@atproto/oauth-scopes 0.0.2 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (169) hide show
  1. package/CHANGELOG.md +25 -0
  2. package/dist/atproto-oauth-scope.d.ts +12 -0
  3. package/dist/atproto-oauth-scope.d.ts.map +1 -0
  4. package/dist/atproto-oauth-scope.js +32 -0
  5. package/dist/atproto-oauth-scope.js.map +1 -0
  6. package/dist/index.d.ts +9 -13
  7. package/dist/index.d.ts.map +1 -1
  8. package/dist/index.js +9 -13
  9. package/dist/index.js.map +1 -1
  10. package/dist/lib/lexicon.d.ts +2 -0
  11. package/dist/lib/lexicon.d.ts.map +1 -0
  12. package/dist/lib/lexicon.js +3 -0
  13. package/dist/lib/lexicon.js.map +1 -0
  14. package/dist/lib/mime.d.ts +1 -1
  15. package/dist/lib/mime.d.ts.map +1 -1
  16. package/dist/lib/mime.js +2 -0
  17. package/dist/lib/mime.js.map +1 -1
  18. package/dist/lib/nsid.d.ts +2 -2
  19. package/dist/lib/nsid.d.ts.map +1 -1
  20. package/dist/lib/nsid.js +4 -6
  21. package/dist/lib/nsid.js.map +1 -1
  22. package/dist/lib/parser.d.ts +29 -0
  23. package/dist/lib/parser.d.ts.map +1 -0
  24. package/dist/lib/parser.js +152 -0
  25. package/dist/lib/parser.js.map +1 -0
  26. package/dist/lib/resource-permission.d.ts +10 -0
  27. package/dist/lib/resource-permission.d.ts.map +1 -0
  28. package/dist/lib/resource-permission.js +3 -0
  29. package/dist/lib/resource-permission.js.map +1 -0
  30. package/dist/lib/syntax-lexicon.d.ts +26 -0
  31. package/dist/lib/syntax-lexicon.d.ts.map +1 -0
  32. package/dist/lib/syntax-lexicon.js +58 -0
  33. package/dist/lib/syntax-lexicon.js.map +1 -0
  34. package/dist/lib/syntax-string.d.ts +16 -0
  35. package/dist/lib/syntax-string.d.ts.map +1 -0
  36. package/dist/lib/syntax-string.js +121 -0
  37. package/dist/lib/syntax-string.js.map +1 -0
  38. package/dist/lib/syntax.d.ts +23 -0
  39. package/dist/lib/syntax.d.ts.map +1 -0
  40. package/dist/lib/syntax.js +22 -0
  41. package/dist/lib/syntax.js.map +1 -0
  42. package/dist/lib/util.d.ts +4 -1
  43. package/dist/lib/util.d.ts.map +1 -1
  44. package/dist/lib/util.js +4 -12
  45. package/dist/lib/util.js.map +1 -1
  46. package/dist/scope-permissions-transition.d.ts +15 -0
  47. package/dist/scope-permissions-transition.d.ts.map +1 -0
  48. package/dist/{permission-set-transition.js → scope-permissions-transition.js} +5 -5
  49. package/dist/scope-permissions-transition.js.map +1 -0
  50. package/dist/scope-permissions.d.ts +22 -0
  51. package/dist/scope-permissions.d.ts.map +1 -0
  52. package/dist/{permission-set.js → scope-permissions.js} +20 -16
  53. package/dist/scope-permissions.js.map +1 -0
  54. package/dist/scopes/account-permission.d.ts +35 -0
  55. package/dist/scopes/account-permission.d.ts.map +1 -0
  56. package/dist/scopes/account-permission.js +71 -0
  57. package/dist/scopes/account-permission.js.map +1 -0
  58. package/dist/scopes/blob-permission.d.ts +27 -0
  59. package/dist/scopes/blob-permission.d.ts.map +1 -0
  60. package/dist/scopes/blob-permission.js +86 -0
  61. package/dist/scopes/blob-permission.js.map +1 -0
  62. package/dist/scopes/identity-permission.d.ts +25 -0
  63. package/dist/scopes/identity-permission.d.ts.map +1 -0
  64. package/dist/scopes/identity-permission.js +53 -0
  65. package/dist/scopes/identity-permission.js.map +1 -0
  66. package/dist/scopes/include-scope.d.ts +54 -0
  67. package/dist/scopes/include-scope.d.ts.map +1 -0
  68. package/dist/scopes/include-scope.js +156 -0
  69. package/dist/scopes/include-scope.js.map +1 -0
  70. package/dist/scopes/repo-permission.d.ts +40 -0
  71. package/dist/scopes/repo-permission.d.ts.map +1 -0
  72. package/dist/scopes/repo-permission.js +101 -0
  73. package/dist/scopes/repo-permission.js.map +1 -0
  74. package/dist/scopes/rpc-permission.d.ts +38 -0
  75. package/dist/scopes/rpc-permission.d.ts.map +1 -0
  76. package/dist/scopes/rpc-permission.js +81 -0
  77. package/dist/scopes/rpc-permission.js.map +1 -0
  78. package/dist/scopes-set.d.ts +12 -1
  79. package/dist/scopes-set.d.ts.map +1 -1
  80. package/dist/scopes-set.js +49 -3
  81. package/dist/scopes-set.js.map +1 -1
  82. package/package.json +7 -3
  83. package/src/atproto-oauth-scope.ts +43 -0
  84. package/src/index.ts +10 -14
  85. package/src/lib/lexicon.ts +1 -0
  86. package/src/lib/mime.ts +2 -1
  87. package/src/lib/nsid.ts +5 -6
  88. package/src/lib/parser.ts +176 -0
  89. package/src/lib/resource-permission.ts +10 -0
  90. package/src/lib/syntax-lexicon.ts +55 -0
  91. package/src/lib/syntax-string.test.ts +130 -0
  92. package/src/lib/syntax-string.ts +132 -0
  93. package/src/lib/syntax.test.ts +43 -0
  94. package/src/lib/syntax.ts +47 -0
  95. package/src/lib/util.ts +7 -12
  96. package/src/{permission-set-transition.test.ts → scope-permissions-transition.test.ts} +33 -20
  97. package/src/{permission-set-transition.ts → scope-permissions-transition.ts} +11 -11
  98. package/src/{permission-set.test.ts → scope-permissions.test.ts} +77 -35
  99. package/src/scope-permissions.ts +91 -0
  100. package/src/{resources/account-scope.test.ts → scopes/account-permission.test.ts} +45 -33
  101. package/src/scopes/account-permission.ts +75 -0
  102. package/src/{resources/blob-scope.test.ts → scopes/blob-permission.test.ts} +31 -23
  103. package/src/scopes/blob-permission.ts +105 -0
  104. package/src/{resources/identity-scope.test.ts → scopes/identity-permission.test.ts} +13 -13
  105. package/src/scopes/identity-permission.ts +54 -0
  106. package/src/scopes/include-scope.test.ts +626 -0
  107. package/src/scopes/include-scope.ts +168 -0
  108. package/src/{resources/repo-scope.test.ts → scopes/repo-permission.test.ts} +77 -65
  109. package/src/scopes/repo-permission.ts +111 -0
  110. package/src/scopes/rpc-permission.test.ts +323 -0
  111. package/src/scopes/rpc-permission.ts +85 -0
  112. package/src/scopes-set.test.ts +5 -5
  113. package/src/scopes-set.ts +79 -5
  114. package/tsconfig.build.tsbuildinfo +1 -1
  115. package/tsconfig.tests.tsbuildinfo +1 -1
  116. package/dist/lib/did.d.ts +0 -3
  117. package/dist/lib/did.d.ts.map +0 -1
  118. package/dist/lib/did.js +0 -6
  119. package/dist/lib/did.js.map +0 -1
  120. package/dist/parser.d.ts +0 -31
  121. package/dist/parser.d.ts.map +0 -1
  122. package/dist/parser.js +0 -118
  123. package/dist/parser.js.map +0 -1
  124. package/dist/permission-set-transition.d.ts +0 -15
  125. package/dist/permission-set-transition.d.ts.map +0 -1
  126. package/dist/permission-set-transition.js.map +0 -1
  127. package/dist/permission-set.d.ts +0 -22
  128. package/dist/permission-set.d.ts.map +0 -1
  129. package/dist/permission-set.js.map +0 -1
  130. package/dist/resources/account-scope.d.ts +0 -35
  131. package/dist/resources/account-scope.d.ts.map +0 -1
  132. package/dist/resources/account-scope.js +0 -60
  133. package/dist/resources/account-scope.js.map +0 -1
  134. package/dist/resources/blob-scope.d.ts +0 -25
  135. package/dist/resources/blob-scope.d.ts.map +0 -1
  136. package/dist/resources/blob-scope.js +0 -74
  137. package/dist/resources/blob-scope.js.map +0 -1
  138. package/dist/resources/identity-scope.d.ts +0 -25
  139. package/dist/resources/identity-scope.d.ts.map +0 -1
  140. package/dist/resources/identity-scope.js +0 -46
  141. package/dist/resources/identity-scope.js.map +0 -1
  142. package/dist/resources/repo-scope.d.ts +0 -37
  143. package/dist/resources/repo-scope.d.ts.map +0 -1
  144. package/dist/resources/repo-scope.js +0 -92
  145. package/dist/resources/repo-scope.js.map +0 -1
  146. package/dist/resources/rpc-scope.d.ts +0 -31
  147. package/dist/resources/rpc-scope.d.ts.map +0 -1
  148. package/dist/resources/rpc-scope.js +0 -74
  149. package/dist/resources/rpc-scope.js.map +0 -1
  150. package/dist/syntax.d.ts +0 -76
  151. package/dist/syntax.d.ts.map +0 -1
  152. package/dist/syntax.js +0 -249
  153. package/dist/syntax.js.map +0 -1
  154. package/dist/utilities.d.ts +0 -17
  155. package/dist/utilities.d.ts.map +0 -1
  156. package/dist/utilities.js +0 -108
  157. package/dist/utilities.js.map +0 -1
  158. package/src/lib/did.ts +0 -3
  159. package/src/parser.ts +0 -150
  160. package/src/permission-set.ts +0 -78
  161. package/src/resources/account-scope.ts +0 -66
  162. package/src/resources/blob-scope.ts +0 -86
  163. package/src/resources/identity-scope.ts +0 -49
  164. package/src/resources/repo-scope.ts +0 -101
  165. package/src/resources/rpc-scope.test.ts +0 -280
  166. package/src/resources/rpc-scope.ts +0 -77
  167. package/src/syntax.test.ts +0 -203
  168. package/src/syntax.ts +0 -325
  169. package/src/utilities.ts +0 -109
@@ -0,0 +1 @@
1
+ {"version":3,"file":"blob-permission.js","sourceRoot":"","sources":["../../src/scopes/blob-permission.ts"],"names":[],"mappings":";;;AAAA,4CAAmE;AACnE,gDAAyC;AAEzC,8DAA2D;AAC3D,gDAMyB;AAIZ,QAAA,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,CAAU,CAAC,CAAA;AAM7D,MAAa,cAAc;IAGzB,YAA4B,MAAyB;QAAzC;;;;mBAAgB,MAAM;WAAmB;IAAG,CAAC;IAEzD,OAAO,CAAC,OAA4B;QAClC,OAAO,IAAA,0BAAgB,EAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,CAAA;IACpD,CAAC;IAED,QAAQ;QACN,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC3C,CAAC;IAuBD,MAAM,CAAC,UAAU,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAA,4BAAgB,EAAC,KAAK,EAAE,MAAM,CAAC;YAAE,OAAO,IAAI,CAAA;QACjD,MAAM,MAAM,GAAG,oCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,MAA2B;QAC3C,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QAClD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAA4B;QAChD,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC;YAClC,MAAM,EAAE,CAAC,OAAO,CAAC,IAAc,CAAC;SACjC,CAAC,CAAA;IACJ,CAAC;;AAnDH,wCAoDC;AAvC2B;;;;WAAS,IAAI,kBAAM,CAC3C,MAAM,EACN;QACE,MAAM,EAAE;YACN,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,kBAAQ;YAClB,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;gBACnB,8DAA8D;gBAC9D,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;oBAAE,OAAO,sBAAc,CAAA;gBAEhD,OAAO,KAAK;qBACT,GAAG,CAAC,WAAW,CAAC;qBAChB,MAAM,CAAC,cAAc,CAAC;qBACtB,IAAI,EAAqB,CAAA;YAC9B,CAAC;SACF;KACF,EACD,QAAQ,CACT;EAnB+B,CAmB/B;AAsBH,SAAS,WAAW,CAClB,KAAQ;IAER,OAAO,CACL,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,KAAK,CACvB,CAAA;AACpC,CAAC;AAED,SAAS,cAAc,CACrB,KAAiB,EACjB,KAAa,EACb,GAA0B;IAE1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,4EAA4E;QAC5E,8DAA8D;QAC9D,OAAO,IAAI,CAAA;IACb,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IACnC,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC;QAC9B,wEAAwE;QACxE,2EAA2E;QAC3E,0EAA0E;QAC1E,MAAM;QACN,OAAO,KAAK,CAAA;IACd,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}
@@ -0,0 +1,25 @@
1
+ import { Parser } from '../lib/parser.js';
2
+ import { ResourcePermission } from '../lib/resource-permission.js';
3
+ import { ScopeSyntax } from '../lib/syntax.js';
4
+ export declare const IDENTITY_ATTRIBUTES: readonly ["handle", "*"];
5
+ export type IdentityAttribute = (typeof IDENTITY_ATTRIBUTES)[number];
6
+ export type IdentityPermissionMatch = {
7
+ attr: IdentityAttribute;
8
+ };
9
+ export declare class IdentityPermission implements ResourcePermission<'identity', IdentityPermissionMatch> {
10
+ readonly attr: IdentityAttribute;
11
+ constructor(attr: IdentityAttribute);
12
+ matches(options: IdentityPermissionMatch): boolean;
13
+ toString(): import("../lib/syntax.js").ScopeStringFor<"identity">;
14
+ protected static readonly parser: Parser<"identity", {
15
+ attr: {
16
+ multiple: false;
17
+ required: true;
18
+ validate: (value: unknown) => value is "*" | "handle";
19
+ };
20
+ }>;
21
+ static fromString(scope: string): IdentityPermission | null;
22
+ static fromSyntax(syntax: ScopeSyntax<'identity'>): IdentityPermission | null;
23
+ static scopeNeededFor(options: IdentityPermissionMatch): string;
24
+ }
25
+ //# sourceMappingURL=identity-permission.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"identity-permission.d.ts","sourceRoot":"","sources":["../../src/scopes/identity-permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAA;AAElE,OAAO,EAAE,WAAW,EAAoB,MAAM,kBAAkB,CAAA;AAGhE,eAAO,MAAM,mBAAmB,0BAA0C,CAAA;AAC1E,MAAM,MAAM,iBAAiB,GAAG,CAAC,OAAO,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAA;AAEpE,MAAM,MAAM,uBAAuB,GAAG;IACpC,IAAI,EAAE,iBAAiB,CAAA;CACxB,CAAA;AAED,qBAAa,kBACX,YAAW,kBAAkB,CAAC,UAAU,EAAE,uBAAuB,CAAC;aAEtC,IAAI,EAAE,iBAAiB;gBAAvB,IAAI,EAAE,iBAAiB;IAEnD,OAAO,CAAC,OAAO,EAAE,uBAAuB;IAIxC,QAAQ;IAIR,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM;;;;;;OAU/B;IAED,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM;IAM/B,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,UAAU,CAAC;IAMjD,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,uBAAuB,GAAG,MAAM;CAGhE"}
@@ -0,0 +1,53 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.IdentityPermission = exports.IDENTITY_ATTRIBUTES = void 0;
4
+ const parser_js_1 = require("../lib/parser.js");
5
+ const syntax_string_js_1 = require("../lib/syntax-string.js");
6
+ const syntax_js_1 = require("../lib/syntax.js");
7
+ const util_js_1 = require("../lib/util.js");
8
+ exports.IDENTITY_ATTRIBUTES = Object.freeze(['handle', '*']);
9
+ class IdentityPermission {
10
+ constructor(attr) {
11
+ Object.defineProperty(this, "attr", {
12
+ enumerable: true,
13
+ configurable: true,
14
+ writable: true,
15
+ value: attr
16
+ });
17
+ }
18
+ matches(options) {
19
+ return this.attr === '*' || this.attr === options.attr;
20
+ }
21
+ toString() {
22
+ return IdentityPermission.parser.format(this);
23
+ }
24
+ static fromString(scope) {
25
+ if (!(0, syntax_js_1.isScopeStringFor)(scope, 'identity'))
26
+ return null;
27
+ const syntax = syntax_string_js_1.ScopeStringSyntax.fromString(scope);
28
+ return IdentityPermission.fromSyntax(syntax);
29
+ }
30
+ static fromSyntax(syntax) {
31
+ const result = IdentityPermission.parser.parse(syntax);
32
+ if (!result)
33
+ return null;
34
+ return new IdentityPermission(result.attr);
35
+ }
36
+ static scopeNeededFor(options) {
37
+ return IdentityPermission.parser.format(options);
38
+ }
39
+ }
40
+ exports.IdentityPermission = IdentityPermission;
41
+ Object.defineProperty(IdentityPermission, "parser", {
42
+ enumerable: true,
43
+ configurable: true,
44
+ writable: true,
45
+ value: new parser_js_1.Parser('identity', {
46
+ attr: {
47
+ multiple: false,
48
+ required: true,
49
+ validate: (0, util_js_1.knownValuesValidator)(exports.IDENTITY_ATTRIBUTES),
50
+ },
51
+ }, 'attr')
52
+ });
53
+ //# sourceMappingURL=identity-permission.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"identity-permission.js","sourceRoot":"","sources":["../../src/scopes/identity-permission.ts"],"names":[],"mappings":";;;AAAA,gDAAyC;AAEzC,8DAA2D;AAC3D,gDAAgE;AAChE,4CAAqD;AAExC,QAAA,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAU,CAAC,CAAA;AAO1E,MAAa,kBAAkB;IAG7B,YAA4B,IAAuB;QAAvC;;;;mBAAgB,IAAI;WAAmB;IAAG,CAAC;IAEvD,OAAO,CAAC,OAAgC;QACtC,OAAO,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAA;IACxD,CAAC;IAED,QAAQ;QACN,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC/C,CAAC;IAcD,MAAM,CAAC,UAAU,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAA,4BAAgB,EAAC,KAAK,EAAE,UAAU,CAAC;YAAE,OAAO,IAAI,CAAA;QACrD,MAAM,MAAM,GAAG,oCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,kBAAkB,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IAC9C,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,MAA+B;QAC/C,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QACtD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QACxB,OAAO,IAAI,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC5C,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAAgC;QACpD,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAClD,CAAC;;AAvCH,gDAwCC;AA3B2B;;;;WAAS,IAAI,kBAAM,CAC3C,UAAU,EACV;QACE,IAAI,EAAE;YACJ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAA,8BAAoB,EAAC,2BAAmB,CAAC;SACpD;KACF,EACD,MAAM,CACP;EAV+B,CAU/B"}
@@ -0,0 +1,54 @@
1
+ import { AtprotoAudience } from '@atproto/did';
2
+ import { LexPermission, LexPermissionSet } from '../lib/lexicon.js';
3
+ import { Nsid, isNsid } from '../lib/nsid.js';
4
+ import { Parser } from '../lib/parser.js';
5
+ import { ScopeSyntax } from '../lib/syntax.js';
6
+ import { BlobPermission } from './blob-permission.js';
7
+ import { RepoPermission } from './repo-permission.js';
8
+ import { RpcPermission } from './rpc-permission.js';
9
+ export { type LexPermission, type LexPermissionSet, type Nsid, isNsid };
10
+ /**
11
+ * This is used to handle "include:" oauth scope values, used to include
12
+ * permissions from a lexicon defined permission set. Not being a resource
13
+ * permission, it does not implement `Matchable`.
14
+ */
15
+ export declare class IncludeScope {
16
+ readonly nsid: Nsid;
17
+ readonly aud: undefined | AtprotoAudience;
18
+ constructor(nsid: Nsid, aud?: undefined | AtprotoAudience);
19
+ toString(): import("../lib/syntax.js").ScopeStringFor<"include">;
20
+ /**
21
+ * Converts an "include:" to the list of permissions it includes, based on the
22
+ * lexicon defined permission set.
23
+ */
24
+ toPermissions(permissionSet: LexPermissionSet): (BlobPermission | RepoPermission | RpcPermission)[];
25
+ protected parsePermission(permission: LexPermission): BlobPermission | RepoPermission | RpcPermission | null;
26
+ /**
27
+ * Verifies that a permission included through a lexicon permission set is
28
+ * allowed in the context of the `include:` scope. This basically checks that
29
+ * the permission is "under" the namespace authority of the `include:` scope,
30
+ * and that it only contains "repo:", "rpc:", or "blob:" permissions.
31
+ */
32
+ protected isAllowedPermission(permission: unknown): permission is RpcPermission | RepoPermission | BlobPermission;
33
+ /**
34
+ * Verifies that a permission item's nsid is under the same authority as the
35
+ * nsid of the lexicon itself (which is the same as the nsid of the `include:`
36
+ * scope).
37
+ */
38
+ isParentAuthorityOf(otherNsid: '*' | Nsid): boolean;
39
+ protected static readonly parser: Parser<"include", {
40
+ nsid: {
41
+ multiple: false;
42
+ required: true;
43
+ validate: (v: unknown) => v is Nsid;
44
+ };
45
+ aud: {
46
+ multiple: false;
47
+ required: false;
48
+ validate: (value: unknown) => value is AtprotoAudience;
49
+ };
50
+ }>;
51
+ static fromString(scope: string): IncludeScope | null;
52
+ static fromSyntax(syntax: ScopeSyntax<'include'>): IncludeScope | null;
53
+ }
54
+ //# sourceMappingURL=include-scope.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"include-scope.d.ts","sourceRoot":"","sources":["../../src/scopes/include-scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAqB,MAAM,cAAc,CAAA;AACjE,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAGzC,OAAO,EAAE,WAAW,EAAoB,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,gBAAgB,EAAE,KAAK,IAAI,EAAE,MAAM,EAAE,CAAA;AAEvE;;;;GAIG;AACH,qBAAa,YAAY;aAEL,IAAI,EAAE,IAAI;aACV,GAAG,EAAE,SAAS,GAAG,eAAe;gBADhC,IAAI,EAAE,IAAI,EACV,GAAG,GAAE,SAAS,GAAG,eAA2B;IAG9D,QAAQ;IAIR;;;OAGG;IACH,aAAa,CAAC,aAAa,EAAE,gBAAgB;IAM7C,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,aAAa;IAoBnD;;;;;OAKG;IACH,SAAS,CAAC,mBAAmB,CAC3B,UAAU,EAAE,OAAO,GAClB,UAAU,IAAI,aAAa,GAAG,cAAc,GAAG,cAAc;IAgBhE;;;;OAIG;IACI,mBAAmB,CAAC,SAAS,EAAE,GAAG,GAAG,IAAI;IAgChD,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM;;;;;;;;;;;OAe/B;IAED,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM;IAM/B,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,SAAS,CAAC;CAKjD"}
@@ -0,0 +1,156 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.IncludeScope = exports.isNsid = void 0;
4
+ const did_1 = require("@atproto/did");
5
+ const nsid_js_1 = require("../lib/nsid.js");
6
+ Object.defineProperty(exports, "isNsid", { enumerable: true, get: function () { return nsid_js_1.isNsid; } });
7
+ const parser_js_1 = require("../lib/parser.js");
8
+ const syntax_lexicon_js_1 = require("../lib/syntax-lexicon.js");
9
+ const syntax_string_js_1 = require("../lib/syntax-string.js");
10
+ const syntax_js_1 = require("../lib/syntax.js");
11
+ const blob_permission_js_1 = require("./blob-permission.js");
12
+ const repo_permission_js_1 = require("./repo-permission.js");
13
+ const rpc_permission_js_1 = require("./rpc-permission.js");
14
+ /**
15
+ * This is used to handle "include:" oauth scope values, used to include
16
+ * permissions from a lexicon defined permission set. Not being a resource
17
+ * permission, it does not implement `Matchable`.
18
+ */
19
+ class IncludeScope {
20
+ constructor(nsid, aud = undefined) {
21
+ Object.defineProperty(this, "nsid", {
22
+ enumerable: true,
23
+ configurable: true,
24
+ writable: true,
25
+ value: nsid
26
+ });
27
+ Object.defineProperty(this, "aud", {
28
+ enumerable: true,
29
+ configurable: true,
30
+ writable: true,
31
+ value: aud
32
+ });
33
+ }
34
+ toString() {
35
+ return IncludeScope.parser.format(this);
36
+ }
37
+ /**
38
+ * Converts an "include:" to the list of permissions it includes, based on the
39
+ * lexicon defined permission set.
40
+ */
41
+ toPermissions(permissionSet) {
42
+ return permissionSet.permissions
43
+ .map(this.parsePermission, this)
44
+ .filter(this.isAllowedPermission, this);
45
+ }
46
+ parsePermission(permission) {
47
+ if (permission.resource === 'rpc' &&
48
+ permission.inheritAud === true &&
49
+ permission.aud === undefined &&
50
+ this.aud !== undefined) {
51
+ // "rpc" permissions can "inherit" their audience from "aud" param defined
52
+ // in the "include:<nsid>?aud=<audience>" scope the permission set was
53
+ // loaded from.
54
+ return parsePermission({
55
+ ...permission,
56
+ inheritAud: undefined,
57
+ aud: this.aud,
58
+ });
59
+ }
60
+ return parsePermission(permission);
61
+ }
62
+ /**
63
+ * Verifies that a permission included through a lexicon permission set is
64
+ * allowed in the context of the `include:` scope. This basically checks that
65
+ * the permission is "under" the namespace authority of the `include:` scope,
66
+ * and that it only contains "repo:", "rpc:", or "blob:" permissions.
67
+ */
68
+ isAllowedPermission(permission) {
69
+ if (permission instanceof rpc_permission_js_1.RpcPermission) {
70
+ return permission.lxm.every(this.isParentAuthorityOf, this);
71
+ }
72
+ if (permission instanceof repo_permission_js_1.RepoPermission) {
73
+ return permission.collection.every(this.isParentAuthorityOf, this);
74
+ }
75
+ if (permission instanceof blob_permission_js_1.BlobPermission) {
76
+ return true;
77
+ }
78
+ return false;
79
+ }
80
+ /**
81
+ * Verifies that a permission item's nsid is under the same authority as the
82
+ * nsid of the lexicon itself (which is the same as the nsid of the `include:`
83
+ * scope).
84
+ */
85
+ isParentAuthorityOf(otherNsid) {
86
+ if (otherNsid === '*') {
87
+ return false;
88
+ }
89
+ const lexiconNsid = this.nsid;
90
+ const groupPrefixEnd = lexiconNsid.lastIndexOf('.');
91
+ // There should always be a dot, but since this is a security feature, let's
92
+ // be strict about it.
93
+ if (groupPrefixEnd === -1) {
94
+ throw new TypeError('Dot character (".") missing from lexicon NSID');
95
+ }
96
+ // Make sure that otherNsid is at least as long as the "group prefix"
97
+ if (groupPrefixEnd >= otherNsid.length - 1) {
98
+ return false;
99
+ }
100
+ // Make sure that the "otherNsid" starts with the group of the lexiconNsid,
101
+ // up to the dot itself. We check in reverse order as nsids tend to have
102
+ // long common prefixes.
103
+ for (let i = groupPrefixEnd; i >= 0; i--) {
104
+ if (lexiconNsid.charCodeAt(i) !== otherNsid.charCodeAt(i)) {
105
+ return false;
106
+ }
107
+ }
108
+ return true;
109
+ }
110
+ static fromString(scope) {
111
+ if (!(0, syntax_js_1.isScopeStringFor)(scope, 'include'))
112
+ return null;
113
+ const syntax = syntax_string_js_1.ScopeStringSyntax.fromString(scope);
114
+ return IncludeScope.fromSyntax(syntax);
115
+ }
116
+ static fromSyntax(syntax) {
117
+ const result = IncludeScope.parser.parse(syntax);
118
+ if (!result)
119
+ return null;
120
+ return new IncludeScope(result.nsid, result.aud);
121
+ }
122
+ }
123
+ exports.IncludeScope = IncludeScope;
124
+ Object.defineProperty(IncludeScope, "parser", {
125
+ enumerable: true,
126
+ configurable: true,
127
+ writable: true,
128
+ value: new parser_js_1.Parser('include', {
129
+ nsid: {
130
+ multiple: false,
131
+ required: true,
132
+ validate: nsid_js_1.isNsid,
133
+ },
134
+ aud: {
135
+ multiple: false,
136
+ required: false,
137
+ validate: did_1.isAtprotoAudience,
138
+ },
139
+ }, 'nsid')
140
+ });
141
+ function parsePermission(permission) {
142
+ if (isPermissionForResource(permission, 'repo')) {
143
+ return repo_permission_js_1.RepoPermission.fromSyntax(new syntax_lexicon_js_1.LexPermissionSyntax(permission));
144
+ }
145
+ if (isPermissionForResource(permission, 'rpc')) {
146
+ return rpc_permission_js_1.RpcPermission.fromSyntax(new syntax_lexicon_js_1.LexPermissionSyntax(permission));
147
+ }
148
+ if (isPermissionForResource(permission, 'blob')) {
149
+ return blob_permission_js_1.BlobPermission.fromSyntax(new syntax_lexicon_js_1.LexPermissionSyntax(permission));
150
+ }
151
+ return null;
152
+ }
153
+ function isPermissionForResource(permission, type) {
154
+ return permission.resource === type;
155
+ }
156
+ //# sourceMappingURL=include-scope.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"include-scope.js","sourceRoot":"","sources":["../../src/scopes/include-scope.ts"],"names":[],"mappings":";;;AAAA,sCAAiE;AAEjE,4CAA6C;AASkB,uFAThD,gBAAM,OASgD;AARrE,gDAAyC;AACzC,gEAA8D;AAC9D,8DAA2D;AAC3D,gDAAgE;AAChE,6DAAqD;AACrD,6DAAqD;AACrD,2DAAmD;AAInD;;;;GAIG;AACH,MAAa,YAAY;IACvB,YACkB,IAAU,EACV,MAAmC,SAAS;QAD5D;;;;mBAAgB,IAAI;WAAM;QAC1B;;;;mBAAgB,GAAG;WAAyC;IAC3D,CAAC;IAEJ,QAAQ;QACN,OAAO,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IACzC,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,aAA+B;QAC3C,OAAO,aAAa,CAAC,WAAW;aAC7B,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC;aAC/B,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAA;IAC3C,CAAC;IAES,eAAe,CAAC,UAAyB;QACjD,IACE,UAAU,CAAC,QAAQ,KAAK,KAAK;YAC7B,UAAU,CAAC,UAAU,KAAK,IAAI;YAC9B,UAAU,CAAC,GAAG,KAAK,SAAS;YAC5B,IAAI,CAAC,GAAG,KAAK,SAAS,EACtB,CAAC;YACD,0EAA0E;YAC1E,sEAAsE;YACtE,eAAe;YACf,OAAO,eAAe,CAAC;gBACrB,GAAG,UAAU;gBACb,UAAU,EAAE,SAAS;gBACrB,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,eAAe,CAAC,UAAU,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACO,mBAAmB,CAC3B,UAAmB;QAEnB,IAAI,UAAU,YAAY,iCAAa,EAAE,CAAC;YACxC,OAAO,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAA;QAC7D,CAAC;QAED,IAAI,UAAU,YAAY,mCAAc,EAAE,CAAC;YACzC,OAAO,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAA;QACpE,CAAC;QAED,IAAI,UAAU,YAAY,mCAAc,EAAE,CAAC;YACzC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACI,mBAAmB,CAAC,SAAqB;QAC9C,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;YACtB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAA;QAE7B,MAAM,cAAc,GAAG,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAEnD,4EAA4E;QAC5E,sBAAsB;QACtB,IAAI,cAAc,KAAK,CAAC,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,SAAS,CAAC,+CAA+C,CAAC,CAAA;QACtE,CAAC;QAED,qEAAqE;QACrE,IAAI,cAAc,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3C,OAAO,KAAK,CAAA;QACd,CAAC;QAED,2EAA2E;QAC3E,wEAAwE;QACxE,wBAAwB;QACxB,KAAK,IAAI,CAAC,GAAG,cAAc,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,IAAI,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAmBD,MAAM,CAAC,UAAU,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAA,4BAAgB,EAAC,KAAK,EAAE,SAAS,CAAC;YAAE,OAAO,IAAI,CAAA;QACpD,MAAM,MAAM,GAAG,oCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IACxC,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,MAA8B;QAC9C,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QAChD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QACxB,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;IAClD,CAAC;;AAhIH,oCAiIC;AA5B2B;;;;WAAS,IAAI,kBAAM,CAC3C,SAAS,EACT;QACE,IAAI,EAAE;YACJ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,gBAAM;SACjB;QACD,GAAG,EAAE;YACH,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,uBAAiB;SAC5B;KACF,EACD,MAAM,CACP;EAf+B,CAe/B;AAeH,SAAS,eAAe,CAAC,UAAyB;IAChD,IAAI,uBAAuB,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC;QAChD,OAAO,mCAAc,CAAC,UAAU,CAAC,IAAI,uCAAmB,CAAC,UAAU,CAAC,CAAC,CAAA;IACvE,CAAC;IACD,IAAI,uBAAuB,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,CAAC;QAC/C,OAAO,iCAAa,CAAC,UAAU,CAAC,IAAI,uCAAmB,CAAC,UAAU,CAAC,CAAC,CAAA;IACtE,CAAC;IACD,IAAI,uBAAuB,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC;QAChD,OAAO,mCAAc,CAAC,UAAU,CAAC,IAAI,uCAAmB,CAAC,UAAU,CAAC,CAAC,CAAA;IACvE,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,SAAS,uBAAuB,CAC9B,UAAa,EACb,IAAO;IAEP,OAAO,UAAU,CAAC,QAAQ,KAAK,IAAI,CAAA;AACrC,CAAC"}
@@ -0,0 +1,40 @@
1
+ import { Nsid, isNsid } from '../lib/nsid.js';
2
+ import { Parser } from '../lib/parser.js';
3
+ import { ResourcePermission } from '../lib/resource-permission.js';
4
+ import { NeArray, NeRoArray, ScopeSyntax } from '../lib/syntax.js';
5
+ export { type Nsid, isNsid };
6
+ export declare const REPO_ACTIONS: readonly ["create", "update", "delete"];
7
+ export type RepoAction = (typeof REPO_ACTIONS)[number];
8
+ export declare const isRepoAction: (value: unknown) => value is "delete" | "create" | "update";
9
+ export type CollectionParam = '*' | Nsid;
10
+ export declare const isCollectionParam: (value: unknown) => value is CollectionParam;
11
+ export type RepoPermissionMatch = {
12
+ collection: string;
13
+ action: RepoAction;
14
+ };
15
+ export declare class RepoPermission implements ResourcePermission<'repo', RepoPermissionMatch> {
16
+ readonly collection: NeRoArray<'*' | Nsid>;
17
+ readonly action: NeRoArray<RepoAction>;
18
+ constructor(collection: NeRoArray<'*' | Nsid>, action: NeRoArray<RepoAction>);
19
+ matches({ action, collection }: RepoPermissionMatch): boolean;
20
+ toString(): import("../lib/syntax.js").ScopeStringFor<"repo">;
21
+ protected static readonly parser: Parser<"repo", {
22
+ collection: {
23
+ multiple: true;
24
+ required: true;
25
+ validate: (value: unknown) => value is CollectionParam;
26
+ normalize: (value: NeRoArray<import("../lib/syntax.js").ParamValue>) => readonly ["*"] | NeArray<`${string}.${string}.${string}`> | ["*" | `${string}.${string}.${string}`];
27
+ };
28
+ action: {
29
+ multiple: true;
30
+ required: false;
31
+ validate: (value: unknown) => value is "delete" | "create" | "update";
32
+ default: readonly ["create", "update", "delete"];
33
+ normalize: (value: NeRoArray<import("../lib/syntax.js").ParamValue>) => readonly ["create", "update", "delete"] | NeArray<"delete" | "create" | "update">;
34
+ };
35
+ }>;
36
+ static fromString(scope: string): RepoPermission | null;
37
+ static fromSyntax(syntax: ScopeSyntax<'repo'>): RepoPermission | null;
38
+ static scopeNeededFor(options: RepoPermissionMatch): string;
39
+ }
40
+ //# sourceMappingURL=repo-permission.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"repo-permission.d.ts","sourceRoot":"","sources":["../../src/scopes/repo-permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAA;AAElE,OAAO,EACL,OAAO,EACP,SAAS,EACT,WAAW,EAEZ,MAAM,kBAAkB,CAAA;AAGzB,OAAO,EAAE,KAAK,IAAI,EAAE,MAAM,EAAE,CAAA;AAE5B,eAAO,MAAM,YAAY,yCAId,CAAA;AACX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,CAAC,CAAA;AACtD,eAAO,MAAM,YAAY,6DAAqC,CAAA;AAE9D,MAAM,MAAM,eAAe,GAAG,GAAG,GAAG,IAAI,CAAA;AACxC,eAAO,MAAM,iBAAiB,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,eAC5B,CAAA;AAEhC,MAAM,MAAM,mBAAmB,GAAG;IAChC,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,UAAU,CAAA;CACnB,CAAA;AAED,qBAAa,cACX,YAAW,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,CAAC;aAGxC,UAAU,EAAE,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC;aACjC,MAAM,EAAE,SAAS,CAAC,UAAU,CAAC;gBAD7B,UAAU,EAAE,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC,EACjC,MAAM,EAAE,SAAS,CAAC,UAAU,CAAC;IAG/C,OAAO,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,mBAAmB;IAQnD,QAAQ;IAIR,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM;;;;8BA5BO,OAAO,KAAG,KAAK,IAAI,eAAe;;;;;;;;;;OAwDxE;IAED,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI;IAMvD,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,cAAc,GAAG,IAAI;IAOrE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mBAAmB,GAAG,MAAM;CAM5D"}
@@ -0,0 +1,101 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.RepoPermission = exports.isCollectionParam = exports.isRepoAction = exports.REPO_ACTIONS = exports.isNsid = void 0;
4
+ const nsid_js_1 = require("../lib/nsid.js");
5
+ Object.defineProperty(exports, "isNsid", { enumerable: true, get: function () { return nsid_js_1.isNsid; } });
6
+ const parser_js_1 = require("../lib/parser.js");
7
+ const syntax_string_js_1 = require("../lib/syntax-string.js");
8
+ const syntax_js_1 = require("../lib/syntax.js");
9
+ const util_js_1 = require("../lib/util.js");
10
+ exports.REPO_ACTIONS = Object.freeze([
11
+ 'create',
12
+ 'update',
13
+ 'delete',
14
+ ]);
15
+ exports.isRepoAction = (0, util_js_1.knownValuesValidator)(exports.REPO_ACTIONS);
16
+ const isCollectionParam = (value) => value === '*' || (0, nsid_js_1.isNsid)(value);
17
+ exports.isCollectionParam = isCollectionParam;
18
+ class RepoPermission {
19
+ constructor(collection, action) {
20
+ Object.defineProperty(this, "collection", {
21
+ enumerable: true,
22
+ configurable: true,
23
+ writable: true,
24
+ value: collection
25
+ });
26
+ Object.defineProperty(this, "action", {
27
+ enumerable: true,
28
+ configurable: true,
29
+ writable: true,
30
+ value: action
31
+ });
32
+ }
33
+ matches({ action, collection }) {
34
+ return (this.action.includes(action) &&
35
+ (this.collection.includes('*') ||
36
+ this.collection.includes(collection)));
37
+ }
38
+ toString() {
39
+ return RepoPermission.parser.format(this);
40
+ }
41
+ static fromString(scope) {
42
+ if (!(0, syntax_js_1.isScopeStringFor)(scope, 'repo'))
43
+ return null;
44
+ const syntax = syntax_string_js_1.ScopeStringSyntax.fromString(scope);
45
+ return RepoPermission.fromSyntax(syntax);
46
+ }
47
+ static fromSyntax(syntax) {
48
+ const result = RepoPermission.parser.parse(syntax);
49
+ if (!result)
50
+ return null;
51
+ return new RepoPermission(result.collection, result.action);
52
+ }
53
+ static scopeNeededFor(options) {
54
+ return RepoPermission.parser.format({
55
+ collection: [options.collection],
56
+ action: [options.action],
57
+ });
58
+ }
59
+ }
60
+ exports.RepoPermission = RepoPermission;
61
+ Object.defineProperty(RepoPermission, "parser", {
62
+ enumerable: true,
63
+ configurable: true,
64
+ writable: true,
65
+ value: new parser_js_1.Parser('repo', {
66
+ collection: {
67
+ multiple: true,
68
+ required: true,
69
+ validate: exports.isCollectionParam,
70
+ normalize: (value) => {
71
+ if (value.length > 1) {
72
+ if (value.includes('*'))
73
+ return ['*'];
74
+ return [...new Set(value)].sort();
75
+ }
76
+ return value;
77
+ },
78
+ },
79
+ action: {
80
+ multiple: true,
81
+ required: false,
82
+ validate: exports.isRepoAction,
83
+ default: exports.REPO_ACTIONS,
84
+ normalize: (value) => {
85
+ return value === exports.REPO_ACTIONS
86
+ ? exports.REPO_ACTIONS // No need to filter if the default was used
87
+ : exports.REPO_ACTIONS.filter(includedIn, value);
88
+ },
89
+ },
90
+ }, 'collection')
91
+ });
92
+ /**
93
+ * Special utility function to be used as predicate for array methods like
94
+ * `Array.prototype.includes`, etc. When used as predicate, it expects that
95
+ * the array method is called with a `thisArg` that is a readonly array of
96
+ * the same type as the `value` parameter.
97
+ */
98
+ function includedIn(value) {
99
+ return this.includes(value);
100
+ }
101
+ //# sourceMappingURL=repo-permission.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"repo-permission.js","sourceRoot":"","sources":["../../src/scopes/repo-permission.ts"],"names":[],"mappings":";;;AAAA,4CAA6C;AAYzB,uFAZL,gBAAM,OAYK;AAX1B,gDAAyC;AAEzC,8DAA2D;AAC3D,gDAKyB;AACzB,4CAAqD;AAIxC,QAAA,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC;IACxC,QAAQ;IACR,QAAQ;IACR,QAAQ;CACA,CAAC,CAAA;AAEE,QAAA,YAAY,GAAG,IAAA,8BAAoB,EAAC,oBAAY,CAAC,CAAA;AAGvD,MAAM,iBAAiB,GAAG,CAAC,KAAc,EAA4B,EAAE,CAC5E,KAAK,KAAK,GAAG,IAAI,IAAA,gBAAM,EAAC,KAAK,CAAC,CAAA;AADnB,QAAA,iBAAiB,qBACE;AAOhC,MAAa,cAAc;IAGzB,YACkB,UAAiC,EACjC,MAA6B;QAD7C;;;;mBAAgB,UAAU;WAAuB;QACjD;;;;mBAAgB,MAAM;WAAuB;IAC5C,CAAC;IAEJ,OAAO,CAAC,EAAE,MAAM,EAAE,UAAU,EAAuB;QACjD,OAAO,CACL,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC5B,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC3B,IAAI,CAAC,UAAgC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAC/D,CAAA;IACH,CAAC;IAED,QAAQ;QACN,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC3C,CAAC;IAgCD,MAAM,CAAC,UAAU,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAA,4BAAgB,EAAC,KAAK,EAAE,MAAM,CAAC;YAAE,OAAO,IAAI,CAAA;QACjD,MAAM,MAAM,GAAG,oCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,MAA2B;QAC3C,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QAClD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IAC7D,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAA4B;QAChD,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC;YAClC,UAAU,EAAE,CAAC,OAAO,CAAC,UAAwB,CAAC;YAC9C,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;SACzB,CAAC,CAAA;IACJ,CAAC;;AApEH,wCAqEC;AAjD2B;;;;WAAS,IAAI,kBAAM,CAC3C,MAAM,EACN;QACE,UAAU,EAAE;YACV,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,yBAAiB;YAC3B,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;gBACnB,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;wBAAE,OAAO,CAAC,GAAG,CAAU,CAAA;oBAC9C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAmB,CAAA;gBACpD,CAAC;gBACD,OAAO,KAAqB,CAAA;YAC9B,CAAC;SACF;QACD,MAAM,EAAE;YACN,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,oBAAY;YACtB,OAAO,EAAE,oBAAY;YACrB,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE;gBACnB,OAAO,KAAK,KAAK,oBAAY;oBAC3B,CAAC,CAAC,oBAAY,CAAC,4CAA4C;oBAC3D,CAAC,CAAE,oBAAY,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAyB,CAAA;YACrE,CAAC;SACF;KACF,EACD,YAAY,CACb;EA5B+B,CA4B/B;AAuBH;;;;;GAKG;AACH,SAAS,UAAU,CAAwB,KAAQ;IACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC7B,CAAC"}
@@ -0,0 +1,38 @@
1
+ import { AtprotoAudience, isAtprotoAudience } from '@atproto/did';
2
+ import { Nsid, isNsid } from '../lib/nsid.js';
3
+ import { Parser } from '../lib/parser.js';
4
+ import { ResourcePermission } from '../lib/resource-permission.js';
5
+ import { NeRoArray, ScopeSyntax } from '../lib/syntax.js';
6
+ export { type AtprotoAudience, type Nsid, isAtprotoAudience, isNsid };
7
+ export type LxmParam = '*' | Nsid;
8
+ export declare const isLxmParam: (value: unknown) => value is LxmParam;
9
+ export type AudParam = '*' | AtprotoAudience;
10
+ export declare const isAudParam: (value: unknown) => value is AudParam;
11
+ export type RpcPermissionMatch = {
12
+ lxm: string;
13
+ aud: string;
14
+ };
15
+ export declare class RpcPermission implements ResourcePermission<'rpc', RpcPermissionMatch> {
16
+ readonly aud: '*' | AtprotoAudience;
17
+ readonly lxm: NeRoArray<'*' | Nsid>;
18
+ constructor(aud: '*' | AtprotoAudience, lxm: NeRoArray<'*' | Nsid>);
19
+ matches(options: RpcPermissionMatch): boolean;
20
+ toString(): import("../lib/syntax.js").ScopeStringFor<"rpc">;
21
+ protected static readonly parser: Parser<"rpc", {
22
+ lxm: {
23
+ multiple: true;
24
+ required: true;
25
+ validate: (value: unknown) => value is LxmParam;
26
+ normalize: (value: NeRoArray<import("../lib/syntax.js").ParamValue>) => readonly ["*"] | [`${string}.${string}.${string}`, ...`${string}.${string}.${string}`[]];
27
+ };
28
+ aud: {
29
+ multiple: false;
30
+ required: true;
31
+ validate: (value: unknown) => value is AudParam;
32
+ };
33
+ }>;
34
+ static fromString(scope: string): RpcPermission | null;
35
+ static fromSyntax(syntax: ScopeSyntax<'rpc'>): RpcPermission | null;
36
+ static scopeNeededFor(options: RpcPermissionMatch): string;
37
+ }
38
+ //# sourceMappingURL=rpc-permission.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rpc-permission.d.ts","sourceRoot":"","sources":["../../src/scopes/rpc-permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAA;AAElE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAoB,MAAM,kBAAkB,CAAA;AAE3E,OAAO,EAAE,KAAK,eAAe,EAAE,KAAK,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,CAAA;AAErE,MAAM,MAAM,QAAQ,GAAG,GAAG,GAAG,IAAI,CAAA;AACjC,eAAO,MAAM,UAAU,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,QACrB,CAAA;AAChC,MAAM,MAAM,QAAQ,GAAG,GAAG,GAAG,eAAe,CAAA;AAC5C,eAAO,MAAM,UAAU,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,QACV,CAAA;AAE3C,MAAM,MAAM,kBAAkB,GAAG;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,qBAAa,aACX,YAAW,kBAAkB,CAAC,KAAK,EAAE,kBAAkB,CAAC;aAGtC,GAAG,EAAE,GAAG,GAAG,eAAe;aAC1B,GAAG,EAAE,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC;gBAD1B,GAAG,EAAE,GAAG,GAAG,eAAe,EAC1B,GAAG,EAAE,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC;IAG5C,OAAO,CAAC,OAAO,EAAE,kBAAkB;IAQnC,QAAQ;IAIR,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM;;;;8BA/BA,OAAO,KAAG,KAAK,IAAI,QAAQ;;;;;;8BAG3B,OAAO,KAAG,KAAK,IAAI,QAAQ;;OA+C1D;IAED,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IAMtD,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,KAAK,CAAC,GAAG,aAAa,GAAG,IAAI;IAUnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,kBAAkB,GAAG,MAAM;CAM3D"}
@@ -0,0 +1,81 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.RpcPermission = exports.isAudParam = exports.isLxmParam = exports.isNsid = exports.isAtprotoAudience = void 0;
4
+ const did_1 = require("@atproto/did");
5
+ Object.defineProperty(exports, "isAtprotoAudience", { enumerable: true, get: function () { return did_1.isAtprotoAudience; } });
6
+ const nsid_js_1 = require("../lib/nsid.js");
7
+ Object.defineProperty(exports, "isNsid", { enumerable: true, get: function () { return nsid_js_1.isNsid; } });
8
+ const parser_js_1 = require("../lib/parser.js");
9
+ const syntax_string_js_1 = require("../lib/syntax-string.js");
10
+ const syntax_js_1 = require("../lib/syntax.js");
11
+ const isLxmParam = (value) => value === '*' || (0, nsid_js_1.isNsid)(value);
12
+ exports.isLxmParam = isLxmParam;
13
+ const isAudParam = (value) => value === '*' || (0, did_1.isAtprotoAudience)(value);
14
+ exports.isAudParam = isAudParam;
15
+ class RpcPermission {
16
+ constructor(aud, lxm) {
17
+ Object.defineProperty(this, "aud", {
18
+ enumerable: true,
19
+ configurable: true,
20
+ writable: true,
21
+ value: aud
22
+ });
23
+ Object.defineProperty(this, "lxm", {
24
+ enumerable: true,
25
+ configurable: true,
26
+ writable: true,
27
+ value: lxm
28
+ });
29
+ }
30
+ matches(options) {
31
+ const { aud, lxm } = this;
32
+ return ((aud === '*' || aud === options.aud) &&
33
+ (lxm.includes('*') || lxm.includes(options.lxm)));
34
+ }
35
+ toString() {
36
+ return RpcPermission.parser.format(this);
37
+ }
38
+ static fromString(scope) {
39
+ if (!(0, syntax_js_1.isScopeStringFor)(scope, 'rpc'))
40
+ return null;
41
+ const syntax = syntax_string_js_1.ScopeStringSyntax.fromString(scope);
42
+ return RpcPermission.fromSyntax(syntax);
43
+ }
44
+ static fromSyntax(syntax) {
45
+ const result = RpcPermission.parser.parse(syntax);
46
+ if (!result)
47
+ return null;
48
+ // rpc:*?aud=* is forbidden
49
+ if (result.aud === '*' && result.lxm.includes('*'))
50
+ return null;
51
+ return new RpcPermission(result.aud, result.lxm);
52
+ }
53
+ static scopeNeededFor(options) {
54
+ return RpcPermission.parser.format({
55
+ aud: options.aud,
56
+ lxm: [options.lxm],
57
+ });
58
+ }
59
+ }
60
+ exports.RpcPermission = RpcPermission;
61
+ Object.defineProperty(RpcPermission, "parser", {
62
+ enumerable: true,
63
+ configurable: true,
64
+ writable: true,
65
+ value: new parser_js_1.Parser('rpc', {
66
+ lxm: {
67
+ multiple: true,
68
+ required: true,
69
+ validate: exports.isLxmParam,
70
+ normalize: (value) => value.length > 1 && value.includes('*')
71
+ ? ['*']
72
+ : [...new Set(value)].sort(),
73
+ },
74
+ aud: {
75
+ multiple: false,
76
+ required: true,
77
+ validate: exports.isAudParam,
78
+ },
79
+ }, 'lxm')
80
+ });
81
+ //# sourceMappingURL=rpc-permission.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rpc-permission.js","sourceRoot":"","sources":["../../src/scopes/rpc-permission.ts"],"names":[],"mappings":";;;AAAA,sCAAiE;AAOvB,kGAPhB,uBAAiB,OAOgB;AAN3D,4CAA6C;AAMgB,uFAN9C,gBAAM,OAM8C;AALnE,gDAAyC;AAEzC,8DAA2D;AAC3D,gDAA2E;AAKpE,MAAM,UAAU,GAAG,CAAC,KAAc,EAAqB,EAAE,CAC9D,KAAK,KAAK,GAAG,IAAI,IAAA,gBAAM,EAAC,KAAK,CAAC,CAAA;AADnB,QAAA,UAAU,cACS;AAEzB,MAAM,UAAU,GAAG,CAAC,KAAc,EAAqB,EAAE,CAC9D,KAAK,KAAK,GAAG,IAAI,IAAA,uBAAiB,EAAC,KAAK,CAAC,CAAA;AAD9B,QAAA,UAAU,cACoB;AAO3C,MAAa,aAAa;IAGxB,YACkB,GAA0B,EAC1B,GAA0B;QAD1C;;;;mBAAgB,GAAG;WAAuB;QAC1C;;;;mBAAgB,GAAG;WAAuB;IACzC,CAAC;IAEJ,OAAO,CAAC,OAA2B;QACjC,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;QACzB,OAAO,CACL,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;YACpC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAK,GAAyB,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CACxE,CAAA;IACH,CAAC;IAED,QAAQ;QACN,OAAO,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC1C,CAAC;IAuBD,MAAM,CAAC,UAAU,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAA,4BAAgB,EAAC,KAAK,EAAE,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAChD,MAAM,MAAM,GAAG,oCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,aAAa,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IACzC,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,MAA0B;QAC1C,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QACjD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,2BAA2B;QAC3B,IAAI,MAAM,CAAC,GAAG,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QAE/D,OAAO,IAAI,aAAa,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;IAClD,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAA2B;QAC/C,OAAO,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC;YACjC,GAAG,EAAE,OAAO,CAAC,GAAsB;YACnC,GAAG,EAAE,CAAC,OAAO,CAAC,GAAW,CAAC;SAC3B,CAAC,CAAA;IACJ,CAAC;;AA9DH,sCA+DC;AA3C2B;;;;WAAS,IAAI,kBAAM,CAC3C,KAAK,EACL;QACE,GAAG,EAAE;YACH,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,kBAAU;YACpB,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE,CACnB,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACrC,CAAC,CAAE,CAAC,GAAG,CAAW;gBAClB,CAAC,CAAE,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAwB;SACxD;QACD,GAAG,EAAE;YACH,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,kBAAU;SACrB;KACF,EACD,KAAK,CACN;EAnB+B,CAmB/B"}
@@ -1,6 +1,17 @@
1
1
  import { ScopeMissingError } from './scope-missing-error.js';
2
- import { ScopeMatchingOptionsByResource } from './utilities.js';
2
+ import { AccountPermissionMatch } from './scopes/account-permission.js';
3
+ import { BlobPermissionMatch } from './scopes/blob-permission.js';
4
+ import { IdentityPermissionMatch } from './scopes/identity-permission.js';
5
+ import { RepoPermissionMatch } from './scopes/repo-permission.js';
6
+ import { RpcPermissionMatch } from './scopes/rpc-permission.js';
3
7
  export { ScopeMissingError };
8
+ export type ScopeMatchingOptionsByResource = {
9
+ account: AccountPermissionMatch;
10
+ identity: IdentityPermissionMatch;
11
+ repo: RepoPermissionMatch;
12
+ rpc: RpcPermissionMatch;
13
+ blob: BlobPermissionMatch;
14
+ };
4
15
  /**
5
16
  * Utility class to manage a set of scopes and check if they match specific
6
17
  * options for a given resource.
@@ -1 +1 @@
1
- {"version":3,"file":"scopes-set.d.ts","sourceRoot":"","sources":["../src/scopes-set.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAA;AAC5D,OAAO,EACL,8BAA8B,EAG/B,MAAM,gBAAgB,CAAA;AAEvB,OAAO,EAAE,iBAAiB,EAAE,CAAA;AAE5B;;;GAGG;AACH,qBAAa,SAAU,SAAQ,GAAG,CAAC,MAAM,CAAC;IACxC;;;OAGG;IACI,OAAO,CAAC,CAAC,SAAS,MAAM,8BAA8B,EAC3D,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,8BAA8B,CAAC,CAAC,CAAC,GACzC,OAAO;IAOH,MAAM,CAAC,CAAC,SAAS,MAAM,8BAA8B,EAC1D,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,8BAA8B,CAAC,CAAC,CAAC;IAQrC,IAAI,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO;IAK7C,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO;IAK7C,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO;IAIrC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,CAAC;IAIvC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS;CAG9C"}
1
+ {"version":3,"file":"scopes-set.d.ts","sourceRoot":"","sources":["../src/scopes-set.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAA;AAC5D,OAAO,EAEL,sBAAsB,EACvB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAEL,mBAAmB,EACpB,MAAM,6BAA6B,CAAA;AACpC,OAAO,EAEL,uBAAuB,EACxB,MAAM,iCAAiC,CAAA;AACxC,OAAO,EAEL,mBAAmB,EACpB,MAAM,6BAA6B,CAAA;AACpC,OAAO,EAAiB,kBAAkB,EAAE,MAAM,4BAA4B,CAAA;AAE9E,OAAO,EAAE,iBAAiB,EAAE,CAAA;AAE5B,MAAM,MAAM,8BAA8B,GAAG;IAC3C,OAAO,EAAE,sBAAsB,CAAA;IAC/B,QAAQ,EAAE,uBAAuB,CAAA;IACjC,IAAI,EAAE,mBAAmB,CAAA;IACzB,GAAG,EAAE,kBAAkB,CAAA;IACvB,IAAI,EAAE,mBAAmB,CAAA;CAC1B,CAAA;AAED;;;GAGG;AACH,qBAAa,SAAU,SAAQ,GAAG,CAAC,MAAM,CAAC;IACxC;;;OAGG;IACI,OAAO,CAAC,CAAC,SAAS,MAAM,8BAA8B,EAC3D,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,8BAA8B,CAAC,CAAC,CAAC,GACzC,OAAO;IAOH,MAAM,CAAC,CAAC,SAAS,MAAM,8BAA8B,EAC1D,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,8BAA8B,CAAC,CAAC,CAAC;IAQrC,IAAI,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO;IAK7C,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO;IAK7C,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO;IAIrC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,CAAC;IAIvC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS;CAG9C"}