@casual-simulation/aux-records 3.2.13 → 3.2.14-alpha.7890390188

package/RecordsServer.js

@@ -22,7 +22,7 @@ import { getStatusCode, parseInstancesList, tryDecodeUriComponent, tryParseJson,
 import { INVALID_REQUEST_ERROR_MESSAGE, MAX_EMAIL_ADDRESS_LENGTH, MAX_SMS_ADDRESS_LENGTH, PRIVO_OPEN_ID_PROVIDER, } from './AuthController';
 import { parseSessionKey } from './AuthUtils';
 import { z } from 'zod';
-import { AVAILABLE_PERMISSIONS_VALIDATION } from '@casual-simulation/aux-common';
+import { AVAILABLE_PERMISSIONS_VALIDATION, RESOURCE_KIND_VALIDATION, } from '@casual-simulation/aux-common';
 import { AI_CHAT_MESSAGE_SCHEMA } from './AIChatInterface';
 import { WebsocketEventTypes, websocketEventSchema, websocketRequestMessageSchema, } from '@casual-simulation/aux-common/websockets/WebsocketEvents';
 import { DEFAULT_BRANCH_NAME } from '@casual-simulation/aux-common';
@@ -127,22 +127,23 @@ const STUDIO_DISPLAY_NAME_VALIDATION = z
 })
     .min(1)
     .max(128);
-/**
- * The Zod validation for markers.
- */
-const MARKERS_VALIDATION = z
-    .array(z
+const MARKER_VALIDATION = z
     .string({
     invalid_type_error: 'individual markers must be strings.',
     required_error: 'invidiaul markers must not be null or empty.',
 })
-    .min(1)
-    .max(128), {
+    .nonempty('individual markers must not be null or empty.')
+    .max(100, 'individual markers must not be longer than 100 characters.');
+/**
+ * The Zod validation for markers.
+ */
+const MARKERS_VALIDATION = z
+    .array(MARKER_VALIDATION, {
     invalid_type_error: 'markers must be an array of strings.',
     required_error: 'markers is required.',
 })
     .nonempty('markers must not be empty.')
-    .max(10, 'markers must not contain more than 10 markers.');
+    .max(10, 'markers lists must not contain more than 10 markers.');
 const NO_WHITESPACE_MESSAGE = 'The value cannot not contain spaces.';
 const NO_WHITESPACE_REGEX = /^\S*$/g;
 const NO_SPECIAL_CHARACTERS_MESSAGE = 'The value cannot not contain special characters.';
@@ -385,20 +386,16 @@ export class RecordsServer {
                 return formatResponse(request, yield this._createRecordKey(request), this._allowedApiOrigins);
             }
             else if (request.method === 'POST' &&
-                request.path === '/api/v2/records/policy/grantPermission') {
-                return formatResponse(request, yield this._policyGrantPermission(request), this._allowedApiOrigins);
+                request.path === '/api/v2/records/permissions') {
+                return formatResponse(request, yield this._grantPermission(request), this._allowedApiOrigins);
             }
             else if (request.method === 'POST' &&
-                request.path === '/api/v2/records/policy/revokePermission') {
-                return formatResponse(request, yield this._policyRevokePermission(request), this._allowedApiOrigins);
+                request.path === '/api/v2/records/permissions/revoke') {
+                return formatResponse(request, yield this._revokePermission(request), this._allowedApiOrigins);
             }
             else if (request.method === 'GET' &&
-                request.path === '/api/v2/records/policy') {
-                return formatResponse(request, yield this._policyRead(request), this._allowedApiOrigins);
-            }
-            else if (request.method === 'GET' &&
-                request.path === '/api/v2/records/policy/list') {
-                return formatResponse(request, yield this._policyList(request), this._allowedApiOrigins);
+                request.path === '/api/v2/records/permissions/list') {
+                return formatResponse(request, yield this._listPermissions(request), this._allowedApiOrigins);
             }
             else if (request.method === 'GET' &&
                 request.path === '/api/v2/records/role/user/list') {
@@ -893,7 +890,7 @@ export class RecordsServer {
             return returnResult(result);
         });
     }
-    _policyGrantPermission(request) {
+    _grantPermission(request) {
         return __awaiter(this, void 0, void 0, function* () {
             if (!validateOrigin(request, this._allowedApiOrigins)) {
                 return returnResult(INVALID_ORIGIN_RESULT);
@@ -907,12 +904,6 @@ export class RecordsServer {
             }
             const schema = z.object({
                 recordName: RECORD_NAME_VALIDATION,
-                marker: z
-                    .string({
-                    invalid_type_error: 'marker must be a string.',
-                    required_error: 'marker is required.',
-                })
-                    .nonempty('marker must not be empty'),
                 permission: AVAILABLE_PERMISSIONS_VALIDATION,
                 instances: INSTANCES_ARRAY_VALIDATION.nonempty().optional(),
             });
@@ -920,20 +911,7 @@ export class RecordsServer {
             if (parseResult.success === false) {
                 return returnZodError(parseResult.error);
             }
-            const { recordName, marker, permission, instances } = parseResult.data;
-            // const validation = ZOD_PERMISSION_MAP[permission.type as (keyof typeof ZOD_PERMISSION_MAP)];
-            // if (!validation) {
-            //     const validPermissionTypes = Object.keys(ZOD_PERMISSION_MAP).sort();
-            //     return returnResult({
-            //         success: false,
-            //         errorCode: 'unacceptable_request',
-            //         errorMessage: `Permission type not found. type must be one of: ${validPermissionTypes.join(', ')}`,
-            //     });
-            // }
-            // const validationParseResult = validation.safeParse(permission);
-            // if (validationParseResult.success === false) {
-            //     return returnZodError(validationParseResult.error);
-            // }
+            const { recordName, permission, instances } = parseResult.data;
             const sessionKeyValidation = yield this._validateSessionKey(request);
             if (sessionKeyValidation.success === false) {
                 if (sessionKeyValidation.errorCode === 'no_session_key') {
@@ -941,17 +919,33 @@ export class RecordsServer {
                 }
                 return returnResult(sessionKeyValidation);
             }
-            const result = yield this._policyController.grantMarkerPermission({
-                recordKeyOrRecordName: recordName,
-                marker: marker,
-                userId: sessionKeyValidation.userId,
-                permission: permission,
-                instances,
+            if (permission.marker) {
+                const result = yield this._policyController.grantMarkerPermission({
+                    recordKeyOrRecordName: recordName,
+                    marker: permission.marker,
+                    userId: sessionKeyValidation.userId,
+                    permission: permission,
+                    instances,
+                });
+                return returnResult(result);
+            }
+            else if (permission.resourceKind && permission.resourceId) {
+                const result = yield this._policyController.grantResourcePermission({
+                    recordKeyOrRecordName: recordName,
+                    permission: permission,
+                    userId: sessionKeyValidation.userId,
+                    instances,
+                });
+                return returnResult(result);
+            }
+            return returnResult({
+                success: false,
+                errorCode: 'unacceptable_request',
+                errorMessage: 'The given permission must have either a marker or a resourceId.',
             });
-            return returnResult(result);
         });
     }
-    _policyRevokePermission(request) {
+    _revokePermission(request) {
         return __awaiter(this, void 0, void 0, function* () {
             if (!validateOrigin(request, this._allowedApiOrigins)) {
                 return returnResult(INVALID_ORIGIN_RESULT);
@@ -964,21 +958,19 @@ export class RecordsServer {
                 return returnResult(UNACCEPTABLE_REQUEST_RESULT_MUST_BE_JSON);
             }
             const schema = z.object({
-                recordName: RECORD_NAME_VALIDATION,
-                marker: z
+                permissionId: z
                     .string({
-                    invalid_type_error: 'marker must be a string.',
-                    required_error: 'marker is required.',
+                    invalid_type_error: 'permissionId must be a string.',
+                    required_error: 'permissionId is required.',
                 })
-                    .nonempty('marker must not be empty'),
-                permission: AVAILABLE_PERMISSIONS_VALIDATION,
+                    .nonempty('permissionId must not be empty'),
                 instances: INSTANCES_ARRAY_VALIDATION.optional(),
             });
             const parseResult = schema.safeParse(jsonResult.value);
             if (parseResult.success === false) {
                 return returnZodError(parseResult.error);
             }
-            const { recordName, marker, permission, instances } = parseResult.data;
+            const { permissionId, instances } = parseResult.data;
             const sessionKeyValidation = yield this._validateSessionKey(request);
             if (sessionKeyValidation.success === false) {
                 if (sessionKeyValidation.errorCode === 'no_session_key') {
@@ -986,35 +978,35 @@ export class RecordsServer {
                 }
                 return returnResult(sessionKeyValidation);
             }
-            const result = yield this._policyController.revokeMarkerPermission({
-                recordKeyOrRecordName: recordName,
-                marker: marker,
+            const result = yield this._policyController.revokePermission({
+                permissionId,
                 userId: sessionKeyValidation.userId,
-                permission: permission,
                 instances,
             });
             return returnResult(result);
         });
     }
-    _policyRead(request) {
+    _listPermissions(request) {
         return __awaiter(this, void 0, void 0, function* () {
             if (!validateOrigin(request, this._allowedApiOrigins)) {
                 return returnResult(INVALID_ORIGIN_RESULT);
             }
             const schema = z.object({
                 recordName: RECORD_NAME_VALIDATION,
-                marker: z
+                marker: MARKER_VALIDATION.optional(),
+                resourceKind: RESOURCE_KIND_VALIDATION.optional(),
+                resourceId: z
                     .string({
-                    invalid_type_error: 'marker must be a string.',
-                    required_error: 'marker is required.',
+                    invalid_type_error: 'resourceId must be a string.',
+                    required_error: 'resourceId is required.',
                 })
-                    .nonempty('marker must not be empty'),
+                    .optional(),
             });
             const parseResult = schema.safeParse(request.query);
             if (parseResult.success === false) {
                 return returnZodError(parseResult.error);
             }
-            const { recordName, marker } = parseResult.data;
+            const { recordName, marker, resourceKind, resourceId } = parseResult.data;
             const sessionKeyValidation = yield this._validateSessionKey(request);
             if (sessionKeyValidation.success === false) {
                 if (sessionKeyValidation.errorCode === 'no_session_key') {
@@ -1022,39 +1014,18 @@ export class RecordsServer {
                 }
                 return returnResult(sessionKeyValidation);
             }
-            const result = yield this._policyController.readUserPolicy(recordName, sessionKeyValidation.userId, marker);
-            return returnResult(result);
-        });
-    }
-    _policyList(request) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (!validateOrigin(request, this._allowedApiOrigins)) {
-                return returnResult(INVALID_ORIGIN_RESULT);
+            if (resourceKind && resourceId) {
+                const result = yield this._policyController.listPermissionsForResource(recordName, resourceKind, resourceId, sessionKeyValidation.userId);
+                return returnResult(result);
             }
-            const schema = z.object({
-                recordName: RECORD_NAME_VALIDATION,
-                startingMarker: z
-                    .string({
-                    invalid_type_error: 'startingMarker must be a string.',
-                    required_error: 'startingMarker is required.',
-                })
-                    .nonempty('startingMarker must not be empty')
-                    .optional(),
-            });
-            const parseResult = schema.safeParse(request.query);
-            if (parseResult.success === false) {
-                return returnZodError(parseResult.error);
+            else if (marker) {
+                const result = yield this._policyController.listPermissionsForMarker(recordName, marker, sessionKeyValidation.userId);
+                return returnResult(result);
             }
-            const { recordName, startingMarker } = parseResult.data;
-            const sessionKeyValidation = yield this._validateSessionKey(request);
-            if (sessionKeyValidation.success === false) {
-                if (sessionKeyValidation.errorCode === 'no_session_key') {
-                    return returnResult(NOT_LOGGED_IN_RESULT);
-                }
-                return returnResult(sessionKeyValidation);
+            else {
+                const result = yield this._policyController.listPermissions(recordName, sessionKeyValidation.userId);
+                return returnResult(result);
             }
-            const result = yield this._policyController.listUserPolicies(recordName, sessionKeyValidation.userId, startingMarker);
-            return returnResult(result);
         });
     }
     _roleUserList(request) {
@@ -1821,13 +1792,17 @@ export class RecordsServer {
             const schema = z.object({
                 recordName: RECORD_NAME_VALIDATION,
                 address: ADDRESS_VALIDATION.nullable().optional(),
+                marker: MARKER_VALIDATION.optional(),
+                sort: z
+                    .union([z.literal('ascending'), z.literal('descending')])
+                    .optional(),
                 instances: INSTANCES_QUERY_VALIDATION.optional(),
             });
             const parseResult = schema.safeParse(request.query || {});
             if (parseResult.success === false) {
                 return returnZodError(parseResult.error);
             }
-            const { recordName, address, instances } = parseResult.data;
+            const { recordName, address, instances, marker, sort } = parseResult.data;
             if (!recordName || typeof recordName !== 'string') {
                 return returnResult({
                     success: false,
@@ -1849,8 +1824,21 @@ export class RecordsServer {
                 sessionKeyValidation.errorCode !== 'no_session_key') {
                 return returnResult(sessionKeyValidation);
             }
-            const result = yield this._data.listData(recordName, address || null, sessionKeyValidation.userId, instances);
-            return returnResult(result);
+            if (!marker) {
+                const result = yield this._data.listData(recordName, address || null, sessionKeyValidation.userId, instances);
+                return returnResult(result);
+            }
+            else {
+                const result = yield this._data.listDataByMarker({
+                    recordKeyOrName: recordName,
+                    marker: marker,
+                    startingAddress: address,
+                    sort: sort,
+                    userId: sessionKeyValidation.userId,
+                    instances,
+                });
+                return returnResult(result);
+            }
         });
     }
     _handleRecordFileOptions(request) {
@@ -1918,13 +1906,7 @@ export class RecordsServer {
                     .min(1)
                     .max(128)
                     .optional(),
-                markers: z
-                    .array(z.string(), {
-                    invalid_type_error: 'markers must be an array of strings.',
-                    required_error: 'markers is required.',
-                })
-                    .nonempty('markers must be non-empty.')
-                    .optional(),
+                markers: MARKERS_VALIDATION.optional(),
                 instances: INSTANCES_ARRAY_VALIDATION.optional(),
             });
             const parseResult = schema.safeParse(jsonResult.value);
@@ -2005,12 +1987,7 @@ export class RecordsServer {
                     required_error: 'fileUrl is required.',
                 })
                     .nonempty('fileUrl must be non-empty.'),
-                markers: z
-                    .array(z.string(), {
-                    invalid_type_error: 'markers must be an array of strings.',
-                    required_error: 'markers is required.',
-                })
-                    .nonempty('markers must be non-empty.'),
+                markers: MARKERS_VALIDATION,
                 instances: INSTANCES_ARRAY_VALIDATION.optional(),
             });
             const parseResult = schema.safeParse(jsonResult.value);