1 -1
- package/build/src/modeling/rules/AccessRule.d.ts +5 -1
- package/build/src/modeling/rules/AccessRule.d.ts.map +1 -1
- package/build/src/modeling/rules/AccessRule.js +4 -1
- package/build/src/modeling/rules/AccessRule.js.map +1 -1
- package/build/src/modeling/rules/AllowAuthenticated.d.ts +4 -1
- package/build/src/modeling/rules/AllowAuthenticated.d.ts.map +1 -1
- package/build/src/modeling/rules/AllowAuthenticated.js +2 -2
- package/build/src/modeling/rules/AllowAuthenticated.js.map +1 -1
- package/build/src/modeling/rules/AllowPublic.d.ts +4 -1
- package/build/src/modeling/rules/AllowPublic.d.ts.map +1 -1
- package/build/src/modeling/rules/AllowPublic.js +2 -2
- package/build/src/modeling/rules/AllowPublic.js.map +1 -1
- package/build/src/modeling/rules/MatchEmailDomain.d.ts +4 -1
- package/build/src/modeling/rules/MatchEmailDomain.d.ts.map +1 -1
- package/build/src/modeling/rules/MatchEmailDomain.js +2 -2
- package/build/src/modeling/rules/MatchEmailDomain.js.map +1 -1
- package/build/src/modeling/rules/MatchResourceOwner.d.ts +4 -1
- package/build/src/modeling/rules/MatchResourceOwner.d.ts.map +1 -1
- package/build/src/modeling/rules/MatchResourceOwner.js +2 -2
- package/build/src/modeling/rules/MatchResourceOwner.js.map +1 -1
- package/build/src/modeling/rules/MatchUserProperty.d.ts +4 -1
- package/build/src/modeling/rules/MatchUserProperty.d.ts.map +1 -1
- package/build/src/modeling/rules/MatchUserProperty.js +2 -2
- package/build/src/modeling/rules/MatchUserProperty.js.map +1 -1
- package/build/src/modeling/rules/MatchUserRole.d.ts +4 -1
- package/build/src/modeling/rules/MatchUserRole.d.ts.map +1 -1
- package/build/src/modeling/rules/MatchUserRole.js +2 -2
- package/build/src/modeling/rules/MatchUserRole.js.map +1 -1
- package/build/src/modeling/rules/index.d.ts +4 -1
- package/build/src/modeling/rules/index.d.ts.map +1 -1
- package/build/src/modeling/rules/index.js +7 -7
- package/build/src/modeling/rules/index.js.map +1 -1
- package/build/src/models/store/CustomDomain.d.ts +50 -0
- package/build/src/models/store/CustomDomain.d.ts.map +1 -0
- package/build/src/models/store/CustomDomain.js +79 -0
- package/build/src/models/store/CustomDomain.js.map +1 -0
- package/build/src/models/store/Deployment.d.ts +81 -0
- package/build/src/models/store/Deployment.d.ts.map +1 -0
- package/build/src/models/store/Deployment.js +124 -0
- package/build/src/models/store/Deployment.js.map +1 -0
- package/build/src/models/store/DeploymentCustomDomain.d.ts +52 -0
- package/build/src/models/store/DeploymentCustomDomain.d.ts.map +1 -0
- package/build/src/models/store/DeploymentCustomDomain.js +84 -0
- package/build/src/models/store/DeploymentCustomDomain.js.map +1 -0
- package/build/tsconfig.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/modeling/ApiModel.ts +37 -13
- package/src/modeling/ExposedEntity.ts +62 -16
- package/src/modeling/actions/Action.ts +2 -2
- package/src/modeling/rules/AccessRule.ts +8 -1
- package/src/modeling/rules/AllowAuthenticated.ts +5 -2
- package/src/modeling/rules/AllowPublic.ts +5 -2
- package/src/modeling/rules/MatchEmailDomain.ts +5 -2
- package/src/modeling/rules/MatchResourceOwner.ts +5 -2
- package/src/modeling/rules/MatchUserProperty.ts +5 -2
- package/src/modeling/rules/MatchUserRole.ts +5 -2
- package/src/models/store/CustomDomain.ts +119 -0
- package/src/models/store/Deployment.ts +173 -0
- package/src/models/store/DeploymentCustomDomain.ts +120 -0
- package/tests/unit/modeling/actions/Action.spec.ts +13 -10
- package/tests/unit/modeling/actions/CreateAction.spec.ts +7 -6
- package/tests/unit/modeling/actions/DeleteAction.spec.ts +7 -6
- package/tests/unit/modeling/actions/ListAction.spec.ts +5 -4
- package/tests/unit/modeling/actions/ReadAction.spec.ts +9 -8
- package/tests/unit/modeling/actions/SearchAction.spec.ts +5 -4
- package/tests/unit/modeling/actions/UpdateAction.spec.ts +7 -6
- package/tests/unit/modeling/actions/helpers.ts +7 -0
- package/tests/unit/modeling/api_model.spec.ts +3 -1
- package/tests/unit/modeling/api_model_expose_entity.spec.ts +5 -17
- package/tests/unit/modeling/exposed_entity.spec.ts +6 -2
- package/tests/unit/modeling/exposed_entity_actions.spec.ts +0 -4
- package/tests/unit/modeling/rules/AccessRule.spec.ts +6 -5
- package/tests/unit/modeling/rules/AllowAuthenticated.spec.ts +4 -3
- package/tests/unit/modeling/rules/AllowPublic.spec.ts +4 -3
- package/tests/unit/modeling/rules/MatchEmailDomain.spec.ts +6 -5
- package/tests/unit/modeling/rules/MatchResourceOwner.spec.ts +7 -6
- package/tests/unit/modeling/rules/MatchUserProperty.spec.ts +6 -5
- package/tests/unit/modeling/rules/MatchUserRole.spec.ts +6 -5
- package/tests/unit/modeling/rules/restoring_rules.spec.ts +19 -21
- package/tests/unit/models/store/CustomDomain.spec.ts +111 -0
- package/tests/unit/models/store/Deployment.spec.ts +134 -0
- package/tests/unit/models/store/DeploymentCustomDomain.spec.ts +122 -0
|
@@ -3,8 +3,10 @@
|
|
|
3
3
|
*/
|
|
4
4
|
export class AccessRule extends EventTarget {
|
|
5
5
|
type;
|
|
6
|
-
|
|
6
|
+
parent;
|
|
7
|
+
constructor(parent, state = {}) {
|
|
7
8
|
super();
|
|
9
|
+
this.parent = parent;
|
|
8
10
|
this.type = state.type ?? '';
|
|
9
11
|
}
|
|
10
12
|
toJSON() {
|
|
@@ -14,6 +16,7 @@ export class AccessRule extends EventTarget {
|
|
|
14
16
|
}
|
|
15
17
|
notifyChange() {
|
|
16
18
|
this.dispatchEvent(new Event('change'));
|
|
19
|
+
this.parent.notifyChange();
|
|
17
20
|
}
|
|
18
21
|
}
|
|
19
22
|
//# sourceMappingURL=AccessRule.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AccessRule.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AccessRule.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AccessRule.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AccessRule.ts"],"names":[],"mappings":"AAYA;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,WAAW;IAChC,IAAI,CAAQ;IACZ,MAAM,CAAmC;IAElD,YAAY,MAAyC,EAAE,QAAmC,EAAE;QAC1F,KAAK,EAAE,CAAA;QACP,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,EAAE,CAAA;IAC9B,CAAC;IAED,MAAM;QACJ,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAA;IACH,CAAC;IAED,YAAY;QACV,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAA;QACvC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IAC5B,CAAC;CACF","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\n\nexport interface AccessRuleSchema {\n /**\n * The unique identifier for the access rule.\n * This is used to reference the rule in the API configuration.\n */\n type: string\n}\n\n/**\n * Base class for all access rules.\n */\nexport class AccessRule extends EventTarget implements AccessRuleSchema {\n readonly type: string\n readonly parent: ExposedEntity | ApiModel | Action\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<AccessRuleSchema> = {}) {\n super()\n this.parent = parent\n this.type = state.type ?? ''\n }\n\n toJSON(): AccessRuleSchema {\n return {\n type: this.type,\n }\n }\n\n notifyChange() {\n this.dispatchEvent(new Event('change'))\n this.parent.notifyChange()\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed for any authenticated user.
|
|
@@ -14,6 +17,6 @@ export interface AllowAuthenticatedAccessRuleSchema extends AccessRuleSchema {
|
|
|
14
17
|
*/
|
|
15
18
|
export declare class AllowAuthenticatedAccessRule extends AccessRule implements AllowAuthenticatedAccessRuleSchema {
|
|
16
19
|
readonly type: 'allowAuthenticated';
|
|
17
|
-
constructor(state?: Partial<AllowAuthenticatedAccessRuleSchema>);
|
|
20
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<AllowAuthenticatedAccessRuleSchema>);
|
|
18
21
|
}
|
|
19
22
|
//# sourceMappingURL=AllowAuthenticated.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AllowAuthenticated.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;CAC3B;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;gBAEhC,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;
|
|
1
|
+
{"version":3,"file":"AllowAuthenticated.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;CAC3B;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;gBAEhC,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;CAI/G"}
|
|
@@ -6,8 +6,8 @@ import { AccessRule } from './AccessRule.js';
|
|
|
6
6
|
*/
|
|
7
7
|
export class AllowAuthenticatedAccessRule extends AccessRule {
|
|
8
8
|
type;
|
|
9
|
-
constructor(state = {}) {
|
|
10
|
-
super(state);
|
|
9
|
+
constructor(parent, state = {}) {
|
|
10
|
+
super(parent, state);
|
|
11
11
|
this.type = 'allowAuthenticated';
|
|
12
12
|
}
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AllowAuthenticated.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AllowAuthenticated.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AAWnE;;;;GAIG;AACH,MAAM,OAAO,4BAA6B,SAAQ,UAAU;IACxC,IAAI,CAAsB;IAE5C,YAAY,MAAyC,EAAE,QAAqD,EAAE;QAC5G,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;QACpB,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAA;IAClC,CAAC;CACF","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\n\n/**\n * The action is allowed for any authenticated user.\n * This rule does not impose any additional restrictions based on user properties or resource ownership.\n * It is used for resources that should be accessible to all logged-in users.\n */\nexport interface AllowAuthenticatedAccessRuleSchema extends AccessRuleSchema {\n type: 'allowAuthenticated'\n}\n\n/**\n * The action is allowed for any authenticated user.\n * This rule does not impose any additional restrictions based on user properties or resource ownership.\n * It is used for resources that should be accessible to all logged-in users.\n */\nexport class AllowAuthenticatedAccessRule extends AccessRule implements AllowAuthenticatedAccessRuleSchema {\n override readonly type: 'allowAuthenticated'\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<AllowAuthenticatedAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'allowAuthenticated'\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed for all users, including unauthenticated ones.
|
|
@@ -14,6 +17,6 @@ export interface AllowPublicAccessRuleSchema extends AccessRuleSchema {
|
|
|
14
17
|
*/
|
|
15
18
|
export declare class AllowPublicAccessRule extends AccessRule implements AllowPublicAccessRuleSchema {
|
|
16
19
|
readonly type: 'allowPublic';
|
|
17
|
-
constructor(state?: Partial<AllowPublicAccessRuleSchema>);
|
|
20
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<AllowPublicAccessRuleSchema>);
|
|
18
21
|
}
|
|
19
22
|
//# sourceMappingURL=AllowPublic.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AllowPublic.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,2BAA4B,SAAQ,gBAAgB;IACnE,IAAI,EAAE,aAAa,CAAA;CACpB;AAED;;;;GAIG;AACH,qBAAa,qBAAsB,SAAQ,UAAW,YAAW,2BAA2B;IAC1F,SAAkB,IAAI,EAAE,aAAa,CAAA;gBAEzB,KAAK,GAAE,OAAO,CAAC,2BAA2B,CAAM;
|
|
1
|
+
{"version":3,"file":"AllowPublic.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,2BAA4B,SAAQ,gBAAgB;IACnE,IAAI,EAAE,aAAa,CAAA;CACpB;AAED;;;;GAIG;AACH,qBAAa,qBAAsB,SAAQ,UAAW,YAAW,2BAA2B;IAC1F,SAAkB,IAAI,EAAE,aAAa,CAAA;gBAEzB,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,2BAA2B,CAAM;CAIxG"}
|
|
@@ -6,8 +6,8 @@ import { AccessRule } from './AccessRule.js';
|
|
|
6
6
|
*/
|
|
7
7
|
export class AllowPublicAccessRule extends AccessRule {
|
|
8
8
|
type;
|
|
9
|
-
constructor(state = {}) {
|
|
10
|
-
super(state);
|
|
9
|
+
constructor(parent, state = {}) {
|
|
10
|
+
super(parent, state);
|
|
11
11
|
this.type = 'allowPublic';
|
|
12
12
|
}
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AllowPublic.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AllowPublic.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AAWnE;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,UAAU;IACjC,IAAI,CAAe;IAErC,YAAY,MAAyC,EAAE,QAA8C,EAAE;QACrG,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;QACpB,IAAI,CAAC,IAAI,GAAG,aAAa,CAAA;IAC3B,CAAC;CACF","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\n\n/**\n * The action is allowed for all users, including unauthenticated ones.\n * This is typically used for public APIs or resources that do not require authentication.\n * It is the most permissive rule and should be used with caution.\n */\nexport interface AllowPublicAccessRuleSchema extends AccessRuleSchema {\n type: 'allowPublic'\n}\n\n/**\n * The action is allowed for all users, including unauthenticated ones.\n * This is typically used for public APIs or resources that do not require authentication.\n * It is the most permissive rule and should be used with caution.\n */\nexport class AllowPublicAccessRule extends AccessRule implements AllowPublicAccessRuleSchema {\n override readonly type: 'allowPublic'\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<AllowPublicAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'allowPublic'\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed if the authenticated user's email domain matches a specific domain.
|
|
@@ -19,7 +22,7 @@ export interface MatchEmailDomainAccessRuleSchema extends AccessRuleSchema {
|
|
|
19
22
|
export declare class MatchEmailDomainAccessRule extends AccessRule implements MatchEmailDomainAccessRuleSchema {
|
|
20
23
|
readonly type: 'matchEmailDomain';
|
|
21
24
|
accessor domains: string[];
|
|
22
|
-
constructor(state?: Partial<MatchEmailDomainAccessRuleSchema>);
|
|
25
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<MatchEmailDomainAccessRuleSchema>);
|
|
23
26
|
toJSON(): MatchEmailDomainAccessRuleSchema;
|
|
24
27
|
}
|
|
25
28
|
//# sourceMappingURL=MatchEmailDomain.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchEmailDomain.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,gCAAiC,SAAQ,gBAAgB;IACxE,IAAI,EAAE,kBAAkB,CAAA;IACxB;;OAEG;IACH,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;;;GAIG;AACH,qBAAa,0BAA2B,SAAQ,UAAW,YAAW,gCAAgC;IACpG,SAAkB,IAAI,EAAE,kBAAkB,CAAA;IAEhB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,CAAA;gBAExC,KAAK,GAAE,OAAO,CAAC,gCAAgC,CAAM;
|
|
1
|
+
{"version":3,"file":"MatchEmailDomain.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,gCAAiC,SAAQ,gBAAgB;IACxE,IAAI,EAAE,kBAAkB,CAAA;IACxB;;OAEG;IACH,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;;;GAIG;AACH,qBAAa,0BAA2B,SAAQ,UAAW,YAAW,gCAAgC;IACpG,SAAkB,IAAI,EAAE,kBAAkB,CAAA;IAEhB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,CAAA;gBAExC,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,gCAAgC,CAAM;IAMnG,MAAM,IAAI,gCAAgC;CAMpD"}
|
|
@@ -22,8 +22,8 @@ let MatchEmailDomainAccessRule = (() => {
|
|
|
22
22
|
#domains_accessor_storage = __runInitializers(this, _domains_initializers, void 0);
|
|
23
23
|
get domains() { return this.#domains_accessor_storage; }
|
|
24
24
|
set domains(value) { this.#domains_accessor_storage = value; }
|
|
25
|
-
constructor(state = {}) {
|
|
26
|
-
super(state);
|
|
25
|
+
constructor(parent, state = {}) {
|
|
26
|
+
super(parent, state);
|
|
27
27
|
__runInitializers(this, _domains_extraInitializers);
|
|
28
28
|
this.type = 'matchEmailDomain';
|
|
29
29
|
this.domains = state.domains ? [...state.domains] : [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchEmailDomain.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"MatchEmailDomain.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AAe9D;;;;GAIG;IACU,0BAA0B;sBAAS,UAAU;;;;iBAA7C,0BAA2B,SAAQ,WAAU;;;mCAGvD,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YAAC,0KAAS,OAAO,6BAAP,OAAO,yFAAU;;;QAFlC,IAAI,CAAoB;QAEhB,mFAA0B;QAA1B,IAAS,OAAO,6CAAU;QAA1B,IAAS,OAAO,mDAAU;QAEpD,YAAY,MAAyC,EAAE,QAAmD,EAAE;YAC1G,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;;YACpB,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAA;YAC9B,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;SACvD;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAuC;gBACvD,OAAO,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAa;aAChE,CAAA;QACH,CAAC;;;SAhBU,0BAA0B","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed, toRaw } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's email domain matches a specific domain.\n * This is used to restrict access based on the user's email address.\n * For example, only users with an email address from \"my-company.com\" can access certain resources.\n */\nexport interface MatchEmailDomainAccessRuleSchema extends AccessRuleSchema {\n type: 'matchEmailDomain'\n /**\n * The email domains that the authenticated user's email must match.\n */\n domains: string[]\n}\n\n/**\n * The action is allowed if the authenticated user's email domain matches a specific domain.\n * This is used to restrict access based on the user's email address.\n * For example, only users with an email address from \"my-company.com\" can access certain resources.\n */\nexport class MatchEmailDomainAccessRule extends AccessRule implements MatchEmailDomainAccessRuleSchema {\n override readonly type: 'matchEmailDomain'\n\n @observed({ deep: true }) accessor domains: string[]\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<MatchEmailDomainAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'matchEmailDomain'\n this.domains = state.domains ? [...state.domains] : []\n }\n\n override toJSON(): MatchEmailDomainAccessRuleSchema {\n return {\n ...(super.toJSON() as MatchEmailDomainAccessRuleSchema),\n domains: structuredClone(toRaw(this, this.domains)) as string[],\n }\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed if the authenticated user's ID matches a specific property on the resource.
|
|
@@ -32,7 +35,7 @@ export declare class MatchResourceOwnerAccessRule extends AccessRule implements
|
|
|
32
35
|
readonly type: 'matchResourceOwner';
|
|
33
36
|
accessor property: string | undefined;
|
|
34
37
|
accessor target: 'property' | 'user-entity';
|
|
35
|
-
constructor(state?: Partial<MatchResourceOwnerAccessRuleSchema>);
|
|
38
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<MatchResourceOwnerAccessRuleSchema>);
|
|
36
39
|
toJSON(): MatchResourceOwnerAccessRuleSchema;
|
|
37
40
|
}
|
|
38
41
|
//# sourceMappingURL=MatchResourceOwner.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchResourceOwner.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;IAC1B;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IAEjB;;;;OAIG;IACH,MAAM,CAAC,EAAE,UAAU,GAAG,aAAa,CAAA;CACpC;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;IAEhC,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IACrC,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,aAAa,CAAA;gBAE3C,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;
|
|
1
|
+
{"version":3,"file":"MatchResourceOwner.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,oBAAoB,CAAA;IAC1B;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IAEjB;;;;OAIG;IACH,MAAM,CAAC,EAAE,UAAU,GAAG,aAAa,CAAA;CACpC;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,oBAAoB,CAAA;IAEhC,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IACrC,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,aAAa,CAAA;gBAE3C,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;IAOrG,MAAM,IAAI,kCAAkC;CAUtD"}
|
|
@@ -30,8 +30,8 @@ let MatchResourceOwnerAccessRule = (() => {
|
|
|
30
30
|
#target_accessor_storage = (__runInitializers(this, _property_extraInitializers), __runInitializers(this, _target_initializers, void 0));
|
|
31
31
|
get target() { return this.#target_accessor_storage; }
|
|
32
32
|
set target(value) { this.#target_accessor_storage = value; }
|
|
33
|
-
constructor(state = {}) {
|
|
34
|
-
super(state);
|
|
33
|
+
constructor(parent, state = {}) {
|
|
34
|
+
super(parent, state);
|
|
35
35
|
__runInitializers(this, _target_extraInitializers);
|
|
36
36
|
this.type = 'matchResourceOwner';
|
|
37
37
|
this.property = state.property;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchResourceOwner.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"MatchResourceOwner.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AA4BvD;;;;GAIG;IACU,4BAA4B;sBAAS,UAAU;;;;;;;iBAA/C,4BAA6B,SAAQ,WAAU;;;oCAGzD,QAAQ,EAAE;kCACV,QAAQ,EAAE;YADC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAoB;YACrC,uKAAS,MAAM,6BAAN,MAAM,uFAA4B;;;QAHrC,IAAI,CAAsB;QAEhC,qFAAqC;QAArC,IAAS,QAAQ,8CAAoB;QAArC,IAAS,QAAQ,oDAAoB;QACrC,yIAA2C;QAA3C,IAAS,MAAM,4CAA4B;QAA3C,IAAS,MAAM,kDAA4B;QAEvD,YAAY,MAAyC,EAAE,QAAqD,EAAE;YAC5G,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;;YACpB,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAA;YAChC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAA;YAC9B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,UAAU,CAAA;SACzC;QAEQ,MAAM;YACb,MAAM,IAAI,GAAuC;gBAC/C,GAAI,KAAK,CAAC,MAAM,EAAyC;gBACzD,MAAM,EAAE,IAAI,CAAC,MAAM;aACpB,CAAA;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;YAC/B,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;;;SAtBU,4BAA4B","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {\n type: 'matchResourceOwner'\n /**\n * The property on the resource that references the user's ID (the key in the semantically annotated `User` entity).\n *\n * When the current exposed entity has a property annotated with the \"ResourceOwnerIdentifier\" semantic,\n * this property should be used. It directly references the user's key.\n *\n * The domain model should annotate this property with the \"ResourceOwnerIdentifier\" semantic\n * to indicate that it is used for ownership checks.\n */\n property?: string\n\n /**\n * The target for the ownership check.\n * - `property`: The check is performed against a specific property on the resource (default).\n * - `user-entity`: The check is performed against the entity itself (used when the entity represents the user).\n */\n target?: 'property' | 'user-entity'\n}\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {\n override readonly type: 'matchResourceOwner'\n\n @observed() accessor property: string | undefined\n @observed() accessor target: 'property' | 'user-entity'\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<MatchResourceOwnerAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'matchResourceOwner'\n this.property = state.property\n this.target = state.target ?? 'property'\n }\n\n override toJSON(): MatchResourceOwnerAccessRuleSchema {\n const json: MatchResourceOwnerAccessRuleSchema = {\n ...(super.toJSON() as MatchResourceOwnerAccessRuleSchema),\n target: this.target,\n }\n if (this.property) {\n json.property = this.property\n }\n return json\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed if a specific property on the authenticated user matches an expected value.
|
|
@@ -22,7 +25,7 @@ export declare class MatchUserPropertyAccessRule extends AccessRule implements M
|
|
|
22
25
|
readonly type: 'matchUserProperty';
|
|
23
26
|
accessor property: string;
|
|
24
27
|
accessor value: string;
|
|
25
|
-
constructor(state?: Partial<MatchUserPropertyAccessRuleSchema>);
|
|
28
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<MatchUserPropertyAccessRuleSchema>);
|
|
26
29
|
toJSON(): MatchUserPropertyAccessRuleSchema;
|
|
27
30
|
}
|
|
28
31
|
//# sourceMappingURL=MatchUserProperty.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchUserProperty.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;GAGG;AACH,MAAM,WAAW,iCAAkC,SAAQ,gBAAgB;IACzE,IAAI,EAAE,mBAAmB,CAAA;IACzB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAA;IAChB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAA;CACd;AAED;;;GAGG;AACH,qBAAa,2BAA4B,SAAQ,UAAW,YAAW,iCAAiC;IACtG,SAAkB,IAAI,EAAE,mBAAmB,CAAA;IAE/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;gBAEtB,KAAK,GAAE,OAAO,CAAC,iCAAiC,CAAM;
|
|
1
|
+
{"version":3,"file":"MatchUserProperty.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;GAGG;AACH,MAAM,WAAW,iCAAkC,SAAQ,gBAAgB;IACzE,IAAI,EAAE,mBAAmB,CAAA;IACzB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAA;IAChB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAA;CACd;AAED;;;GAGG;AACH,qBAAa,2BAA4B,SAAQ,UAAW,YAAW,iCAAiC;IACtG,SAAkB,IAAI,EAAE,mBAAmB,CAAA;IAE/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;gBAEtB,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,iCAAiC,CAAM;IAOpG,MAAM,IAAI,iCAAiC;CAOrD"}
|
|
@@ -29,8 +29,8 @@ let MatchUserPropertyAccessRule = (() => {
|
|
|
29
29
|
#value_accessor_storage = (__runInitializers(this, _property_extraInitializers), __runInitializers(this, _value_initializers, void 0));
|
|
30
30
|
get value() { return this.#value_accessor_storage; }
|
|
31
31
|
set value(value) { this.#value_accessor_storage = value; }
|
|
32
|
-
constructor(state = {}) {
|
|
33
|
-
super(state);
|
|
32
|
+
constructor(parent, state = {}) {
|
|
33
|
+
super(parent, state);
|
|
34
34
|
__runInitializers(this, _value_extraInitializers);
|
|
35
35
|
this.type = 'matchUserProperty';
|
|
36
36
|
this.property = state.property ?? '';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchUserProperty.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"MatchUserProperty.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAkBvD;;;GAGG;IACU,2BAA2B;sBAAS,UAAU;;;;;;;iBAA9C,2BAA4B,SAAQ,WAAU;;;oCAGxD,QAAQ,EAAE;iCACV,QAAQ,EAAE;YADC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAQ;YACzB,oKAAS,KAAK,6BAAL,KAAK,qFAAQ;;;QAHhB,IAAI,CAAqB;QAE/B,qFAAyB;QAAzB,IAAS,QAAQ,8CAAQ;QAAzB,IAAS,QAAQ,oDAAQ;QACzB,uIAAsB;QAAtB,IAAS,KAAK,2CAAQ;QAAtB,IAAS,KAAK,iDAAQ;QAElC,YAAY,MAAyC,EAAE,QAAoD,EAAE;YAC3G,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;;YACpB,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAA;YAC/B,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAA;YACpC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,EAAE,CAAA;SAC/B;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAwC;gBACxD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAA;QACH,CAAC;;;SAnBU,2BAA2B","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if a specific property on the authenticated user matches an expected value.\n * This is used to enforce other user-specific restrictions.\n */\nexport interface MatchUserPropertyAccessRuleSchema extends AccessRuleSchema {\n type: 'matchUserProperty'\n /**\n * The property on the authenticated user that should match the expected value.\n */\n property: string\n /**\n * The expected value for the user property.\n */\n value: string\n}\n\n/**\n * The action is allowed if a specific property on the authenticated user matches an expected value.\n * This is used to enforce other user-specific restrictions.\n */\nexport class MatchUserPropertyAccessRule extends AccessRule implements MatchUserPropertyAccessRuleSchema {\n override readonly type: 'matchUserProperty'\n\n @observed() accessor property: string\n @observed() accessor value: string\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<MatchUserPropertyAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'matchUserProperty'\n this.property = state.property ?? ''\n this.value = state.value ?? ''\n }\n\n override toJSON(): MatchUserPropertyAccessRuleSchema {\n return {\n ...(super.toJSON() as MatchUserPropertyAccessRuleSchema),\n property: this.property,\n value: this.value,\n }\n }\n}\n"]}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
import type { Action } from '../actions/Action.js';
|
|
2
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
3
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
1
4
|
import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
5
|
/**
|
|
3
6
|
* The action is allowed if the authenticated user has a specific role.
|
|
@@ -23,7 +26,7 @@ export interface MatchUserRoleAccessRuleSchema extends AccessRuleSchema {
|
|
|
23
26
|
export declare class MatchUserRoleAccessRule extends AccessRule implements MatchUserRoleAccessRuleSchema {
|
|
24
27
|
readonly type: 'matchUserRole';
|
|
25
28
|
accessor role: string[];
|
|
26
|
-
constructor(state?: Partial<MatchUserRoleAccessRuleSchema>);
|
|
29
|
+
constructor(parent: ExposedEntity | ApiModel | Action, state?: Partial<MatchUserRoleAccessRuleSchema>);
|
|
27
30
|
toJSON(): MatchUserRoleAccessRuleSchema;
|
|
28
31
|
}
|
|
29
32
|
//# sourceMappingURL=MatchUserRole.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchUserRole.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserRole.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,6BAA8B,SAAQ,gBAAgB;IACrE,IAAI,EAAE,eAAe,CAAA;IACrB;;;;;;OAMG;IACH,IAAI,EAAE,MAAM,EAAE,CAAA;CACf;AAED;;;;GAIG;AACH,qBAAa,uBAAwB,SAAQ,UAAW,YAAW,6BAA6B;IAC9F,SAAkB,IAAI,EAAE,eAAe,CAAA;IAEb,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,CAAA;gBAErC,KAAK,GAAE,OAAO,CAAC,6BAA6B,CAAM;
|
|
1
|
+
{"version":3,"file":"MatchUserRole.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserRole.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,6BAA8B,SAAQ,gBAAgB;IACrE,IAAI,EAAE,eAAe,CAAA;IACrB;;;;;;OAMG;IACH,IAAI,EAAE,MAAM,EAAE,CAAA;CACf;AAED;;;;GAIG;AACH,qBAAa,uBAAwB,SAAQ,UAAW,YAAW,6BAA6B;IAC9F,SAAkB,IAAI,EAAE,eAAe,CAAA;IAEb,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,CAAA;gBAErC,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,KAAK,GAAE,OAAO,CAAC,6BAA6B,CAAM;IAMhG,MAAM,IAAI,6BAA6B;CAMjD"}
|
|
@@ -22,8 +22,8 @@ let MatchUserRoleAccessRule = (() => {
|
|
|
22
22
|
#role_accessor_storage = __runInitializers(this, _role_initializers, void 0);
|
|
23
23
|
get role() { return this.#role_accessor_storage; }
|
|
24
24
|
set role(value) { this.#role_accessor_storage = value; }
|
|
25
|
-
constructor(state = {}) {
|
|
26
|
-
super(state);
|
|
25
|
+
constructor(parent, state = {}) {
|
|
26
|
+
super(parent, state);
|
|
27
27
|
__runInitializers(this, _role_extraInitializers);
|
|
28
28
|
this.type = 'matchUserRole';
|
|
29
29
|
this.role = state.role ? [...state.role] : [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MatchUserRole.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserRole.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"MatchUserRole.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserRole.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AAmB9D;;;;GAIG;IACU,uBAAuB;sBAAS,UAAU;;;;iBAA1C,uBAAwB,SAAQ,WAAU;;;gCAGpD,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YAAC,iKAAS,IAAI,6BAAJ,IAAI,mFAAU;;;QAF/B,IAAI,CAAiB;QAEb,6EAAuB;QAAvB,IAAS,IAAI,0CAAU;QAAvB,IAAS,IAAI,gDAAU;QAEjD,YAAY,MAAyC,EAAE,QAAgD,EAAE;YACvG,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;;YACpB,IAAI,CAAC,IAAI,GAAG,eAAe,CAAA;YAC3B,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;SAC9C;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAoC;gBACpD,IAAI,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAa;aAC1D,CAAA;QACH,CAAC;;;SAhBU,uBAAuB","sourcesContent":["import type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed, toRaw } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user has a specific role.\n * This is used to enforce role-based access control (RBAC).\n * For example, only users with the \"admin\" role can perform certain actions.\n */\nexport interface MatchUserRoleAccessRuleSchema extends AccessRuleSchema {\n type: 'matchUserRole'\n /**\n * The role that the authenticated user must have to access the resource.\n * This is typically a property on the user entity that defines their role.\n *\n * The domain model should annotate this property with the \"UserRole\" semantic\n * to indicate that it is used for role-based access control.\n */\n role: string[]\n}\n\n/**\n * The action is allowed if the authenticated user has a specific role.\n * This is used to enforce role-based access control (RBAC).\n * For example, only users with the \"admin\" role can perform certain actions.\n */\nexport class MatchUserRoleAccessRule extends AccessRule implements MatchUserRoleAccessRuleSchema {\n override readonly type: 'matchUserRole'\n\n @observed({ deep: true }) accessor role: string[]\n\n constructor(parent: ExposedEntity | ApiModel | Action, state: Partial<MatchUserRoleAccessRuleSchema> = {}) {\n super(parent, state)\n this.type = 'matchUserRole'\n this.role = state.role ? [...state.role] : []\n }\n\n override toJSON(): MatchUserRoleAccessRuleSchema {\n return {\n ...(super.toJSON() as MatchUserRoleAccessRuleSchema),\n role: structuredClone(toRaw(this, this.role)) as string[],\n }\n }\n}\n"]}
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
export { AccessRule, type AccessRuleSchema } from './AccessRule.js';
|
|
2
2
|
export { RateLimitingConfiguration, type RateLimitingConfigurationSchema } from './RateLimitingConfiguration.js';
|
|
3
|
+
import type { Action } from '../actions/Action.js';
|
|
4
|
+
import type { ApiModel } from '../ApiModel.js';
|
|
5
|
+
import type { ExposedEntity } from '../ExposedEntity.js';
|
|
3
6
|
import { AccessRuleSchema } from './AccessRule.js';
|
|
4
7
|
import { AllowAuthenticatedAccessRule, type AllowAuthenticatedAccessRuleSchema } from './AllowAuthenticated.js';
|
|
5
8
|
import { AllowPublicAccessRule, type AllowPublicAccessRuleSchema } from './AllowPublic.js';
|
|
@@ -21,5 +24,5 @@ export type RuleType = 'allowAuthenticated' | 'allowPublic' | 'matchEmailDomain'
|
|
|
21
24
|
* @param schema The schema to restore the access rule from.
|
|
22
25
|
* @returns The restored access rule.
|
|
23
26
|
*/
|
|
24
|
-
export declare function restoreAccessRule(schema: AccessRuleSchema): ApiAccessRule;
|
|
27
|
+
export declare function restoreAccessRule(parent: ExposedEntity | ApiModel | Action, schema: AccessRuleSchema): ApiAccessRule;
|
|
25
28
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,yBAAyB,EAAE,KAAK,+BAA+B,EAAE,MAAM,gCAAgC,CAAA;AAEhH,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClD,OAAO,EAAE,4BAA4B,EAAE,KAAK,kCAAkC,EAAE,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,qBAAqB,EAAE,KAAK,2BAA2B,EAAE,MAAM,kBAAkB,CAAA;AAC1F,OAAO,EAAE,0BAA0B,EAAE,KAAK,gCAAgC,EAAE,MAAM,uBAAuB,CAAA;AACzG,OAAO,EAAE,4BAA4B,EAAE,KAAK,kCAAkC,EAAE,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,2BAA2B,EAAE,KAAK,iCAAiC,EAAE,MAAM,wBAAwB,CAAA;AAC5G,OAAO,EAAE,uBAAuB,EAAE,KAAK,6BAA6B,EAAE,MAAM,oBAAoB,CAAA;AAChG,OAAO,EAAE,aAAa,EAAE,KAAK,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAE5E,OAAO,EACL,4BAA4B,EAC5B,qBAAqB,EACrB,0BAA0B,EAC1B,4BAA4B,EAC5B,2BAA2B,EAC3B,uBAAuB,EACvB,aAAa,GACd,CAAA;AACD,YAAY,EACV,kCAAkC,EAClC,2BAA2B,EAC3B,gCAAgC,EAChC,kCAAkC,EAClC,iCAAiC,EACjC,6BAA6B,EAC7B,mBAAmB,GACpB,CAAA;AAED,MAAM,MAAM,aAAa,GACrB,4BAA4B,GAC5B,qBAAqB,GACrB,0BAA0B,GAC1B,4BAA4B,GAC5B,2BAA2B,GAC3B,uBAAuB,CAAA;AAC3B,MAAM,MAAM,mBAAmB,GAC3B,kCAAkC,GAClC,2BAA2B,GAC3B,gCAAgC,GAChC,kCAAkC,GAClC,iCAAiC,GACjC,6BAA6B,CAAA;AAEjC,MAAM,MAAM,QAAQ,GAChB,oBAAoB,GACpB,aAAa,GACb,kBAAkB,GAClB,oBAAoB,GACpB,mBAAmB,GACnB,eAAe,CAAA;AAEnB;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,gBAAgB,GAAG,aAAa,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,yBAAyB,EAAE,KAAK,+BAA+B,EAAE,MAAM,gCAAgC,CAAA;AAEhH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClD,OAAO,EAAE,4BAA4B,EAAE,KAAK,kCAAkC,EAAE,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,qBAAqB,EAAE,KAAK,2BAA2B,EAAE,MAAM,kBAAkB,CAAA;AAC1F,OAAO,EAAE,0BAA0B,EAAE,KAAK,gCAAgC,EAAE,MAAM,uBAAuB,CAAA;AACzG,OAAO,EAAE,4BAA4B,EAAE,KAAK,kCAAkC,EAAE,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,2BAA2B,EAAE,KAAK,iCAAiC,EAAE,MAAM,wBAAwB,CAAA;AAC5G,OAAO,EAAE,uBAAuB,EAAE,KAAK,6BAA6B,EAAE,MAAM,oBAAoB,CAAA;AAChG,OAAO,EAAE,aAAa,EAAE,KAAK,mBAAmB,EAAE,MAAM,oBAAoB,CAAA;AAE5E,OAAO,EACL,4BAA4B,EAC5B,qBAAqB,EACrB,0BAA0B,EAC1B,4BAA4B,EAC5B,2BAA2B,EAC3B,uBAAuB,EACvB,aAAa,GACd,CAAA;AACD,YAAY,EACV,kCAAkC,EAClC,2BAA2B,EAC3B,gCAAgC,EAChC,kCAAkC,EAClC,iCAAiC,EACjC,6BAA6B,EAC7B,mBAAmB,GACpB,CAAA;AAED,MAAM,MAAM,aAAa,GACrB,4BAA4B,GAC5B,qBAAqB,GACrB,0BAA0B,GAC1B,4BAA4B,GAC5B,2BAA2B,GAC3B,uBAAuB,CAAA;AAC3B,MAAM,MAAM,mBAAmB,GAC3B,kCAAkC,GAClC,2BAA2B,GAC3B,gCAAgC,GAChC,kCAAkC,GAClC,iCAAiC,GACjC,6BAA6B,CAAA;AAEjC,MAAM,MAAM,QAAQ,GAChB,oBAAoB,GACpB,aAAa,GACb,kBAAkB,GAClB,oBAAoB,GACpB,mBAAmB,GACnB,eAAe,CAAA;AAEnB;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,aAAa,GAAG,QAAQ,GAAG,MAAM,EAAE,MAAM,EAAE,gBAAgB,GAAG,aAAa,CAoBpH"}
|
|
@@ -17,20 +17,20 @@ export { AllowAuthenticatedAccessRule, AllowPublicAccessRule, MatchEmailDomainAc
|
|
|
17
17
|
* @param schema The schema to restore the access rule from.
|
|
18
18
|
* @returns The restored access rule.
|
|
19
19
|
*/
|
|
20
|
-
export function restoreAccessRule(schema) {
|
|
20
|
+
export function restoreAccessRule(parent, schema) {
|
|
21
21
|
switch (schema.type) {
|
|
22
22
|
case 'allowAuthenticated':
|
|
23
|
-
return new AllowAuthenticatedAccessRule(schema);
|
|
23
|
+
return new AllowAuthenticatedAccessRule(parent, schema);
|
|
24
24
|
case 'allowPublic':
|
|
25
|
-
return new AllowPublicAccessRule(schema);
|
|
25
|
+
return new AllowPublicAccessRule(parent, schema);
|
|
26
26
|
case 'matchEmailDomain':
|
|
27
|
-
return new MatchEmailDomainAccessRule(schema);
|
|
27
|
+
return new MatchEmailDomainAccessRule(parent, schema);
|
|
28
28
|
case 'matchResourceOwner':
|
|
29
|
-
return new MatchResourceOwnerAccessRule(schema);
|
|
29
|
+
return new MatchResourceOwnerAccessRule(parent, schema);
|
|
30
30
|
case 'matchUserProperty':
|
|
31
|
-
return new MatchUserPropertyAccessRule(schema);
|
|
31
|
+
return new MatchUserPropertyAccessRule(parent, schema);
|
|
32
32
|
case 'matchUserRole':
|
|
33
|
-
return new MatchUserRoleAccessRule(schema);
|
|
33
|
+
return new MatchUserRoleAccessRule(parent, schema);
|
|
34
34
|
default:
|
|
35
35
|
throw new Exception('Unknown access rule kind', {
|
|
36
36
|
code: 'E_UNKNOWN_ACCESS_RULE_KIND',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modeling/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,yBAAyB,EAAwC,MAAM,gCAAgC,CAAA;AAChH,OAAO,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modeling/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,yBAAyB,EAAwC,MAAM,gCAAgC,CAAA;AAChH,OAAO,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAA;AAKzD,OAAO,EAAE,4BAA4B,EAA2C,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,qBAAqB,EAAoC,MAAM,kBAAkB,CAAA;AAC1F,OAAO,EAAE,0BAA0B,EAAyC,MAAM,uBAAuB,CAAA;AACzG,OAAO,EAAE,4BAA4B,EAA2C,MAAM,yBAAyB,CAAA;AAC/G,OAAO,EAAE,2BAA2B,EAA0C,MAAM,wBAAwB,CAAA;AAC5G,OAAO,EAAE,uBAAuB,EAAsC,MAAM,oBAAoB,CAAA;AAChG,OAAO,EAAE,aAAa,EAA4B,MAAM,oBAAoB,CAAA;AAE5E,OAAO,EACL,4BAA4B,EAC5B,qBAAqB,EACrB,0BAA0B,EAC1B,4BAA4B,EAC5B,2BAA2B,EAC3B,uBAAuB,EACvB,aAAa,GACd,CAAA;AAkCD;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAyC,EAAE,MAAwB;IACnG,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,KAAK,oBAAoB;YACvB,OAAO,IAAI,4BAA4B,CAAC,MAAM,EAAE,MAA4C,CAAC,CAAA;QAC/F,KAAK,aAAa;YAChB,OAAO,IAAI,qBAAqB,CAAC,MAAM,EAAE,MAAqC,CAAC,CAAA;QACjF,KAAK,kBAAkB;YACrB,OAAO,IAAI,0BAA0B,CAAC,MAAM,EAAE,MAA0C,CAAC,CAAA;QAC3F,KAAK,oBAAoB;YACvB,OAAO,IAAI,4BAA4B,CAAC,MAAM,EAAE,MAA4C,CAAC,CAAA;QAC/F,KAAK,mBAAmB;YACtB,OAAO,IAAI,2BAA2B,CAAC,MAAM,EAAE,MAA2C,CAAC,CAAA;QAC7F,KAAK,eAAe;YAClB,OAAO,IAAI,uBAAuB,CAAC,MAAM,EAAE,MAAuC,CAAC,CAAA;QACrF;YACE,MAAM,IAAI,SAAS,CAAC,0BAA0B,EAAE;gBAC9C,IAAI,EAAE,4BAA4B;gBAClC,MAAM,EAAE,GAAG;aACZ,CAAC,CAAA;IACN,CAAC;AACH,CAAC","sourcesContent":["export { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nexport { RateLimitingConfiguration, type RateLimitingConfigurationSchema } from './RateLimitingConfiguration.js'\nimport { Exception } from '../../exceptions/exception.js'\nimport type { Action } from '../actions/Action.js'\nimport type { ApiModel } from '../ApiModel.js'\nimport type { ExposedEntity } from '../ExposedEntity.js'\nimport { AccessRuleSchema } from './AccessRule.js'\nimport { AllowAuthenticatedAccessRule, type AllowAuthenticatedAccessRuleSchema } from './AllowAuthenticated.js'\nimport { AllowPublicAccessRule, type AllowPublicAccessRuleSchema } from './AllowPublic.js'\nimport { MatchEmailDomainAccessRule, type MatchEmailDomainAccessRuleSchema } from './MatchEmailDomain.js'\nimport { MatchResourceOwnerAccessRule, type MatchResourceOwnerAccessRuleSchema } from './MatchResourceOwner.js'\nimport { MatchUserPropertyAccessRule, type MatchUserPropertyAccessRuleSchema } from './MatchUserProperty.js'\nimport { MatchUserRoleAccessRule, type MatchUserRoleAccessRuleSchema } from './MatchUserRole.js'\nimport { RateLimitRule, type RateLimitRuleSchema } from './RateLimitRule.js'\n\nexport {\n AllowAuthenticatedAccessRule,\n AllowPublicAccessRule,\n MatchEmailDomainAccessRule,\n MatchResourceOwnerAccessRule,\n MatchUserPropertyAccessRule,\n MatchUserRoleAccessRule,\n RateLimitRule,\n}\nexport type {\n AllowAuthenticatedAccessRuleSchema,\n AllowPublicAccessRuleSchema,\n MatchEmailDomainAccessRuleSchema,\n MatchResourceOwnerAccessRuleSchema,\n MatchUserPropertyAccessRuleSchema,\n MatchUserRoleAccessRuleSchema,\n RateLimitRuleSchema,\n}\n\nexport type ApiAccessRule =\n | AllowAuthenticatedAccessRule\n | AllowPublicAccessRule\n | MatchEmailDomainAccessRule\n | MatchResourceOwnerAccessRule\n | MatchUserPropertyAccessRule\n | MatchUserRoleAccessRule\nexport type ApiAccessRuleSchema =\n | AllowAuthenticatedAccessRuleSchema\n | AllowPublicAccessRuleSchema\n | MatchEmailDomainAccessRuleSchema\n | MatchResourceOwnerAccessRuleSchema\n | MatchUserPropertyAccessRuleSchema\n | MatchUserRoleAccessRuleSchema\n\nexport type RuleType =\n | 'allowAuthenticated'\n | 'allowPublic'\n | 'matchEmailDomain'\n | 'matchResourceOwner'\n | 'matchUserProperty'\n | 'matchUserRole'\n\n/**\n * Restores an access rule from a schema.\n *\n * It is a helper function to restore access rules from a schema.\n *\n * @param schema The schema to restore the access rule from.\n * @returns The restored access rule.\n */\nexport function restoreAccessRule(parent: ExposedEntity | ApiModel | Action, schema: AccessRuleSchema): ApiAccessRule {\n switch (schema.type) {\n case 'allowAuthenticated':\n return new AllowAuthenticatedAccessRule(parent, schema as AllowAuthenticatedAccessRuleSchema)\n case 'allowPublic':\n return new AllowPublicAccessRule(parent, schema as AllowPublicAccessRuleSchema)\n case 'matchEmailDomain':\n return new MatchEmailDomainAccessRule(parent, schema as MatchEmailDomainAccessRuleSchema)\n case 'matchResourceOwner':\n return new MatchResourceOwnerAccessRule(parent, schema as MatchResourceOwnerAccessRuleSchema)\n case 'matchUserProperty':\n return new MatchUserPropertyAccessRule(parent, schema as MatchUserPropertyAccessRuleSchema)\n case 'matchUserRole':\n return new MatchUserRoleAccessRule(parent, schema as MatchUserRoleAccessRuleSchema)\n default:\n throw new Exception('Unknown access rule kind', {\n code: 'E_UNKNOWN_ACCESS_RULE_KIND',\n status: 422,\n })\n }\n}\n"]}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
import type { FieldValidationMessage } from '../../exceptions/validation_error.js';
|
|
2
|
+
export interface CustomDomainSchema {
|
|
3
|
+
/**
|
|
4
|
+
* Primary key (nanoid)
|
|
5
|
+
*/
|
|
6
|
+
id: string;
|
|
7
|
+
/**
|
|
8
|
+
* ID of the organization
|
|
9
|
+
*/
|
|
10
|
+
orgId: string;
|
|
11
|
+
/**
|
|
12
|
+
* The custom domain
|
|
13
|
+
*/
|
|
14
|
+
domain: string;
|
|
15
|
+
/**
|
|
16
|
+
* The DNS target for the custom domain
|
|
17
|
+
*/
|
|
18
|
+
dnsTarget: string;
|
|
19
|
+
/**
|
|
20
|
+
* Whether the DNS has been verified
|
|
21
|
+
*/
|
|
22
|
+
dnsVerified: boolean;
|
|
23
|
+
/**
|
|
24
|
+
* Timestamp of last DNS verification
|
|
25
|
+
*/
|
|
26
|
+
lastVerifiedAt?: number;
|
|
27
|
+
/**
|
|
28
|
+
* Timestamp of creation
|
|
29
|
+
*/
|
|
30
|
+
createdAt: number;
|
|
31
|
+
/**
|
|
32
|
+
* Timestamp of last update
|
|
33
|
+
*/
|
|
34
|
+
updatedAt: number;
|
|
35
|
+
}
|
|
36
|
+
export declare class CustomDomainModel implements CustomDomainSchema {
|
|
37
|
+
id: string;
|
|
38
|
+
orgId: string;
|
|
39
|
+
domain: string;
|
|
40
|
+
dnsTarget: string;
|
|
41
|
+
dnsVerified: boolean;
|
|
42
|
+
lastVerifiedAt?: number;
|
|
43
|
+
createdAt: number;
|
|
44
|
+
updatedAt: number;
|
|
45
|
+
static createSchema(input?: Partial<CustomDomainSchema>): CustomDomainSchema;
|
|
46
|
+
constructor(state?: Partial<CustomDomainSchema>);
|
|
47
|
+
toJSON(): CustomDomainSchema;
|
|
48
|
+
validate(): FieldValidationMessage[];
|
|
49
|
+
}
|
|
50
|
+
//# sourceMappingURL=CustomDomain.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CustomDomain.d.ts","sourceRoot":"","sources":["../../../../src/models/store/CustomDomain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAA;AAGlF,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,EAAE,EAAE,MAAM,CAAA;IACV;;OAEG;IACH,KAAK,EAAE,MAAM,CAAA;IACb;;OAEG;IACH,MAAM,EAAE,MAAM,CAAA;IACd;;OAEG;IACH,SAAS,EAAE,MAAM,CAAA;IACjB;;OAEG;IACH,WAAW,EAAE,OAAO,CAAA;IACpB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAA;IACjB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,qBAAa,iBAAkB,YAAW,kBAAkB;IAC1D,EAAE,EAAE,MAAM,CAAA;IACV,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,OAAO,CAAA;IACpB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IAEjB,MAAM,CAAC,YAAY,CAAC,KAAK,GAAE,OAAO,CAAC,kBAAkB,CAAM,GAAG,kBAAkB;gBAiBpE,KAAK,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC;IAY/C,MAAM,IAAI,kBAAkB;IAgB5B,QAAQ,IAAI,sBAAsB,EAAE;CAyBrC"}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
import { nanoid } from '../../nanoid.js';
|
|
2
|
+
export class CustomDomainModel {
|
|
3
|
+
id;
|
|
4
|
+
orgId;
|
|
5
|
+
domain;
|
|
6
|
+
dnsTarget;
|
|
7
|
+
dnsVerified;
|
|
8
|
+
lastVerifiedAt;
|
|
9
|
+
createdAt;
|
|
10
|
+
updatedAt;
|
|
11
|
+
static createSchema(input = {}) {
|
|
12
|
+
const id = input.id ?? nanoid();
|
|
13
|
+
const result = {
|
|
14
|
+
id,
|
|
15
|
+
orgId: input.orgId || '',
|
|
16
|
+
domain: input.domain || '',
|
|
17
|
+
dnsTarget: input.dnsTarget || '',
|
|
18
|
+
dnsVerified: input.dnsVerified ?? false,
|
|
19
|
+
createdAt: input.createdAt ?? Date.now(),
|
|
20
|
+
updatedAt: input.updatedAt ?? Date.now(),
|
|
21
|
+
};
|
|
22
|
+
if (typeof input.lastVerifiedAt === 'number') {
|
|
23
|
+
result.lastVerifiedAt = input.lastVerifiedAt;
|
|
24
|
+
}
|
|
25
|
+
return result;
|
|
26
|
+
}
|
|
27
|
+
constructor(state) {
|
|
28
|
+
const init = CustomDomainModel.createSchema(state);
|
|
29
|
+
this.id = init.id;
|
|
30
|
+
this.orgId = init.orgId;
|
|
31
|
+
this.domain = init.domain;
|
|
32
|
+
this.dnsTarget = init.dnsTarget;
|
|
33
|
+
this.dnsVerified = init.dnsVerified;
|
|
34
|
+
this.lastVerifiedAt = init.lastVerifiedAt;
|
|
35
|
+
this.createdAt = init.createdAt;
|
|
36
|
+
this.updatedAt = init.updatedAt;
|
|
37
|
+
}
|
|
38
|
+
toJSON() {
|
|
39
|
+
const result = {
|
|
40
|
+
id: this.id,
|
|
41
|
+
orgId: this.orgId,
|
|
42
|
+
domain: this.domain,
|
|
43
|
+
dnsTarget: this.dnsTarget,
|
|
44
|
+
dnsVerified: this.dnsVerified,
|
|
45
|
+
createdAt: this.createdAt,
|
|
46
|
+
updatedAt: this.updatedAt,
|
|
47
|
+
};
|
|
48
|
+
if (typeof this.lastVerifiedAt === 'number') {
|
|
49
|
+
result.lastVerifiedAt = this.lastVerifiedAt;
|
|
50
|
+
}
|
|
51
|
+
return result;
|
|
52
|
+
}
|
|
53
|
+
validate() {
|
|
54
|
+
const result = [];
|
|
55
|
+
if (!this.domain) {
|
|
56
|
+
result.push({
|
|
57
|
+
field: 'domain',
|
|
58
|
+
message: 'Domain must not be empty',
|
|
59
|
+
rule: 'notEmpty',
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
if (!this.orgId) {
|
|
63
|
+
result.push({
|
|
64
|
+
field: 'orgId',
|
|
65
|
+
message: 'Org ID must not be empty',
|
|
66
|
+
rule: 'notEmpty',
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
if (!this.dnsTarget) {
|
|
70
|
+
result.push({
|
|
71
|
+
field: 'dnsTarget',
|
|
72
|
+
message: 'DNS target must not be empty',
|
|
73
|
+
rule: 'notEmpty',
|
|
74
|
+
});
|
|
75
|
+
}
|
|
76
|
+
return result;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
//# sourceMappingURL=CustomDomain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CustomDomain.js","sourceRoot":"","sources":["../../../../src/models/store/CustomDomain.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAqCxC,MAAM,OAAO,iBAAiB;IAC5B,EAAE,CAAQ;IACV,KAAK,CAAQ;IACb,MAAM,CAAQ;IACd,SAAS,CAAQ;IACjB,WAAW,CAAS;IACpB,cAAc,CAAS;IACvB,SAAS,CAAQ;IACjB,SAAS,CAAQ;IAEjB,MAAM,CAAC,YAAY,CAAC,QAAqC,EAAE;QACzD,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,IAAI,MAAM,EAAE,CAAA;QAC/B,MAAM,MAAM,GAAuB;YACjC,EAAE;YACF,KAAK,EAAE,KAAK,CAAC,KAAK,IAAI,EAAE;YACxB,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,EAAE;YAChC,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,KAAK;YACvC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;YACxC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;SACzC,CAAA;QACD,IAAI,OAAO,KAAK,CAAC,cAAc,KAAK,QAAQ,EAAE,CAAC;YAC7C,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC,cAAc,CAAA;QAC9C,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,YAAY,KAAmC;QAC7C,MAAM,IAAI,GAAG,iBAAiB,CAAC,YAAY,CAAC,KAAK,CAAC,CAAA;QAClD,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAA;QACjB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAA;QACvB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;IACjC,CAAC;IAED,MAAM;QACJ,MAAM,MAAM,GAAuB;YACjC,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAA;QACD,IAAI,OAAO,IAAI,CAAC,cAAc,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QAC7C,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,QAAQ;QACN,MAAM,MAAM,GAA6B,EAAE,CAAA;QAC3C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,QAAQ;gBACf,OAAO,EAAE,0BAA0B;gBACnC,IAAI,EAAE,UAAU;aACjB,CAAC,CAAA;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,OAAO;gBACd,OAAO,EAAE,0BAA0B;gBACnC,IAAI,EAAE,UAAU;aACjB,CAAC,CAAA;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,8BAA8B;gBACvC,IAAI,EAAE,UAAU;aACjB,CAAC,CAAA;QACJ,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;CACF","sourcesContent":["import type { FieldValidationMessage } from '../../exceptions/validation_error.js'\nimport { nanoid } from '../../nanoid.js'\n\nexport interface CustomDomainSchema {\n /**\n * Primary key (nanoid)\n */\n id: string\n /**\n * ID of the organization\n */\n orgId: string\n /**\n * The custom domain\n */\n domain: string\n /**\n * The DNS target for the custom domain\n */\n dnsTarget: string\n /**\n * Whether the DNS has been verified\n */\n dnsVerified: boolean\n /**\n * Timestamp of last DNS verification\n */\n lastVerifiedAt?: number\n /**\n * Timestamp of creation\n */\n createdAt: number\n /**\n * Timestamp of last update\n */\n updatedAt: number\n}\n\nexport class CustomDomainModel implements CustomDomainSchema {\n id: string\n orgId: string\n domain: string\n dnsTarget: string\n dnsVerified: boolean\n lastVerifiedAt?: number\n createdAt: number\n updatedAt: number\n\n static createSchema(input: Partial<CustomDomainSchema> = {}): CustomDomainSchema {\n const id = input.id ?? nanoid()\n const result: CustomDomainSchema = {\n id,\n orgId: input.orgId || '',\n domain: input.domain || '',\n dnsTarget: input.dnsTarget || '',\n dnsVerified: input.dnsVerified ?? false,\n createdAt: input.createdAt ?? Date.now(),\n updatedAt: input.updatedAt ?? Date.now(),\n }\n if (typeof input.lastVerifiedAt === 'number') {\n result.lastVerifiedAt = input.lastVerifiedAt\n }\n return result\n }\n\n constructor(state?: Partial<CustomDomainSchema>) {\n const init = CustomDomainModel.createSchema(state)\n this.id = init.id\n this.orgId = init.orgId\n this.domain = init.domain\n this.dnsTarget = init.dnsTarget\n this.dnsVerified = init.dnsVerified\n this.lastVerifiedAt = init.lastVerifiedAt\n this.createdAt = init.createdAt\n this.updatedAt = init.updatedAt\n }\n\n toJSON(): CustomDomainSchema {\n const result: CustomDomainSchema = {\n id: this.id,\n orgId: this.orgId,\n domain: this.domain,\n dnsTarget: this.dnsTarget,\n dnsVerified: this.dnsVerified,\n createdAt: this.createdAt,\n updatedAt: this.updatedAt,\n }\n if (typeof this.lastVerifiedAt === 'number') {\n result.lastVerifiedAt = this.lastVerifiedAt\n }\n return result\n }\n\n validate(): FieldValidationMessage[] {\n const result: FieldValidationMessage[] = []\n if (!this.domain) {\n result.push({\n field: 'domain',\n message: 'Domain must not be empty',\n rule: 'notEmpty',\n })\n }\n if (!this.orgId) {\n result.push({\n field: 'orgId',\n message: 'Org ID must not be empty',\n rule: 'notEmpty',\n })\n }\n if (!this.dnsTarget) {\n result.push({\n field: 'dnsTarget',\n message: 'DNS target must not be empty',\n rule: 'notEmpty',\n })\n }\n return result\n }\n}\n"]}
|