@blamejs/core 0.14.27 → 0.15.0

package/lib/guard-mail-compose.js

@@ -36,6 +36,7 @@
  */
 
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 
 var GuardMailComposeError = defineClass("GuardMailComposeError", { alwaysPermanent: true });
 
@@ -47,11 +48,14 @@ var PROFILES = Object.freeze({
   permissive: { maxRecipients: 2000, maxAttachmentBytes: 104857600, maxSubjectBytes: 998 },           // 100 MiB
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
+
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: GuardMailComposeError,
+  codePrefix: "mail-compose",
 });
 
 /**
@@ -131,22 +135,10 @@ function validate(draft, opts) {
   return draft;
 }
 
-/**
- * @primitive b.guardMailCompose.compliancePosture
- * @signature b.guardMailCompose.compliancePosture(posture)
- * @since     0.9.20
- * @status    stable
- *
- * Return the effective profile for a given compliance posture name.
- * Returns `null` for unknown posture names so operator typos surface
- * here instead of silently falling through to the default profile.
- *
- * @example
- *   b.guardMailCompose.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
 
 function _checkAddrList(list, label, profile) {
   if (typeof list === "undefined" || list === null) return;
@@ -259,24 +251,14 @@ function _anyRecipient(draft) {
   });
 }
 
-function _resolveProfile(opts) {
-  if (opts.posture && COMPLIANCE_POSTURES[opts.posture]) {
-    return COMPLIANCE_POSTURES[opts.posture];
-  }
-  var p = opts.profile || DEFAULT_PROFILE;
-  if (!PROFILES[p]) {
-    throw new GuardMailComposeError("mail-compose/bad-profile",
-      "guardMailCompose: unknown profile '" + p + "'");
-  }
-  return p;
-}
-
-module.exports = {
-  validate:            validate,
-  compliancePosture:   compliancePosture,
-  PROFILES:            PROFILES,
-  COMPLIANCE_POSTURES: COMPLIANCE_POSTURES,
-  GuardMailComposeError: GuardMailComposeError,
-  NAME:                "mailCompose",
-  KIND:                "mail-compose",
-};
+module.exports = gateContract.defineParser({
+  name:       "mailCompose",
+  entry:      validate,
+  errorClass: GuardMailComposeError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    NAME: "mailCompose",
+    KIND: "mail-compose",
+  },
+});

package/lib/guard-mail-move.js

@@ -34,6 +34,7 @@
  */
 
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 
 var GuardMailMoveError = defineClass("GuardMailMoveError", { alwaysPermanent: true });
 
@@ -45,18 +46,21 @@ var PROFILES = Object.freeze({
   permissive: { maxObjectIds: 50000, maxFolderNameBytes: 1024 },
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
-});
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
 
 // System folders every actor may write to without admin scope.
 var SYSTEM_FOLDERS = Object.freeze({
   INBOX: true, Sent: true, Drafts: true, Trash: true, Junk: true, Archive: true,
 });
 
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: GuardMailMoveError,
+  codePrefix: "mail-move",
+});
+
 /**
  * @primitive b.guardMailMove.validate
  * @signature b.guardMailMove.validate(move, opts?)
@@ -128,22 +132,10 @@ function validate(move, opts) {
     "' requires mailScope:'admin' or membership in actor.allowedFolders");
 }
 
-/**
- * @primitive b.guardMailMove.compliancePosture
- * @signature b.guardMailMove.compliancePosture(posture)
- * @since     0.9.20
- * @status    stable
- *
- * Return the effective profile for a given compliance posture name.
- * Returns `null` for unknown posture names so operator typos surface
- * here instead of silently falling through to the default profile.
- *
- * @example
- *   b.guardMailMove.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
 
 function _checkFolderName(name, label, profile) {
   if (typeof name !== "string" || name.length === 0) {
@@ -178,25 +170,15 @@ function _checkFolderName(name, label, profile) {
   }
 }
 
-function _resolveProfile(opts) {
-  if (opts.posture && COMPLIANCE_POSTURES[opts.posture]) {
-    return COMPLIANCE_POSTURES[opts.posture];
-  }
-  var p = opts.profile || DEFAULT_PROFILE;
-  if (!PROFILES[p]) {
-    throw new GuardMailMoveError("mail-move/bad-profile",
-      "guardMailMove: unknown profile '" + p + "'");
-  }
-  return p;
-}
-
-module.exports = {
-  validate:            validate,
-  compliancePosture:   compliancePosture,
-  PROFILES:            PROFILES,
-  COMPLIANCE_POSTURES: COMPLIANCE_POSTURES,
-  SYSTEM_FOLDERS:      SYSTEM_FOLDERS,
-  GuardMailMoveError:  GuardMailMoveError,
-  NAME:                "mailMove",
-  KIND:                "mail-move",
-};
+module.exports = gateContract.defineParser({
+  name:       "mailMove",
+  entry:      validate,
+  errorClass: GuardMailMoveError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    SYSTEM_FOLDERS: SYSTEM_FOLDERS,
+    NAME:           "mailMove",
+    KIND:           "mail-move",
+  },
+});

package/lib/guard-mail-query.js

@@ -27,6 +27,7 @@
  */
 
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 
 var GuardMailQueryError = defineClass("GuardMailQueryError", { alwaysPermanent: true });
 
@@ -38,12 +39,7 @@ var PROFILES = Object.freeze({
   permissive: { maxDepth: 24, maxKeys: 512, maxStringBytes: 65536, maxArrayLen: 4096 },
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
-});
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
 
 // Columns the filter may reference and the projection may request.
 // Sealed columns can be `=` / `IN` matched (the mail-store walks
@@ -92,6 +88,14 @@ var POSTURE_ACTOR_FIELDS = Object.freeze({
   soc2:      [],
 });
 
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: GuardMailQueryError,
+  codePrefix: "mail-query",
+});
+
 /**
  * @primitive b.guardMailQuery.validate
  * @signature b.guardMailQuery.validate(filter, opts?)
@@ -174,22 +178,10 @@ function validateActor(actor, posture) {
   return actor;
 }
 
-/**
- * @primitive b.guardMailQuery.compliancePosture
- * @signature b.guardMailQuery.compliancePosture(posture)
- * @since     0.9.20
- * @status    stable
- *
- * Return the effective profile for a given compliance posture name.
- * Returns `null` when the posture is unknown (operator-supplied typos
- * surface here instead of silently falling back to the default).
- *
- * @example
- *   b.guardMailQuery.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
 
 function _walk(node, depth, profile, visited) {
   if (depth > profile.maxDepth) {
@@ -284,27 +276,17 @@ function _checkScalar(v, profile) {
   }
 }
 
-function _resolveProfile(opts) {
-  if (opts.posture && COMPLIANCE_POSTURES[opts.posture]) {
-    return COMPLIANCE_POSTURES[opts.posture];
-  }
-  var p = opts.profile || DEFAULT_PROFILE;
-  if (!PROFILES[p]) {
-    throw new GuardMailQueryError("mail-query/bad-profile",
-      "guardMailQuery: unknown profile '" + p + "'");
-  }
-  return p;
-}
-
-module.exports = {
-  validate:            validate,
-  validateActor:       validateActor,
-  compliancePosture:   compliancePosture,
-  PROFILES:            PROFILES,
-  COMPLIANCE_POSTURES: COMPLIANCE_POSTURES,
-  FILTERABLE_COLUMNS:  FILTERABLE_COLUMNS,
-  POSTURE_ACTOR_FIELDS: POSTURE_ACTOR_FIELDS,
-  GuardMailQueryError: GuardMailQueryError,
-  NAME:                "mailQuery",
-  KIND:                "mail-query",
-};
+module.exports = gateContract.defineParser({
+  name:       "mailQuery",
+  entry:      validate,
+  errorClass: GuardMailQueryError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    validateActor:        validateActor,
+    FILTERABLE_COLUMNS:   FILTERABLE_COLUMNS,
+    POSTURE_ACTOR_FIELDS: POSTURE_ACTOR_FIELDS,
+    NAME:                 "mailQuery",
+    KIND:                 "mail-query",
+  },
+});

package/lib/guard-mail-reply.js

@@ -30,6 +30,7 @@
 
 var { defineClass } = require("./framework-error");
 var guardMessageId = require("./guard-message-id");
+var gateContract = require("./gate-contract");
 
 var GuardMailReplyError = defineClass("GuardMailReplyError", { alwaysPermanent: true });
 
@@ -41,11 +42,14 @@ var PROFILES = Object.freeze({
   permissive: { maxChainLength: 2000, maxQuotedBytes: 10485760, maxForwardedAttachments: 512 },       // chain count + 10 MiB
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
+
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: GuardMailReplyError,
+  codePrefix: "mail-reply",
 });
 
 /**
@@ -132,41 +136,19 @@ function validate(reply, opts) {
   return reply;
 }
 
-/**
- * @primitive b.guardMailReply.compliancePosture
- * @signature b.guardMailReply.compliancePosture(posture)
- * @since     0.9.20
- * @status    stable
- *
- * Return the effective profile for a given compliance posture name.
- * Returns `null` for unknown posture names so operator typos surface
- * here instead of silently falling through to the default profile.
- *
- * @example
- *   b.guardMailReply.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
-
-function _resolveProfile(opts) {
-  if (opts.posture && COMPLIANCE_POSTURES[opts.posture]) {
-    return COMPLIANCE_POSTURES[opts.posture];
-  }
-  var p = opts.profile || DEFAULT_PROFILE;
-  if (!PROFILES[p]) {
-    throw new GuardMailReplyError("mail-reply/bad-profile",
-      "guardMailReply: unknown profile '" + p + "'");
-  }
-  return p;
-}
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
 
-module.exports = {
-  validate:            validate,
-  compliancePosture:   compliancePosture,
-  PROFILES:            PROFILES,
-  COMPLIANCE_POSTURES: COMPLIANCE_POSTURES,
-  GuardMailReplyError: GuardMailReplyError,
-  NAME:                "mailReply",
-  KIND:                "mail-reply",
-};
+module.exports = gateContract.defineParser({
+  name:       "mail-reply",
+  entry:      validate,
+  errorClass: GuardMailReplyError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    NAME: "mailReply",
+    KIND: "mail-reply",
+  },
+});

package/lib/guard-mail-sieve.js

@@ -33,6 +33,7 @@
  */
 
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 
 var GuardMailSieveError = defineClass("GuardMailSieveError", { alwaysPermanent: true });
 
@@ -44,11 +45,14 @@ var PROFILES = Object.freeze({
   permissive: { maxScriptBytes: 1048576, maxNameBytes: 1024, maxLines: 50000 },
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
+
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: GuardMailSieveError,
+  codePrefix: "mail-sieve",
 });
 
 /**
@@ -145,22 +149,10 @@ function validate(op, opts) {
   return op;
 }
 
-/**
- * @primitive b.guardMailSieve.compliancePosture
- * @signature b.guardMailSieve.compliancePosture(posture)
- * @since     0.9.20
- * @status    stable
- *
- * Return the effective profile for a given compliance posture name.
- * Returns `null` for unknown posture names so operator typos surface
- * here instead of silently falling through to the default profile.
- *
- * @example
- *   b.guardMailSieve.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
 
 function _checkName(name, profile) {
   if (typeof name !== "string" || name.length === 0) {
@@ -184,24 +176,14 @@ function _checkName(name, profile) {
   }
 }
 
-function _resolveProfile(opts) {
-  if (opts.posture && COMPLIANCE_POSTURES[opts.posture]) {
-    return COMPLIANCE_POSTURES[opts.posture];
-  }
-  var p = opts.profile || DEFAULT_PROFILE;
-  if (!PROFILES[p]) {
-    throw new GuardMailSieveError("mail-sieve/bad-profile",
-      "guardMailSieve: unknown profile '" + p + "'");
-  }
-  return p;
-}
-
-module.exports = {
-  validate:            validate,
-  compliancePosture:   compliancePosture,
-  PROFILES:            PROFILES,
-  COMPLIANCE_POSTURES: COMPLIANCE_POSTURES,
-  GuardMailSieveError: GuardMailSieveError,
-  NAME:                "mailSieve",
-  KIND:                "mail-sieve",
-};
+module.exports = gateContract.defineParser({
+  name:       "mail-sieve",
+  entry:      validate,
+  errorClass: GuardMailSieveError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    NAME: "mailSieve",
+    KIND: "mail-sieve",
+  },
+});

package/lib/guard-managesieve-command.js

@@ -101,6 +101,7 @@
  */
 
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 
 var GuardManageSieveCommandError = defineClass("GuardManageSieveCommandError",
   { alwaysPermanent: true });
@@ -134,12 +135,7 @@ var PROFILES = Object.freeze({
   },
 });
 
-var COMPLIANCE_POSTURES = Object.freeze({
-  hipaa:     "strict",
-  "pci-dss": "strict",
-  gdpr:      "strict",
-  soc2:      "strict",
-});
+var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
 
 // ManageSieve verbs per RFC 5804 §2.
 var KNOWN_VERBS = Object.freeze({
@@ -539,28 +535,18 @@ function _checkScriptNameBytes(name, caps) {
   }
 }
 
-/**
- * @primitive b.guardManageSieveCommand.compliancePosture
- * @signature b.guardManageSieveCommand.compliancePosture(posture)
- * @since     0.9.57
- * @status    stable
- *
- * Return the effective profile for a compliance posture, or `null`
- * for unknown names.
- *
- * @example
- *   b.guardManageSieveCommand.compliancePosture("hipaa");   // → "strict"
- */
-function compliancePosture(posture) {
-  return COMPLIANCE_POSTURES[posture] || null;
-}
-
-module.exports = {
-  validate:                          validate,
-  compliancePosture:                 compliancePosture,
-  PROFILES:                          PROFILES,
-  COMPLIANCE_POSTURES:               COMPLIANCE_POSTURES,
-  KNOWN_VERBS:                       KNOWN_VERBS,
-  ZERO_ARG_VERBS:                    ZERO_ARG_VERBS,
-  GuardManageSieveCommandError:      GuardManageSieveCommandError,
-};
+// compliancePosture is assembled by gateContract.defineParser below; its
+// wiki section renders from the single-sourced @abiTemplate (defineParser)
+// block in gate-contract.js, instantiated for this guard by the page
+// generator.
+module.exports = gateContract.defineParser({
+  name:       "managesieve-command",
+  entry:      validate,
+  errorClass: GuardManageSieveCommandError,
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  extra: {
+    KNOWN_VERBS:    KNOWN_VERBS,
+    ZERO_ARG_VERBS: ZERO_ARG_VERBS,
+  },
+});