@aws-amplify/data-schema 0.15.0 → 0.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{lib-esm/src → dist/cjs}/Authorization.js +149 -31
- package/dist/cjs/Authorization.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ClientSchema.js +3 -1
- package/dist/cjs/ClientSchema.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/CombineSchema.js +3 -2
- package/dist/cjs/CombineSchema.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/CustomOperation.js +7 -3
- package/dist/cjs/CustomOperation.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/CustomType.js +3 -1
- package/dist/cjs/CustomType.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/EnumType.js +3 -1
- package/dist/cjs/EnumType.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/Handler.js +3 -1
- package/dist/cjs/Handler.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/MappedTypes/CustomOperations.js +3 -1
- package/dist/cjs/MappedTypes/CustomOperations.js.map +1 -0
- package/dist/cjs/MappedTypes/ExtractNonModelTypes.js +4 -0
- package/dist/cjs/MappedTypes/ExtractNonModelTypes.js.map +1 -0
- package/dist/cjs/MappedTypes/ImplicitFieldInjector.js +4 -0
- package/dist/cjs/MappedTypes/ImplicitFieldInjector.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/MappedTypes/MapSecondaryIndexes.js +3 -1
- package/dist/cjs/MappedTypes/MapSecondaryIndexes.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/MappedTypes/ModelMetadata.js +3 -1
- package/dist/cjs/MappedTypes/ModelMetadata.js.map +1 -0
- package/dist/cjs/MappedTypes/ResolveFieldProperties.js +4 -0
- package/dist/cjs/MappedTypes/ResolveFieldProperties.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/MappedTypes/ResolveSchema.js +3 -1
- package/dist/cjs/MappedTypes/ResolveSchema.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ModelField.js +8 -3
- package/dist/cjs/ModelField.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ModelIndex.js +3 -1
- package/dist/cjs/ModelIndex.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ModelRelationalField.js +7 -10
- package/dist/cjs/ModelRelationalField.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ModelSchema.js +10 -5
- package/dist/cjs/ModelSchema.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/ModelType.js +8 -3
- package/dist/cjs/ModelType.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/RefType.js +8 -5
- package/dist/cjs/RefType.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/SchemaProcessor.js +15 -61
- package/dist/cjs/SchemaProcessor.js.map +1 -0
- package/{lib-esm/src/index.js → dist/cjs/a.js} +4 -4
- package/dist/cjs/a.js.map +1 -0
- package/dist/cjs/index.js +8 -0
- package/dist/cjs/index.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/internals/index.js +3 -1
- package/dist/cjs/internals/index.js.map +1 -0
- package/dist/cjs/runtime/addSchemaToClient.js +17 -0
- package/dist/cjs/runtime/addSchemaToClient.js.map +1 -0
- package/dist/cjs/runtime/addSchemaToClientWithInstance.js +22 -0
- package/dist/cjs/runtime/addSchemaToClientWithInstance.js.map +1 -0
- package/dist/cjs/runtime/bridge-types.js +15 -0
- package/dist/cjs/runtime/bridge-types.js.map +1 -0
- package/dist/cjs/runtime/client/index.js +17 -0
- package/dist/cjs/runtime/client/index.js.map +1 -0
- package/dist/cjs/runtime/client/index.v3.js +7 -0
- package/dist/cjs/runtime/client/index.v3.js.map +1 -0
- package/dist/cjs/runtime/index.js +13 -0
- package/dist/cjs/runtime/index.js.map +1 -0
- package/dist/cjs/runtime/index.v3.js +13 -0
- package/dist/cjs/runtime/index.v3.js.map +1 -0
- package/dist/cjs/runtime/internals/APIClient.js +740 -0
- package/dist/cjs/runtime/internals/APIClient.js.map +1 -0
- package/dist/cjs/runtime/internals/clientUtils.js +29 -0
- package/dist/cjs/runtime/internals/clientUtils.js.map +1 -0
- package/dist/cjs/runtime/internals/generateCustomOperationsProperty.js +49 -0
- package/dist/cjs/runtime/internals/generateCustomOperationsProperty.js.map +1 -0
- package/dist/cjs/runtime/internals/index.js +21 -0
- package/dist/cjs/runtime/internals/index.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/custom.js +356 -0
- package/dist/cjs/runtime/internals/operations/custom.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/get.js +62 -0
- package/dist/cjs/runtime/internals/operations/get.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/indexQuery.js +75 -0
- package/dist/cjs/runtime/internals/operations/indexQuery.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/list.js +74 -0
- package/dist/cjs/runtime/internals/operations/list.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/observeQuery.js +121 -0
- package/dist/cjs/runtime/internals/operations/observeQuery.js.map +1 -0
- package/dist/cjs/runtime/internals/operations/subscription.js +31 -0
- package/dist/cjs/runtime/internals/operations/subscription.js.map +1 -0
- package/dist/cjs/runtime/internals/server/generateModelsProperty.js +53 -0
- package/dist/cjs/runtime/internals/server/generateModelsProperty.js.map +1 -0
- package/dist/cjs/runtime/internals/server/index.js +8 -0
- package/dist/cjs/runtime/internals/server/index.js.map +1 -0
- package/dist/cjs/runtime/internals/utils/clientProperties/generateEnumsProperty.js +21 -0
- package/dist/cjs/runtime/internals/utils/clientProperties/generateEnumsProperty.js.map +1 -0
- package/dist/cjs/runtime/internals/utils/clientProperties/generateModelsProperty.js +45 -0
- package/dist/cjs/runtime/internals/utils/clientProperties/generateModelsProperty.js.map +1 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.js +11 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.js.map +1 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.js +11 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.js.map +1 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.js +15 -0
- package/dist/cjs/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.js.map +1 -0
- package/dist/cjs/runtime/utils/findIndexByFields.js +25 -0
- package/dist/cjs/runtime/utils/findIndexByFields.js.map +1 -0
- package/dist/cjs/runtime/utils/index.js +11 -0
- package/dist/cjs/runtime/utils/index.js.map +1 -0
- package/dist/cjs/runtime/utils/resolveOwnerFields.js +48 -0
- package/dist/cjs/runtime/utils/resolveOwnerFields.js.map +1 -0
- package/dist/cjs/runtime/utils/resolvePKFields.js +17 -0
- package/dist/cjs/runtime/utils/resolvePKFields.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/util/Brand.js +3 -1
- package/dist/cjs/util/Brand.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/util/IndexLimit.js +3 -1
- package/dist/cjs/util/IndexLimit.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/util/SpreadTuple.js +3 -1
- package/dist/cjs/util/SpreadTuple.js.map +1 -0
- package/{lib-esm/src → dist/cjs}/util/index.js +3 -1
- package/dist/cjs/util/index.js.map +1 -0
- package/{lib-esm/src → dist/esm}/Authorization.d.ts +105 -31
- package/dist/esm/Authorization.mjs +446 -0
- package/dist/esm/Authorization.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ClientSchema.d.ts +1 -2
- package/dist/esm/ClientSchema.mjs +2 -0
- package/dist/esm/ClientSchema.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/CombineSchema.d.ts +0 -1
- package/dist/esm/CombineSchema.mjs +39 -0
- package/dist/esm/CombineSchema.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/CustomOperation.d.ts +2 -3
- package/dist/esm/CustomOperation.mjs +67 -0
- package/dist/esm/CustomOperation.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/CustomType.d.ts +0 -1
- package/dist/esm/CustomType.mjs +13 -0
- package/dist/esm/CustomType.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/EnumType.d.ts +0 -1
- package/dist/esm/EnumType.mjs +16 -0
- package/dist/esm/EnumType.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/Handler.d.ts +0 -1
- package/dist/esm/Handler.mjs +48 -0
- package/dist/esm/Handler.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/CustomOperations.d.ts +0 -1
- package/dist/esm/MappedTypes/CustomOperations.mjs +2 -0
- package/dist/esm/MappedTypes/CustomOperations.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/ExtractNonModelTypes.d.ts +0 -1
- package/dist/esm/MappedTypes/ExtractNonModelTypes.mjs +2 -0
- package/dist/esm/MappedTypes/ExtractNonModelTypes.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/ImplicitFieldInjector.d.ts +0 -1
- package/dist/esm/MappedTypes/ImplicitFieldInjector.mjs +2 -0
- package/dist/esm/MappedTypes/ImplicitFieldInjector.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/MapSecondaryIndexes.d.ts +0 -1
- package/dist/esm/MappedTypes/MapSecondaryIndexes.mjs +2 -0
- package/dist/esm/MappedTypes/MapSecondaryIndexes.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/ModelMetadata.d.ts +0 -1
- package/dist/esm/MappedTypes/ModelMetadata.mjs +2 -0
- package/dist/esm/MappedTypes/ModelMetadata.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/ResolveFieldProperties.d.ts +0 -1
- package/dist/esm/MappedTypes/ResolveFieldProperties.mjs +2 -0
- package/dist/esm/MappedTypes/ResolveFieldProperties.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/MappedTypes/ResolveSchema.d.ts +0 -1
- package/dist/esm/MappedTypes/ResolveSchema.mjs +2 -0
- package/dist/esm/MappedTypes/ResolveSchema.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ModelField.d.ts +2 -3
- package/dist/esm/ModelField.mjs +199 -0
- package/dist/esm/ModelField.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ModelIndex.d.ts +0 -1
- package/dist/esm/ModelIndex.mjs +33 -0
- package/dist/esm/ModelIndex.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ModelRelationalField.d.ts +3 -4
- package/dist/esm/ModelRelationalField.mjs +88 -0
- package/dist/esm/ModelRelationalField.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ModelSchema.d.ts +3 -4
- package/dist/esm/ModelSchema.mjs +163 -0
- package/dist/esm/ModelSchema.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/ModelType.d.ts +2 -3
- package/dist/esm/ModelType.mjs +66 -0
- package/dist/esm/ModelType.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/RefType.d.ts +2 -3
- package/dist/esm/RefType.mjs +48 -0
- package/dist/esm/RefType.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/SchemaProcessor.d.ts +0 -1
- package/dist/esm/SchemaProcessor.mjs +926 -0
- package/dist/esm/SchemaProcessor.mjs.map +1 -0
- package/{lib-esm/src/index.d.ts → dist/esm/a.d.ts} +1 -3
- package/dist/esm/a.mjs +11 -0
- package/dist/esm/a.mjs.map +1 -0
- package/dist/esm/index.d.ts +4 -0
- package/dist/esm/index.mjs +3 -0
- package/dist/esm/index.mjs.map +1 -0
- package/dist/esm/internals/index.d.ts +2 -0
- package/dist/esm/internals/index.mjs +2 -0
- package/dist/esm/internals/index.mjs.map +1 -0
- package/dist/esm/runtime/addSchemaToClient.d.ts +3 -0
- package/dist/esm/runtime/addSchemaToClient.mjs +17 -0
- package/dist/esm/runtime/addSchemaToClient.mjs.map +1 -0
- package/dist/esm/runtime/addSchemaToClientWithInstance.d.ts +3 -0
- package/dist/esm/runtime/addSchemaToClientWithInstance.mjs +22 -0
- package/dist/esm/runtime/addSchemaToClientWithInstance.mjs.map +1 -0
- package/dist/esm/runtime/bridge-types.d.ts +281 -0
- package/dist/esm/runtime/bridge-types.mjs +13 -0
- package/dist/esm/runtime/bridge-types.mjs.map +1 -0
- package/dist/esm/runtime/client/index.d.ts +571 -0
- package/dist/esm/runtime/client/index.mjs +2 -0
- package/dist/esm/runtime/client/index.mjs.map +1 -0
- package/dist/esm/runtime/client/index.v3.d.ts +15 -0
- package/dist/esm/runtime/client/index.v3.mjs +2 -0
- package/dist/esm/runtime/client/index.v3.mjs.map +1 -0
- package/dist/esm/runtime/index.d.ts +4 -0
- package/dist/esm/runtime/index.mjs +4 -0
- package/dist/esm/runtime/index.mjs.map +1 -0
- package/dist/esm/runtime/index.v3.d.ts +4 -0
- package/dist/esm/runtime/index.v3.mjs +4 -0
- package/dist/esm/runtime/index.v3.mjs.map +1 -0
- package/dist/esm/runtime/internals/APIClient.d.ts +125 -0
- package/dist/esm/runtime/internals/APIClient.mjs +728 -0
- package/dist/esm/runtime/internals/APIClient.mjs.map +1 -0
- package/dist/esm/runtime/internals/clientUtils.d.ts +6 -0
- package/dist/esm/runtime/internals/clientUtils.mjs +26 -0
- package/dist/esm/runtime/internals/clientUtils.mjs.map +1 -0
- package/dist/esm/runtime/internals/generateCustomOperationsProperty.d.ts +8 -0
- package/dist/esm/runtime/internals/generateCustomOperationsProperty.mjs +44 -0
- package/dist/esm/runtime/internals/generateCustomOperationsProperty.mjs.map +1 -0
- package/dist/esm/runtime/internals/index.d.ts +6 -0
- package/dist/esm/runtime/internals/index.mjs +7 -0
- package/dist/esm/runtime/internals/index.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/custom.d.ts +61 -0
- package/dist/esm/runtime/internals/operations/custom.mjs +354 -0
- package/dist/esm/runtime/internals/operations/custom.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/get.d.ts +3 -0
- package/dist/esm/runtime/internals/operations/get.mjs +60 -0
- package/dist/esm/runtime/internals/operations/get.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/indexQuery.d.ts +7 -0
- package/dist/esm/runtime/internals/operations/indexQuery.mjs +73 -0
- package/dist/esm/runtime/internals/operations/indexQuery.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/list.d.ts +2 -0
- package/dist/esm/runtime/internals/operations/list.mjs +72 -0
- package/dist/esm/runtime/internals/operations/list.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/observeQuery.d.ts +3 -0
- package/dist/esm/runtime/internals/operations/observeQuery.mjs +120 -0
- package/dist/esm/runtime/internals/operations/observeQuery.mjs.map +1 -0
- package/dist/esm/runtime/internals/operations/subscription.d.ts +3 -0
- package/dist/esm/runtime/internals/operations/subscription.mjs +29 -0
- package/dist/esm/runtime/internals/operations/subscription.mjs.map +1 -0
- package/dist/esm/runtime/internals/server/generateModelsProperty.d.ts +3 -0
- package/dist/esm/runtime/internals/server/generateModelsProperty.mjs +51 -0
- package/dist/esm/runtime/internals/server/generateModelsProperty.mjs.map +1 -0
- package/dist/esm/runtime/internals/server/index.d.ts +1 -0
- package/dist/esm/runtime/internals/server/index.mjs +2 -0
- package/dist/esm/runtime/internals/server/index.mjs.map +1 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateEnumsProperty.d.ts +3 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateEnumsProperty.mjs +18 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateEnumsProperty.mjs.map +1 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateModelsProperty.d.ts +3 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateModelsProperty.mjs +43 -0
- package/dist/esm/runtime/internals/utils/clientProperties/generateModelsProperty.mjs.map +1 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.d.ts +2 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.mjs +8 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.mjs.map +1 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.d.ts +8 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.mjs +8 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.mjs.map +1 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.d.ts +2 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.mjs +12 -0
- package/dist/esm/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.mjs.map +1 -0
- package/dist/esm/runtime/utils/findIndexByFields.d.ts +9 -0
- package/dist/esm/runtime/utils/findIndexByFields.mjs +22 -0
- package/dist/esm/runtime/utils/findIndexByFields.mjs.map +1 -0
- package/dist/esm/runtime/utils/index.d.ts +2 -0
- package/dist/esm/runtime/utils/index.mjs +3 -0
- package/dist/esm/runtime/utils/index.mjs.map +1 -0
- package/dist/esm/runtime/utils/resolveOwnerFields.d.ts +12 -0
- package/dist/esm/runtime/utils/resolveOwnerFields.mjs +45 -0
- package/dist/esm/runtime/utils/resolveOwnerFields.mjs.map +1 -0
- package/dist/esm/runtime/utils/resolvePKFields.d.ts +13 -0
- package/dist/esm/runtime/utils/resolvePKFields.mjs +14 -0
- package/dist/esm/runtime/utils/resolvePKFields.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/util/Brand.d.ts +0 -1
- package/dist/esm/util/Brand.mjs +30 -0
- package/dist/esm/util/Brand.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/util/IndexLimit.d.ts +0 -1
- package/dist/esm/util/IndexLimit.mjs +2 -0
- package/dist/esm/util/IndexLimit.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/util/SpreadTuple.d.ts +0 -1
- package/dist/esm/util/SpreadTuple.mjs +2 -0
- package/dist/esm/util/SpreadTuple.mjs.map +1 -0
- package/{lib-esm/src → dist/esm}/util/index.d.ts +0 -1
- package/dist/esm/util/index.mjs +2 -0
- package/dist/esm/util/index.mjs.map +1 -0
- package/dist/meta/cjs.tsbuildinfo +1 -0
- package/internals/package.json +7 -5
- package/package.json +31 -14
- package/runtime/package.json +8 -0
- package/src/Authorization.ts +684 -0
- package/src/ClientSchema.ts +118 -0
- package/src/CombineSchema.ts +58 -0
- package/src/CustomOperation.ts +286 -0
- package/src/CustomType.ts +67 -0
- package/src/EnumType.ts +36 -0
- package/src/Handler.ts +127 -0
- package/src/MappedTypes/CustomOperations.ts +256 -0
- package/src/MappedTypes/ExtractNonModelTypes.ts +154 -0
- package/src/MappedTypes/ImplicitFieldInjector.ts +69 -0
- package/src/MappedTypes/MapSecondaryIndexes.ts +100 -0
- package/src/MappedTypes/ModelMetadata.ts +87 -0
- package/src/MappedTypes/ResolveFieldProperties.ts +254 -0
- package/src/MappedTypes/ResolveSchema.ts +148 -0
- package/src/ModelField.ts +304 -0
- package/src/ModelIndex.ts +91 -0
- package/src/ModelRelationalField.ts +263 -0
- package/src/ModelSchema.ts +437 -0
- package/src/ModelType.ts +345 -0
- package/src/RefType.ts +139 -0
- package/src/SchemaProcessor.ts +1516 -0
- package/src/a.ts +58 -0
- package/src/index.ts +6 -0
- package/src/internals/index.ts +2 -0
- package/src/runtime/addSchemaToClient.ts +45 -0
- package/src/runtime/addSchemaToClientWithInstance.ts +46 -0
- package/src/runtime/bridge-types.ts +382 -0
- package/src/runtime/client/index.ts +923 -0
- package/src/runtime/client/index.v3.ts +52 -0
- package/src/runtime/index.ts +7 -0
- package/src/runtime/index.v3.ts +7 -0
- package/src/runtime/internals/APIClient.ts +1082 -0
- package/src/runtime/internals/clientUtils.ts +37 -0
- package/src/runtime/internals/generateCustomOperationsProperty.ts +116 -0
- package/src/runtime/internals/index.ts +12 -0
- package/src/runtime/internals/operations/custom.ts +497 -0
- package/src/runtime/internals/operations/get.ts +150 -0
- package/src/runtime/internals/operations/indexQuery.ts +178 -0
- package/src/runtime/internals/operations/list.ts +143 -0
- package/src/runtime/internals/operations/observeQuery.ts +146 -0
- package/src/runtime/internals/operations/subscription.ts +78 -0
- package/src/runtime/internals/server/generateModelsProperty.ts +94 -0
- package/src/runtime/internals/server/index.ts +4 -0
- package/src/runtime/internals/utils/clientProperties/generateEnumsProperty.ts +34 -0
- package/src/runtime/internals/utils/clientProperties/generateModelsProperty.ts +88 -0
- package/src/runtime/internals/utils/runtimeTypeGuards/isApiGraphQLProviderConfig.ts +10 -0
- package/src/runtime/internals/utils/runtimeTypeGuards/isConfigureEventWithResourceConfig.ts +13 -0
- package/src/runtime/internals/utils/runtimeTypeGuards/isGraphQLResponseWithErrors.ts +15 -0
- package/src/runtime/utils/findIndexByFields.ts +31 -0
- package/src/runtime/utils/index.ts +5 -0
- package/src/runtime/utils/resolveOwnerFields.ts +77 -0
- package/src/runtime/utils/resolvePKFields.ts +23 -0
- package/src/util/Brand.ts +45 -0
- package/src/util/IndexLimit.ts +12 -0
- package/src/util/SpreadTuple.ts +10 -0
- package/src/util/index.ts +3 -0
- package/lib-esm/index.d.ts +0 -5
- package/lib-esm/index.d.ts.map +0 -1
- package/lib-esm/index.js +0 -28
- package/lib-esm/src/Authorization.d.ts.map +0 -1
- package/lib-esm/src/ClientSchema.d.ts.map +0 -1
- package/lib-esm/src/CombineSchema.d.ts.map +0 -1
- package/lib-esm/src/CustomOperation.d.ts.map +0 -1
- package/lib-esm/src/CustomType.d.ts.map +0 -1
- package/lib-esm/src/EnumType.d.ts.map +0 -1
- package/lib-esm/src/Handler.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/CustomOperations.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ExtractNonModelTypes.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ExtractNonModelTypes.js +0 -2
- package/lib-esm/src/MappedTypes/ImplicitFieldInjector.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ImplicitFieldInjector.js +0 -2
- package/lib-esm/src/MappedTypes/MapSecondaryIndexes.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ModelMetadata.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ResolveFieldProperties.d.ts.map +0 -1
- package/lib-esm/src/MappedTypes/ResolveFieldProperties.js +0 -2
- package/lib-esm/src/MappedTypes/ResolveSchema.d.ts.map +0 -1
- package/lib-esm/src/ModelField.d.ts.map +0 -1
- package/lib-esm/src/ModelIndex.d.ts.map +0 -1
- package/lib-esm/src/ModelRelationalField.d.ts.map +0 -1
- package/lib-esm/src/ModelSchema.d.ts.map +0 -1
- package/lib-esm/src/ModelType.d.ts.map +0 -1
- package/lib-esm/src/RefType.d.ts.map +0 -1
- package/lib-esm/src/SchemaProcessor.d.ts.map +0 -1
- package/lib-esm/src/index.d.ts.map +0 -1
- package/lib-esm/src/internals/index.d.ts +0 -2
- package/lib-esm/src/internals/index.d.ts.map +0 -1
- package/lib-esm/src/util/Brand.d.ts.map +0 -1
- package/lib-esm/src/util/IndexLimit.d.ts.map +0 -1
- package/lib-esm/src/util/SpreadTuple.d.ts.map +0 -1
- package/lib-esm/src/util/index.d.ts.map +0 -1
- package/lib-esm/tsconfig.tsbuildinfo +0 -1
|
@@ -0,0 +1,684 @@
|
|
|
1
|
+
import type {
|
|
2
|
+
UnionToIntersection,
|
|
3
|
+
DefineFunction,
|
|
4
|
+
} from '@aws-amplify/data-schema-types';
|
|
5
|
+
|
|
6
|
+
const __data = Symbol('data');
|
|
7
|
+
|
|
8
|
+
/**
|
|
9
|
+
* All possible providers.
|
|
10
|
+
*
|
|
11
|
+
* This list should not be used if you need to restrict available providers
|
|
12
|
+
* according to an auth strategcy. E.g., `public` auth can only be facilitated
|
|
13
|
+
* by `apiKey` and `iam` providers.
|
|
14
|
+
*/
|
|
15
|
+
export const Providers = [
|
|
16
|
+
'apiKey',
|
|
17
|
+
'iam',
|
|
18
|
+
'userPools',
|
|
19
|
+
'oidc',
|
|
20
|
+
'function',
|
|
21
|
+
] as const;
|
|
22
|
+
export type Provider = (typeof Providers)[number];
|
|
23
|
+
|
|
24
|
+
/**
|
|
25
|
+
* The subset of auth providers that can facilitate `public` auth.
|
|
26
|
+
*/
|
|
27
|
+
export const PublicProviders = ['apiKey', 'iam'] as const;
|
|
28
|
+
export type PublicProvider = (typeof PublicProviders)[number];
|
|
29
|
+
|
|
30
|
+
/**
|
|
31
|
+
* The subset of auth providers that can facilitate `private` auth.
|
|
32
|
+
*/
|
|
33
|
+
export const PrivateProviders = ['userPools', 'oidc', 'iam'] as const;
|
|
34
|
+
export type PrivateProvider = (typeof PrivateProviders)[number];
|
|
35
|
+
|
|
36
|
+
/**
|
|
37
|
+
* The subset of auth providers that can facilitate `owner` auth.
|
|
38
|
+
*/
|
|
39
|
+
export const OwnerProviders = ['userPools', 'oidc'] as const;
|
|
40
|
+
export type OwnerProviders = (typeof OwnerProviders)[number];
|
|
41
|
+
|
|
42
|
+
/**
|
|
43
|
+
* The subset of auth providers that can facilitate `group` auth.
|
|
44
|
+
*/
|
|
45
|
+
export const GroupProviders = ['userPools', 'oidc'] as const;
|
|
46
|
+
export type GroupProvider = (typeof GroupProviders)[number];
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* The subset of auth providers that can facilitate `custom` auth.
|
|
50
|
+
*/
|
|
51
|
+
export const CustomProviders = ['function'] as const;
|
|
52
|
+
export type CustomProvider = (typeof CustomProviders)[number];
|
|
53
|
+
|
|
54
|
+
export const Strategies = [
|
|
55
|
+
'public',
|
|
56
|
+
'private',
|
|
57
|
+
'owner',
|
|
58
|
+
'groups',
|
|
59
|
+
'custom',
|
|
60
|
+
] as const;
|
|
61
|
+
export type Strategy = (typeof Strategies)[number];
|
|
62
|
+
|
|
63
|
+
/**
|
|
64
|
+
* The operations that can be performed against an API.
|
|
65
|
+
*/
|
|
66
|
+
export const Operations = [
|
|
67
|
+
'create',
|
|
68
|
+
'update',
|
|
69
|
+
'delete',
|
|
70
|
+
'read',
|
|
71
|
+
'get',
|
|
72
|
+
'list',
|
|
73
|
+
'sync',
|
|
74
|
+
'listen',
|
|
75
|
+
'search',
|
|
76
|
+
] as const;
|
|
77
|
+
export type Operation = (typeof Operations)[number];
|
|
78
|
+
|
|
79
|
+
/**
|
|
80
|
+
* The operations that can be performed against an API by a Lambda function.
|
|
81
|
+
*/
|
|
82
|
+
export const ResourceOperations = ['query', 'mutate', 'listen'] as const;
|
|
83
|
+
export type ResourceOperation = (typeof ResourceOperations)[number];
|
|
84
|
+
|
|
85
|
+
/**
|
|
86
|
+
* Super-set of regular auth type; includes schema-level resource access configuration
|
|
87
|
+
*/
|
|
88
|
+
export type SchemaAuthorization<
|
|
89
|
+
AuthStrategy extends Strategy,
|
|
90
|
+
AuthField extends string | undefined,
|
|
91
|
+
AuthFieldPlurality extends boolean,
|
|
92
|
+
> =
|
|
93
|
+
| Authorization<AuthStrategy, AuthField, AuthFieldPlurality>
|
|
94
|
+
| ResourceAuthorization;
|
|
95
|
+
|
|
96
|
+
export type ResourceAuthorization = {
|
|
97
|
+
[__data]: ResourceAuthorizationData;
|
|
98
|
+
};
|
|
99
|
+
|
|
100
|
+
export type ResourceAuthorizationData = {
|
|
101
|
+
strategy: 'resource';
|
|
102
|
+
resource: DefineFunction;
|
|
103
|
+
operations?: ResourceOperation[];
|
|
104
|
+
};
|
|
105
|
+
|
|
106
|
+
export type Authorization<
|
|
107
|
+
AuthStrategy extends Strategy,
|
|
108
|
+
AuthField extends string | undefined,
|
|
109
|
+
AuthFieldPlurality extends boolean,
|
|
110
|
+
> = {
|
|
111
|
+
[__data]: {
|
|
112
|
+
strategy?: AuthStrategy;
|
|
113
|
+
provider?: Provider;
|
|
114
|
+
operations?: Operation[];
|
|
115
|
+
groupOrOwnerField?: AuthField;
|
|
116
|
+
groups?: string[];
|
|
117
|
+
multiOwner: AuthFieldPlurality;
|
|
118
|
+
identityClaim?: string;
|
|
119
|
+
groupClaim?: string;
|
|
120
|
+
};
|
|
121
|
+
};
|
|
122
|
+
|
|
123
|
+
export type OwnerField = object;
|
|
124
|
+
|
|
125
|
+
/**
|
|
126
|
+
* Creates a shallow copy of an object with an individual field pruned away.
|
|
127
|
+
*
|
|
128
|
+
* @param original The original object to prune.
|
|
129
|
+
* @param without The field to prune.
|
|
130
|
+
* @returns The pruned object.
|
|
131
|
+
*/
|
|
132
|
+
function omit<T extends object, O extends string>(
|
|
133
|
+
original: T,
|
|
134
|
+
without: O,
|
|
135
|
+
): Omit<T, O> {
|
|
136
|
+
const pruned = { ...original };
|
|
137
|
+
delete (pruned as any)[without];
|
|
138
|
+
return pruned;
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
function to<SELF extends Authorization<any, any, any>>(
|
|
142
|
+
this: SELF,
|
|
143
|
+
operations: Operation[],
|
|
144
|
+
) {
|
|
145
|
+
(this as any)[__data].operations = operations;
|
|
146
|
+
return omit(this, 'to');
|
|
147
|
+
}
|
|
148
|
+
|
|
149
|
+
/**
|
|
150
|
+
* Specifies a property of the identity JWT to use in place of `sub::username`
|
|
151
|
+
* as the value to match against the owner field for authorization.
|
|
152
|
+
*
|
|
153
|
+
* @param this Authorization object to operate against.
|
|
154
|
+
* @param property A property of identity JWT.
|
|
155
|
+
* @returns A copy of the Authorization object with the claim attached.
|
|
156
|
+
*/
|
|
157
|
+
function identityClaim<SELF extends Authorization<any, any, any>>(
|
|
158
|
+
this: SELF,
|
|
159
|
+
property: string,
|
|
160
|
+
) {
|
|
161
|
+
this[__data].identityClaim = property;
|
|
162
|
+
return omit(this, 'identityClaim');
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
function withClaimIn<SELF extends Authorization<any, any, any>>(
|
|
166
|
+
this: SELF,
|
|
167
|
+
property: string,
|
|
168
|
+
) {
|
|
169
|
+
this[__data].groupClaim = property;
|
|
170
|
+
return omit(this, 'withClaimIn');
|
|
171
|
+
}
|
|
172
|
+
|
|
173
|
+
function validateProvider(
|
|
174
|
+
needle: Provider | undefined,
|
|
175
|
+
haystack: readonly Provider[],
|
|
176
|
+
) {
|
|
177
|
+
if (needle && !haystack.includes(needle)) {
|
|
178
|
+
throw new Error(`Invalid provider (${needle}) given!`);
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
function authData<
|
|
183
|
+
Strat extends Strategy = 'public',
|
|
184
|
+
Field extends string | undefined = undefined,
|
|
185
|
+
isMulti extends boolean = false,
|
|
186
|
+
Builders extends object = object,
|
|
187
|
+
>(
|
|
188
|
+
defaults: Partial<Authorization<Strat, Field, isMulti>[typeof __data]>,
|
|
189
|
+
builderMethods: Builders,
|
|
190
|
+
): Authorization<Strat, Field, isMulti> & Builders {
|
|
191
|
+
return {
|
|
192
|
+
[__data]: {
|
|
193
|
+
strategy: 'public',
|
|
194
|
+
provider: undefined,
|
|
195
|
+
operations: undefined,
|
|
196
|
+
groupOrOwnerField: undefined,
|
|
197
|
+
multiOwner: false,
|
|
198
|
+
identityClaim: undefined,
|
|
199
|
+
groups: undefined,
|
|
200
|
+
...defaults,
|
|
201
|
+
} as any,
|
|
202
|
+
...builderMethods,
|
|
203
|
+
};
|
|
204
|
+
}
|
|
205
|
+
|
|
206
|
+
/**
|
|
207
|
+
* Defines an authorization rule for your data models and fields. First choose an authorization strategy (`public`,
|
|
208
|
+
* `private`, `owner`, `group`, or `custom`), then choose an auth provider (`apiKey`, `iam`, `userPools`, `oidc`, or `function`)
|
|
209
|
+
* and optionally use `.to(...)` to specify the operations that can be performed against your data models and fields.
|
|
210
|
+
*/
|
|
211
|
+
export const allow = {
|
|
212
|
+
/**
|
|
213
|
+
* Authorize unauthenticated users by using API key based authorization.
|
|
214
|
+
* @returns an authorization rule for unauthenticated users
|
|
215
|
+
*/
|
|
216
|
+
publicApiKey() {
|
|
217
|
+
return authData(
|
|
218
|
+
{
|
|
219
|
+
strategy: 'public',
|
|
220
|
+
provider: 'apiKey',
|
|
221
|
+
},
|
|
222
|
+
{
|
|
223
|
+
to,
|
|
224
|
+
},
|
|
225
|
+
);
|
|
226
|
+
},
|
|
227
|
+
|
|
228
|
+
/**
|
|
229
|
+
* Authorize unauthenticated users by using IAM based authorization.
|
|
230
|
+
* @returns an authorization rule for unauthenticated users
|
|
231
|
+
*/
|
|
232
|
+
guest() {
|
|
233
|
+
return authData(
|
|
234
|
+
{
|
|
235
|
+
strategy: 'public',
|
|
236
|
+
provider: 'iam',
|
|
237
|
+
},
|
|
238
|
+
{
|
|
239
|
+
to,
|
|
240
|
+
},
|
|
241
|
+
);
|
|
242
|
+
},
|
|
243
|
+
|
|
244
|
+
/**
|
|
245
|
+
* Authorize authenticated users. By default, `.private()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
246
|
+
* use `.authenticated("iam")` or `.authenticated("oidc")` to use IAM or OIDC based authorization for authenticated users.
|
|
247
|
+
* @param provider the authentication provider - supports "userPools", "iam", or "oidc"
|
|
248
|
+
* @returns an authorization rule for authenticated users
|
|
249
|
+
*/
|
|
250
|
+
authenticated(provider?: PrivateProvider) {
|
|
251
|
+
validateProvider(provider, PrivateProviders);
|
|
252
|
+
return authData(
|
|
253
|
+
{
|
|
254
|
+
strategy: 'private',
|
|
255
|
+
provider,
|
|
256
|
+
},
|
|
257
|
+
{
|
|
258
|
+
to,
|
|
259
|
+
},
|
|
260
|
+
);
|
|
261
|
+
},
|
|
262
|
+
|
|
263
|
+
/**
|
|
264
|
+
* Authorize access on a per-user (owner) basis. By setting owner-based authorization, a new `owner: a.string()`
|
|
265
|
+
* field will be added to the model to store which user "owns" the item. Upon item creation, the "owner field" is
|
|
266
|
+
* auto-populated with the authenticated user's information. If you want to specify which field should be used as
|
|
267
|
+
* the owner field, you can use the `ownerDefinedIn` builder function instead.
|
|
268
|
+
*
|
|
269
|
+
* By default, `.owner()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
270
|
+
* use `.owner("oidc")` to use OIDC based authentication to designate the owner.
|
|
271
|
+
*
|
|
272
|
+
* To change the specific claim that should be used as the user identifier within the owner field, chain the
|
|
273
|
+
* `.identityClaim(...)` method.
|
|
274
|
+
*
|
|
275
|
+
* @param provider the authentication provider - supports "userPools", "iam", or "oidc"
|
|
276
|
+
* @returns an authorization rule for authenticated users
|
|
277
|
+
*/
|
|
278
|
+
owner(provider?: OwnerProviders) {
|
|
279
|
+
validateProvider(provider, OwnerProviders);
|
|
280
|
+
return authData(
|
|
281
|
+
{
|
|
282
|
+
strategy: 'owner',
|
|
283
|
+
provider,
|
|
284
|
+
groupOrOwnerField: 'owner',
|
|
285
|
+
},
|
|
286
|
+
{
|
|
287
|
+
to,
|
|
288
|
+
identityClaim,
|
|
289
|
+
},
|
|
290
|
+
);
|
|
291
|
+
},
|
|
292
|
+
|
|
293
|
+
/**
|
|
294
|
+
* Authorize access on a per-user (owner) basis with specifying which field should be used as the owner field.
|
|
295
|
+
*
|
|
296
|
+
* By default, `.owner()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
297
|
+
* use `.ownerDefinedIn("owner", "oidc")` to use OIDC based authentication to designate the owner.
|
|
298
|
+
*
|
|
299
|
+
* To change the specific claim that should be used as the user identifier within the owner field, chain the
|
|
300
|
+
* `.identityClaim(...)` method.
|
|
301
|
+
*
|
|
302
|
+
* @param ownerField the field that contains the owner information
|
|
303
|
+
* @param provider the authentication provider - supports "userPools", "iam", or "oidc"
|
|
304
|
+
* @returns an authorization rule for authenticated users
|
|
305
|
+
*/
|
|
306
|
+
ownerDefinedIn<T extends string>(ownerField: T, provider?: OwnerProviders) {
|
|
307
|
+
validateProvider(provider, OwnerProviders);
|
|
308
|
+
|
|
309
|
+
return authData(
|
|
310
|
+
{
|
|
311
|
+
strategy: 'owner',
|
|
312
|
+
provider,
|
|
313
|
+
groupOrOwnerField: ownerField,
|
|
314
|
+
},
|
|
315
|
+
{
|
|
316
|
+
to,
|
|
317
|
+
identityClaim,
|
|
318
|
+
},
|
|
319
|
+
);
|
|
320
|
+
},
|
|
321
|
+
|
|
322
|
+
/**
|
|
323
|
+
* Authorize access for multi-user / multi-owner access. By setting multi-owner-based authorization, a new `owners: a.string().array()`
|
|
324
|
+
* field will be added to the model to store which users "own" the item. Upon item creation, the "owners field" is
|
|
325
|
+
* auto-populated with the authenticated user's information. To grant other users access to the item, append their user identifier into the `owners` array.
|
|
326
|
+
*
|
|
327
|
+
* You can specify which field should be used as the owners field by passing the `ownersField` parameter.
|
|
328
|
+
*
|
|
329
|
+
* By default, `.ownersDefinedIn()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
330
|
+
* use `.ownersDefinedIn("owners", "oidc")` to use OIDC based authentication to designate the owner.
|
|
331
|
+
*
|
|
332
|
+
* To change the specific claim that should be used as the user identifier within the owners field, chain the
|
|
333
|
+
* `.identityClaim(...)` method.
|
|
334
|
+
*
|
|
335
|
+
* @param ownersField the field that contains the owners information
|
|
336
|
+
* @param provider the authentication provider - supports "userPools", "iam", or "oidc"
|
|
337
|
+
* @returns an authorization rule for authenticated users
|
|
338
|
+
*/
|
|
339
|
+
ownersDefinedIn<T extends string>(ownersField: T, provider?: OwnerProviders) {
|
|
340
|
+
validateProvider(provider, OwnerProviders);
|
|
341
|
+
|
|
342
|
+
return authData(
|
|
343
|
+
{
|
|
344
|
+
strategy: 'owner',
|
|
345
|
+
provider,
|
|
346
|
+
groupOrOwnerField: ownersField,
|
|
347
|
+
multiOwner: true,
|
|
348
|
+
},
|
|
349
|
+
{
|
|
350
|
+
to,
|
|
351
|
+
identityClaim,
|
|
352
|
+
},
|
|
353
|
+
);
|
|
354
|
+
},
|
|
355
|
+
|
|
356
|
+
/**
|
|
357
|
+
* Authorize a specific user group. Provide the name of the specific user group to have access.
|
|
358
|
+
*
|
|
359
|
+
* By default, `.group()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
360
|
+
* use `.group("group-name", "oidc")` to use OIDC based authentication to designate the user group.
|
|
361
|
+
*
|
|
362
|
+
* To change the specific claim that should be used as the user group identifier, chain the
|
|
363
|
+
* `.withClaimIn(...)` method.
|
|
364
|
+
* @param group the name of the group to authorize
|
|
365
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
366
|
+
* @returns an authorization rule to grant access by a specific group
|
|
367
|
+
*/
|
|
368
|
+
group(group: string, provider?: GroupProvider) {
|
|
369
|
+
return authData(
|
|
370
|
+
{
|
|
371
|
+
strategy: 'groups',
|
|
372
|
+
provider,
|
|
373
|
+
groups: [group],
|
|
374
|
+
},
|
|
375
|
+
{
|
|
376
|
+
to,
|
|
377
|
+
withClaimIn,
|
|
378
|
+
},
|
|
379
|
+
);
|
|
380
|
+
},
|
|
381
|
+
|
|
382
|
+
/**
|
|
383
|
+
* Authorize multiple specific user groups. Provide the names of the specific user groups to have access.
|
|
384
|
+
*
|
|
385
|
+
* By default, `.groups()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
386
|
+
* use `.groups(["group-a", "group-b"], "oidc")` to use OIDC based authentication to designate the user group.
|
|
387
|
+
*
|
|
388
|
+
* To change the specific claim that should be used as the user group identifier, chain the
|
|
389
|
+
* `.withClaimIn(...)` method.
|
|
390
|
+
* @param groups the names of the group to authorize defined as an array
|
|
391
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
392
|
+
* @returns an authorization rule to grant access by a specific group
|
|
393
|
+
*/
|
|
394
|
+
groups(groups: string[], provider?: GroupProvider) {
|
|
395
|
+
return authData(
|
|
396
|
+
{
|
|
397
|
+
strategy: 'groups',
|
|
398
|
+
provider,
|
|
399
|
+
groups,
|
|
400
|
+
},
|
|
401
|
+
{
|
|
402
|
+
to,
|
|
403
|
+
withClaimIn,
|
|
404
|
+
},
|
|
405
|
+
);
|
|
406
|
+
},
|
|
407
|
+
|
|
408
|
+
/**
|
|
409
|
+
* Authorize if a user is part of a group defined in a data model field.
|
|
410
|
+
*
|
|
411
|
+
* By default, `.groupDefinedIn()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
412
|
+
* use `.groupDefinedIn("field-name", "oidc")` to use OIDC based authentication to designate the user group.
|
|
413
|
+
*
|
|
414
|
+
* To change the specific claim that should be used as the user group identifier within the groups field, chain the
|
|
415
|
+
* `.withClaimIn(...)` method.
|
|
416
|
+
* @param groupsField the field that should store the authorized user group information
|
|
417
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
418
|
+
* @returns an authorization rule to grant access by a specific group
|
|
419
|
+
*/
|
|
420
|
+
groupDefinedIn<T extends string>(groupsField: T, provider?: GroupProvider) {
|
|
421
|
+
return authData(
|
|
422
|
+
{
|
|
423
|
+
strategy: 'groups',
|
|
424
|
+
provider,
|
|
425
|
+
groupOrOwnerField: groupsField,
|
|
426
|
+
},
|
|
427
|
+
{
|
|
428
|
+
to,
|
|
429
|
+
withClaimIn,
|
|
430
|
+
},
|
|
431
|
+
);
|
|
432
|
+
},
|
|
433
|
+
|
|
434
|
+
/**
|
|
435
|
+
* Authorize if a user is part of a one of the groups defined in a data model field.
|
|
436
|
+
*
|
|
437
|
+
* By default, `.groupsDefinedIn()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
438
|
+
* use `.groupsDefinedIn("field-name", "oidc")` to use OIDC based authentication to designate the user group.
|
|
439
|
+
*
|
|
440
|
+
* To change the specific claim that should be used as the user group identifier within the groups field, chain the
|
|
441
|
+
* `.withClaimIn(...)` method.
|
|
442
|
+
* @param groupsField the field that should store the list of authorized user groups
|
|
443
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
444
|
+
* @returns an authorization rule to grant access by a specific group
|
|
445
|
+
*/
|
|
446
|
+
groupsDefinedIn<T extends string>(groupsField: T, provider?: GroupProvider) {
|
|
447
|
+
return authData(
|
|
448
|
+
{
|
|
449
|
+
strategy: 'groups',
|
|
450
|
+
provider,
|
|
451
|
+
groupOrOwnerField: groupsField,
|
|
452
|
+
multiOwner: true,
|
|
453
|
+
},
|
|
454
|
+
{
|
|
455
|
+
to,
|
|
456
|
+
withClaimIn,
|
|
457
|
+
},
|
|
458
|
+
);
|
|
459
|
+
},
|
|
460
|
+
|
|
461
|
+
custom(provider?: CustomProvider) {
|
|
462
|
+
return authData(
|
|
463
|
+
{
|
|
464
|
+
strategy: 'custom',
|
|
465
|
+
provider,
|
|
466
|
+
},
|
|
467
|
+
{
|
|
468
|
+
to,
|
|
469
|
+
},
|
|
470
|
+
);
|
|
471
|
+
},
|
|
472
|
+
|
|
473
|
+
resource(fn: DefineFunction) {
|
|
474
|
+
return resourceAuthData(fn, {
|
|
475
|
+
to: resourceTo,
|
|
476
|
+
});
|
|
477
|
+
},
|
|
478
|
+
} as const;
|
|
479
|
+
|
|
480
|
+
/**
|
|
481
|
+
* This is a copy of the {@link allow} defined above, with modifications for custom operations.
|
|
482
|
+
*
|
|
483
|
+
* Removed builder methods:
|
|
484
|
+
*
|
|
485
|
+
* * `owner`
|
|
486
|
+
* * `ownerDefinedIn`
|
|
487
|
+
* * `ownersDefinedIn`
|
|
488
|
+
* * `groupDefinedIn`
|
|
489
|
+
* * `groupsDefinedIn`
|
|
490
|
+
* * `resource`
|
|
491
|
+
* * `.to()` builder method from each available rule builder
|
|
492
|
+
*/
|
|
493
|
+
export const allowForCustomOperations = {
|
|
494
|
+
/**
|
|
495
|
+
* Authorize unauthenticated users by using API key based authorization.
|
|
496
|
+
* @returns an authorization rule for unauthenticated users
|
|
497
|
+
*/
|
|
498
|
+
publicApiKey() {
|
|
499
|
+
return authData(
|
|
500
|
+
{
|
|
501
|
+
strategy: 'public',
|
|
502
|
+
provider: 'apiKey',
|
|
503
|
+
},
|
|
504
|
+
{},
|
|
505
|
+
);
|
|
506
|
+
},
|
|
507
|
+
|
|
508
|
+
/**
|
|
509
|
+
* Authorize unauthenticated users by using IAM based authorization.
|
|
510
|
+
* @returns an authorization rule for unauthenticated users
|
|
511
|
+
*/
|
|
512
|
+
guest() {
|
|
513
|
+
return authData(
|
|
514
|
+
{
|
|
515
|
+
strategy: 'public',
|
|
516
|
+
provider: 'iam',
|
|
517
|
+
},
|
|
518
|
+
{},
|
|
519
|
+
);
|
|
520
|
+
},
|
|
521
|
+
|
|
522
|
+
/**
|
|
523
|
+
* Authorize authenticated users. By default, `.private()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
524
|
+
* use `.authenticated("iam")` or `.authenticated("oidc")` to use IAM or OIDC based authorization for authenticated users.
|
|
525
|
+
* @param provider the authentication provider - supports "userPools", "iam", or "oidc"
|
|
526
|
+
* @returns an authorization rule for authenticated users
|
|
527
|
+
*/
|
|
528
|
+
authenticated(provider?: PrivateProvider) {
|
|
529
|
+
validateProvider(provider, PrivateProviders);
|
|
530
|
+
return authData(
|
|
531
|
+
{
|
|
532
|
+
strategy: 'private',
|
|
533
|
+
provider,
|
|
534
|
+
},
|
|
535
|
+
{},
|
|
536
|
+
);
|
|
537
|
+
},
|
|
538
|
+
|
|
539
|
+
/**
|
|
540
|
+
* Authorize a specific user group. Provide the name of the specific user group to have access.
|
|
541
|
+
*
|
|
542
|
+
* By default, `.group()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
543
|
+
* use `.group("group-name", "oidc")` to use OIDC based authentication to designate the user group.
|
|
544
|
+
*
|
|
545
|
+
* @param group the name of the group to authorize
|
|
546
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
547
|
+
* @returns an authorization rule to grant access by a specific group
|
|
548
|
+
*/
|
|
549
|
+
group(group: string, provider?: GroupProvider) {
|
|
550
|
+
return authData(
|
|
551
|
+
{
|
|
552
|
+
strategy: 'groups',
|
|
553
|
+
provider,
|
|
554
|
+
groups: [group],
|
|
555
|
+
},
|
|
556
|
+
{},
|
|
557
|
+
);
|
|
558
|
+
},
|
|
559
|
+
|
|
560
|
+
/**
|
|
561
|
+
* Authorize multiple specific user groups. Provide the names of the specific user groups to have access.
|
|
562
|
+
*
|
|
563
|
+
* By default, `.groups()` uses an Amazon Cognito user pool based authorization. You can additionally
|
|
564
|
+
* use `.groups(["group-a", "group-b"], "oidc")` to use OIDC based authentication to designate the user group.
|
|
565
|
+
*
|
|
566
|
+
* @param groups the names of the group to authorize defined as an array
|
|
567
|
+
* @param provider the authentication provider - supports "userPools" or "oidc"
|
|
568
|
+
* @returns an authorization rule to grant access by a specific group
|
|
569
|
+
*/
|
|
570
|
+
groups(groups: string[], provider?: GroupProvider) {
|
|
571
|
+
return authData(
|
|
572
|
+
{
|
|
573
|
+
strategy: 'groups',
|
|
574
|
+
provider,
|
|
575
|
+
groups,
|
|
576
|
+
},
|
|
577
|
+
{},
|
|
578
|
+
);
|
|
579
|
+
},
|
|
580
|
+
|
|
581
|
+
custom(provider?: CustomProvider) {
|
|
582
|
+
return authData(
|
|
583
|
+
{
|
|
584
|
+
strategy: 'custom',
|
|
585
|
+
provider,
|
|
586
|
+
},
|
|
587
|
+
{},
|
|
588
|
+
);
|
|
589
|
+
},
|
|
590
|
+
} as const;
|
|
591
|
+
|
|
592
|
+
function resourceTo<SELF extends ResourceAuthorization>(
|
|
593
|
+
this: SELF,
|
|
594
|
+
operations: ResourceOperation[],
|
|
595
|
+
) {
|
|
596
|
+
(this as any)[__data].operations = operations;
|
|
597
|
+
return omit(this, 'to');
|
|
598
|
+
}
|
|
599
|
+
|
|
600
|
+
function resourceAuthData<Builders extends object = object>(
|
|
601
|
+
resource: DefineFunction,
|
|
602
|
+
builderMethods: Builders,
|
|
603
|
+
): ResourceAuthorization & Builders {
|
|
604
|
+
return {
|
|
605
|
+
[__data]: {
|
|
606
|
+
strategy: 'resource',
|
|
607
|
+
resource,
|
|
608
|
+
} as any,
|
|
609
|
+
...builderMethods,
|
|
610
|
+
};
|
|
611
|
+
}
|
|
612
|
+
|
|
613
|
+
/**
|
|
614
|
+
* Turns the type from a list of `Authorization` rules like this:
|
|
615
|
+
*
|
|
616
|
+
* ```typescript
|
|
617
|
+
* [
|
|
618
|
+
* allow.public(),
|
|
619
|
+
* allow.ownerDefinedIn('otherfield'),
|
|
620
|
+
* allow.ownersDefinedIn('editors')
|
|
621
|
+
* ]
|
|
622
|
+
* ```
|
|
623
|
+
*
|
|
624
|
+
* Into a union of the possible `fieldname: type` auth objects like this:
|
|
625
|
+
*
|
|
626
|
+
* ```typescript
|
|
627
|
+
* {
|
|
628
|
+
* owner?: string | undefined;
|
|
629
|
+
* } | {
|
|
630
|
+
* otherfield?: string | undefined;
|
|
631
|
+
* } | {
|
|
632
|
+
* editors?: string[] | undefined;
|
|
633
|
+
* }
|
|
634
|
+
* ```
|
|
635
|
+
*/
|
|
636
|
+
export type ImpliedAuthField<T extends Authorization<any, any, any>> =
|
|
637
|
+
T extends Authorization<infer _Strat, infer Field, infer isMulti>
|
|
638
|
+
? Field extends undefined
|
|
639
|
+
? never
|
|
640
|
+
: Field extends string
|
|
641
|
+
? isMulti extends true
|
|
642
|
+
? { [K in Field]?: string[] }
|
|
643
|
+
: { [K in Field]?: string }
|
|
644
|
+
: never
|
|
645
|
+
: never;
|
|
646
|
+
|
|
647
|
+
/**
|
|
648
|
+
* Turns the type from a list of `Authorization` rules like this:
|
|
649
|
+
*
|
|
650
|
+
* ```typescript
|
|
651
|
+
* [
|
|
652
|
+
* allow.public(),
|
|
653
|
+
* allow.ownerDefinedIn('otherfield'),
|
|
654
|
+
* allow.ownersDefinedIn('editors')
|
|
655
|
+
* ]
|
|
656
|
+
* ```
|
|
657
|
+
*
|
|
658
|
+
* Into an object type that includes all auth fields like this:
|
|
659
|
+
*
|
|
660
|
+
* ```typescript
|
|
661
|
+
* {
|
|
662
|
+
* owner?: string | undefined;
|
|
663
|
+
* otherfield?: string | undefined;
|
|
664
|
+
* editors?: string[] | undefined;
|
|
665
|
+
* }
|
|
666
|
+
* ```
|
|
667
|
+
*/
|
|
668
|
+
export type ImpliedAuthFields<T extends Authorization<any, any, any>> =
|
|
669
|
+
ImpliedAuthField<T> extends never
|
|
670
|
+
? never
|
|
671
|
+
: UnionToIntersection<ImpliedAuthField<T>>;
|
|
672
|
+
|
|
673
|
+
export const accessData = <T extends Authorization<any, any, any>>(
|
|
674
|
+
authorization: T,
|
|
675
|
+
) => authorization[__data];
|
|
676
|
+
|
|
677
|
+
// TODO: delete when we make resource auth available at each level in the schema (model, field)
|
|
678
|
+
export const accessSchemaData = <T extends SchemaAuthorization<any, any, any>>(
|
|
679
|
+
authorization: T,
|
|
680
|
+
): T[typeof __data] => authorization[__data];
|
|
681
|
+
|
|
682
|
+
// `allow` is declared as a `const` above
|
|
683
|
+
export type AllowModifier = typeof allow;
|
|
684
|
+
export type AllowModifierForCustomOperation = typeof allowForCustomOperations;
|