@autofleet/zehut 3.4.2 → 4.0.1-beta-76668184.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +76 -2
- package/lib/index.cjs +3 -0
- package/lib/index.cjs.map +1 -0
- package/lib/index.d.cts +171 -0
- package/lib/index.d.ts +137 -30
- package/lib/index.js +3 -87
- package/lib/index.js.map +1 -0
- package/package.json +29 -11
- package/lib/app-auth.d.ts +0 -2
- package/lib/app-auth.js +0 -14
- package/lib/authorization.d.ts +0 -8
- package/lib/authorization.js +0 -55
- package/lib/check-permission.d.ts +0 -6
- package/lib/check-permission.js +0 -16
- package/lib/errors.d.ts +0 -5
- package/lib/errors.js +0 -12
- package/lib/exceptions/appDoesNotExist.d.ts +0 -4
- package/lib/exceptions/appDoesNotExist.js +0 -10
- package/lib/secret-getter.d.ts +0 -2
- package/lib/secret-getter.js +0 -30
- package/lib/services.d.ts +0 -3
- package/lib/services.js +0 -27
- package/lib/tracer.d.ts +0 -21
- package/lib/tracer.js +0 -73
- package/lib/user/ApiUser.d.ts +0 -48
- package/lib/user/ApiUser.js +0 -187
- package/lib/user/index.d.ts +0 -27
- package/lib/user/index.js +0 -196
- package/lib/utils.d.ts +0 -8
- package/lib/utils.js +0 -103
package/README.md
CHANGED
|
@@ -1,3 +1,77 @@
|
|
|
1
|
-
# AutoFleet
|
|
1
|
+
# AutoFleet Node Common
|
|
2
|
+
This respostory is made in order have as much of common code as we can.
|
|
2
3
|
|
|
3
|
-
|
|
4
|
+
Each line of code used in wrriten in this repo will be used in the enetire AutoFleet system.
|
|
5
|
+
|
|
6
|
+
Make sure you have:
|
|
7
|
+
* Tests
|
|
8
|
+
* Docs
|
|
9
|
+
|
|
10
|
+
## Consts
|
|
11
|
+
|
|
12
|
+
Currently we suppurt:
|
|
13
|
+
```
|
|
14
|
+
{
|
|
15
|
+
'OK'
|
|
16
|
+
'ERROR'
|
|
17
|
+
'FAIL'
|
|
18
|
+
}
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
## Network
|
|
22
|
+
Server 2 Servers communication.
|
|
23
|
+
|
|
24
|
+
Implemented:
|
|
25
|
+
* Retriving service urls from environment
|
|
26
|
+
* Retry - Using https://github.com/softonic/axios-retry
|
|
27
|
+
* Caching - TBD
|
|
28
|
+
* Syntatic response for fail - TBD
|
|
29
|
+
* Circuit Breaking - TBD
|
|
30
|
+
|
|
31
|
+
The API is just like [axios](https://github.com/axios/axios) api but the creation of new instance **must** have either `serviceName` or `serviceUrl` in options.
|
|
32
|
+
|
|
33
|
+
In case `serviceName` used the constractor will look for an environment varible with the the name `<SERVICE_NAME>_SERVICE_HOST`.
|
|
34
|
+
|
|
35
|
+
For Example:
|
|
36
|
+
```
|
|
37
|
+
const { Network } = require('@autofleet/node-common');
|
|
38
|
+
|
|
39
|
+
n = new Network({ serviceName: 'TEST' });
|
|
40
|
+
|
|
41
|
+
n.get('/posts/1');
|
|
42
|
+
```
|
|
43
|
+
.env file:
|
|
44
|
+
```
|
|
45
|
+
RIDE_SERVICE_HOST=jsonplaceholder.typicode.com
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
To learn more [click here](https://blog.risingstack.com/designing-microservices-architecture-for-failure/).
|
|
49
|
+
|
|
50
|
+
## Settings
|
|
51
|
+
|
|
52
|
+
### Adding settings
|
|
53
|
+
For adding new setting you need to add it to the map.js file, please specify
|
|
54
|
+
* name - descriptive name
|
|
55
|
+
* description - few words about what it does + unit
|
|
56
|
+
* type - supportable types: 'number', 'string', 'json'
|
|
57
|
+
* defaultValue - default value
|
|
58
|
+
* context - 'security' and 'operation' will not show in the simulator configuration
|
|
59
|
+
|
|
60
|
+
See example.
|
|
61
|
+
|
|
62
|
+
## DeLorean
|
|
63
|
+
|
|
64
|
+
Use this model to mock time on server - more info TBD.
|
|
65
|
+
|
|
66
|
+
## Publish package
|
|
67
|
+
|
|
68
|
+
bump the version number in package.json
|
|
69
|
+
and run
|
|
70
|
+
```
|
|
71
|
+
npm publish
|
|
72
|
+
```
|
|
73
|
+
|
|
74
|
+
# Environment Variables
|
|
75
|
+
|
|
76
|
+
when using this package locally or outside autofleet-prod project you must set INTEGRATION_MS_SERVICE_HOST in .env file
|
|
77
|
+
# zehut
|
package/lib/index.cjs
ADDED
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
'use strict';Object.defineProperty(exports,'__esModule',{value:true});var P=require('@autofleet/outbreak'),re=require('jsonwebtoken'),le=require('node-cache'),ge=require('object-hash'),node_crypto=require('node:crypto'),w=require('moment'),N=require('@autofleet/network');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var P__namespace=/*#__PURE__*/_interopNamespace(P);var re__namespace=/*#__PURE__*/_interopNamespace(re);var le__default=/*#__PURE__*/_interopDefault(le);var ge__default=/*#__PURE__*/_interopDefault(ge);var w__default=/*#__PURE__*/_interopDefault(w);var N__default=/*#__PURE__*/_interopDefault(N);var {DEPRECATED_JWT_SECRET:ie,JWT_NEW_SECRET:oe,DEPRECATED_REFRESH_JWT_SECRET:ne,REFRESH_JWT_SECRET:ae,DEPRECATION_UNIX_TIMESTAMP:ce}=process.env,O=(t,e,s)=>{let r=w__default.default(parseInt(ce,10)*1e3);try{let i;if(t){let{iat:o}=re__namespace.default.decode(t);i=w__default.default(o*1e3);}else i=w__default.default();return i.isBefore(r)?e:s}catch{return s}},de=t=>O(t,ne,ae),T=t=>O(t,ie,oe);var A=t=>t.replace("Bearer ",""),I=(t,e)=>{let s=A(t);return re__namespace.verify(s,T(s))};var ue="00000000-0000-0000-0000-000000000000",me="ffffffff-ffff-ffff-ffff-ffffffffffff",y="[0-9a-f]",pe="[1-8]",fe=new RegExp(`^(?:${y}{8}-${y}{4}-${pe}${y}{3}-[89ab]${y}{3}-${y}{12}|${ue}|${me})$`,"i");function _(t){return typeof t=="string"&&fe.test(t)}var k=10,L=process.env.API_GATEWAY_URL||"https://api.autofleet.io",S=new N__default.default({serviceName:"IDENTITY_MS",retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:k*1e3}:undefined}),x=new N__default.default({baseURL:L,serviceUrl:L,retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:k*1e3}:undefined});var l="x-af-elevated-permissions",M="x-af-context-ids",f=new le__default.default({stdTTL:10}),D=(t,e)=>{let s={...t,fleets:{...t?.fleets},businessModels:{...t?.businessModels},demandSources:{...t?.demandSources}};for(let r of e)Object.keys(r).forEach(i=>{s[i]??={},Object.entries(r[i]).forEach(([o,n])=>{s[i][o]=(s[i][o]||[]).concat(n);});});return s},m=class{constructor(e,s,r,i){this.id=e,this.emptyUser=!!e,this.appPermission={},this.privateElevatedPermissionsHash=new Map,this.contextIds=i,r&&this.privateElevatedPermissionsHash.set("initial",r),s&&(this.accountType=s);}async getUserPermissions(){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let e=ge__default.default({id:this.id,contextIds:this.contextIds}),s=f.get(e);return s||({data:s}=await S.get(`/api/v1/users/${this.id}/authorization-payload`,{params:{contextIds:this.contextIds}}),f.set(e,s)),this.accountType=s.accountType,this.privatePermissions=s,this.privatePermissions}async useCustomPermissionLoader(e){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let s=this.id,r=f.get(s);if(r)return this.privatePermissions=r,r;let i=await e(this.id);return f.set(s,i),this.privatePermissions=i,this.privatePermissions}get businessModels(){return this.getUserProperty("businessModels")}get fleets(){return this.getUserProperty("fleets")}get demandSources(){return this.getUserProperty("demandSources")}getUserProperty(e){if(!this.privatePermissions)throw new Error(`Cannot get ${e} without calling (async) getUserPermissions before`);return Object.keys(this.privatePermissions[e]||{})}get elevatedPermissions(){return D(undefined,this.privateElevatedPermissionsHash.values())}get permissions(){if(!this.privatePermissions)throw new Error("Cannot get permissions without calling (async) getUserPermissions before");return D(this.privatePermissions,this.privateElevatedPermissionsHash.values())}elevatePermissions(e){let s=node_crypto.randomUUID();Object.values(e).forEach(n=>{Object.keys(n).forEach(c=>{if(!_(c))throw new Error(`Entity id on elevatePermissions is not a valid UUID, provided: ${c}`)});});let r=P.getCurrentContext();if(!r)throw new Error("Cannot find current user cross services trace");let i=JSON.parse(r.context[l]||"{}"),o=Object.assign(i,e);return this.privateElevatedPermissionsHash.set(s,o),r.context.set(l,JSON.stringify(this.elevatedPermissions)),()=>{this.privateElevatedPermissionsHash.delete(s),r.context.set(l,JSON.stringify(this.elevatedPermissions));}}async getUserPermissionsLegacy(){if(!this.id)return;if(this.privatePermissionsLegacy)return this.privatePermissionsLegacy;let{data:e}=await S.get(`/api/v1/users/${this.id}/authorization-payload-legacy`);return this.privatePermissionsLegacy=e,this.privatePermissionsLegacy}get permissionsLegacy(){if(!this.privatePermissionsLegacy)throw new Error("Cannot get permissionsLegacy without calling (async) getUserPermissionsLegacy before");return this.privatePermissionsLegacy}async getUserAppPermissions(e,s){if(!this.id||!e||!s)return;let r=this.appPermission[e];if(r)return r;let i=`${this.id}:${e}`,o=f.get(i);if(o)return this.appPermission[e]=o,o;let{data:n}=await x.post(`/api/v1/apps/${e}/get-user-payload`,{userId:this.id},{headers:{"x-autofleet-apps-secret":s}});return f.set(i,n),this.appPermission[e]=n,this.appPermission[e]}};var j=async(t,e)=>{let{data:s}=await x.post("/api/v1/auth",{bearer:t,appId:e});return s};var g=class extends Error{constructor(){super(...arguments);this.name="AppDoesNotExist";this.message="app does not exist";}};var Ue="identity-ms",xe="accessToken",p="userObject",B="x-af-user-id",W="X-IAF-ORIGIN-SERVICE",b="x-af-user-permissions",ve=W.toLowerCase(),J=(t={})=>async(e,s,r)=>{try{if((e.headers[W]||e.headers[ve]||"").toLowerCase()===Ue)return r();let{eagerLoadUserPermissions:o,eagerLoadUserPermissionsLegacy:n,customPermissionLoader:c}=t,d=e.headers[B];if(!d)return r();let u=e.headers[l]?.length>0?JSON.parse(e.headers[l]):{},a=new m(d,"user",u);return o&&(c?await a.useCustomPermissionLoader(c):await a.getUserPermissions()),n&&await a.getUserPermissionsLegacy(),e.user=a,P.getCurrentContext().context?.set(p,a),e.headers[b]=a,r()}catch{return s.status(401),s.json({error:"cannot authenticate user"})}},z=(t={})=>async(e,s,r)=>{let{eagerLoadUserPermissions:i,eagerLoadUserPermissionsLegacy:o,returnErrorIfNoToken:n}=t,c;if(e.headers.authorization){try{c=await I(e.headers.authorization);}catch(a){a instanceof re.TokenExpiredError?(s.status(401),s.json({errors:["Access token expired"]})):a instanceof re.JsonWebTokenError?(s.status(400),s.json({errors:[a.message]})):(s.status(500),s.json({errors:["Server error while parsing token"]}));return}let d=c?.user?.id;d&&(e.headers[B]=d);let u=new m(d,c?.user?.accountType);i&&await u.getUserPermissions(),o&&await u.getUserPermissionsLegacy(),e.user=u,P.getCurrentContext().context?.set(p,u),e.headers[b]=u;}else if(n)return s.status(401),s.json({errors:["No token provided"]});return r()},F=t=>async(e,s,r)=>{let{appId:i,clientSecret:o}=t,n;if(!e.headers.authorization)return s.status(401),s.json({errors:["No token provided"]});try{if(n=await j(e.headers.authorization,i),!n)throw new g}catch(a){return a instanceof re.TokenExpiredError?s.status(401).json({errors:["Access token expired"]}):[re.JsonWebTokenError,g].some(te=>a instanceof te)?s.status(400).json({errors:[a.message]}):s.status(500).json({errors:["Server error while parsing token"]})}let c=n?.userId;c&&(e.headers[p]=c);let d=new m(c);i&&(e.headers["x-autofleet-apps-secret"]=o,await d.getUserAppPermissions(i,o)),e.user=d;let u=P.getCurrentContext().context;return u?.set(p,d),u?.set(xe,A(e.headers.authorization)),e.headers[b]=d,r()},G=async(t,e,s)=>(await t.user.getUserPermissions(),s()),X=t=>t.headers.authorization?I(t.headers.authorization):null,V=async(t,e)=>{let s=new m(e);await s.getUserPermissions(),t??=P.newTrace(P.traceTypes.RABBIT),t.context.set(p,s);},K=m;var h=()=>P.getCurrentContext().context?.get(p),E=()=>h()?.id,Y=t=>!E()||Object.keys(h().permissions.fleets).includes(t),Z=t=>!E()||Object.keys(h().permissions.businessModels).includes(t),Q=t=>!E()||Object.keys(h().permissions.demandSources).includes(t);var v=class extends Error{constructor(s=null,r="UnauthorizedAccessError"){super(r);this.user=s;this.name="UnauthorizedAccessError";}};var U={NONE:"NONE",BASIC:"BASIC",JWT:"JWT"},q={[U.NONE]:()=>{},[U.BASIC]:t=>{let{username:e,password:s}=t;return `Basic ${Buffer.from(`${e}:${s}`).toString("base64")}`},[U.JWT]:t=>{let{secret:e}=t;if(e)return `Bearer ${re__namespace.sign({},e,{expiresIn:10})}`}},se=t=>{let e=t?.method;if(!(!e||!q[e]))return q[e](t)};var Te=P__namespace.getCurrentContext,ds=({outbreakOptions:t={},logger:e}={})=>{P__namespace.default({headersPrefix:"x-af",contextMiddlewareGetter:e?.addContextMiddleware,...t});},{traceTypes:Ae,newTrace:Ie}=P__namespace;var us={traceTypes:Ae,newTrace:Ie,User:K,middleware:J,middlewareWithDecode:z,eagerLoadPermissionsMiddleware:G,getCurrentPayload:Te,getDecodedBearer:X,checkFleetPermission:Y,checkBusinessModelPermission:Z,checkDemandSourcePermission:Q,isUserExist:E,getUser:h,UnauthorizedAccessError:v,appMiddleware:F,createOrSetRabbitTrace:V,outbreak:P__namespace,AUTHORIZATION_METHODS:U,getAuthorizationHeader:se,CONTEXTS_IDS_HEADER:M};
|
|
2
|
+
exports.outbreak=P__namespace;exports.AUTHORIZATION_METHODS=U;exports.CONTEXTS_IDS_HEADER=M;exports.UnauthorizedAccessError=v;exports.User=K;exports.appMiddleware=F;exports.checkBusinessModelPermission=Z;exports.checkDemandSourcePermission=Q;exports.checkFleetPermission=Y;exports.createOrSetRabbitTrace=V;exports.default=us;exports.eagerLoadPermissionsMiddleware=G;exports.enableTracing=ds;exports.getAuthorizationHeader=se;exports.getCurrentPayload=Te;exports.getDecodedBearer=X;exports.getRefreshTokenSecret=de;exports.getTokenSecret=T;exports.getUser=h;exports.isUserExist=E;exports.middleware=J;exports.middlewareWithDecode=z;exports.newTrace=Ie;exports.traceTypes=Ae;//# sourceMappingURL=index.cjs.map
|
|
3
|
+
//# sourceMappingURL=index.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/secret-getter.ts","../src/utils.ts","../src/services.ts","../src/user/ApiUser.ts","../src/app-auth.ts","../src/exceptions/appDoesNotExist.ts","../src/user/index.ts","../src/check-permission.ts","../src/errors.ts","../src/authorization.ts","../src/index.ts"],"names":["DEPRECATED_JWT_SECRET","JWT_NEW_SECRET","DEPRECATED_REFRESH_JWT_SECRET","REFRESH_JWT_SECRET","DEPRECATION_UNIX_TIMESTAMP","getRelevantSecret","token","deprecatedSecret","newSecret","deprecationTime","moment","unixTime","iat","jwt","getRefreshTokenSecret","getTokenSecret","getAuthFromBearer","bearer","decodeBearer","appSecret","R","EMPTY_UUID","FULL_UUID","VALID_CHARS_REGEX","UUID_VERSION_REGEX","UUID_REGEX","validateUUID","uuid","CACHE_LIFETIME_IN_SEC","apiGwUrl","IdentityNetwork","Network","AutofleetApiNetwork","ELEVATED_PERMISSIONS_HEADER","CONTEXTS_IDS_HEADER","userCache","NodeCache","mergePermissions","target","sources","permissions","source","entityType","entityId","perms","ApiUser","id","accountType","elevatedPermissions","contextIds","cacheKey","objectHash","data","customPermissionLoader","cachedResult","key","addedPermissions","elevationId","randomUUID","entityIds","currentUserTrace","getCurrentContext","currentElevation","newElevation","appId","clientSecret","currentAppPermission","decodeAppBearer","decoded","AppDoesNotExist","IDENTITY_MS","ACCESS_TOKEN","USER_OBJECT","USER_TRACING_HEADER","ORIGIN_HEADER","USER_PERMISSIONS_HEADER","LOWER_CASE_ORIGIN_HEADER","middleware","options","req","res","next","eagerLoadUserPermissions","eagerLoadUserPermissionsLegacy","userId","elevatedPermissionsFromHeader","userObject","middlewareWithDecode","returnErrorIfNoToken","e","TokenExpiredError","JsonWebTokenError","appMiddleware","Err","currentTraceContext","eagerLoadPermissionsMiddleware","getDecodedBearer","createOrSetRabbitTrace","trace","newTrace","traceTypes","user_default","getUser","isUserExist","checkFleetPermission","fleetId","checkBusinessModelPermission","businessModelId","checkDemandSourcePermission","demandSourceId","UnauthorizedAccessError","user","message","AUTHORIZATION_METHODS","AUTHORIZATION_ACTIONS","authorizationSettings","username","password","secret","ee","getAuthorizationHeader","authorizationMethod","getCurrentPayload","P","enableTracing","outbreakOptions","logger","outbreak","index_default"],"mappings":"46BAGM,IAAA,CACJ,sBAAAA,EAAuB,CAAA,cAAA,CAAAC,EACvB,CAAA,6BAAA,CAAAC,EAA+B,CAAA,kBAAA,CAAAC,GAC/B,0BAAAC,CAAAA,EACF,EAAI,OAAQ,CAAA,GAAA,CAENC,EAAoB,CAACC,CAAAA,CAA2BC,EAA0BC,CAA8B,GAAA,CAC5G,IAAMC,CAAkBC,CAAAA,kBAAAA,CAAO,SAASN,EAA4B,CAAA,EAAE,EAAI,GAAI,CAAA,CAC9E,GAAI,CACF,IAAIO,CAAAA,CACJ,GAAIL,CAAO,CAAA,CACT,GAAM,CAAE,GAAA,CAAAM,CAAI,CAAIC,CAAAA,qBAAAA,CAAI,MAAOP,CAAAA,CAAK,CAChCK,CAAAA,CAAAA,CAAWD,mBAAOE,CAAM,CAAA,GAAI,EAC9B,CACED,KAAAA,CAAAA,CAAWD,oBAEb,CAAA,OAAOC,CAAS,CAAA,QAAA,CAASF,CAAe,CAAA,CAAIF,EAAmBC,CACjE,CAAA,KAAY,CACV,OAAOA,CACT,CACF,CAEaM,CAAAA,EAAAA,CAAyBR,GAA2BD,CAAkBC,CAAAA,CAAAA,CAAOJ,GAA+BC,EAAkB,CAAA,CAC9HY,EAAkBT,CAA2BD,EAAAA,CAAAA,CAAkBC,EAAON,EAAuBC,CAAAA,EAAc,ECfjH,IAAMe,CAAqBC,CAAAA,CAAAA,EAA2BA,EAAO,OAAQ,CAAA,SAAA,CAAW,EAAE,CAE5EC,CAAAA,CAAAA,CAAe,CAACD,CAAgBE,CAAAA,CAAAA,GAA4B,CACvE,IAAMb,CAAQU,CAAAA,CAAAA,CAAkBC,CAAM,CAEtC,CAAA,OADoBG,qBAAOd,CAAOa,CAAaJ,EAAeT,CAAK,CAAC,CAEtE,CAAA,CAyDA,IAAMe,EAAAA,CAAa,uCACbC,EAAY,CAAA,sCAAA,CACZC,EAAoB,UACpBC,CAAAA,EAAAA,CAAqB,QACrBC,EAAa,CAAA,IAAI,OAAO,CAAOF,IAAAA,EAAAA,CAAiB,OAAOA,CAAiB,CAAA,IAAA,EAAOC,EAAkB,CAAGD,EAAAA,CAAiB,aAAaA,CAAiB,CAAA,IAAA,EAAOA,CAAiB,CAAA,KAAA,EAAQF,EAAU,CAAA,CAAA,EAAIC,EAAS,CAAM,EAAA,CAAA,CAAA,GAAG,EAClN,SAASI,CAAAA,CAAaC,EAA6B,CACxD,OAAO,OAAOA,CAAAA,EAAS,QAAYF,EAAAA,EAAAA,CAAW,KAAKE,CAAI,CACzD,CC/EA,IAAMC,CAAAA,CAAwB,EACxBC,CAAAA,CAAAA,CAAW,OAAQ,CAAA,GAAA,CAAI,iBAAmB,0BAGnCC,CAAAA,CAAAA,CAAkB,IAAIC,kBAAQ,CAAA,CACzC,YAAa,aACb,CAAA,OAAA,CAAS,EACT,cAAgB,CAAA,IAAM,KACtB,KAAO,CAAA,OAAA,CAAQ,IAAI,QAAa,GAAA,MAAA,CAAS,CACvC,MAAQH,CAAAA,CAAAA,CAAwB,GAClC,CAAA,CAAI,SACN,CAAC,EAEYI,CAAsB,CAAA,IAAID,mBAAQ,CAC7C,OAAA,CAASF,EACT,UAAYA,CAAAA,CAAAA,CACZ,QAAS,CACT,CAAA,cAAA,CAAgB,IAAM,IACtB,CAAA,KAAA,CAAO,QAAQ,GAAI,CAAA,QAAA,GAAa,OAAS,CACvC,MAAA,CAAQD,CAAwB,CAAA,GAClC,CAAI,CAAA,SACN,CAAC,CCXM,CAAA,IAAMK,EAA8B,2BAC9BC,CAAAA,CAAAA,CAAsB,mBAuB7BC,CAAY,CAAA,IAAIC,oBAAU,CAAE,MAAA,CAAQ,EAAG,CAAC,CAAA,CAExCC,EAAmB,CAACC,CAAAA,CAAqBC,IAAuD,CACpG,IAAMC,CAA2B,CAAA,CAC/B,GAAGF,CAAAA,CACH,OAAQ,CAAE,GAAGA,GAAQ,MAAO,CAAA,CAC5B,eAAgB,CAAE,GAAGA,CAAQ,EAAA,cAAe,CAC5C,CAAA,aAAA,CAAe,CAAE,GAAGA,CAAAA,EAAQ,aAAc,CAE5C,CAAA,CAGA,QAAWG,CAAUF,IAAAA,CAAAA,CACnB,MAAO,CAAA,IAAA,CAAKE,CAAM,CAAA,CAAE,QAASC,CAAe,EAAA,CAE1CF,EAAYE,CAAU,CAAA,GAAM,EAC5B,CAAA,MAAA,CAAO,QAAQD,CAAOC,CAAAA,CAAU,CAAE,CAAE,CAAA,OAAA,CAAQ,CAAC,CAACC,CAAAA,CAAUC,CAAK,CAAM,GAAA,CAEjEJ,CAAYE,CAAAA,CAAU,CAAEC,CAAAA,CAAQ,GAAKH,CAAYE,CAAAA,CAAU,EAAEC,CAAQ,CAAA,EAAK,EAAI,EAAA,MAAA,CAAOC,CAAK,EAC5F,CAAC,EACH,CAAC,CAGH,CAAA,OAAOJ,CACT,CAEqBK,CAAAA,CAAAA,CAArB,KAA6B,CAiB3B,WAAA,CAAYC,CAAcC,CAAAA,CAAAA,CAA2BC,CAA0CC,CAAAA,CAAAA,CAAuB,CACpH,IAAK,CAAA,EAAA,CAAKH,EACV,IAAK,CAAA,SAAA,CAAY,CAAC,CAACA,CAAAA,CACnB,KAAK,aAAgB,CAAA,GACrB,IAAK,CAAA,8BAAA,CAAiC,IAAI,GAC1C,CAAA,IAAA,CAAK,WAAaG,CACdD,CAAAA,CAAAA,EACF,IAAK,CAAA,8BAAA,CAA+B,GAAI,CAAA,SAAA,CAAWA,CAAmB,CAEpED,CAAAA,CAAAA,GACF,KAAK,WAAcA,CAAAA,CAAAA,EAEvB,CAEA,MAAM,kBAAA,EAA2C,CAC/C,GAAI,CAAC,IAAA,CAAK,GACR,OAEF,GAAI,KAAK,kBACP,CAAA,OAAO,KAAK,kBAEd,CAAA,IAAMG,CAAWC,CAAAA,mBAAAA,CAAW,CAC1B,EAAA,CAAI,KAAK,EACT,CAAA,UAAA,CAAY,KAAK,UACnB,CAAC,EAEGC,CAAOjB,CAAAA,CAAAA,CAAU,IAAiBe,CAAQ,CAAA,CAE9C,OAAKE,CACF,GAAA,CAAE,KAAAA,CAAK,CAAA,CAAI,MAAMtB,CAAgB,CAAA,GAAA,CAAI,CAAiB,cAAA,EAAA,IAAA,CAAK,EAAE,CAAA,sBAAA,CAAA,CAA0B,CAAE,MAAQ,CAAA,CAAE,WAAY,IAAK,CAAA,UAAW,CAAE,CAAC,CAAA,CACnIK,EAAU,GAAIe,CAAAA,CAAAA,CAAUE,CAAI,CAG9B,CAAA,CAAA,IAAA,CAAK,YAAcA,CAAK,CAAA,WAAA,CACxB,KAAK,kBAAqBA,CAAAA,CAAAA,CACnB,IAAK,CAAA,kBACd,CAEA,MAAM,0BAA0BC,CAAmD,CAAA,CACjF,GAAI,CAAC,IAAA,CAAK,GACR,OAEF,GAAI,KAAK,kBACP,CAAA,OAAO,KAAK,kBAGd,CAAA,IAAMH,EAAW,IAAK,CAAA,EAAA,CAEhBI,EAAenB,CAAU,CAAA,GAAA,CAAiBe,CAAQ,CAAA,CACxD,GAAII,CAAAA,CACF,YAAK,kBAAqBA,CAAAA,CAAAA,CACnBA,EAGT,IAAMF,CAAAA,CAAO,MAAMC,CAAuB,CAAA,IAAA,CAAK,EAAE,CAAA,CACjD,OAAAlB,CAAAA,CAAU,IAAIe,CAAUE,CAAAA,CAAI,EAE5B,IAAK,CAAA,kBAAA,CAAqBA,EACnB,IAAK,CAAA,kBACd,CAEA,IAAI,cAAuC,EAAA,CACzC,OAAO,IAAK,CAAA,eAAA,CAAgB,gBAAgB,CAC9C,CAEA,IAAI,MAA+B,EAAA,CACjC,OAAO,IAAK,CAAA,eAAA,CAAgB,QAAQ,CACtC,CAEA,IAAI,aAAsC,EAAA,CACxC,OAAO,IAAK,CAAA,eAAA,CAAgB,eAAe,CAC7C,CAEQ,eAAA,CAAgBG,EAA8C,CACpE,GAAI,CAAC,IAAK,CAAA,kBAAA,CACR,MAAM,IAAI,KAAA,CAAM,CAAcA,WAAAA,EAAAA,CAAG,CAAoD,kDAAA,CAAA,CAAA,CAEvF,OAAO,MAAO,CAAA,IAAA,CAAK,KAAK,kBAAmBA,CAAAA,CAAG,GAAK,EAAE,CACvD,CAEA,IAAI,mBAAA,EAAmC,CACrC,OAAOlB,CAAAA,CAAiB,UAAW,IAAK,CAAA,8BAAA,CAA+B,QAAQ,CACjF,CAEA,IAAI,WAAA,EAAuC,CACzC,GAAI,CAAC,KAAK,kBACR,CAAA,MAAM,IAAI,KAAM,CAAA,0EAA0E,CAG5F,CAAA,OAAOA,CAAiB,CAAA,IAAA,CAAK,mBAAoB,IAAK,CAAA,8BAAA,CAA+B,QAAQ,CAC/F,CAEA,kBAAmBmB,CAAAA,CAAAA,CAAkD,CACnE,IAAMC,CAAcC,CAAAA,sBAAAA,GAGpB,MAAO,CAAA,MAAA,CAAOF,CAAgB,CAAE,CAAA,OAAA,CAASG,GAAc,CACrD,MAAA,CAAO,IAAKA,CAAAA,CAAS,CAAE,CAAA,OAAA,CAAShB,GAAa,CAC3C,GAAI,CAACjB,CAAaiB,CAAAA,CAAQ,EACxB,MAAM,IAAI,MAAM,CAAkEA,+DAAAA,EAAAA,CAAQ,EAAE,CAEhG,CAAC,EACH,CAAC,CAAA,CAED,IAAMiB,CAAmBC,CAAAA,mBAAAA,EACzB,CAAA,GAAI,CAACD,CAAAA,CACH,MAAM,IAAI,KAAA,CAAM,+CAA+C,CAGjE,CAAA,IAAME,EAAmB,IAAK,CAAA,KAAA,CAAMF,CAAiB,CAAA,OAAA,CAAQ3B,CAA2B,CAAA,EAAK,IAAI,CAC3F8B,CAAAA,CAAAA,CAAe,OAAO,MAAOD,CAAAA,CAAAA,CAAkBN,CAAgB,CACrE,CAAA,OAAA,IAAA,CAAK,8BAA+B,CAAA,GAAA,CAAIC,CAAaM,CAAAA,CAAY,EACjEH,CAAiB,CAAA,OAAA,CAAQ,IAAI3B,CAA6B,CAAA,IAAA,CAAK,UAAU,IAAK,CAAA,mBAAmB,CAAC,CAC3F,CAAA,IAAM,CACX,IAAK,CAAA,8BAAA,CAA+B,OAAOwB,CAAW,CAAA,CACtDG,EAAiB,OAAQ,CAAA,GAAA,CAAI3B,CAA6B,CAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,mBAAmB,CAAC,EACpG,CACF,CAEA,MAAM,0BAA2B,CAC/B,GAAI,CAAC,IAAA,CAAK,EACR,CAAA,OAEF,GAAI,IAAK,CAAA,wBAAA,CACP,OAAO,IAAK,CAAA,wBAAA,CAEd,GAAM,CAAE,IAAA,CAAAmB,CAAK,CAAA,CAAI,MAAMtB,CAAAA,CAAgB,IAAI,CAAiB,cAAA,EAAA,IAAA,CAAK,EAAE,CAA+B,6BAAA,CAAA,CAAA,CAElG,YAAK,wBAA2BsB,CAAAA,CAAAA,CACzB,KAAK,wBACd,CAEA,IAAI,iBAAyB,EAAA,CAC3B,GAAI,CAAC,IAAA,CAAK,yBACR,MAAM,IAAI,KAAM,CAAA,sFAAsF,CAExG,CAAA,OAAO,KAAK,wBACd,CAEA,MAAM,qBAAsBY,CAAAA,CAAAA,CAAOC,EAAc,CAC/C,GAAI,CAAC,IAAA,CAAK,EAAM,EAAA,CAACD,GAAS,CAACC,CAAAA,CACzB,OAEF,IAAMC,CAAAA,CAAuB,KAAK,aAAcF,CAAAA,CAAK,CAErD,CAAA,GAAIE,CACF,CAAA,OAAOA,EAGT,IAAMhB,CAAAA,CAAW,GAAG,IAAK,CAAA,EAAE,IAAIc,CAAK,CAAA,CAAA,CAE9BV,EAAenB,CAAU,CAAA,GAAA,CAAiBe,CAAQ,CACxD,CAAA,GAAII,EACF,OAAK,IAAA,CAAA,aAAA,CAAcU,CAAK,CAAIV,CAAAA,CAAAA,CACrBA,CAGT,CAAA,GAAM,CAAE,IAAA,CAAAF,CAAK,CAAI,CAAA,MAAMpB,EAAoB,IAAK,CAAA,CAAA,aAAA,EAAgBgC,CAAK,CAAqB,iBAAA,CAAA,CAAA,CACxF,MAAQ,CAAA,IAAA,CAAK,EACf,CAAA,CAAG,CACD,OAAS,CAAA,CACP,0BAA2BC,CAC7B,CACF,CAAC,CAED,CAAA,OAAA9B,CAAU,CAAA,GAAA,CAAIe,CAAUE,CAAAA,CAAI,EAC5B,IAAK,CAAA,aAAA,CAAcY,CAAK,CAAIZ,CAAAA,CAAAA,CACrB,KAAK,aAAcY,CAAAA,CAAK,CACjC,CACF,ECtPO,IAAMG,CAAkB,CAAA,MAAOlD,EAAgB+C,CAAgC,GAAA,CACpF,GAAM,CAAE,IAAA,CAAMI,CAAQ,CAAA,CAAI,MAAMpC,CAAAA,CAAoB,KAAK,cAAgB,CAAA,CAAE,OAAAf,CAAQ,CAAA,KAAA,CAAA+C,CAAM,CAAC,CAAA,CAC1F,OAAOI,CACT,CAAA,CCLA,IAAqBC,CAArB,CAAA,cAA6C,KAAM,CAAnD,WAAA,EAAA,CAAA,KAAA,CAAA,GAAA,SAAA,CAAA,CACE,UAAO,iBAEP,CAAA,IAAA,CAAA,OAAA,CAAU,qBACZ,CAAA,CAAA,CCGMC,IAAAA,EAAAA,CAAc,cACdC,EAAe,CAAA,aAAA,CACRC,EAAc,YACrBC,CAAAA,CAAAA,CAAsB,eACtBC,CAAgB,CAAA,sBAAA,CAChBC,EAA0B,uBAC1BC,CAAAA,EAAAA,CAA2BF,EAAc,WAAY,EAAA,CAE9CG,EAAa,CAACC,CAAAA,CAIvB,EAAO,GAAA,MAAOC,CAAKC,CAAAA,CAAAA,CAAKC,CAAuB,GAAA,CACjD,GAAI,CAEF,GAAA,CAD6BF,EAAI,OAAQL,CAAAA,CAAa,GAAKK,CAAI,CAAA,OAAA,CAAQH,EAAwB,CAAA,EAAK,EACnF,EAAA,WAAA,KAAkBN,EACjC,CAAA,OAAOW,GAET,CAAA,GAAM,CACJ,wBAAAC,CAAAA,CAAAA,CACA,8BAAAC,CAAAA,CAAAA,CACA,sBAAA9B,CAAAA,CACF,EAAIyB,CACEM,CAAAA,CAAAA,CAASL,EAAI,OAAQN,CAAAA,CAAmB,EAC9C,GAAI,CAACW,EACH,OAAOH,CAAAA,GAGT,IAAMI,CAAAA,CAAgCN,EAAI,OAAQ9C,CAAAA,CAA2B,GAAG,MAAS,CAAA,CAAA,CAAI,IAAK,CAAA,KAAA,CAAM8C,CAAI,CAAA,OAAA,CAAQ9C,CAA2B,CAAC,CAAA,CAAI,EAE9IqD,CAAAA,CAAAA,CAAa,IAAIzC,CAAQuC,CAAAA,CAAAA,CAAQ,MAAQC,CAAAA,CAA6B,CAC5E,CAAA,OAAIH,IACE7B,CACF,CAAA,MAAMiC,EAAW,yBAA0BjC,CAAAA,CAAsB,EAEjE,MAAMiC,CAAAA,CAAW,kBAAmB,EAAA,CAAA,CAIpCH,CACF,EAAA,MAAMG,EAAW,wBAAyB,EAAA,CAG5CP,EAAI,IAAOO,CAAAA,CAAAA,CACXzB,qBAAoB,CAAA,OAAA,EAAS,IAAIW,CAAac,CAAAA,CAAU,EAGxDP,CAAI,CAAA,OAAA,CAAQJ,CAAuB,CAAIW,CAAAA,CAAAA,CAEhCL,GACT,CAAA,KAAY,CACV,OAAAD,CAAI,CAAA,MAAA,CAAO,GAAG,CACPA,CAAAA,CAAAA,CAAI,KAAK,CACd,KAAA,CAAO,0BACT,CAAC,CACH,CACF,CAAA,CAEaO,CAAuB,CAAA,CAACT,EAIjC,EAAC,GAAM,MAAOC,CAAKC,CAAAA,CAAAA,CAAKC,IAAwB,CAClD,GAAM,CACJ,wBAAA,CAAAC,CACA,CAAA,8BAAA,CAAAC,EACA,oBAAAK,CAAAA,CACF,EAAIV,CACAV,CAAAA,CAAAA,CACJ,GAAIW,CAAI,CAAA,OAAA,CAAQ,cAAe,CAC7B,GAAI,CACFX,CAAU,CAAA,MAAMlD,EAAa6D,CAAI,CAAA,OAAA,CAAQ,aAAa,EACxD,CAAA,MAASU,CAAG,CAAA,CACNA,CAAaC,YAAAA,oBAAAA,EACfV,EAAI,MAAO,CAAA,GAAG,EACdA,CAAI,CAAA,IAAA,CAAK,CACP,MAAQ,CAAA,CAAC,sBAAsB,CACjC,CAAC,CAAA,EACQS,aAAaE,oBACtBX,EAAAA,CAAAA,CAAI,OAAO,GAAG,CAAA,CACdA,EAAI,IAAK,CAAA,CACP,MAAQ,CAAA,CAACS,CAAE,CAAA,OAAO,CACpB,CAAC,CAAA,GAEDT,EAAI,MAAO,CAAA,GAAG,EACdA,CAAI,CAAA,IAAA,CAAK,CACP,MAAQ,CAAA,CAAC,kCAAkC,CAC7C,CAAC,GAEH,MACF,CACA,IAAMI,CAAShB,CAAAA,CAAAA,EAAS,IAAM,EAAA,EAAA,CAE1BgB,CACFL,GAAAA,CAAAA,CAAI,QAAQN,CAAmB,CAAA,CAAIW,GAGrC,IAAME,CAAAA,CAAa,IAAIzC,CAAQuC,CAAAA,CAAAA,CAAQhB,CAAS,EAAA,IAAA,EAAM,WAAW,CAAA,CAE7Dc,GACF,MAAMI,CAAAA,CAAW,oBAGfH,CAAAA,CAAAA,EACF,MAAMG,CAAW,CAAA,wBAAA,EAGnBP,CAAAA,CAAAA,CAAI,IAAOO,CAAAA,CAAAA,CACXzB,qBAAoB,CAAA,OAAA,EAAS,IAAIW,CAAac,CAAAA,CAAU,EAGxDP,CAAI,CAAA,OAAA,CAAQJ,CAAuB,CAAIW,CAAAA,EACzC,SAAWE,CACT,CAAA,OAAAR,EAAI,MAAO,CAAA,GAAG,EACPA,CAAI,CAAA,IAAA,CAAK,CACd,MAAA,CAAQ,CAAC,mBAAmB,CAC9B,CAAC,CAAA,CAEH,OAAOC,CAAK,EACd,EAEaW,CAAiBd,CAAAA,CAAAA,EAGxB,MAAOC,CAAAA,CAAKC,CAAKC,CAAAA,CAAAA,GAAwB,CAC7C,GAAM,CACJ,MAAAjB,CACA,CAAA,YAAA,CAAAC,CACF,CAAIa,CAAAA,CAAAA,CACAV,CAEJ,CAAA,GAAI,CAACW,CAAAA,CAAI,QAAQ,aACf,CAAA,OAAAC,EAAI,MAAO,CAAA,GAAG,EACPA,CAAI,CAAA,IAAA,CAAK,CACd,MAAQ,CAAA,CAAC,mBAAmB,CAC9B,CAAC,EAGH,GAAI,CAEF,GADAZ,CAAU,CAAA,MAAMD,CAAgBY,CAAAA,CAAAA,CAAI,OAAQ,CAAA,aAAA,CAAef,CAAK,CAC5D,CAAA,CAACI,EACH,MAAM,IAAIC,CAEd,CAASoB,MAAAA,CAAAA,CAAG,CACV,OAAIA,CAAaC,YAAAA,oBAAAA,CACRV,EAAI,MAAO,CAAA,GAAG,EAAE,IAAK,CAAA,CAC1B,OAAQ,CAAC,sBAAsB,CACjC,CAAC,CAEC,CAAA,CAACW,qBAAmBtB,CAAe,CAAA,CAAE,KAAMwB,EAAQJ,EAAAA,CAAAA,YAAaI,EAAG,CAC9Db,CAAAA,CAAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,CAC1B,MAAA,CAAQ,CAACS,CAAE,CAAA,OAAO,CACpB,CAAC,CAAA,CAEIT,CAAI,CAAA,MAAA,CAAO,GAAG,CAAA,CAAE,KAAK,CAC1B,MAAA,CAAQ,CAAC,kCAAkC,CAC7C,CAAC,CACH,CACA,IAAMI,CAAShB,CAAAA,CAAAA,EAAS,OACpBgB,CACFL,GAAAA,CAAAA,CAAI,QAAQP,CAAW,CAAA,CAAIY,GAG7B,IAAME,CAAAA,CAAa,IAAIzC,CAAAA,CAAQuC,CAAM,CAAA,CAEjCpB,IACFe,CAAI,CAAA,OAAA,CAAQ,yBAAyB,CAAId,CAAAA,CAAAA,CAEzC,MAAMqB,CAAW,CAAA,qBAAA,CAAsBtB,EAAOC,CAAY,CAAA,CAAA,CAG5Dc,EAAI,IAAOO,CAAAA,CAAAA,CACX,IAAMQ,CAAsBjC,CAAAA,mBAAAA,GAAoB,OAChD,CAAA,OAAAiC,CAAqB,EAAA,GAAA,CAAItB,CAAac,CAAAA,CAAU,EAChDQ,CAAqB,EAAA,GAAA,CAAIvB,GAAcvD,CAAkB+D,CAAAA,CAAAA,CAAI,QAAQ,aAAa,CAAC,CAGnFA,CAAAA,CAAAA,CAAI,OAAQJ,CAAAA,CAAuB,EAAIW,CAEhCL,CAAAA,CAAAA,EACT,CAEac,CAAAA,CAAAA,CAAiC,MAAOhB,CAAKC,CAAAA,CAAAA,CAAKC,CAC7D,IAAA,MAAMF,CAAI,CAAA,IAAA,CAAK,oBACRE,CAAAA,CAAAA,IAGIe,CAAoBjB,CAAAA,CAAAA,EAC3BA,EAAI,OAAQ,CAAA,aAAA,CACP7D,EAAa6D,CAAI,CAAA,OAAA,CAAQ,aAAa,CAGxC,CAAA,IAAA,CAGIkB,EAAyB,MAAOC,CAAAA,CAAOd,IAAW,CAC7D,IAAME,CAAa,CAAA,IAAIzC,CAAQuC,CAAAA,CAAM,EAErC,MAAME,CAAAA,CAAW,oBAEjBY,CAAAA,CAAAA,GAAUC,WAASC,YAAW,CAAA,MAAM,CACpCF,CAAAA,CAAAA,CAAM,OAAQ,CAAA,GAAA,CAAI1B,EAAac,CAAU,EAC3C,EAEOe,CAAQxD,CAAAA,EC/MR,IAAMyD,CAAU,CAAA,IAA4BzC,qBAAoB,CAAA,OAAA,EAAS,IAAIW,CAAW,CAAA,CAElF+B,EAAc,IAAMD,CAAAA,IAAW,EAE/BE,CAAAA,CAAAA,CAAwBC,GAAoB,CAACF,CAAAA,IAAiB,MAAO,CAAA,IAAA,CAAKD,GAAW,CAAA,WAAA,CAAY,MAAM,CAAA,CAAE,QAASG,CAAAA,CAAO,EAEzHC,CAAgCC,CAAAA,CAAAA,EAA4B,CAACJ,CAAY,EAAA,EAAK,OAAO,IAAKD,CAAAA,CAAAA,EAAW,CAAA,WAAA,CAAY,cAAc,CAAA,CAAE,SAASK,CAAe,CAAA,CAEzJC,EAA+BC,CAA2B,EAAA,CAACN,GAAiB,EAAA,MAAA,CAAO,IAAKD,CAAAA,CAAAA,EAAW,CAAA,WAAA,CAAY,aAAa,CAAE,CAAA,QAAA,CAASO,CAAc,ECT3J,IAAMC,EAAN,cAAsC,KAAM,CACjD,WAAmBC,CAAAA,CAAAA,CAAuB,KAAMC,CAAU,CAAA,yBAAA,CAA2B,CACnF,KAAMA,CAAAA,CAAO,EADI,IAAAD,CAAAA,IAAAA,CAAAA,CAAAA,CAEjB,IAAK,CAAA,IAAA,CAAO,0BACd,CACF,ECNaE,IAAAA,CAAAA,CAAwB,CACnC,IAAM,CAAA,MAAA,CACN,KAAO,CAAA,OAAA,CACP,GAAK,CAAA,KACP,EAEMC,CAAwB,CAAA,CAC5B,CAACD,CAAsB,CAAA,IAAI,EAAG,IAAG,EAAA,CACjC,CAACA,CAAAA,CAAsB,KAAK,EAAIE,GAA+B,CAC7D,GAAM,CAAE,QAAAC,CAAAA,CAAAA,CAAU,SAAAC,CAAS,CAAA,CAAIF,EAE/B,OAAO,CAAA,MAAA,EADoB,OAAO,IAAK,CAAA,CAAA,EAAGC,CAAQ,CAAIC,CAAAA,EAAAA,CAAQ,EAAE,CAAE,CAAA,QAAA,CAAS,QAAQ,CACjD,CACpC,CAAA,CAAA,CACA,CAACJ,CAAsB,CAAA,GAAG,EAAIE,CAA+B,EAAA,CAC3D,GAAM,CAAE,MAAA,CAAAG,CAAO,CAAA,CAAIH,CACnB,CAAA,GAAIG,EACF,OAAO,CAAA,OAAA,EAAcC,mBAAK,EAAC,CAAGD,EAAQ,CAAE,SAAA,CAAW,EAAG,CAAC,CAAC,CAAA,CAG5D,CACF,CAEaE,CAAAA,EAAAA,CAA0BL,GAA8E,CACnH,IAAMM,EAAsBN,CAAuB,EAAA,MAAA,CAEnD,GAAI,EAACM,CAAAA,CAAAA,EAAuB,CAACP,CAAsBO,CAAAA,CAAmB,GAItE,OAAOP,CAAAA,CAAsBO,CAAmB,CAAEN,CAAAA,CAAqB,CACzE,ECVMO,IAAAA,EAAAA,CAA6BC,+BAI7BC,EAAgB,CAAA,CAAC,CAAE,eAAAC,CAAAA,CAAAA,CAAkB,EAAI,CAAA,MAAA,CAAAC,CAAO,CAAA,CAAiF,EAAC,GAAY,CACzIH,YAAQ,CAAA,OAAA,CAAA,CACf,cAAe,MACf,CAAA,uBAAA,CAAyBG,GAAQ,oBACjC,CAAA,GAAGD,CACL,CAAC,EACH,CAAA,CAEM,CAAE,UAAAzB,CAAAA,EAAAA,CAAY,SAAAD,EAAS,CAAA,CAAI4B,aA6B1BC,IAAAA,EAAAA,CAAQ,CACb,UAAA5B,CAAAA,EAAAA,CACA,SAAAD,EACA,CAAA,IAAA,CAAAE,EACA,UAAAxB,CAAAA,CAAAA,CACA,qBAAAU,CACA,CAAA,8BAAA,CAAAQ,CACA,CAAA,iBAAA,CAAA2B,EACA,CAAA,gBAAA,CAAA1B,EACA,oBAAAQ,CAAAA,CAAAA,CACA,6BAAAE,CACA,CAAA,2BAAA,CAAAE,EACA,WAAAL,CAAAA,CAAAA,CACA,OAAAD,CAAAA,CAAAA,CACA,uBAAAQ,CAAAA,CAAAA,CACA,cAAAlB,CACA,CAAA,sBAAA,CAAAK,EACA,QAAA8B,CAAAA,YAAAA,CACA,sBAAAd,CACA,CAAA,sBAAA,CAAAO,EACA,CAAA,mBAAA,CAAAtF,CACF","file":"index.cjs","sourcesContent":["import jwt from 'jsonwebtoken';\nimport moment from 'moment';\n\nconst {\n DEPRECATED_JWT_SECRET, JWT_NEW_SECRET,\n DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET,\n DEPRECATION_UNIX_TIMESTAMP,\n} = process.env;\n\nconst getRelevantSecret = (token: string | undefined, deprecatedSecret: string, newSecret: string): string => {\n const deprecationTime = moment(parseInt(DEPRECATION_UNIX_TIMESTAMP, 10) * 1000);\n try {\n let unixTime: moment.Moment;\n if (token) {\n const { iat } = jwt.decode(token) as jwt.JwtPayload;\n unixTime = moment(iat * 1000);\n } else {\n unixTime = moment();\n }\n return unixTime.isBefore(deprecationTime) ? deprecatedSecret : newSecret;\n } catch (e) {\n return newSecret;\n }\n};\n\nexport const getRefreshTokenSecret = (token?: string): string => getRelevantSecret(token, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET);\nexport const getTokenSecret = (token?: string): string => getRelevantSecret(token, DEPRECATED_JWT_SECRET, JWT_NEW_SECRET);\n","import type { UUID } from 'node:crypto';\nimport * as jwt from 'jsonwebtoken';\nimport { getTokenSecret } from './secret-getter';\n\nconst CONTEXT_PROPS = ['fleetId', 'businessModelId', 'demandSourceId'];\nconst CONTEXT_MAP_PROPS = {\n fleet: 'fleets',\n business: 'businessModels',\n demand: 'demandSources',\n};\n\nexport const getAuthFromBearer = (bearer: string): string => bearer.replace('Bearer ', '');\n\nexport const decodeBearer = (bearer: string, appSecret?: string): any => {\n const token = getAuthFromBearer(bearer);\n const decoded = jwt.verify(token, appSecret || getTokenSecret(token));\n return decoded;\n};\n\nexport const parsePermissions = (contextId, decodedToken): any => {\n if (!decodedToken) { return []; }\n const { contexts } = decodedToken;\n const activeContext = contexts.find((context) => context.id === contextId);\n\n const permissionsValue = `${activeContext.permissions?.map((cp) => `${cp},`)}`;\n\n return {\n key: activeContext.entityId,\n value: permissionsValue,\n };\n};\n\nexport const getEntitiesFromContext = (contextId: string, decodedToken: any): any => {\n if (!decodedToken) { return []; }\n let { contexts } = decodedToken;\n if (contextId) {\n contexts = contexts.filter((context) => context.id === contextId);\n }\n\n const attributes = {};\n contexts.forEach((context) => {\n const prop = CONTEXT_MAP_PROPS[context.subSystem || 'business'];\n\n const permissions = parsePermissions(context.id, decodedToken);\n // eslint-disable-next-line no-unused-expressions\n attributes[prop]\n ? attributes[prop][permissions.key] = permissions.value\n : attributes[prop] = { [permissions.key]: permissions.value };\n });\n\n return attributes;\n};\n\nexport const getContextAttributes = (contextId: string, decodedToken: any): any => {\n if (!decodedToken) { return []; }\n let { contexts } = decodedToken;\n if (contextId) {\n contexts = contexts.filter((context) => context.id === contextId);\n }\n const attributes = {};\n contexts.forEach((context) => {\n CONTEXT_PROPS.forEach((prop) => {\n if (context[prop]) {\n const contextPropWrapped = [context[prop]];\n // eslint-disable-next-line no-unused-expressions\n attributes[prop]\n ? attributes[prop] = attributes[prop].concat(contextPropWrapped)\n : attributes[prop] = contextPropWrapped;\n }\n });\n });\n return attributes;\n};\n\nconst EMPTY_UUID = '00000000-0000-0000-0000-000000000000';\nconst FULL_UUID = 'ffffffff-ffff-ffff-ffff-ffffffffffff';\nconst VALID_CHARS_REGEX = '[0-9a-f]';\nconst UUID_VERSION_REGEX = '[1-8]';\nconst UUID_REGEX = new RegExp(`^(?:${VALID_CHARS_REGEX}{8}-${VALID_CHARS_REGEX}{4}-${UUID_VERSION_REGEX}${VALID_CHARS_REGEX}{3}-[89ab]${VALID_CHARS_REGEX}{3}-${VALID_CHARS_REGEX}{12}|${EMPTY_UUID}|${FULL_UUID})$`, 'i');\nexport function validateUUID(uuid: unknown): uuid is UUID {\n return typeof uuid === 'string' && UUID_REGEX.test(uuid);\n}\n","import Network from '@autofleet/network';\n\nconst CACHE_LIFETIME_IN_SEC = 10;\nconst apiGwUrl = process.env.API_GATEWAY_URL || 'https://api.autofleet.io';\n\n// eslint-disable-next-line import/prefer-default-export\nexport const IdentityNetwork = new Network({\n serviceName: 'IDENTITY_MS',\n retries: 3,\n retryCondition: () => true,\n cache: process.env.NODE_ENV !== 'test' ? {\n maxAge: CACHE_LIFETIME_IN_SEC * 1000,\n } : undefined,\n});\n\nexport const AutofleetApiNetwork = new Network({\n baseURL: apiGwUrl,\n serviceUrl: apiGwUrl,\n retries: 3,\n retryCondition: () => true,\n cache: process.env.NODE_ENV !== 'test' ? {\n maxAge: CACHE_LIFETIME_IN_SEC * 1000,\n } : undefined,\n});\n","import NodeCache from 'node-cache';\nimport objectHash from 'object-hash';\nimport { randomUUID } from 'node:crypto';\nimport { getCurrentContext } from '@autofleet/outbreak';\nimport { validateUUID } from '../utils';\nimport { AutofleetApiNetwork, IdentityNetwork } from '../services';\n\nexport type AccountType = 'client' | 'user' | 'service' | 'driver'\ninterface EntityPermissions {\n [key: string]: string[];\n}\n\nexport const ELEVATED_PERMISSIONS_HEADER = 'x-af-elevated-permissions';\nexport const CONTEXTS_IDS_HEADER = 'x-af-context-ids';\n\nexport interface UserPayload {\n businessModels: EntityPermissions;\n fleets: EntityPermissions;\n demandSources: EntityPermissions;\n businessAccounts?: EntityPermissions;\n accountType?: AccountType;\n contexts?: EntityPermissions;\n createdAt?: string;\n}\n\nexport interface PartialUserPayload {\n businessModels?: EntityPermissions;\n fleets?: EntityPermissions;\n demandSources?: EntityPermissions;\n vehicles?: EntityPermissions;\n drivers?: EntityPermissions;\n businessAccounts?: EntityPermissions;\n}\n\nexport type CustomPermissionLoader = (string) => Promise<UserPayload>;\n\nconst userCache = new NodeCache({ stdTTL: 10 });\n\nconst mergePermissions = (target: UserPayload, sources: Iterable<PartialUserPayload>): UserPayload => {\n const permissions: UserPayload = {\n ...target,\n fleets: { ...target?.fleets },\n businessModels: { ...target?.businessModels },\n demandSources: { ...target?.demandSources },\n // Clone other nested objects as needed\n };\n\n // eslint-disable-next-line no-restricted-syntax\n for (const source of sources) {\n Object.keys(source).forEach((entityType) => {\n // eslint-disable-next-line no-param-reassign\n permissions[entityType] ??= {};\n Object.entries(source[entityType]!).forEach(([entityId, perms]) => {\n // eslint-disable-next-line no-param-reassign\n permissions[entityType][entityId] = (permissions[entityType][entityId] || []).concat(perms);\n });\n });\n }\n\n return permissions;\n};\n\nexport default class ApiUser {\n id: string | undefined;\n\n privatePermissions: UserPayload | undefined;\n\n privateElevatedPermissionsHash: Map<string, PartialUserPayload | undefined>;\n\n privatePermissionsLegacy: any;\n\n appPermission: {[key: string]: any};\n\n emptyUser: boolean;\n\n accountType: AccountType | undefined;\n\n contextIds?: string[];\n\n constructor(id? : string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload, contextIds?: string[]) {\n this.id = id;\n this.emptyUser = !!id;\n this.appPermission = {};\n this.privateElevatedPermissionsHash = new Map();\n this.contextIds = contextIds;\n if (elevatedPermissions) {\n this.privateElevatedPermissionsHash.set('initial', elevatedPermissions);\n }\n if (accountType) {\n this.accountType = accountType;\n }\n }\n\n async getUserPermissions(): Promise<UserPayload> {\n if (!this.id) {\n return undefined;\n }\n if (this.privatePermissions) {\n return this.privatePermissions;\n }\n const cacheKey = objectHash({\n id: this.id,\n contextIds: this.contextIds,\n });\n\n let data = userCache.get<UserPayload>(cacheKey);\n\n if (!data) {\n ({ data } = await IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload`, { params: { contextIds: this.contextIds } }));\n userCache.set(cacheKey, data);\n }\n\n this.accountType = data.accountType;\n this.privatePermissions = data;\n return this.privatePermissions;\n }\n\n async useCustomPermissionLoader(customPermissionLoader: any): Promise<UserPayload> {\n if (!this.id) {\n return undefined;\n }\n if (this.privatePermissions) {\n return this.privatePermissions;\n }\n\n const cacheKey = this.id;\n\n const cachedResult = userCache.get<UserPayload>(cacheKey);\n if (cachedResult) {\n this.privatePermissions = cachedResult;\n return cachedResult;\n }\n\n const data = await customPermissionLoader(this.id);\n userCache.set(cacheKey, data);\n\n this.privatePermissions = data;\n return this.privatePermissions;\n }\n\n get businessModels(): string[] | undefined {\n return this.getUserProperty('businessModels');\n }\n\n get fleets(): string[] | undefined {\n return this.getUserProperty('fleets');\n }\n\n get demandSources(): string[] | undefined {\n return this.getUserProperty('demandSources');\n }\n\n private getUserProperty(key: keyof UserPayload): string[] | undefined {\n if (!this.privatePermissions) {\n throw new Error(`Cannot get ${key} without calling (async) getUserPermissions before`);\n }\n return Object.keys(this.privatePermissions[key] || {});\n }\n\n get elevatedPermissions(): UserPayload {\n return mergePermissions(undefined, this.privateElevatedPermissionsHash.values());\n }\n\n get permissions(): UserPayload | undefined {\n if (!this.privatePermissions) {\n throw new Error('Cannot get permissions without calling (async) getUserPermissions before');\n }\n\n return mergePermissions(this.privatePermissions, this.privateElevatedPermissionsHash.values());\n }\n\n elevatePermissions(addedPermissions: PartialUserPayload): () => void {\n const elevationId = randomUUID();\n\n // Validate that the added permissions are valid UUIDs\n Object.values(addedPermissions).forEach((entityIds) => {\n Object.keys(entityIds).forEach((entityId) => {\n if (!validateUUID(entityId)) {\n throw new Error(`Entity id on elevatePermissions is not a valid UUID, provided: ${entityId}`);\n }\n });\n });\n\n const currentUserTrace = getCurrentContext();\n if (!currentUserTrace) {\n throw new Error('Cannot find current user cross services trace');\n }\n\n const currentElevation = JSON.parse(currentUserTrace.context[ELEVATED_PERMISSIONS_HEADER] || '{}');\n const newElevation = Object.assign(currentElevation, addedPermissions);\n this.privateElevatedPermissionsHash.set(elevationId, newElevation);\n currentUserTrace.context.set(ELEVATED_PERMISSIONS_HEADER, JSON.stringify(this.elevatedPermissions));\n return () => {\n this.privateElevatedPermissionsHash.delete(elevationId);\n currentUserTrace.context.set(ELEVATED_PERMISSIONS_HEADER, JSON.stringify(this.elevatedPermissions));\n };\n }\n\n async getUserPermissionsLegacy() {\n if (!this.id) {\n return undefined;\n }\n if (this.privatePermissionsLegacy) {\n return this.privatePermissionsLegacy;\n }\n const { data } = await IdentityNetwork.get(`/api/v1/users/${this.id}/authorization-payload-legacy`);\n\n this.privatePermissionsLegacy = data;\n return this.privatePermissionsLegacy;\n }\n\n get permissionsLegacy(): any {\n if (!this.privatePermissionsLegacy) {\n throw new Error('Cannot get permissionsLegacy without calling (async) getUserPermissionsLegacy before');\n }\n return this.privatePermissionsLegacy;\n }\n\n async getUserAppPermissions(appId, clientSecret) {\n if (!this.id || !appId || !clientSecret) {\n return undefined;\n }\n const currentAppPermission = this.appPermission[appId];\n\n if (currentAppPermission) {\n return currentAppPermission;\n }\n\n const cacheKey = `${this.id}:${appId}`;\n\n const cachedResult = userCache.get<UserPayload>(cacheKey);\n if (cachedResult) {\n this.appPermission[appId] = cachedResult;\n return cachedResult;\n }\n\n const { data } = await AutofleetApiNetwork.post(`/api/v1/apps/${appId}/get-user-payload`, {\n userId: this.id,\n }, {\n headers: {\n 'x-autofleet-apps-secret': clientSecret,\n },\n });\n\n userCache.set(cacheKey, data);\n this.appPermission[appId] = data;\n return this.appPermission[appId];\n }\n}\n","import { AutofleetApiNetwork } from './services';\n\nexport const decodeAppBearer = async (bearer: string, appId: string): Promise<any> => {\n const { data: decoded } = await AutofleetApiNetwork.post('/api/v1/auth', { bearer, appId });\n return decoded;\n};\n\nexport const getClientSecret = async (appId: string): Promise<any> => {\n const { data: secret } = await AutofleetApiNetwork.get(`/api/v1/auth/client-secret/${appId}`);\n return secret;\n};\n","export default class AppDoesNotExist extends Error {\n name = 'AppDoesNotExist';\n\n message = 'app does not exist';\n}\n","import { getCurrentContext, newTrace, traceTypes } from '@autofleet/outbreak';\nimport { TokenExpiredError, JsonWebTokenError } from 'jsonwebtoken';\nimport ApiUser, { CustomPermissionLoader, ELEVATED_PERMISSIONS_HEADER } from './ApiUser';\nimport { decodeAppBearer } from '../app-auth';\nimport AppDoesNotExist from '../exceptions/appDoesNotExist';\nimport { decodeBearer, getAuthFromBearer } from '../utils';\n\nconst IDENTITY_MS = 'identity-ms';\nconst ACCESS_TOKEN = 'accessToken';\nexport const USER_OBJECT = 'userObject';\nconst USER_TRACING_HEADER = 'x-af-user-id';\nconst ORIGIN_HEADER = 'X-IAF-ORIGIN-SERVICE';\nconst USER_PERMISSIONS_HEADER = 'x-af-user-permissions';\nconst LOWER_CASE_ORIGIN_HEADER = ORIGIN_HEADER.toLowerCase();\n\nexport const middleware = (options: {\n eagerLoadUserPermissions?: boolean;\n eagerLoadUserPermissionsLegacy?: boolean;\n customPermissionLoader?: CustomPermissionLoader;\n} = {}) => async (req, res, next): Promise<any> => {\n try {\n const originHeader: string = req.headers[ORIGIN_HEADER] || req.headers[LOWER_CASE_ORIGIN_HEADER] || '';\n if (originHeader.toLowerCase() === IDENTITY_MS) {\n return next();\n }\n const {\n eagerLoadUserPermissions,\n eagerLoadUserPermissionsLegacy,\n customPermissionLoader,\n } = options;\n const userId = req.headers[USER_TRACING_HEADER];\n if (!userId) {\n return next();\n }\n\n const elevatedPermissionsFromHeader = req.headers[ELEVATED_PERMISSIONS_HEADER]?.length > 0 ? JSON.parse(req.headers[ELEVATED_PERMISSIONS_HEADER]) : {};\n\n const userObject = new ApiUser(userId, 'user', elevatedPermissionsFromHeader);\n if (eagerLoadUserPermissions) {\n if (customPermissionLoader) {\n await userObject.useCustomPermissionLoader(customPermissionLoader);\n } else {\n await userObject.getUserPermissions();\n }\n }\n\n if (eagerLoadUserPermissionsLegacy) {\n await userObject.getUserPermissionsLegacy();\n }\n\n req.user = userObject;\n getCurrentContext().context?.set(USER_OBJECT, userObject);\n\n // Added in order to support outbreak.\n req.headers[USER_PERMISSIONS_HEADER] = userObject;\n\n return next();\n } catch (e) {\n res.status(401);\n return res.json({\n error: 'cannot authenticate user',\n });\n }\n};\n\nexport const middlewareWithDecode = (options: {\n eagerLoadUserPermissions?: boolean;\n eagerLoadUserPermissionsLegacy?: boolean;\n returnErrorIfNoToken?: boolean\n} = {}) => async (req, res, next): Promise<void> => {\n const {\n eagerLoadUserPermissions,\n eagerLoadUserPermissionsLegacy,\n returnErrorIfNoToken,\n } = options;\n let decoded;\n if (req.headers.authorization) {\n try {\n decoded = await decodeBearer(req.headers.authorization);\n } catch (e) {\n if (e instanceof TokenExpiredError) {\n res.status(401);\n res.json({\n errors: ['Access token expired'],\n });\n } else if (e instanceof JsonWebTokenError) {\n res.status(400);\n res.json({\n errors: [e.message],\n });\n } else {\n res.status(500);\n res.json({\n errors: ['Server error while parsing token'],\n });\n }\n return undefined;\n }\n const userId = decoded?.user?.id;\n\n if (userId) {\n req.headers[USER_TRACING_HEADER] = userId;\n }\n\n const userObject = new ApiUser(userId, decoded?.user?.accountType);\n\n if (eagerLoadUserPermissions) {\n await userObject.getUserPermissions();\n }\n\n if (eagerLoadUserPermissionsLegacy) {\n await userObject.getUserPermissionsLegacy();\n }\n\n req.user = userObject;\n getCurrentContext().context?.set(USER_OBJECT, userObject);\n\n // Added in order to support outbreak.\n req.headers[USER_PERMISSIONS_HEADER] = userObject;\n } else if (returnErrorIfNoToken) {\n res.status(401);\n return res.json({\n errors: ['No token provided'],\n });\n }\n return next();\n};\n\nexport const appMiddleware = (options: {\n appId: string,\n clientSecret: string\n}) => async (req, res, next): Promise<void> => {\n const {\n appId,\n clientSecret,\n } = options;\n let decoded;\n\n if (!req.headers.authorization) {\n res.status(401);\n return res.json({\n errors: ['No token provided'],\n });\n }\n\n try {\n decoded = await decodeAppBearer(req.headers.authorization, appId);\n if (!decoded) {\n throw new AppDoesNotExist();\n }\n } catch (e) {\n if (e instanceof TokenExpiredError) {\n return res.status(401).json({\n errors: ['Access token expired'],\n });\n }\n if ([JsonWebTokenError, AppDoesNotExist].some((Err) => e instanceof Err)) {\n return res.status(400).json({\n errors: [e.message],\n });\n }\n return res.status(500).json({\n errors: ['Server error while parsing token'],\n });\n }\n const userId = decoded?.userId;\n if (userId) {\n req.headers[USER_OBJECT] = userId;\n }\n\n const userObject = new ApiUser(userId);\n\n if (appId) {\n req.headers['x-autofleet-apps-secret'] = clientSecret;\n // Won't work until we find a better solution for identity ms\n await userObject.getUserAppPermissions(appId, clientSecret);\n }\n\n req.user = userObject;\n const currentTraceContext = getCurrentContext().context;\n currentTraceContext?.set(USER_OBJECT, userObject);\n currentTraceContext?.set(ACCESS_TOKEN, getAuthFromBearer(req.headers.authorization));\n\n // Added in order to support outbreak.\n req.headers[USER_PERMISSIONS_HEADER] = userObject;\n\n return next();\n};\n\nexport const eagerLoadPermissionsMiddleware = async (req, res, next) => {\n await req.user.getUserPermissions();\n return next();\n};\n\nexport const getDecodedBearer = (req) => {\n if (req.headers.authorization) {\n return decodeBearer(req.headers.authorization);\n }\n\n return null;\n};\n\nexport const createOrSetRabbitTrace = async (trace, userId) => {\n const userObject = new ApiUser(userId);\n\n await userObject.getUserPermissions();\n // eslint-disable-next-line no-param-reassign\n trace ??= newTrace(traceTypes.RABBIT);\n trace.context.set(USER_OBJECT, userObject);\n};\n\nexport default ApiUser;\n","import { getCurrentContext } from '@autofleet/outbreak';\nimport ApiUser from './user/ApiUser';\nimport { USER_OBJECT } from './user';\n\nexport const getUser = () : ApiUser | undefined => getCurrentContext().context?.get(USER_OBJECT) as ApiUser | undefined;\n\nexport const isUserExist = () => getUser()?.id;\n\nexport const checkFleetPermission = (fleetId: string) => !isUserExist() || Object.keys(getUser()!.permissions.fleets).includes(fleetId);\n\nexport const checkBusinessModelPermission = (businessModelId: string) => !isUserExist() || Object.keys(getUser()!.permissions.businessModels).includes(businessModelId);\n\nexport const checkDemandSourcePermission = (demandSourceId: string) => !isUserExist() || Object.keys(getUser()!.permissions.demandSources).includes(demandSourceId);\n","import type ApiUser from './user';\n\n// eslint-disable-next-line import/prefer-default-export\nexport class UnauthorizedAccessError extends Error {\n constructor(public user: ApiUser | null = null, message = 'UnauthorizedAccessError') {\n super(message);\n this.name = 'UnauthorizedAccessError';\n }\n}\n","import * as jwt from 'jsonwebtoken';\n\nexport const AUTHORIZATION_METHODS = {\n NONE: 'NONE',\n BASIC: 'BASIC',\n JWT: 'JWT',\n};\n\nconst AUTHORIZATION_ACTIONS = {\n [AUTHORIZATION_METHODS.NONE]: () => undefined,\n [AUTHORIZATION_METHODS.BASIC]: (authorizationSettings: any) => {\n const { username, password } = authorizationSettings;\n const encodedCredentials = Buffer.from(`${username}:${password}`).toString('base64');\n return `Basic ${encodedCredentials}`;\n },\n [AUTHORIZATION_METHODS.JWT]: (authorizationSettings: any) => {\n const { secret } = authorizationSettings;\n if (secret) {\n return `Bearer ${jwt.sign({}, secret, { expiresIn: 10 })}`;\n }\n return undefined;\n },\n};\n\nexport const getAuthorizationHeader = (authorizationSettings: { method: string } | undefined): string | undefined => {\n const authorizationMethod = authorizationSettings?.method;\n\n if (!authorizationMethod || !AUTHORIZATION_ACTIONS[authorizationMethod]) {\n return undefined;\n }\n\n return AUTHORIZATION_ACTIONS[authorizationMethod](authorizationSettings);\n};\n","import type { LoggerInstanceManager } from '@autofleet/logger';\nimport * as outbreak from '@autofleet/outbreak';\nimport User, {\n middleware,\n eagerLoadPermissionsMiddleware,\n middlewareWithDecode,\n getDecodedBearer,\n appMiddleware,\n createOrSetRabbitTrace,\n} from './user';\nimport { type UserPayload, CONTEXTS_IDS_HEADER } from './user/ApiUser';\nimport {\n checkFleetPermission,\n checkBusinessModelPermission,\n checkDemandSourcePermission,\n isUserExist,\n getUser,\n} from './check-permission';\nimport { UnauthorizedAccessError } from './errors';\nimport { getRefreshTokenSecret, getTokenSecret } from './secret-getter';\nimport { AUTHORIZATION_METHODS, getAuthorizationHeader } from './authorization';\n\nconst getCurrentPayload = outbreak.getCurrentContext;\n\ntype OutbreakOptions = Parameters<typeof outbreak.default>[0];\ntype LoggerWithContextMiddleware = Partial<Pick<LoggerInstanceManager, 'addContextMiddleware'>>;\nconst enableTracing = ({ outbreakOptions = {}, logger }: { outbreakOptions?: OutbreakOptions, logger?: LoggerWithContextMiddleware } = {}): void => {\n outbreak.default({\n headersPrefix: 'x-af',\n contextMiddlewareGetter: logger?.addContextMiddleware,\n ...outbreakOptions,\n });\n};\n\nconst { traceTypes, newTrace } = outbreak;\n\nexport {\n traceTypes,\n newTrace,\n enableTracing,\n User,\n middleware,\n middlewareWithDecode,\n eagerLoadPermissionsMiddleware,\n getCurrentPayload,\n getDecodedBearer,\n checkFleetPermission,\n checkBusinessModelPermission,\n checkDemandSourcePermission,\n isUserExist,\n getUser,\n getRefreshTokenSecret,\n getTokenSecret,\n UnauthorizedAccessError,\n appMiddleware,\n createOrSetRabbitTrace,\n outbreak,\n AUTHORIZATION_METHODS,\n getAuthorizationHeader,\n type UserPayload,\n CONTEXTS_IDS_HEADER,\n};\n\nexport default {\n traceTypes,\n newTrace,\n User,\n middleware,\n middlewareWithDecode,\n eagerLoadPermissionsMiddleware,\n getCurrentPayload,\n getDecodedBearer,\n checkFleetPermission,\n checkBusinessModelPermission,\n checkDemandSourcePermission,\n isUserExist,\n getUser,\n UnauthorizedAccessError,\n appMiddleware,\n createOrSetRabbitTrace,\n outbreak,\n AUTHORIZATION_METHODS,\n getAuthorizationHeader,\n CONTEXTS_IDS_HEADER,\n};\n"]}
|
package/lib/index.d.cts
ADDED
|
@@ -0,0 +1,171 @@
|
|
|
1
|
+
import { LoggerInstanceManager } from '@autofleet/logger';
|
|
2
|
+
import * as outbreak from '@autofleet/outbreak';
|
|
3
|
+
export { outbreak };
|
|
4
|
+
|
|
5
|
+
type AccountType = 'client' | 'user' | 'service' | 'driver';
|
|
6
|
+
interface EntityPermissions {
|
|
7
|
+
[key: string]: string[];
|
|
8
|
+
}
|
|
9
|
+
declare const CONTEXTS_IDS_HEADER = "x-af-context-ids";
|
|
10
|
+
interface UserPayload {
|
|
11
|
+
businessModels: EntityPermissions;
|
|
12
|
+
fleets: EntityPermissions;
|
|
13
|
+
demandSources: EntityPermissions;
|
|
14
|
+
businessAccounts?: EntityPermissions;
|
|
15
|
+
accountType?: AccountType;
|
|
16
|
+
contexts?: EntityPermissions;
|
|
17
|
+
createdAt?: string;
|
|
18
|
+
}
|
|
19
|
+
interface PartialUserPayload {
|
|
20
|
+
businessModels?: EntityPermissions;
|
|
21
|
+
fleets?: EntityPermissions;
|
|
22
|
+
demandSources?: EntityPermissions;
|
|
23
|
+
vehicles?: EntityPermissions;
|
|
24
|
+
drivers?: EntityPermissions;
|
|
25
|
+
businessAccounts?: EntityPermissions;
|
|
26
|
+
}
|
|
27
|
+
type CustomPermissionLoader = (string: any) => Promise<UserPayload>;
|
|
28
|
+
declare class ApiUser {
|
|
29
|
+
id: string | undefined;
|
|
30
|
+
privatePermissions: UserPayload | undefined;
|
|
31
|
+
privateElevatedPermissionsHash: Map<string, PartialUserPayload | undefined>;
|
|
32
|
+
privatePermissionsLegacy: any;
|
|
33
|
+
appPermission: {
|
|
34
|
+
[key: string]: any;
|
|
35
|
+
};
|
|
36
|
+
emptyUser: boolean;
|
|
37
|
+
accountType: AccountType | undefined;
|
|
38
|
+
contextIds?: string[];
|
|
39
|
+
constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload, contextIds?: string[]);
|
|
40
|
+
getUserPermissions(): Promise<UserPayload>;
|
|
41
|
+
useCustomPermissionLoader(customPermissionLoader: any): Promise<UserPayload>;
|
|
42
|
+
get businessModels(): string[] | undefined;
|
|
43
|
+
get fleets(): string[] | undefined;
|
|
44
|
+
get demandSources(): string[] | undefined;
|
|
45
|
+
private getUserProperty;
|
|
46
|
+
get elevatedPermissions(): UserPayload;
|
|
47
|
+
get permissions(): UserPayload | undefined;
|
|
48
|
+
elevatePermissions(addedPermissions: PartialUserPayload): () => void;
|
|
49
|
+
getUserPermissionsLegacy(): Promise<any>;
|
|
50
|
+
get permissionsLegacy(): any;
|
|
51
|
+
getUserAppPermissions(appId: any, clientSecret: any): Promise<any>;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
declare const middleware: (options?: {
|
|
55
|
+
eagerLoadUserPermissions?: boolean;
|
|
56
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
57
|
+
customPermissionLoader?: CustomPermissionLoader;
|
|
58
|
+
}) => (req: any, res: any, next: any) => Promise<any>;
|
|
59
|
+
declare const middlewareWithDecode: (options?: {
|
|
60
|
+
eagerLoadUserPermissions?: boolean;
|
|
61
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
62
|
+
returnErrorIfNoToken?: boolean;
|
|
63
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
64
|
+
declare const appMiddleware: (options: {
|
|
65
|
+
appId: string;
|
|
66
|
+
clientSecret: string;
|
|
67
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
68
|
+
declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
69
|
+
declare const getDecodedBearer: (req: any) => any;
|
|
70
|
+
declare const createOrSetRabbitTrace: (trace: any, userId: any) => Promise<void>;
|
|
71
|
+
|
|
72
|
+
declare const getUser: () => ApiUser | undefined;
|
|
73
|
+
declare const isUserExist: () => string;
|
|
74
|
+
declare const checkFleetPermission: (fleetId: string) => boolean;
|
|
75
|
+
declare const checkBusinessModelPermission: (businessModelId: string) => boolean;
|
|
76
|
+
declare const checkDemandSourcePermission: (demandSourceId: string) => boolean;
|
|
77
|
+
|
|
78
|
+
declare class UnauthorizedAccessError extends Error {
|
|
79
|
+
user: ApiUser | null;
|
|
80
|
+
constructor(user?: ApiUser | null, message?: string);
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
declare const getRefreshTokenSecret: (token?: string) => string;
|
|
84
|
+
declare const getTokenSecret: (token?: string) => string;
|
|
85
|
+
|
|
86
|
+
declare const AUTHORIZATION_METHODS: {
|
|
87
|
+
NONE: string;
|
|
88
|
+
BASIC: string;
|
|
89
|
+
JWT: string;
|
|
90
|
+
};
|
|
91
|
+
declare const getAuthorizationHeader: (authorizationSettings: {
|
|
92
|
+
method: string;
|
|
93
|
+
} | undefined) => string | undefined;
|
|
94
|
+
|
|
95
|
+
declare const getCurrentPayload: () => {
|
|
96
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
97
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
98
|
+
readonly context: Map<string, unknown>;
|
|
99
|
+
} | Record<string, never>;
|
|
100
|
+
type OutbreakOptions = Parameters<typeof outbreak.default>[0];
|
|
101
|
+
type LoggerWithContextMiddleware = Partial<Pick<LoggerInstanceManager, 'addContextMiddleware'>>;
|
|
102
|
+
declare const enableTracing: ({ outbreakOptions, logger }?: {
|
|
103
|
+
outbreakOptions?: OutbreakOptions;
|
|
104
|
+
logger?: LoggerWithContextMiddleware;
|
|
105
|
+
}) => void;
|
|
106
|
+
declare const traceTypes: {
|
|
107
|
+
readonly HTTP_REQUEST: "httpRequest";
|
|
108
|
+
readonly WEB_SOCKET: "webSocket";
|
|
109
|
+
readonly RABBIT: "rabbit";
|
|
110
|
+
readonly BULL_MQ: "bull";
|
|
111
|
+
};
|
|
112
|
+
declare const newTrace: (type: "httpRequest" | "webSocket" | "rabbit" | "bull") => {
|
|
113
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
114
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
115
|
+
readonly context: Map<string, unknown>;
|
|
116
|
+
};
|
|
117
|
+
|
|
118
|
+
declare const _default: {
|
|
119
|
+
traceTypes: {
|
|
120
|
+
readonly HTTP_REQUEST: "httpRequest";
|
|
121
|
+
readonly WEB_SOCKET: "webSocket";
|
|
122
|
+
readonly RABBIT: "rabbit";
|
|
123
|
+
readonly BULL_MQ: "bull";
|
|
124
|
+
};
|
|
125
|
+
newTrace: (type: "httpRequest" | "webSocket" | "rabbit" | "bull") => {
|
|
126
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
127
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
128
|
+
readonly context: Map<string, unknown>;
|
|
129
|
+
};
|
|
130
|
+
User: typeof ApiUser;
|
|
131
|
+
middleware: (options?: {
|
|
132
|
+
eagerLoadUserPermissions?: boolean;
|
|
133
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
134
|
+
customPermissionLoader?: CustomPermissionLoader;
|
|
135
|
+
}) => (req: any, res: any, next: any) => Promise<any>;
|
|
136
|
+
middlewareWithDecode: (options?: {
|
|
137
|
+
eagerLoadUserPermissions?: boolean;
|
|
138
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
139
|
+
returnErrorIfNoToken?: boolean;
|
|
140
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
141
|
+
eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
142
|
+
getCurrentPayload: () => {
|
|
143
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
144
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
145
|
+
readonly context: Map<string, unknown>;
|
|
146
|
+
} | Record<string, never>;
|
|
147
|
+
getDecodedBearer: (req: any) => any;
|
|
148
|
+
checkFleetPermission: (fleetId: string) => boolean;
|
|
149
|
+
checkBusinessModelPermission: (businessModelId: string) => boolean;
|
|
150
|
+
checkDemandSourcePermission: (demandSourceId: string) => boolean;
|
|
151
|
+
isUserExist: () => string;
|
|
152
|
+
getUser: () => ApiUser;
|
|
153
|
+
UnauthorizedAccessError: typeof UnauthorizedAccessError;
|
|
154
|
+
appMiddleware: (options: {
|
|
155
|
+
appId: string;
|
|
156
|
+
clientSecret: string;
|
|
157
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
158
|
+
createOrSetRabbitTrace: (trace: any, userId: any) => Promise<void>;
|
|
159
|
+
outbreak: typeof outbreak;
|
|
160
|
+
AUTHORIZATION_METHODS: {
|
|
161
|
+
NONE: string;
|
|
162
|
+
BASIC: string;
|
|
163
|
+
JWT: string;
|
|
164
|
+
};
|
|
165
|
+
getAuthorizationHeader: (authorizationSettings: {
|
|
166
|
+
method: string;
|
|
167
|
+
}) => string;
|
|
168
|
+
CONTEXTS_IDS_HEADER: string;
|
|
169
|
+
};
|
|
170
|
+
|
|
171
|
+
export { AUTHORIZATION_METHODS, CONTEXTS_IDS_HEADER, UnauthorizedAccessError, ApiUser as User, type UserPayload, appMiddleware, checkBusinessModelPermission, checkDemandSourcePermission, checkFleetPermission, createOrSetRabbitTrace, _default as default, eagerLoadPermissionsMiddleware, enableTracing, getAuthorizationHeader, getCurrentPayload, getDecodedBearer, getRefreshTokenSecret, getTokenSecret, getUser, isUserExist, middleware, middlewareWithDecode, newTrace, traceTypes };
|
package/lib/index.d.ts
CHANGED
|
@@ -1,55 +1,161 @@
|
|
|
1
|
-
|
|
2
|
-
/// <reference types="qs" />
|
|
1
|
+
import { LoggerInstanceManager } from '@autofleet/logger';
|
|
3
2
|
import * as outbreak from '@autofleet/outbreak';
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
3
|
+
export { outbreak };
|
|
4
|
+
|
|
5
|
+
type AccountType = 'client' | 'user' | 'service' | 'driver';
|
|
6
|
+
interface EntityPermissions {
|
|
7
|
+
[key: string]: string[];
|
|
8
|
+
}
|
|
9
|
+
declare const CONTEXTS_IDS_HEADER = "x-af-context-ids";
|
|
10
|
+
interface UserPayload {
|
|
11
|
+
businessModels: EntityPermissions;
|
|
12
|
+
fleets: EntityPermissions;
|
|
13
|
+
demandSources: EntityPermissions;
|
|
14
|
+
businessAccounts?: EntityPermissions;
|
|
15
|
+
accountType?: AccountType;
|
|
16
|
+
contexts?: EntityPermissions;
|
|
17
|
+
createdAt?: string;
|
|
18
|
+
}
|
|
19
|
+
interface PartialUserPayload {
|
|
20
|
+
businessModels?: EntityPermissions;
|
|
21
|
+
fleets?: EntityPermissions;
|
|
22
|
+
demandSources?: EntityPermissions;
|
|
23
|
+
vehicles?: EntityPermissions;
|
|
24
|
+
drivers?: EntityPermissions;
|
|
25
|
+
businessAccounts?: EntityPermissions;
|
|
26
|
+
}
|
|
27
|
+
type CustomPermissionLoader = (string: any) => Promise<UserPayload>;
|
|
28
|
+
declare class ApiUser {
|
|
29
|
+
id: string | undefined;
|
|
30
|
+
privatePermissions: UserPayload | undefined;
|
|
31
|
+
privateElevatedPermissionsHash: Map<string, PartialUserPayload | undefined>;
|
|
32
|
+
privatePermissionsLegacy: any;
|
|
33
|
+
appPermission: {
|
|
34
|
+
[key: string]: any;
|
|
35
|
+
};
|
|
36
|
+
emptyUser: boolean;
|
|
37
|
+
accountType: AccountType | undefined;
|
|
38
|
+
contextIds?: string[];
|
|
39
|
+
constructor(id?: string, accountType?: AccountType, elevatedPermissions?: PartialUserPayload, contextIds?: string[]);
|
|
40
|
+
getUserPermissions(): Promise<UserPayload>;
|
|
41
|
+
useCustomPermissionLoader(customPermissionLoader: any): Promise<UserPayload>;
|
|
42
|
+
get businessModels(): string[] | undefined;
|
|
43
|
+
get fleets(): string[] | undefined;
|
|
44
|
+
get demandSources(): string[] | undefined;
|
|
45
|
+
private getUserProperty;
|
|
46
|
+
get elevatedPermissions(): UserPayload;
|
|
47
|
+
get permissions(): UserPayload | undefined;
|
|
48
|
+
elevatePermissions(addedPermissions: PartialUserPayload): () => void;
|
|
49
|
+
getUserPermissionsLegacy(): Promise<any>;
|
|
50
|
+
get permissionsLegacy(): any;
|
|
51
|
+
getUserAppPermissions(appId: any, clientSecret: any): Promise<any>;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
declare const middleware: (options?: {
|
|
55
|
+
eagerLoadUserPermissions?: boolean;
|
|
56
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
57
|
+
customPermissionLoader?: CustomPermissionLoader;
|
|
58
|
+
}) => (req: any, res: any, next: any) => Promise<any>;
|
|
59
|
+
declare const middlewareWithDecode: (options?: {
|
|
60
|
+
eagerLoadUserPermissions?: boolean;
|
|
61
|
+
eagerLoadUserPermissionsLegacy?: boolean;
|
|
62
|
+
returnErrorIfNoToken?: boolean;
|
|
63
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
64
|
+
declare const appMiddleware: (options: {
|
|
65
|
+
appId: string;
|
|
66
|
+
clientSecret: string;
|
|
67
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
68
|
+
declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
69
|
+
declare const getDecodedBearer: (req: any) => any;
|
|
70
|
+
declare const createOrSetRabbitTrace: (trace: any, userId: any) => Promise<void>;
|
|
71
|
+
|
|
72
|
+
declare const getUser: () => ApiUser | undefined;
|
|
73
|
+
declare const isUserExist: () => string;
|
|
74
|
+
declare const checkFleetPermission: (fleetId: string) => boolean;
|
|
75
|
+
declare const checkBusinessModelPermission: (businessModelId: string) => boolean;
|
|
76
|
+
declare const checkDemandSourcePermission: (demandSourceId: string) => boolean;
|
|
77
|
+
|
|
78
|
+
declare class UnauthorizedAccessError extends Error {
|
|
79
|
+
user: ApiUser | null;
|
|
80
|
+
constructor(user?: ApiUser | null, message?: string);
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
declare const getRefreshTokenSecret: (token?: string) => string;
|
|
84
|
+
declare const getTokenSecret: (token?: string) => string;
|
|
85
|
+
|
|
86
|
+
declare const AUTHORIZATION_METHODS: {
|
|
87
|
+
NONE: string;
|
|
88
|
+
BASIC: string;
|
|
89
|
+
JWT: string;
|
|
13
90
|
};
|
|
91
|
+
declare const getAuthorizationHeader: (authorizationSettings: {
|
|
92
|
+
method: string;
|
|
93
|
+
} | undefined) => string | undefined;
|
|
94
|
+
|
|
95
|
+
declare const getCurrentPayload: () => {
|
|
96
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
97
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
98
|
+
readonly context: Map<string, unknown>;
|
|
99
|
+
} | Record<string, never>;
|
|
14
100
|
type OutbreakOptions = Parameters<typeof outbreak.default>[0];
|
|
15
|
-
|
|
101
|
+
type LoggerWithContextMiddleware = Partial<Pick<LoggerInstanceManager, 'addContextMiddleware'>>;
|
|
102
|
+
declare const enableTracing: ({ outbreakOptions, logger }?: {
|
|
16
103
|
outbreakOptions?: OutbreakOptions;
|
|
104
|
+
logger?: LoggerWithContextMiddleware;
|
|
17
105
|
}) => void;
|
|
18
|
-
|
|
106
|
+
declare const traceTypes: {
|
|
107
|
+
readonly HTTP_REQUEST: "httpRequest";
|
|
108
|
+
readonly WEB_SOCKET: "webSocket";
|
|
109
|
+
readonly RABBIT: "rabbit";
|
|
110
|
+
readonly BULL_MQ: "bull";
|
|
111
|
+
};
|
|
112
|
+
declare const newTrace: (type: "httpRequest" | "webSocket" | "rabbit" | "bull") => {
|
|
113
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
114
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
115
|
+
readonly context: Map<string, unknown>;
|
|
116
|
+
};
|
|
117
|
+
|
|
19
118
|
declare const _default: {
|
|
20
119
|
traceTypes: {
|
|
21
|
-
HTTP_REQUEST:
|
|
22
|
-
WEB_SOCKET:
|
|
23
|
-
RABBIT:
|
|
120
|
+
readonly HTTP_REQUEST: "httpRequest";
|
|
121
|
+
readonly WEB_SOCKET: "webSocket";
|
|
122
|
+
readonly RABBIT: "rabbit";
|
|
123
|
+
readonly BULL_MQ: "bull";
|
|
24
124
|
};
|
|
25
|
-
newTrace: (type:
|
|
26
|
-
|
|
125
|
+
newTrace: (type: "httpRequest" | "webSocket" | "rabbit" | "bull") => {
|
|
126
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
127
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
128
|
+
readonly context: Map<string, unknown>;
|
|
129
|
+
};
|
|
130
|
+
User: typeof ApiUser;
|
|
27
131
|
middleware: (options?: {
|
|
28
132
|
eagerLoadUserPermissions?: boolean;
|
|
29
133
|
eagerLoadUserPermissionsLegacy?: boolean;
|
|
30
|
-
customPermissionLoader?:
|
|
31
|
-
}) =>
|
|
134
|
+
customPermissionLoader?: CustomPermissionLoader;
|
|
135
|
+
}) => (req: any, res: any, next: any) => Promise<any>;
|
|
32
136
|
middlewareWithDecode: (options?: {
|
|
33
137
|
eagerLoadUserPermissions?: boolean;
|
|
34
138
|
eagerLoadUserPermissionsLegacy?: boolean;
|
|
35
139
|
returnErrorIfNoToken?: boolean;
|
|
36
|
-
}) =>
|
|
37
|
-
eagerLoadPermissionsMiddleware:
|
|
38
|
-
getCurrentPayload: () =>
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
140
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
141
|
+
eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
142
|
+
getCurrentPayload: () => {
|
|
143
|
+
type: "httpRequest" | "webSocket" | "rabbit" | "bull";
|
|
144
|
+
readonly id: `${string}-${string}-${string}-${string}-${string}`;
|
|
145
|
+
readonly context: Map<string, unknown>;
|
|
146
|
+
} | Record<string, never>;
|
|
147
|
+
getDecodedBearer: (req: any) => any;
|
|
42
148
|
checkFleetPermission: (fleetId: string) => boolean;
|
|
43
149
|
checkBusinessModelPermission: (businessModelId: string) => boolean;
|
|
44
150
|
checkDemandSourcePermission: (demandSourceId: string) => boolean;
|
|
45
151
|
isUserExist: () => string;
|
|
46
|
-
getUser: () =>
|
|
152
|
+
getUser: () => ApiUser;
|
|
47
153
|
UnauthorizedAccessError: typeof UnauthorizedAccessError;
|
|
48
154
|
appMiddleware: (options: {
|
|
49
155
|
appId: string;
|
|
50
156
|
clientSecret: string;
|
|
51
|
-
}) =>
|
|
52
|
-
createOrSetRabbitTrace: (trace:
|
|
157
|
+
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
158
|
+
createOrSetRabbitTrace: (trace: any, userId: any) => Promise<void>;
|
|
53
159
|
outbreak: typeof outbreak;
|
|
54
160
|
AUTHORIZATION_METHODS: {
|
|
55
161
|
NONE: string;
|
|
@@ -61,4 +167,5 @@ declare const _default: {
|
|
|
61
167
|
}) => string;
|
|
62
168
|
CONTEXTS_IDS_HEADER: string;
|
|
63
169
|
};
|
|
64
|
-
|
|
170
|
+
|
|
171
|
+
export { AUTHORIZATION_METHODS, CONTEXTS_IDS_HEADER, UnauthorizedAccessError, ApiUser as User, type UserPayload, appMiddleware, checkBusinessModelPermission, checkDemandSourcePermission, checkFleetPermission, createOrSetRabbitTrace, _default as default, eagerLoadPermissionsMiddleware, enableTracing, getAuthorizationHeader, getCurrentPayload, getDecodedBearer, getRefreshTokenSecret, getTokenSecret, getUser, isUserExist, middleware, middlewareWithDecode, newTrace, traceTypes };
|