@cloud-copilot/iam-lens 0.1.67 → 0.1.69
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/cli.js +19 -2
- package/dist/cjs/cli.js.map +1 -1
- package/dist/cjs/collect/client.d.ts +15 -3
- package/dist/cjs/collect/client.d.ts.map +1 -1
- package/dist/cjs/collect/client.js +23 -6
- package/dist/cjs/collect/client.js.map +1 -1
- package/dist/cjs/principalCan/resources/statements.js +1 -1
- package/dist/cjs/principalCan/resources/statements.js.map +1 -1
- package/dist/cjs/simulate/contextKeys.d.ts +4 -1
- package/dist/cjs/simulate/contextKeys.d.ts.map +1 -1
- package/dist/cjs/simulate/contextKeys.js +42 -33
- package/dist/cjs/simulate/contextKeys.js.map +1 -1
- package/dist/cjs/simulate/simulate.d.ts +5 -0
- package/dist/cjs/simulate/simulate.d.ts.map +1 -1
- package/dist/cjs/simulate/simulate.js +40 -5
- package/dist/cjs/simulate/simulate.js.map +1 -1
- package/dist/cjs/utils/s3Abac.d.ts +3 -0
- package/dist/cjs/utils/s3Abac.d.ts.map +1 -0
- package/dist/cjs/utils/s3Abac.js +5 -0
- package/dist/cjs/utils/s3Abac.js.map +1 -0
- package/dist/cjs/whoCan/WhoCanMainThreadWorker.d.ts +2 -6
- package/dist/cjs/whoCan/WhoCanMainThreadWorker.d.ts.map +1 -1
- package/dist/cjs/whoCan/WhoCanMainThreadWorker.js +4 -20
- package/dist/cjs/whoCan/WhoCanMainThreadWorker.js.map +1 -1
- package/dist/cjs/whoCan/WhoCanWorker.d.ts +6 -2
- package/dist/cjs/whoCan/WhoCanWorker.d.ts.map +1 -1
- package/dist/cjs/whoCan/WhoCanWorker.js +7 -5
- package/dist/cjs/whoCan/WhoCanWorker.js.map +1 -1
- package/dist/cjs/whoCan/WhoCanWorkerThreadWorker.js +4 -2
- package/dist/cjs/whoCan/WhoCanWorkerThreadWorker.js.map +1 -1
- package/dist/cjs/whoCan/whoCan.d.ts +9 -0
- package/dist/cjs/whoCan/whoCan.d.ts.map +1 -1
- package/dist/cjs/whoCan/whoCan.js +35 -3
- package/dist/cjs/whoCan/whoCan.js.map +1 -1
- package/dist/esm/cli.js +19 -2
- package/dist/esm/cli.js.map +1 -1
- package/dist/esm/collect/client.d.ts +15 -3
- package/dist/esm/collect/client.d.ts.map +1 -1
- package/dist/esm/collect/client.js +23 -6
- package/dist/esm/collect/client.js.map +1 -1
- package/dist/esm/principalCan/resources/statements.js +1 -1
- package/dist/esm/principalCan/resources/statements.js.map +1 -1
- package/dist/esm/simulate/contextKeys.d.ts +4 -1
- package/dist/esm/simulate/contextKeys.d.ts.map +1 -1
- package/dist/esm/simulate/contextKeys.js +43 -34
- package/dist/esm/simulate/contextKeys.js.map +1 -1
- package/dist/esm/simulate/simulate.d.ts +5 -0
- package/dist/esm/simulate/simulate.d.ts.map +1 -1
- package/dist/esm/simulate/simulate.js +41 -6
- package/dist/esm/simulate/simulate.js.map +1 -1
- package/dist/esm/utils/s3Abac.d.ts +3 -0
- package/dist/esm/utils/s3Abac.d.ts.map +1 -0
- package/dist/esm/utils/s3Abac.js +2 -0
- package/dist/esm/utils/s3Abac.js.map +1 -0
- package/dist/esm/whoCan/WhoCanMainThreadWorker.d.ts +2 -6
- package/dist/esm/whoCan/WhoCanMainThreadWorker.d.ts.map +1 -1
- package/dist/esm/whoCan/WhoCanMainThreadWorker.js +4 -17
- package/dist/esm/whoCan/WhoCanMainThreadWorker.js.map +1 -1
- package/dist/esm/whoCan/WhoCanWorker.d.ts +6 -2
- package/dist/esm/whoCan/WhoCanWorker.d.ts.map +1 -1
- package/dist/esm/whoCan/WhoCanWorker.js +7 -5
- package/dist/esm/whoCan/WhoCanWorker.js.map +1 -1
- package/dist/esm/whoCan/WhoCanWorkerThreadWorker.js +4 -2
- package/dist/esm/whoCan/WhoCanWorkerThreadWorker.js.map +1 -1
- package/dist/esm/whoCan/whoCan.d.ts +9 -0
- package/dist/esm/whoCan/whoCan.d.ts.map +1 -1
- package/dist/esm/whoCan/whoCan.js +34 -3
- package/dist/esm/whoCan/whoCan.js.map +1 -1
- package/package.json +5 -5
|
@@ -51,8 +51,8 @@ async function simulateRequest(simulationRequest, collectClient) {
|
|
|
51
51
|
if (sts_js_1.AssumeRoleActions.has(simulationRequest.action.toLowerCase()) && !resourcePolicy) {
|
|
52
52
|
throw new Error(`Trust policy not found for resource ${simulationRequest.resourceArn}. sts assume role actions require a trust policy.`);
|
|
53
53
|
}
|
|
54
|
-
const
|
|
55
|
-
const vpcEndpointId = (0, contextKeys_js_1.contextValue)(
|
|
54
|
+
const { contextKeys, resourceTagsAreKnown } = await (0, contextKeys_js_1.createContextKeys)(collectClient, simulationRequest, service, simulationRequest.customContextKeys);
|
|
55
|
+
const vpcEndpointId = (0, contextKeys_js_1.contextValue)(contextKeys, contextKeys_js_1.CONTEXT_KEYS.vpcEndpointId);
|
|
56
56
|
let vpcEndpointPolicy = undefined;
|
|
57
57
|
if (vpcEndpointId && typeof vpcEndpointId === 'string') {
|
|
58
58
|
const vpcEndpointArn = await collectClient.getVpcEndpointArnForVpcEndpointId(vpcEndpointId);
|
|
@@ -73,7 +73,7 @@ async function simulateRequest(simulationRequest, collectClient) {
|
|
|
73
73
|
accountId: simulationRequest.resourceAccount
|
|
74
74
|
},
|
|
75
75
|
principal: simulationRequest.principal,
|
|
76
|
-
contextVariables:
|
|
76
|
+
contextVariables: contextKeys
|
|
77
77
|
};
|
|
78
78
|
const simulation = {
|
|
79
79
|
request,
|
|
@@ -84,6 +84,15 @@ async function simulateRequest(simulationRequest, collectClient) {
|
|
|
84
84
|
permissionBoundaryPolicies: preparePermissionBoundary(principalPolicies),
|
|
85
85
|
vpcEndpointPolicies: vpcEndpointPolicy ? [vpcEndpointPolicy] : undefined
|
|
86
86
|
};
|
|
87
|
+
const s3BucketOrObjectRequest = simulationRequest.resourceArn && (0, iam_utils_1.isS3BucketOrObjectArn)(simulationRequest.resourceArn);
|
|
88
|
+
if (s3BucketOrObjectRequest) {
|
|
89
|
+
const bucketAbacEnabled = await evaluateAbacForBucket(simulationRequest.s3AbacOverride, collectClient, simulationRequest.resourceAccount, simulationRequest.resourceArn);
|
|
90
|
+
simulation.additionalSettings = {
|
|
91
|
+
s3: {
|
|
92
|
+
bucketAbacEnabled
|
|
93
|
+
}
|
|
94
|
+
};
|
|
95
|
+
}
|
|
87
96
|
// Assemble the strict context keys for the simulation
|
|
88
97
|
// Start with the default known context keys
|
|
89
98
|
const strictContextKeys = [...contextKeys_js_1.knownContextKeys];
|
|
@@ -100,8 +109,15 @@ async function simulateRequest(simulationRequest, collectClient) {
|
|
|
100
109
|
for (const key of Object.keys(simulationRequest.customContextKeys)) {
|
|
101
110
|
strictContextKeys.push(key);
|
|
102
111
|
}
|
|
103
|
-
//
|
|
104
|
-
|
|
112
|
+
//If we know the tag keys, just make all tag keys strict
|
|
113
|
+
if (resourceTagsAreKnown) {
|
|
114
|
+
strictContextKeys.push('/^aws:ResourceTag\/.*/');
|
|
115
|
+
if (s3BucketOrObjectRequest) {
|
|
116
|
+
strictContextKeys.push('/^s3:BucketTag\/.*/');
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
// There also may be other tag context keys, so add those too
|
|
120
|
+
for (const key of Object.keys(contextKeys)) {
|
|
105
121
|
if (key.toLowerCase().includes('tag/')) {
|
|
106
122
|
strictContextKeys.push(key);
|
|
107
123
|
}
|
|
@@ -196,4 +212,23 @@ function resultMatchesExpectation(expected, result) {
|
|
|
196
212
|
}
|
|
197
213
|
return expected === result;
|
|
198
214
|
}
|
|
215
|
+
/**
|
|
216
|
+
* Evaluates whether ABAC (Attribute-Based Access Control) is enabled for a given S3 bucket or object.
|
|
217
|
+
* The evaluation can be overridden by the `s3AbacOverride` parameter.
|
|
218
|
+
*
|
|
219
|
+
* @param s3AbacOverride the override setting for S3 ABAC or undefined to auto-detect
|
|
220
|
+
* @param collectClient the IAM collect client to use for data access
|
|
221
|
+
* @param bucketAccountId the account ID the bucket belongs to
|
|
222
|
+
* @param bucketOrObjectArn the ARN of the bucket or bucket object
|
|
223
|
+
* @returns whether ABAC should be used to evaluate access for the bucket or object
|
|
224
|
+
*/
|
|
225
|
+
async function evaluateAbacForBucket(s3AbacOverride, collectClient, bucketAccountId, bucketOrObjectArn) {
|
|
226
|
+
if (s3AbacOverride === 'enabled') {
|
|
227
|
+
return true;
|
|
228
|
+
}
|
|
229
|
+
if (s3AbacOverride === 'disabled') {
|
|
230
|
+
return false;
|
|
231
|
+
}
|
|
232
|
+
return collectClient.getAbacEnabledForBucket(bucketAccountId, bucketOrObjectArn);
|
|
233
|
+
}
|
|
199
234
|
//# sourceMappingURL=simulate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"simulate.js","sourceRoot":"","sources":["../../../src/simulate/simulate.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"simulate.js","sourceRoot":"","sources":["../../../src/simulate/simulate.ts"],"names":[],"mappings":";;AAmFA,0CAsKC;AA+GD,4DAWC;AAnXD,sDAA6F;AAC7F,8DAKoC;AACpC,wDAA6F;AAE7F,oDAKyB;AACzB,kDAIwB;AAExB,4CAAmD;AACnD,qDAMyB;AAgDzB;;;;;;GAMG;AACI,KAAK,UAAU,eAAe,CACnC,iBAAoC,EACpC,aAA+B;IAE/B,MAAM,WAAW,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvD,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;IAC9B,MAAM,aAAa,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;IACpC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;IACrD,MAAM,YAAY,GAAG,aAAa,IAAI,CAAC,MAAM,IAAA,0BAAe,EAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAA;IACrF,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,qCAAqC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IAClF,CAAC;IACD,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAEpE,mFAAmF;IACnF,IAAI,aAAa,CAAC,cAAc,EAAE,CAAC;QACjC,iBAAiB,CAAC,eAAe,GAAG,IAAA,yBAAa,EAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,SAAU,CAAA;IAC3F,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,eAAe,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,CAAC;QACzE,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;IACH,CAAC;IACD,iBAAiB,CAAC,eAAe;QAC/B,iBAAiB,CAAC,eAAe;YACjC,CAAC,MAAM,IAAA,sCAAuB,EAAC,aAAa,EAAE,iBAAiB,CAAC,WAAY,CAAC,CAAC,CAAA;IAEhF,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,0CAA0C,iBAAiB,CAAC,WAAW,EAAE,CAAC,CAAA;IAC5F,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,IAAA,+BAAe,EAAC,iBAAiB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;IACxF,IAAI,CAAC,cAAc,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,CAAC;QACjE,MAAM,IAAI,KAAK,CACb,aAAa,iBAAiB,CAAC,SAAS,iEAAiE,CAC1G,CAAA;IACH,CAAC;IAED,+BAA+B;IAC/B,MAAM,iBAAiB,GAAG,MAAM,IAAA,0CAA0B,EACxD,aAAa,EACb,iBAAiB,CAAC,SAAS,CAC5B,CAAA;IAED,MAAM,EAAE,cAAc,EAAE,YAAY,EAAE,GAAG,MAAM,mBAAmB,CAChE,aAAa,EACb,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,eAAe,CAClC,CAAA;IAED,MAAM,iBAAiB,GACrB,iBAAiB,CAAC,WAAW;QAC7B,CAAC,CAAC,IAAA,wBAAY,EAAC,iBAAiB,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,CAAA;IAEnF,IAAI,0BAAiB,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACrF,MAAM,IAAI,KAAK,CACb,uCAAuC,iBAAiB,CAAC,WAAW,mDAAmD,CACxH,CAAA;IACH,CAAC;IAED,MAAM,EAAE,WAAW,EAAE,oBAAoB,EAAE,GAAG,MAAM,IAAA,kCAAiB,EACnE,aAAa,EACb,iBAAiB,EACjB,OAAO,EACP,iBAAiB,CAAC,iBAAiB,CACpC,CAAA;IAED,MAAM,aAAa,GAAG,IAAA,6BAAY,EAAC,WAAW,EAAE,6BAAY,CAAC,aAAa,CAAC,CAAA;IAC3E,IAAI,iBAAiB,GAA8C,SAAS,CAAA;IAC5E,IAAI,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,iCAAiC,CAAC,aAAa,CAAC,CAAA;QAC3F,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,cAAc,CAAC,CAAA;YAChF,IAAI,SAAS,EAAE,CAAC;gBACd,iBAAiB,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;YACjE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,IAAA,mCAAmB,EAAC,iBAAiB,CAAC,SAAS,CAAC;QACrE,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAA;IAE1B,MAAM,OAAO,GAA0B;QACrC,MAAM,EAAE,iBAAiB,CAAC,MAAM;QAChC,QAAQ,EAAE;YACR,QAAQ,EAAE,iBAAiB,CAAC,WAAW,IAAI,GAAG;YAC9C,SAAS,EAAE,iBAAiB,CAAC,eAAe;SAC7C;QACD,SAAS,EAAE,iBAAiB,CAAC,SAAS;QACtC,gBAAgB,EAAE,WAAW;KAC9B,CAAA;IAED,MAAM,UAAU,GAAe;QAC7B,OAAO;QACP,gBAAgB,EAAE,uBAAuB,CAAC,iBAAiB,CAAC,SAAS,EAAE,iBAAiB,CAAC;QACzF,sBAAsB,EAAE,cAAc;QACtC,uBAAuB,EAAE,cAAc,CACrC,iBAAiB,CAAC,SAAS,EAC3B,aAAa,CAAC,cAAc,EAC5B,YAAY,EACZ,iBAAiB,CAAC,IAAI,CACvB;QACD,cAAc,EAAE,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS;QAC9D,0BAA0B,EAAE,yBAAyB,CAAC,iBAAiB,CAAC;QACxE,mBAAmB,EAAE,iBAAiB,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,SAAS;KACzE,CAAA;IAED,MAAM,uBAAuB,GAC3B,iBAAiB,CAAC,WAAW,IAAI,IAAA,iCAAqB,EAAC,iBAAiB,CAAC,WAAW,CAAC,CAAA;IACvF,IAAI,uBAAuB,EAAE,CAAC;QAC5B,MAAM,iBAAiB,GAAG,MAAM,qBAAqB,CACnD,iBAAiB,CAAC,cAAc,EAChC,aAAa,EACb,iBAAiB,CAAC,eAAgB,EAClC,iBAAiB,CAAC,WAAY,CAC/B,CAAA;QACD,UAAU,CAAC,kBAAkB,GAAG;YAC9B,EAAE,EAAE;gBACF,iBAAiB;aAClB;SACF,CAAA;IACH,CAAC;IAED,sDAAsD;IACtD,4CAA4C;IAC5C,MAAM,iBAAiB,GAAG,CAAC,GAAG,iCAAgB,CAAC,CAAA;IAE/C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACnD,qDAAqD;QACrD,iBAAiB,CAAC,IAAI,CAAC,6BAAY,CAAC,WAAW,CAAC,CAAA;IAClD,CAAC;IAED,gEAAgE;IAChE,IAAI,iBAAiB,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/C,iBAAiB,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAA;QACnD,iBAAiB,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IACjD,CAAC;IAED,0DAA0D;IAC1D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACnE,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC7B,CAAC;IAED,wDAAwD;IACxD,IAAI,oBAAoB,EAAE,CAAC;QACzB,iBAAiB,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAA;QAChD,IAAI,uBAAuB,EAAE,CAAC;YAC5B,iBAAiB,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;QAC/C,CAAC;IACH,CAAC;IAED,6DAA6D;IAC7D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,IAAA,4BAAa,EAAC,UAAU,EAAE;QAC7C,cAAc,EAAE,iBAAiB,CAAC,cAAc;QAChD,mBAAmB,EAAE,iBAAiB;KACvC,CAAC,CAAA;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAA;AAC5B,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,aAA+B,EAC/B,WAA+B,EAC/B,eAAmC;IAKnC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,EAAE,CAAA;IACxD,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,IAAA,2CAA4B,EACvD,aAAa,EACb,WAAW,EACX,eAAe,CAChB,CAAA;IACD,MAAM,YAAY,GAAG,MAAM,IAAA,iCAAkB,EAAC,aAAa,EAAE,WAAW,EAAE,eAAe,CAAC,CAAA;IAE1F,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,CAAA;AACzC,CAAC;AAED,SAAS,cAAc,CACrB,YAAoB,EACpB,gBAAyB,EACzB,YAAqC,EACrC,aAAsC;IAEtC,IAAI,IAAA,mCAAmB,EAAC,YAAY,CAAC,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,OAAO,GAAG,YAAY,CAAA;IAE1B,IAAI,gBAAgB,EAAE,CAAC;QACrB,OAAO,GAAG,aAAa,CAAA;IACzB,CAAC;IAED,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACzB,GAAG,CAAC,aAAa,CAAA;QACjB,OAAO;YACL,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE;gBACvC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAA;YAChE,CAAC,CAAC;SACH,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,uBAAuB,CAC9B,YAAoB,EACpB,iBAAoC;IAEpC,iCAAiC;IACjC,MAAM,sBAAsB,GAAkD,EAAE,CAAA;IAChF,iBAAiB,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACnD,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACxC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG;gBACnC,IAAI,EAAE,MAAM,CAAC,GAAG;gBAChB,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAA;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IACF,iBAAiB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvD,WAAW,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC7C,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG;oBACnC,IAAI,EAAE,MAAM,CAAC,GAAG;oBAChB,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAA;IAE9D,iBAAiB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QAClD,gBAAgB,CAAC,IAAI,CAAC;YACpB,IAAI,EAAE,GAAG,YAAY,IAAI,MAAM,CAAC,IAAI,EAAE;YACtC,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,iBAAiB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvD,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC5C,gBAAgB,CAAC,IAAI,CAAC;gBACpB,IAAI,EAAE,GAAG,WAAW,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,EAAE;gBAC3C,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,SAAS,yBAAyB,CAChC,iBAAoC;IAEpC,IAAI,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;QACzC,OAAO;YACL;gBACE,IAAI,EAAE,iBAAiB,CAAC,kBAAkB,CAAC,GAAG;gBAC9C,MAAM,EAAE,iBAAiB,CAAC,kBAAkB,CAAC,MAAM;aACpD;SACF,CAAA;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAgB,wBAAwB,CACtC,QAAkD,EAClD,MAAwB;IAExB,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,QAAQ,KAAK,MAAM,CAAA;AAC5B,CAAC;AAED;;;;;;;;;GASG;AACH,KAAK,UAAU,qBAAqB,CAClC,cAA0C,EAC1C,aAA+B,EAC/B,eAAuB,EACvB,iBAAyB;IAEzB,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,cAAc,KAAK,UAAU,EAAE,CAAC;QAClC,OAAO,KAAK,CAAA;IACd,CAAC;IACD,OAAO,aAAa,CAAC,uBAAuB,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAA;AAClF,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"s3Abac.d.ts","sourceRoot":"","sources":["../../../src/utils/s3Abac.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qBAAqB,kCAAmC,CAAA;AAErE,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,qBAAqB,CAAC,CAAC,MAAM,CAAC,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"s3Abac.js","sourceRoot":"","sources":["../../../src/utils/s3Abac.ts"],"names":[],"mappings":";;;AAAa,QAAA,qBAAqB,GAAG,CAAC,SAAS,EAAE,UAAU,CAAU,CAAA"}
|
|
@@ -1,14 +1,10 @@
|
|
|
1
1
|
import { JobResult } from '@cloud-copilot/job';
|
|
2
2
|
import { IamCollectClient } from '../collect/client.js';
|
|
3
|
+
import { S3AbacOverride } from '../utils/s3Abac.js';
|
|
3
4
|
import { ArrayStreamingWorkQueue } from '../workers/ArrayStreamingWorkQueue.js';
|
|
4
5
|
import { PullBasedJobRunner } from '../workers/JobRunner.js';
|
|
5
6
|
import { StreamingWorkQueue } from '../workers/StreamingWorkQueue.js';
|
|
6
7
|
import { WhoCanAllowed } from './whoCan.js';
|
|
7
8
|
import { WhoCanWorkItem } from './WhoCanWorker.js';
|
|
8
|
-
export declare function createMainThreadStreamingWorkQueue(queue: StreamingWorkQueue<WhoCanWorkItem> | ArrayStreamingWorkQueue<WhoCanWorkItem>, collectClient: IamCollectClient, onComplete: (result: JobResult<WhoCanAllowed | undefined, Record<string, unknown>>) => void): PullBasedJobRunner<WhoCanAllowed | undefined, Record<string, unknown>, WhoCanWorkItem>;
|
|
9
|
-
export declare class WhoCanMainThreadWorker {
|
|
10
|
-
private collectClient;
|
|
11
|
-
constructor(collectClient: IamCollectClient);
|
|
12
|
-
execute(workItem: WhoCanWorkItem): Promise<WhoCanAllowed | undefined>;
|
|
13
|
-
}
|
|
9
|
+
export declare function createMainThreadStreamingWorkQueue(queue: StreamingWorkQueue<WhoCanWorkItem> | ArrayStreamingWorkQueue<WhoCanWorkItem>, collectClient: IamCollectClient, s3AbacOverride: S3AbacOverride | undefined, onComplete: (result: JobResult<WhoCanAllowed | undefined, Record<string, unknown>>) => void): PullBasedJobRunner<WhoCanAllowed | undefined, Record<string, unknown>, WhoCanWorkItem>;
|
|
14
10
|
//# sourceMappingURL=WhoCanMainThreadWorker.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanMainThreadWorker.d.ts","sourceRoot":"","sources":["../../../src/whoCan/WhoCanMainThreadWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAC3C,OAAO,EAA8B,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAE9E,wBAAgB,kCAAkC,CAChD,KAAK,EAAE,kBAAkB,CAAC,cAAc,CAAC,GAAG,uBAAuB,CAAC,cAAc,CAAC,EACnF,aAAa,EAAE,gBAAgB,EAC/B,UAAU,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,aAAa,GAAG,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,
|
|
1
|
+
{"version":3,"file":"WhoCanMainThreadWorker.d.ts","sourceRoot":"","sources":["../../../src/whoCan/WhoCanMainThreadWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAC3C,OAAO,EAA8B,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAE9E,wBAAgB,kCAAkC,CAChD,KAAK,EAAE,kBAAkB,CAAC,cAAc,CAAC,GAAG,uBAAuB,CAAC,cAAc,CAAC,EACnF,aAAa,EAAE,gBAAgB,EAC/B,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,UAAU,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,aAAa,GAAG,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,0FAiB5F"}
|
|
@@ -1,34 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.WhoCanMainThreadWorker = void 0;
|
|
4
3
|
exports.createMainThreadStreamingWorkQueue = createMainThreadStreamingWorkQueue;
|
|
5
4
|
const JobRunner_js_1 = require("../workers/JobRunner.js");
|
|
6
5
|
const WhoCanWorker_js_1 = require("./WhoCanWorker.js");
|
|
7
|
-
function createMainThreadStreamingWorkQueue(queue, collectClient, onComplete) {
|
|
6
|
+
function createMainThreadStreamingWorkQueue(queue, collectClient, s3AbacOverride, onComplete) {
|
|
8
7
|
return new JobRunner_js_1.PullBasedJobRunner(50, async () => {
|
|
9
8
|
return queue.dequeue();
|
|
10
9
|
}, (workItem) => {
|
|
11
|
-
return (0, WhoCanWorker_js_1.createJobForWhoCanWorkItem)(workItem, collectClient
|
|
10
|
+
return (0, WhoCanWorker_js_1.createJobForWhoCanWorkItem)(workItem, collectClient, {
|
|
11
|
+
s3AbacOverride
|
|
12
|
+
});
|
|
12
13
|
}, async (result) => {
|
|
13
14
|
// no-op for now, results are handled by the caller of execute
|
|
14
15
|
return onComplete(result);
|
|
15
16
|
});
|
|
16
17
|
}
|
|
17
|
-
class WhoCanMainThreadWorker {
|
|
18
|
-
collectClient;
|
|
19
|
-
constructor(collectClient) {
|
|
20
|
-
this.collectClient = collectClient;
|
|
21
|
-
}
|
|
22
|
-
async execute(workItem) {
|
|
23
|
-
const { principal, resource, resourceAccount, action } = workItem;
|
|
24
|
-
if (!principal || !resource || !resourceAccount || !action) {
|
|
25
|
-
throw new Error(`Invalid work item: ${JSON.stringify(workItem)}`);
|
|
26
|
-
}
|
|
27
|
-
else {
|
|
28
|
-
const { executeWhoCan } = await Promise.resolve().then(() => require('./WhoCanWorker.js'));
|
|
29
|
-
return executeWhoCan(workItem, this.collectClient);
|
|
30
|
-
}
|
|
31
|
-
}
|
|
32
|
-
}
|
|
33
|
-
exports.WhoCanMainThreadWorker = WhoCanMainThreadWorker;
|
|
34
18
|
//# sourceMappingURL=WhoCanMainThreadWorker.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanMainThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanMainThreadWorker.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"WhoCanMainThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanMainThreadWorker.ts"],"names":[],"mappings":";;AASA,gFAqBC;AA1BD,0DAA4D;AAG5D,uDAA8E;AAE9E,SAAgB,kCAAkC,CAChD,KAAmF,EACnF,aAA+B,EAC/B,cAA0C,EAC1C,UAA2F;IAE3F,OAAO,IAAI,iCAAkB,CAC3B,EAAE,EACF,KAAK,IAAI,EAAE;QACT,OAAO,KAAK,CAAC,OAAO,EAAE,CAAA;IACxB,CAAC,EACD,CAAC,QAAQ,EAAE,EAAE;QACX,OAAO,IAAA,4CAA0B,EAAC,QAAQ,EAAE,aAAa,EAAE;YACzD,cAAc;SACf,CAAC,CAAA;IACJ,CAAC,EACD,KAAK,EAAE,MAAM,EAAE,EAAE;QACf,8DAA8D;QAC9D,OAAO,UAAU,CAAC,MAAM,CAAC,CAAA;IAC3B,CAAC,CACF,CAAA;AACH,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { Job } from '@cloud-copilot/job';
|
|
2
2
|
import { IamCollectClient } from '../collect/client.js';
|
|
3
|
+
import { S3AbacOverride } from '../utils/s3Abac.js';
|
|
3
4
|
import { WhoCanAllowed } from './whoCan.js';
|
|
4
5
|
export interface WhoCanWorkItem {
|
|
5
6
|
resource: string | undefined;
|
|
@@ -7,6 +8,9 @@ export interface WhoCanWorkItem {
|
|
|
7
8
|
action: string;
|
|
8
9
|
principal: string;
|
|
9
10
|
}
|
|
10
|
-
export declare function createJobForWhoCanWorkItem(workItem: WhoCanWorkItem, collectClient: IamCollectClient): Job<WhoCanAllowed | undefined, Record<string, unknown>>;
|
|
11
|
-
export
|
|
11
|
+
export declare function createJobForWhoCanWorkItem(workItem: WhoCanWorkItem, collectClient: IamCollectClient, whoCanOptions: WhoCanOptions): Job<WhoCanAllowed | undefined, Record<string, unknown>>;
|
|
12
|
+
export interface WhoCanOptions {
|
|
13
|
+
s3AbacOverride?: S3AbacOverride;
|
|
14
|
+
}
|
|
15
|
+
export declare function executeWhoCan(workItem: WhoCanWorkItem, collectClient: IamCollectClient, whoCanOptions: WhoCanOptions): Promise<WhoCanAllowed | undefined>;
|
|
12
16
|
//# sourceMappingURL=WhoCanWorker.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanWorker.d.ts","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorker.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,GAAG,EAAE,MAAM,oBAAoB,CAAA;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvD,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAE3C,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,wBAAgB,0BAA0B,CACxC,QAAQ,EAAE,cAAc,EACxB,aAAa,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"WhoCanWorker.d.ts","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorker.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,GAAG,EAAE,MAAM,oBAAoB,CAAA;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAE3C,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,wBAAgB,0BAA0B,CACxC,QAAQ,EAAE,cAAc,EACxB,aAAa,EAAE,gBAAgB,EAC/B,aAAa,EAAE,aAAa,GAC3B,GAAG,CAAC,aAAa,GAAG,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAOzD;AAED,MAAM,WAAW,aAAa;IAC5B,cAAc,CAAC,EAAE,cAAc,CAAA;CAChC;AAED,wBAAsB,aAAa,CACjC,QAAQ,EAAE,cAAc,EACxB,aAAa,EAAE,gBAAgB,EAC/B,aAAa,EAAE,aAAa,GAC3B,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC,CAqDpC"}
|
|
@@ -4,15 +4,15 @@ exports.createJobForWhoCanWorkItem = createJobForWhoCanWorkItem;
|
|
|
4
4
|
exports.executeWhoCan = executeWhoCan;
|
|
5
5
|
const iam_data_1 = require("@cloud-copilot/iam-data");
|
|
6
6
|
const simulate_js_1 = require("../simulate/simulate.js");
|
|
7
|
-
function createJobForWhoCanWorkItem(workItem, collectClient) {
|
|
7
|
+
function createJobForWhoCanWorkItem(workItem, collectClient, whoCanOptions) {
|
|
8
8
|
return {
|
|
9
9
|
properties: {},
|
|
10
10
|
execute: async (context) => {
|
|
11
|
-
return executeWhoCan(workItem, collectClient);
|
|
11
|
+
return executeWhoCan(workItem, collectClient, whoCanOptions);
|
|
12
12
|
}
|
|
13
13
|
};
|
|
14
14
|
}
|
|
15
|
-
async function executeWhoCan(workItem, collectClient) {
|
|
15
|
+
async function executeWhoCan(workItem, collectClient, whoCanOptions) {
|
|
16
16
|
const { principal, resource, resourceAccount, action } = workItem;
|
|
17
17
|
const [service, serviceAction] = action.split(':');
|
|
18
18
|
const discoveryResult = await (0, simulate_js_1.simulateRequest)({
|
|
@@ -21,7 +21,8 @@ async function executeWhoCan(workItem, collectClient) {
|
|
|
21
21
|
resourceAccount: resourceAccount,
|
|
22
22
|
action,
|
|
23
23
|
customContextKeys: {},
|
|
24
|
-
simulationMode: 'Discovery'
|
|
24
|
+
simulationMode: 'Discovery',
|
|
25
|
+
s3AbacOverride: whoCanOptions.s3AbacOverride
|
|
25
26
|
}, collectClient);
|
|
26
27
|
if (discoveryResult?.result.analysis?.result === 'Allowed') {
|
|
27
28
|
const result = await (0, simulate_js_1.simulateRequest)({
|
|
@@ -30,7 +31,8 @@ async function executeWhoCan(workItem, collectClient) {
|
|
|
30
31
|
resourceAccount,
|
|
31
32
|
action,
|
|
32
33
|
customContextKeys: {},
|
|
33
|
-
simulationMode: 'Strict'
|
|
34
|
+
simulationMode: 'Strict',
|
|
35
|
+
s3AbacOverride: whoCanOptions.s3AbacOverride
|
|
34
36
|
}, collectClient);
|
|
35
37
|
if (result?.result.analysis?.result === 'Allowed') {
|
|
36
38
|
const actionType = await getActionLevel(service, serviceAction);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorker.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"WhoCanWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorker.ts"],"names":[],"mappings":";;AAcA,gEAWC;AAMD,sCAyDC;AAxFD,sDAA0D;AAG1D,yDAAyD;AAWzD,SAAgB,0BAA0B,CACxC,QAAwB,EACxB,aAA+B,EAC/B,aAA4B;IAE5B,OAAO;QACL,UAAU,EAAE,EAAE;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACzB,OAAO,aAAa,CAAC,QAAQ,EAAE,aAAa,EAAE,aAAa,CAAC,CAAA;QAC9D,CAAC;KACF,CAAA;AACH,CAAC;AAMM,KAAK,UAAU,aAAa,CACjC,QAAwB,EACxB,aAA+B,EAC/B,aAA4B;IAE5B,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAA;IACjE,MAAM,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAClD,MAAM,eAAe,GAAG,MAAM,IAAA,6BAAe,EAC3C;QACE,SAAS;QACT,WAAW,EAAE,QAAQ;QACrB,eAAe,EAAE,eAAe;QAChC,MAAM;QACN,iBAAiB,EAAE,EAAE;QACrB,cAAc,EAAE,WAAW;QAC3B,cAAc,EAAE,aAAa,CAAC,cAAc;KAC7C,EACD,aAAa,CACd,CAAA;IAED,IAAI,eAAe,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,6BAAe,EAClC;YACE,SAAS;YACT,WAAW,EAAE,QAAQ;YACrB,eAAe;YACf,MAAM;YACN,iBAAiB,EAAE,EAAE;YACrB,cAAc,EAAE,QAAQ;YACxB,cAAc,EAAE,aAAa,CAAC,cAAc;SAC7C,EACD,aAAa,CACd,CAAA;QACD,IAAI,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;YAClD,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;YAC/D,OAAO;gBACL,SAAS;gBACT,OAAO;gBACP,MAAM,EAAE,aAAa;gBACrB,KAAK,EAAE,UAAU,CAAC,WAAW,EAAE;aAChC,CAAA;QACH,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;YAC/D,OAAO;gBACL,SAAS;gBACT,OAAO,EAAE,OAAO;gBAChB,MAAM,EAAE,aAAa;gBACrB,KAAK,EAAE,UAAU,CAAC,WAAW,EAAE;gBAC/B,UAAU,EAAE,eAAe,EAAE,MAAM,CAAC,QAAQ,CAAC,iBAAiB;gBAC9D,oBAAoB,EAAE,eAAe,EAAE,MAAM,CAAC,QAAQ,CAAC,sBAAsB;oBAC3E,CAAC,CAAC,IAAI;oBACN,CAAC,CAAC,SAAS;aACd,CAAA;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,cAAc,CAAC,OAAe,EAAE,MAAc;IAC3D,MAAM,OAAO,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACvD,OAAO,OAAO,CAAC,WAAW,CAAA;AAC5B,CAAC"}
|
|
@@ -9,7 +9,7 @@ if (!worker_threads_1.parentPort) {
|
|
|
9
9
|
throw new Error('Must be run as a worker thread');
|
|
10
10
|
}
|
|
11
11
|
// Get config from the main thread
|
|
12
|
-
const { concurrency, collectConfigs, partition } = worker_threads_1.workerData;
|
|
12
|
+
const { concurrency, collectConfigs, partition, s3AbacOverride } = worker_threads_1.workerData;
|
|
13
13
|
const taskPromises = {};
|
|
14
14
|
worker_threads_1.parentPort.on('message', (msg) => {
|
|
15
15
|
if (msg.type === 'task' && msg.workerId in taskPromises) {
|
|
@@ -37,7 +37,9 @@ const jobRunner = new JobRunner_js_1.PullBasedJobRunner(concurrency, async (work
|
|
|
37
37
|
return {
|
|
38
38
|
properties: {},
|
|
39
39
|
execute: async (context) => {
|
|
40
|
-
return (0, WhoCanWorker_js_1.executeWhoCan)(taskDetails, collectClient
|
|
40
|
+
return (0, WhoCanWorker_js_1.executeWhoCan)(taskDetails, collectClient, {
|
|
41
|
+
s3AbacOverride
|
|
42
|
+
});
|
|
41
43
|
}
|
|
42
44
|
};
|
|
43
45
|
}, async (result) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanWorkerThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorkerThreadWorker.ts"],"names":[],"mappings":";;AAEA,mDAAuD;AACvD,sDAAwD;
|
|
1
|
+
{"version":3,"file":"WhoCanWorkerThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorkerThreadWorker.ts"],"names":[],"mappings":";;AAEA,mDAAuD;AACvD,sDAAwD;AAExD,0DAA4D;AAC5D,gGAAyF;AACzF,uDAAiE;AAGjE,IAAI,CAAC,2BAAU,EAAE,CAAC;IAChB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;AACnD,CAAC;AAED,kCAAkC;AAClC,MAAM,EAAE,WAAW,EAAE,cAAc,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,2BAKlE,CAAA;AAED,MAAM,YAAY,GAAuC,EAAE,CAAA;AAE3D,2BAAU,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;IAC/B,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;QACxD,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACpC,OAAO,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACnC,CAAC;SAAM,IAAI,GAAG,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QACxC,SAAS,CAAC,mBAAmB,EAAE,CAAA;IACjC,CAAC;SAAM,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QACrC,SAAS,CAAC,aAAa,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;YAClC,2BAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAC/C,CAAC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,MAAM,aAAa,GAAG,IAAA,6BAAgB,EAAC,cAAc,EAAE,SAAS,EAAE;IAChE,aAAa,EAAE,IAAI,8DAA4B,CAAC,2BAAU,CAAC;CAC5D,CAAC,CAAA;AAEF,MAAM,SAAS,GAAG,IAAI,iCAAkB,CAKtC,WAAW,EACX,KAAK,EAAE,QAAQ,EAAE,EAAE;IACjB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,2BAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC1D,YAAY,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAA;IAClC,CAAC,CAAC,CAAA;AACJ,CAAC,EACD,CAAC,WAAW,EAAE,EAAE;IACd,OAAO;QACL,UAAU,EAAE,EAAE;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACzB,OAAO,IAAA,+BAAa,EAAC,WAAW,EAAE,aAAa,EAAE;gBAC/C,cAAc;aACf,CAAC,CAAA;QACJ,CAAC;KACF,CAAA;AACH,CAAC,EACD,KAAK,EAAE,MAAM,EAAE,EAAE;IACf,2BAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;AACrD,CAAC,CACF,CAAA"}
|
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
import { TopLevelConfig } from '@cloud-copilot/iam-collect';
|
|
2
2
|
import { ResourceType } from '@cloud-copilot/iam-data';
|
|
3
3
|
import { IamCollectClient } from '../collect/client.js';
|
|
4
|
+
import { S3AbacOverride } from '../utils/s3Abac.js';
|
|
4
5
|
export interface ResourceAccessRequest {
|
|
5
6
|
resource?: string;
|
|
6
7
|
resourceAccount?: string;
|
|
7
8
|
actions: string[];
|
|
9
|
+
sort?: boolean;
|
|
10
|
+
s3AbacOverride?: S3AbacOverride;
|
|
8
11
|
}
|
|
9
12
|
export interface WhoCanAllowed {
|
|
10
13
|
principal: string;
|
|
@@ -56,4 +59,10 @@ export declare function findResourceTypeForArn(resourceArn: string): Promise<[st
|
|
|
56
59
|
* @returns the regex pattern
|
|
57
60
|
*/
|
|
58
61
|
export declare function convertResourcePatternToRegex(pattern: string): string;
|
|
62
|
+
/**
|
|
63
|
+
* Sort the results in a WhoCanResponse in place for consistent output
|
|
64
|
+
*
|
|
65
|
+
* @param whoCanResponse the WhoCanResponse to sort
|
|
66
|
+
*/
|
|
67
|
+
export declare function sortWhoCanResults(whoCanResponse: WhoCanResponse): void;
|
|
59
68
|
//# sourceMappingURL=whoCan.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"whoCan.d.ts","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAC3D,OAAO,EAOL,YAAY,EACb,MAAM,yBAAyB,CAAA;AAWhC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"whoCan.d.ts","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAC3D,OAAO,EAOL,YAAY,EACb,MAAM,yBAAyB,CAAA;AAWhC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAIvD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AASnD,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,cAAc,CAAC,EAAE,cAAc,CAAA;CAChC;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,UAAU,CAAC,EAAE,GAAG,CAAA;IAChB,oBAAoB,CAAC,EAAE,OAAO,CAAA;CAC/B;AAED,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,MAAM,CAAA;IACvB,OAAO,EAAE,aAAa,EAAE,CAAA;IACxB,kBAAkB,EAAE,OAAO,CAAA;IAC3B,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;IACrC,kBAAkB,EAAE,MAAM,EAAE,CAAA;CAC7B;AASD,wBAAsB,MAAM,CAC1B,cAAc,EAAE,cAAc,EAAE,EAChC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,cAAc,CAAC,CAuOzB;AAoBD,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,eAAe,EAAE,eAAe,GAC/B,OAAO,CAAC;IACT,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;IACrC,QAAQ,EAAE,MAAM,EAAE,CAAA;CACnB,CAAC,CAiDD;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,OAAO,CAAA;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;CACtC;AAED,wBAAsB,oCAAoC,CACxD,cAAc,EAAE,GAAG,EACnB,eAAe,EAAE,MAAM,GAAG,SAAS,GAClC,OAAO,CAAC,eAAe,CAAC,CA2E1B;AAED,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,qBAAqB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CA4BxF;AAED;;;;;;;GAOG;AACH,wBAAsB,2BAA2B,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAsBxF;AAED,wBAAsB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAqBjG;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAOrE;AAcD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,cAAc,EAAE,cAAc,QAe/D"}
|
|
@@ -7,6 +7,7 @@ exports.actionsForWhoCan = actionsForWhoCan;
|
|
|
7
7
|
exports.lookupActionsForResourceArn = lookupActionsForResourceArn;
|
|
8
8
|
exports.findResourceTypeForArn = findResourceTypeForArn;
|
|
9
9
|
exports.convertResourcePatternToRegex = convertResourcePatternToRegex;
|
|
10
|
+
exports.sortWhoCanResults = sortWhoCanResults;
|
|
10
11
|
const iam_data_1 = require("@cloud-copilot/iam-data");
|
|
11
12
|
const iam_policy_1 = require("@cloud-copilot/iam-policy");
|
|
12
13
|
const iam_utils_1 = require("@cloud-copilot/iam-utils");
|
|
@@ -35,7 +36,8 @@ async function whoCan(collectConfigs, partition, request) {
|
|
|
35
36
|
workerData: {
|
|
36
37
|
collectConfigs: collectConfigs,
|
|
37
38
|
partition,
|
|
38
|
-
concurrency: 50
|
|
39
|
+
concurrency: 50,
|
|
40
|
+
s3AbacOverride: request.s3AbacOverride
|
|
39
41
|
}
|
|
40
42
|
});
|
|
41
43
|
});
|
|
@@ -83,7 +85,7 @@ async function whoCan(collectConfigs, partition, request) {
|
|
|
83
85
|
simulationErrors.push(result);
|
|
84
86
|
}
|
|
85
87
|
};
|
|
86
|
-
const mainThreadWorker = (0, WhoCanMainThreadWorker_js_1.createMainThreadStreamingWorkQueue)(simulateQueue, collectClient, onComplete);
|
|
88
|
+
const mainThreadWorker = (0, WhoCanMainThreadWorker_js_1.createMainThreadStreamingWorkQueue)(simulateQueue, collectClient, request.s3AbacOverride, onComplete);
|
|
87
89
|
workers.forEach((worker) => {
|
|
88
90
|
worker.on('message', (msg) => {
|
|
89
91
|
if (msg.type === 'requestTask') {
|
|
@@ -174,7 +176,7 @@ async function whoCan(collectConfigs, partition, request) {
|
|
|
174
176
|
console.error(`Completed with ${simulationErrors.length} simulation errors.`);
|
|
175
177
|
throw new Error(`Completed with ${simulationErrors.length} simulation errors. See previous logs.`);
|
|
176
178
|
}
|
|
177
|
-
|
|
179
|
+
const results = {
|
|
178
180
|
simulationCount,
|
|
179
181
|
allowed: whoCanResults,
|
|
180
182
|
allAccountsChecked: accountsToCheck.allAccounts,
|
|
@@ -183,6 +185,10 @@ async function whoCan(collectConfigs, partition, request) {
|
|
|
183
185
|
organizationalUnitsNotFound: uniqueAccounts.organizationalUnitsNotFound,
|
|
184
186
|
principalsNotFound: principalsNotFound
|
|
185
187
|
};
|
|
188
|
+
if (request.sort) {
|
|
189
|
+
sortWhoCanResults(results);
|
|
190
|
+
}
|
|
191
|
+
return results;
|
|
186
192
|
}
|
|
187
193
|
async function runPrincipalForActions(collectClient, simulationQueue, principal, resource, resourceAccount, actions) {
|
|
188
194
|
for (const action of actions) {
|
|
@@ -411,4 +417,30 @@ async function allResourceTypesByArnLength(service) {
|
|
|
411
417
|
return b.arn.length - a.arn.length;
|
|
412
418
|
});
|
|
413
419
|
}
|
|
420
|
+
/**
|
|
421
|
+
* Sort the results in a WhoCanResponse in place for consistent output
|
|
422
|
+
*
|
|
423
|
+
* @param whoCanResponse the WhoCanResponse to sort
|
|
424
|
+
*/
|
|
425
|
+
function sortWhoCanResults(whoCanResponse) {
|
|
426
|
+
whoCanResponse.allowed.sort((a, b) => {
|
|
427
|
+
if (a.principal < b.principal)
|
|
428
|
+
return -1;
|
|
429
|
+
if (a.principal > b.principal)
|
|
430
|
+
return 1;
|
|
431
|
+
if (a.service < b.service)
|
|
432
|
+
return -1;
|
|
433
|
+
if (a.service > b.service)
|
|
434
|
+
return 1;
|
|
435
|
+
if (a.action < b.action)
|
|
436
|
+
return -1;
|
|
437
|
+
if (a.action > b.action)
|
|
438
|
+
return 1;
|
|
439
|
+
return 0;
|
|
440
|
+
});
|
|
441
|
+
whoCanResponse.accountsNotFound.sort();
|
|
442
|
+
whoCanResponse.organizationsNotFound.sort();
|
|
443
|
+
whoCanResponse.organizationalUnitsNotFound.sort();
|
|
444
|
+
whoCanResponse.principalsNotFound.sort();
|
|
445
|
+
}
|
|
414
446
|
//# sourceMappingURL=whoCan.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"whoCan.js","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":";;AAgEA,wBAmOC;AAoBD,sDAyDC;AAUD,oFA8EC;AAED,4CA4BC;AAUD,kEAsBC;AAED,wDAqBC;AAQD,sEAOC;AA3iBD,sDAQgC;AAChC,0DAAsD;AACtD,wDAMiC;AACjC,4CAA+E;AAC/E,mDAAuC;AAEvC,sDAAwD;AACxD,kDAAuF;AACvF,4CAAqC;AACrC,4CAAmD;AACnD,8DAA8D;AAE9D,4FAAqF;AACrF,4EAAqE;AACrE,2EAAgF;AA4BhF,SAAS,WAAW;IAClB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QACpC,OAAO,CAAC,CAAA;IACV,CAAC;IACD,OAAO,IAAA,kBAAY,GAAE,CAAA;AACvB,CAAC;AAEM,KAAK,UAAU,MAAM,CAC1B,cAAgC,EAChC,SAAiB,EACjB,OAA8B;IAE9B,MAAM,IAAI,GAAG,WAAW,EAAE,CAAA;IAC1B,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAE5B,MAAM,UAAU,GAAG,IAAA,qCAAmB,EAAC,oCAAoC,CAAC,CAAA;IAC5E,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC9D,OAAO,IAAI,uBAAM,CAAC,UAAU,EAAE;YAC5B,UAAU,EAAE;gBACV,cAAc,EAAE,cAAc;gBAC9B,SAAS;gBACT,WAAW,EAAE,EAAE;aAChB;SACF,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,aAAa,GAAG,IAAA,6BAAgB,EAAC,cAAc,EAAE,SAAS,EAAE;QAChE,aAAa,EAAE,IAAI,0DAA0B,CAAC,OAAO,CAAC;KACvD,CAAC,CAAA;IAEF,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAA;IACxF,CAAC;IAED,IAAI,QAAQ,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,8BAA8B,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,CAAC,MAAM,IAAA,sCAAuB,EAAC,aAAa,EAAE,QAAS,CAAC,CAAC,CAAA;IAEtF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,+CAA+C,QAAQ,EAAE,CAAC,CAAA;IAC5E,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IAC/C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;IACzE,CAAC;IAED,IAAI,cAAc,GAAQ,SAAS,CAAA;IACnC,IAAI,QAAQ,EAAE,CAAC;QACb,cAAc,GAAG,MAAM,IAAA,2CAA4B,EAAC,aAAa,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAA;QAC7F,MAAM,WAAW,GAAG,IAAI,YAAG,CAAC,QAAQ,CAAC,CAAA;QACrC,IACE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;YAC5D,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,CAAC,cAAc,EACf,CAAC;YACD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,iDAAiD,CAChG,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,oCAAoC,CAChE,cAAc,EACd,eAAe,CAChB,CAAA;IAED,MAAM,cAAc,GAAG,MAAM,qBAAqB,CAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAElF,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAA,kBAAY,GAAE,GAAG,CAAC,CAAC,CAAC,CAAA;IAEjE,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,aAAa,GAAG,IAAI,0CAAkB,EAAkB,CAAA;IAE9D,MAAM,gBAAgB,GAAU,EAAE,CAAA;IAElC,MAAM,UAAU,GAAG,CAAC,MAAqE,EAAE,EAAE;QAC3F,eAAe,EAAE,CAAA;QACjB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YAClD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAClC,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACzD,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC/B,CAAC;IACH,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,IAAA,8DAAkC,EACzD,aAAa,EACb,aAAa,EACb,UAAU,CACX,CAAA;IAED,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,CAAA;gBACpC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpE,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACxB,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,aAAa,CAAC,wBAAwB,CAAC,GAAG,EAAE;QAC1C,gBAAgB,CAAC,mBAAmB,EAAE,CAAA;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAA;IAClE,CAAC,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG,IAAI,uBAAiB,CACxC,WAAW,EACX,OAAO,EACP,KAAK,EAAE,QAAQ,EAAE,EAAE,GAAE,CAAC,CACvB,CAAA;IAED,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,oBAAoB,EAAE,CAAA;IACvE,IAAI,oBAAoB,EAAE,CAAC;QACzB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,iBAAiB,GAAG,MAAM,aAAa,CAAC,8BAA8B,CAC1E,eAAe,EACf,cAAc,CAAC,QAAQ,EACvB,MAAM,CACP,CAAA;YACD,KAAK,MAAM,SAAS,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAC;gBAChD,aAAa,CAAC,OAAO,CAAC;oBACpB,QAAQ;oBACR,MAAM;oBACN,SAAS;oBACT,eAAe;iBAChB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC9C,YAAY,CAAC,OAAO,CAAC;gBACnB,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,KAAK,IAAI,EAAE;oBAClB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;oBACzE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,SAAS,IAAI,eAAe,CAAC,kBAAkB,EAAE,CAAC;QAC3D,YAAY,CAAC,OAAO,CAAC;YACnB,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,IAAI,IAAA,8BAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;oBAClC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;gBACH,CAAC;qBAAM,IACL,IAAA,wBAAY,EAAC,SAAS,CAAC;oBACvB,IAAA,wBAAY,EAAC,SAAS,CAAC;oBACvB,IAAA,4BAAgB,EAAC,SAAS,CAAC,EAC3B,CAAC;oBACD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;oBACtE,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACpC,CAAC;yBAAM,CAAC;wBACN,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,qDAAqD;oBACrD,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,CAAC,aAAa,EAAE,CAAA;IAClC,sCAAsC;IAEtC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC5C,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC5B,MAAM,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC1C,CAAC;YACH,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACzB,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;gBACnC,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,gBAAgB,CAAC,aAAa,EAAE,EAAE,GAAG,cAAc,CAAC,CAAC,CAAA;IAExE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,kBAAkB,gBAAgB,CAAC,MAAM,qBAAqB,CAAC,CAAA;QAC7E,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,CAAC,MAAM,wCAAwC,CAClF,CAAA;IACH,CAAC;IAED,OAAO;QACL,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,kBAAkB,EAAE,eAAe,CAAC,WAAW;QAC/C,gBAAgB,EAAE,cAAc,CAAC,gBAAgB;QACjD,qBAAqB,EAAE,cAAc,CAAC,qBAAqB;QAC3D,2BAA2B,EAAE,cAAc,CAAC,2BAA2B;QACvE,kBAAkB,EAAE,kBAAkB;KACvC,CAAA;AACH,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,aAA+B,EAC/B,eAA6F,EAC7F,SAAiB,EACjB,QAA4B,EAC5B,eAAuB,EACvB,OAAiB;IAEjB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,eAAe,CAAC,OAAO,CAAC;YACtB,QAAQ;YACR,MAAM;YACN,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,eAAgC;IAOhC,MAAM,WAAW,GAAG;QAClB,gBAAgB,EAAE,EAAc;QAChC,qBAAqB,EAAE,EAAc;QACrC,2BAA2B,EAAE,EAAc;QAC3C,QAAQ,EAAE,EAAc;KACzB,CAAA;IAED,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;QAChC,WAAW,CAAC,QAAQ,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,CAAA;QACxD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;IACxC,KAAK,MAAM,OAAO,IAAI,eAAe,CAAC,gBAAgB,IAAI,EAAE,EAAE,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;QAChE,IAAI,aAAa,EAAE,CAAC;YAClB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,eAAe,CAAC,2BAA2B,IAAI,EAAE,EAAE,CAAC;QACvE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QACrF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,eAAe,CAAC,qBAAqB,IAAI,EAAE,EAAE,CAAC;QAChE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAC/E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/C,CAAC;IACH,CAAC;IAED,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACjD,OAAO,WAAW,CAAA;AACpB,CAAC;AAUM,KAAK,UAAU,oCAAoC,CACxD,cAAmB,EACnB,eAAmC;IAEnC,MAAM,eAAe,GAAoB;QACvC,WAAW,EAAE,KAAK;QAClB,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,qBAAqB,EAAE,EAAE;QACzB,2BAA2B,EAAE,EAAE;KAChC,CAAA;IACD,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACxD,CAAC;IACD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,uBAAU,EAAC,cAAc,CAAC,CAAA;IACzC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;QACpC,CAAC;QACD,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAC5D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;YACzC,IAAI,oBAAoB,GAAG,KAAK,CAAA;YAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,SAAS,CAAC,mBAAmB,EAAE,EAAE,CAAC;oBACpC,oBAAoB,GAAG,IAAI,CAAA;gBAC7B,CAAC;qBAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,EAAE,CAAC;oBAC1C,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBAC5D,CAAC;YACH,CAAC;YAED,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,EAAE,CAAA;gBACvB,MAAM,WAAW,GAAG,EAAE,CAAA;gBACtB,MAAM,gBAAgB,GAAG,EAAE,CAAA;gBAE3B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;gBACzC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,oBAAoB;wBAC1D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC9C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,uBAAuB;wBAC7D,IAAI,CAAC,SAAS,EAAE,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACxE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC7C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,sBAAsB;wBAC5D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,gBAAgB,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAClD,CAAC;gBACH,CAAC;gBACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChC,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAA;gBAC5D,CAAC;qBAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,eAAe,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAA;gBAClE,CAAC;qBAAM,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACnC,eAAe,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;gBAC7D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAA;AACxB,CAAC;AAEM,KAAK,UAAU,gBAAgB,CAAC,OAA8B;IACnE,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAE3B,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,YAAY,GAAa,EAAE,CAAA;QACjC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,SAAQ;YACV,CAAC;YACD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,KAAK,CAAA;YACnC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;YACrD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,SAAQ;YACV,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,IAAA,0BAAe,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YAED,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC3B,CAAC;QACD,OAAO,YAAY,CAAA;IACrB,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,2BAA2B,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;AACtD,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,2BAA2B,CAAC,WAAmB;IACnE,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC,CAAA;IACzE,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAA;IAExC,MAAM,eAAe,GAAa,EAAE,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,IAAA,+BAAoB,EAAC,OAAO,CAAC,CAAA;IAC1D,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7D,KAAK,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;YAC7C,IAAI,EAAE,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,OAAO,IAAI,MAAM,EAAE,CAAC,CAAA;gBAC5C,MAAK,CAAC,wDAAwD;YAChE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,YAAG,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAA;IACrF,IAAI,MAAM,EAAE,CAAC;QACX,eAAe,CAAC,IAAI,CAAC,GAAG,0BAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IACrD,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,MAAM,QAAQ,GAAG,IAAA,yBAAa,EAAC,WAAW,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAQ,CAAC,WAAW,EAAE,CAAA;IAE/C,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,0BAA0B,OAAO,iBAAiB,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,mBAAmB,GAAG,MAAM,2BAA2B,CAAC,OAAO,CAAC,CAAA;IACtE,KAAK,MAAM,EAAE,IAAI,mBAAmB,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;QACrD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;QACpD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACtB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,OAAO,iBAAiB,WAAW,GAAG,CACnF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED,KAAK,UAAU,2BAA2B,CAAC,OAAe;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAA0B,EAAC,OAAO,CAAC,CAAA;IAClE,MAAM,mBAAmB,GAAmB,EAAE,CAAA;IAC9C,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,MAAM,IAAA,iCAAsB,EAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAC1D,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvC,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACpC,CAAC,CAAC,CAAA;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"whoCan.js","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":";;AAmEA,wBA2OC;AAoBD,sDAyDC;AAUD,oFA8EC;AAED,4CA4BC;AAUD,kEAsBC;AAED,wDAqBC;AAQD,sEAOC;AAmBD,8CAeC;AAxlBD,sDAQgC;AAChC,0DAAsD;AACtD,wDAMiC;AACjC,4CAA+E;AAC/E,mDAAuC;AAEvC,sDAAwD;AACxD,kDAAuF;AACvF,4CAAqC;AAErC,4CAAmD;AACnD,8DAA8D;AAE9D,4FAAqF;AACrF,4EAAqE;AACrE,2EAAgF;AA8BhF,SAAS,WAAW;IAClB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QACpC,OAAO,CAAC,CAAA;IACV,CAAC;IACD,OAAO,IAAA,kBAAY,GAAE,CAAA;AACvB,CAAC;AAEM,KAAK,UAAU,MAAM,CAC1B,cAAgC,EAChC,SAAiB,EACjB,OAA8B;IAE9B,MAAM,IAAI,GAAG,WAAW,EAAE,CAAA;IAC1B,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAE5B,MAAM,UAAU,GAAG,IAAA,qCAAmB,EAAC,oCAAoC,CAAC,CAAA;IAC5E,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC9D,OAAO,IAAI,uBAAM,CAAC,UAAU,EAAE;YAC5B,UAAU,EAAE;gBACV,cAAc,EAAE,cAAc;gBAC9B,SAAS;gBACT,WAAW,EAAE,EAAE;gBACf,cAAc,EAAE,OAAO,CAAC,cAAc;aACvC;SACF,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,aAAa,GAAG,IAAA,6BAAgB,EAAC,cAAc,EAAE,SAAS,EAAE;QAChE,aAAa,EAAE,IAAI,0DAA0B,CAAC,OAAO,CAAC;KACvD,CAAC,CAAA;IAEF,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAA;IACxF,CAAC;IAED,IAAI,QAAQ,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,8BAA8B,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,CAAC,MAAM,IAAA,sCAAuB,EAAC,aAAa,EAAE,QAAS,CAAC,CAAC,CAAA;IAEtF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,+CAA+C,QAAQ,EAAE,CAAC,CAAA;IAC5E,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IAC/C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;IACzE,CAAC;IAED,IAAI,cAAc,GAAQ,SAAS,CAAA;IACnC,IAAI,QAAQ,EAAE,CAAC;QACb,cAAc,GAAG,MAAM,IAAA,2CAA4B,EAAC,aAAa,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAA;QAC7F,MAAM,WAAW,GAAG,IAAI,YAAG,CAAC,QAAQ,CAAC,CAAA;QACrC,IACE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;YAC5D,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,CAAC,cAAc,EACf,CAAC;YACD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,iDAAiD,CAChG,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,oCAAoC,CAChE,cAAc,EACd,eAAe,CAChB,CAAA;IAED,MAAM,cAAc,GAAG,MAAM,qBAAqB,CAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAElF,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAA,kBAAY,GAAE,GAAG,CAAC,CAAC,CAAC,CAAA;IAEjE,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,aAAa,GAAG,IAAI,0CAAkB,EAAkB,CAAA;IAE9D,MAAM,gBAAgB,GAAU,EAAE,CAAA;IAElC,MAAM,UAAU,GAAG,CAAC,MAAqE,EAAE,EAAE;QAC3F,eAAe,EAAE,CAAA;QACjB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YAClD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAClC,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACzD,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC/B,CAAC;IACH,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,IAAA,8DAAkC,EACzD,aAAa,EACb,aAAa,EACb,OAAO,CAAC,cAAc,EACtB,UAAU,CACX,CAAA;IAED,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,CAAA;gBACpC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpE,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACxB,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,aAAa,CAAC,wBAAwB,CAAC,GAAG,EAAE;QAC1C,gBAAgB,CAAC,mBAAmB,EAAE,CAAA;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAA;IAClE,CAAC,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG,IAAI,uBAAiB,CACxC,WAAW,EACX,OAAO,EACP,KAAK,EAAE,QAAQ,EAAE,EAAE,GAAE,CAAC,CACvB,CAAA;IAED,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,oBAAoB,EAAE,CAAA;IACvE,IAAI,oBAAoB,EAAE,CAAC;QACzB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,iBAAiB,GAAG,MAAM,aAAa,CAAC,8BAA8B,CAC1E,eAAe,EACf,cAAc,CAAC,QAAQ,EACvB,MAAM,CACP,CAAA;YACD,KAAK,MAAM,SAAS,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAC;gBAChD,aAAa,CAAC,OAAO,CAAC;oBACpB,QAAQ;oBACR,MAAM;oBACN,SAAS;oBACT,eAAe;iBAChB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC9C,YAAY,CAAC,OAAO,CAAC;gBACnB,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,KAAK,IAAI,EAAE;oBAClB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;oBACzE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,SAAS,IAAI,eAAe,CAAC,kBAAkB,EAAE,CAAC;QAC3D,YAAY,CAAC,OAAO,CAAC;YACnB,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,IAAI,IAAA,8BAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;oBAClC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;gBACH,CAAC;qBAAM,IACL,IAAA,wBAAY,EAAC,SAAS,CAAC;oBACvB,IAAA,wBAAY,EAAC,SAAS,CAAC;oBACvB,IAAA,4BAAgB,EAAC,SAAS,CAAC,EAC3B,CAAC;oBACD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;oBACtE,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACpC,CAAC;yBAAM,CAAC;wBACN,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,qDAAqD;oBACrD,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,CAAC,aAAa,EAAE,CAAA;IAClC,sCAAsC;IAEtC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC5C,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC5B,MAAM,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC1C,CAAC;YACH,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACzB,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;gBACnC,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,gBAAgB,CAAC,aAAa,EAAE,EAAE,GAAG,cAAc,CAAC,CAAC,CAAA;IAExE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,kBAAkB,gBAAgB,CAAC,MAAM,qBAAqB,CAAC,CAAA;QAC7E,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,CAAC,MAAM,wCAAwC,CAClF,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG;QACd,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,kBAAkB,EAAE,eAAe,CAAC,WAAW;QAC/C,gBAAgB,EAAE,cAAc,CAAC,gBAAgB;QACjD,qBAAqB,EAAE,cAAc,CAAC,qBAAqB;QAC3D,2BAA2B,EAAE,cAAc,CAAC,2BAA2B;QACvE,kBAAkB,EAAE,kBAAkB;KACvC,CAAA;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,iBAAiB,CAAC,OAAO,CAAC,CAAA;IAC5B,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,aAA+B,EAC/B,eAA6F,EAC7F,SAAiB,EACjB,QAA4B,EAC5B,eAAuB,EACvB,OAAiB;IAEjB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,eAAe,CAAC,OAAO,CAAC;YACtB,QAAQ;YACR,MAAM;YACN,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,eAAgC;IAOhC,MAAM,WAAW,GAAG;QAClB,gBAAgB,EAAE,EAAc;QAChC,qBAAqB,EAAE,EAAc;QACrC,2BAA2B,EAAE,EAAc;QAC3C,QAAQ,EAAE,EAAc;KACzB,CAAA;IAED,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;QAChC,WAAW,CAAC,QAAQ,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,CAAA;QACxD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;IACxC,KAAK,MAAM,OAAO,IAAI,eAAe,CAAC,gBAAgB,IAAI,EAAE,EAAE,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;QAChE,IAAI,aAAa,EAAE,CAAC;YAClB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,eAAe,CAAC,2BAA2B,IAAI,EAAE,EAAE,CAAC;QACvE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QACrF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,eAAe,CAAC,qBAAqB,IAAI,EAAE,EAAE,CAAC;QAChE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAC/E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/C,CAAC;IACH,CAAC;IAED,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACjD,OAAO,WAAW,CAAA;AACpB,CAAC;AAUM,KAAK,UAAU,oCAAoC,CACxD,cAAmB,EACnB,eAAmC;IAEnC,MAAM,eAAe,GAAoB;QACvC,WAAW,EAAE,KAAK;QAClB,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,qBAAqB,EAAE,EAAE;QACzB,2BAA2B,EAAE,EAAE;KAChC,CAAA;IACD,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACxD,CAAC;IACD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,uBAAU,EAAC,cAAc,CAAC,CAAA;IACzC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;QACpC,CAAC;QACD,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAC5D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;YACzC,IAAI,oBAAoB,GAAG,KAAK,CAAA;YAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,SAAS,CAAC,mBAAmB,EAAE,EAAE,CAAC;oBACpC,oBAAoB,GAAG,IAAI,CAAA;gBAC7B,CAAC;qBAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,EAAE,CAAC;oBAC1C,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBAC5D,CAAC;YACH,CAAC;YAED,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,EAAE,CAAA;gBACvB,MAAM,WAAW,GAAG,EAAE,CAAA;gBACtB,MAAM,gBAAgB,GAAG,EAAE,CAAA;gBAE3B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;gBACzC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,oBAAoB;wBAC1D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC9C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,uBAAuB;wBAC7D,IAAI,CAAC,SAAS,EAAE,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACxE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC7C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,sBAAsB;wBAC5D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,gBAAgB,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAClD,CAAC;gBACH,CAAC;gBACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChC,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAA;gBAC5D,CAAC;qBAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,eAAe,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAA;gBAClE,CAAC;qBAAM,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACnC,eAAe,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;gBAC7D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAA;AACxB,CAAC;AAEM,KAAK,UAAU,gBAAgB,CAAC,OAA8B;IACnE,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAE3B,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,YAAY,GAAa,EAAE,CAAA;QACjC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,SAAQ;YACV,CAAC;YACD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,KAAK,CAAA;YACnC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;YACrD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,SAAQ;YACV,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,IAAA,0BAAe,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YAED,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC3B,CAAC;QACD,OAAO,YAAY,CAAA;IACrB,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,2BAA2B,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;AACtD,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,2BAA2B,CAAC,WAAmB;IACnE,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC,CAAA;IACzE,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAA;IAExC,MAAM,eAAe,GAAa,EAAE,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,IAAA,+BAAoB,EAAC,OAAO,CAAC,CAAA;IAC1D,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7D,KAAK,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;YAC7C,IAAI,EAAE,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,OAAO,IAAI,MAAM,EAAE,CAAC,CAAA;gBAC5C,MAAK,CAAC,wDAAwD;YAChE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,YAAG,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAA;IACrF,IAAI,MAAM,EAAE,CAAC;QACX,eAAe,CAAC,IAAI,CAAC,GAAG,0BAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IACrD,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,MAAM,QAAQ,GAAG,IAAA,yBAAa,EAAC,WAAW,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAQ,CAAC,WAAW,EAAE,CAAA;IAE/C,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,0BAA0B,OAAO,iBAAiB,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,mBAAmB,GAAG,MAAM,2BAA2B,CAAC,OAAO,CAAC,CAAA;IACtE,KAAK,MAAM,EAAE,IAAI,mBAAmB,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;QACrD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;QACpD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACtB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,OAAO,iBAAiB,WAAW,GAAG,CACnF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED,KAAK,UAAU,2BAA2B,CAAC,OAAe;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAA0B,EAAC,OAAO,CAAC,CAAA;IAClE,MAAM,mBAAmB,GAAmB,EAAE,CAAA;IAC9C,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,MAAM,IAAA,iCAAsB,EAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAC1D,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvC,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACpC,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,iBAAiB,CAAC,cAA8B;IAC9D,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACnC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAA;QACvC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,CAAA;QACpC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,CAAA;QAClC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAA;QACjC,OAAO,CAAC,CAAA;IACV,CAAC,CAAC,CAAA;IAEF,cAAc,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;IACtC,cAAc,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAA;IAC3C,cAAc,CAAC,2BAA2B,CAAC,IAAI,EAAE,CAAA;IACjD,cAAc,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAA;AAC1C,CAAC"}
|
package/dist/esm/cli.js
CHANGED
|
@@ -39,6 +39,11 @@ const main = async () => {
|
|
|
39
39
|
ignoreMissingPrincipal: booleanArgument({
|
|
40
40
|
description: 'Ignore if the principal does not exist. Useful for simulating actions from principals that may not exist or are outside your data set',
|
|
41
41
|
character: 'i'
|
|
42
|
+
}),
|
|
43
|
+
s3AbacOverride: enumArgument({
|
|
44
|
+
description: 'Override the S3 ABAC setting for S3 buckets. Defaults to the bucket setting stored in your iam-collect data',
|
|
45
|
+
validValues: ['enabled', 'disabled'],
|
|
46
|
+
defaultValue: undefined
|
|
42
47
|
})
|
|
43
48
|
}
|
|
44
49
|
},
|
|
@@ -54,6 +59,15 @@ const main = async () => {
|
|
|
54
59
|
actions: stringArrayArgument({
|
|
55
60
|
description: 'The actions to check permissions for; must be a valid IAM service and action such as `s3:GetObject`',
|
|
56
61
|
defaultValue: []
|
|
62
|
+
}),
|
|
63
|
+
s3AbacOverride: enumArgument({
|
|
64
|
+
description: 'Override the S3 ABAC setting for S3 buckets. Defaults to the bucket setting stored in your iam-collect data',
|
|
65
|
+
validValues: ['enabled', 'disabled'],
|
|
66
|
+
defaultValue: undefined
|
|
67
|
+
}),
|
|
68
|
+
sort: booleanArgument({
|
|
69
|
+
description: 'Sort the results before outputting',
|
|
70
|
+
character: 's'
|
|
57
71
|
})
|
|
58
72
|
}
|
|
59
73
|
},
|
|
@@ -106,7 +120,8 @@ const main = async () => {
|
|
|
106
120
|
action: action,
|
|
107
121
|
customContextKeys: singularizeOneEntryArrays(context),
|
|
108
122
|
simulationMode: 'Strict',
|
|
109
|
-
ignoreMissingPrincipal
|
|
123
|
+
ignoreMissingPrincipal,
|
|
124
|
+
s3AbacOverride: cli.args.s3AbacOverride
|
|
110
125
|
}, collectClient);
|
|
111
126
|
if (result.errors) {
|
|
112
127
|
console.error('Simulation Errors:');
|
|
@@ -130,7 +145,9 @@ const main = async () => {
|
|
|
130
145
|
const results = await whoCan(collectConfigs, cli.args.partition, {
|
|
131
146
|
resource: cli.args.resource,
|
|
132
147
|
actions: cli.args.actions,
|
|
133
|
-
resourceAccount: cli.args.resourceAccount
|
|
148
|
+
resourceAccount: cli.args.resourceAccount,
|
|
149
|
+
s3AbacOverride: cli.args.s3AbacOverride,
|
|
150
|
+
sort: cli.args.sort
|
|
134
151
|
});
|
|
135
152
|
console.log(JSON.stringify(results, null, 2));
|
|
136
153
|
}
|
package/dist/esm/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EACL,eAAe,EACf,YAAY,EACZ,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,mBAAmB,EACpB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AACrD,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAA;AAC3E,OAAO,EAAE,wBAAwB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE;IACtB,MAAM,GAAG,GAAG,MAAM,iBAAiB,CACjC,UAAU,EACV;QACE,QAAQ,EAAE;YACR,WAAW,EAAE,yBAAyB;YACtC,SAAS,EAAE;gBACT,SAAS,EAAE,cAAc,CAAC;oBACxB,WAAW,EAAE,yEAAyE;iBACvF,CAAC;gBACF,QAAQ,EAAE,cAAc,CAAC;oBACvB,WAAW,EACT,4EAA4E;iBAC/E,CAAC;gBACF,eAAe,EAAE,cAAc,CAAC;oBAC9B,WAAW,EACT,iGAAiG;iBACpG,CAAC;gBACF,MAAM,EAAE,cAAc,CAAC;oBACrB,WAAW,EACT,wFAAwF;iBAC3F,CAAC;gBACF,OAAO,EAAE,WAAW,CAAC;oBACnB,WAAW,EACT,6JAA6J;oBAC/J,YAAY,EAAE,EAAE;iBACjB,CAAC;gBACF,OAAO,EAAE,eAAe,CAAC;oBACvB,WAAW,EAAE,0CAA0C;oBACvD,SAAS,EAAE,GAAG;iBACf,CAAC;gBACF,MAAM,EAAE,YAAY,CAAC;oBACnB,WAAW,EACT,iIAAiI;oBACnI,WAAW,EAAE,CAAC,SAAS,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,SAAS,CAAC;iBAC5E,CAAC;gBACF,sBAAsB,EAAE,eAAe,CAAC;oBACtC,WAAW,EACT,uIAAuI;oBACzI,SAAS,EAAE,GAAG;iBACf,CAAC;aACH;SACF;QACD,SAAS,EAAE;YACT,WAAW,EAAE,8CAA8C;YAC3D,SAAS,EAAE;gBACT,QAAQ,EAAE,cAAc,CAAC;oBACvB,WAAW,EACT,+EAA+E;iBAClF,CAAC;gBACF,eAAe,EAAE,cAAc,CAAC;oBAC9B,WAAW,EACT,+HAA+H;iBAClI,CAAC;gBACF,OAAO,EAAE,mBAAmB,CAAC;oBAC3B,WAAW,EACT,qGAAqG;oBACvG,YAAY,EAAE,EAAE;iBACjB,CAAC;aACH;SACF;QACD,eAAe,EAAE;YACf,WAAW,EACT,2FAA2F;YAC7F,SAAS,EAAE;gBACT,SAAS,EAAE,cAAc,CAAC;oBACxB,WAAW,EAAE,+DAA+D;iBAC7E,CAAC;gBACF,iBAAiB,EAAE,eAAe,CAAC;oBACjC,WAAW,EAAE,2CAA2C;oBACxD,SAAS,EAAE,GAAG;iBACf,CAAC;aACH;SACF;QACD,kBAAkB,EAAE;YAClB,WAAW,EAAE,sBAAsB;YACnC,SAAS,EAAE,EAAE;SACd;KACF,EACD;QACE,cAAc,EAAE,mBAAmB,CAAC;YAClC,WAAW,EAAE,4CAA4C;YACzD,YAAY,EAAE,EAAE;SACjB,CAAC;QACF,SAAS,EAAE,cAAc,CAAC;YACxB,WAAW,EAAE,qEAAqE;YAClF,YAAY,EAAE,KAAK;SACpB,CAAC;KACH,EACD;QACE,SAAS,EAAE,UAAU;QACrB,gBAAgB,EAAE,IAAI;QACtB,iBAAiB,EAAE,IAAI;QACvB,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,cAAc,EAAE,cAAc;YAC9B,eAAe,EAAE,yBAAyB;SAC3C;KACF,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;IACrD,CAAC;IACD,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACxE,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAE1E,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,EAAE,GACrF,GAAG,CAAC,IAAI,CAAA;QAEV,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,eAAe,CAC/C;YACE,SAAS,EAAE,SAAU;YACrB,WAAW,EAAE,QAAQ;YACrB,eAAe,EAAE,eAAe;YAChC,MAAM,EAAE,MAAO;YACf,iBAAiB,EAAE,yBAAyB,CAAC,OAAO,CAAC;YACrD,cAAc,EAAE,QAAQ;YACxB,sBAAsB;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EACL,eAAe,EACf,YAAY,EACZ,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,mBAAmB,EACpB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AACrD,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAA;AAC3E,OAAO,EAAE,wBAAwB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE;IACtB,MAAM,GAAG,GAAG,MAAM,iBAAiB,CACjC,UAAU,EACV;QACE,QAAQ,EAAE;YACR,WAAW,EAAE,yBAAyB;YACtC,SAAS,EAAE;gBACT,SAAS,EAAE,cAAc,CAAC;oBACxB,WAAW,EAAE,yEAAyE;iBACvF,CAAC;gBACF,QAAQ,EAAE,cAAc,CAAC;oBACvB,WAAW,EACT,4EAA4E;iBAC/E,CAAC;gBACF,eAAe,EAAE,cAAc,CAAC;oBAC9B,WAAW,EACT,iGAAiG;iBACpG,CAAC;gBACF,MAAM,EAAE,cAAc,CAAC;oBACrB,WAAW,EACT,wFAAwF;iBAC3F,CAAC;gBACF,OAAO,EAAE,WAAW,CAAC;oBACnB,WAAW,EACT,6JAA6J;oBAC/J,YAAY,EAAE,EAAE;iBACjB,CAAC;gBACF,OAAO,EAAE,eAAe,CAAC;oBACvB,WAAW,EAAE,0CAA0C;oBACvD,SAAS,EAAE,GAAG;iBACf,CAAC;gBACF,MAAM,EAAE,YAAY,CAAC;oBACnB,WAAW,EACT,iIAAiI;oBACnI,WAAW,EAAE,CAAC,SAAS,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,SAAS,CAAC;iBAC5E,CAAC;gBACF,sBAAsB,EAAE,eAAe,CAAC;oBACtC,WAAW,EACT,uIAAuI;oBACzI,SAAS,EAAE,GAAG;iBACf,CAAC;gBACF,cAAc,EAAE,YAAY,CAAC;oBAC3B,WAAW,EACT,6GAA6G;oBAC/G,WAAW,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;oBACpC,YAAY,EAAE,SAAS;iBACxB,CAAC;aACH;SACF;QACD,SAAS,EAAE;YACT,WAAW,EAAE,8CAA8C;YAC3D,SAAS,EAAE;gBACT,QAAQ,EAAE,cAAc,CAAC;oBACvB,WAAW,EACT,+EAA+E;iBAClF,CAAC;gBACF,eAAe,EAAE,cAAc,CAAC;oBAC9B,WAAW,EACT,+HAA+H;iBAClI,CAAC;gBACF,OAAO,EAAE,mBAAmB,CAAC;oBAC3B,WAAW,EACT,qGAAqG;oBACvG,YAAY,EAAE,EAAE;iBACjB,CAAC;gBACF,cAAc,EAAE,YAAY,CAAC;oBAC3B,WAAW,EACT,6GAA6G;oBAC/G,WAAW,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;oBACpC,YAAY,EAAE,SAAS;iBACxB,CAAC;gBACF,IAAI,EAAE,eAAe,CAAC;oBACpB,WAAW,EAAE,oCAAoC;oBACjD,SAAS,EAAE,GAAG;iBACf,CAAC;aACH;SACF;QACD,eAAe,EAAE;YACf,WAAW,EACT,2FAA2F;YAC7F,SAAS,EAAE;gBACT,SAAS,EAAE,cAAc,CAAC;oBACxB,WAAW,EAAE,+DAA+D;iBAC7E,CAAC;gBACF,iBAAiB,EAAE,eAAe,CAAC;oBACjC,WAAW,EAAE,2CAA2C;oBACxD,SAAS,EAAE,GAAG;iBACf,CAAC;aACH;SACF;QACD,kBAAkB,EAAE;YAClB,WAAW,EAAE,sBAAsB;YACnC,SAAS,EAAE,EAAE;SACd;KACF,EACD;QACE,cAAc,EAAE,mBAAmB,CAAC;YAClC,WAAW,EAAE,4CAA4C;YACzD,YAAY,EAAE,EAAE;SACjB,CAAC;QACF,SAAS,EAAE,cAAc,CAAC;YACxB,WAAW,EAAE,qEAAqE;YAClF,YAAY,EAAE,KAAK;SACpB,CAAC;KACH,EACD;QACE,SAAS,EAAE,UAAU;QACrB,gBAAgB,EAAE,IAAI;QACtB,iBAAiB,EAAE,IAAI;QACvB,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,cAAc,EAAE,cAAc;YAC9B,eAAe,EAAE,yBAAyB;SAC3C;KACF,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;IACrD,CAAC;IACD,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACxE,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAE1E,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,EAAE,GACrF,GAAG,CAAC,IAAI,CAAA;QAEV,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,eAAe,CAC/C;YACE,SAAS,EAAE,SAAU;YACrB,WAAW,EAAE,QAAQ;YACrB,eAAe,EAAE,eAAe;YAChC,MAAM,EAAE,MAAO;YACf,iBAAiB,EAAE,yBAAyB,CAAC,OAAO,CAAC;YACrD,cAAc,EAAE,QAAQ;YACxB,sBAAsB;YACtB,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,cAAc;SACxC,EACD,aAAa,CACd,CAAA;QAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACnC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAC5D,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC3D,CAAC;QAED,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAO,CAAC,EAAE,CAAC;YACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QACvD,IAAI,CAAC,eAAe,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,KAAK,CACX,qGAAqG,CACtG,CAAA;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE;YAC/D,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAS;YAC5B,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,OAAQ;YAC1B,eAAe,EAAE,GAAG,CAAC,IAAI,CAAC,eAAe;YACzC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,cAAc;YACvC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;SACpB,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,eAAe,EAAE,CAAC;QAC9C,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAA;YAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,aAAa,EAAE;YAChD,SAAS,EAAE,SAAS;YACpB,iBAAiB;SAClB,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,kBAAkB,EAAE,CAAC;QACjD,MAAM,WAAW,GAAG,gBAAgB,CAAC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE;YACvE,aAAa,EAAE,IAAI,eAAe,EAAE;SACrC,CAAC,CAAA;QACF,MAAM,kBAAkB,CAAC,WAAW,CAAC,CAAA;IACvC,CAAC;AACH,CAAC,CAAA;AAED;;;;;;GAMG;AACH,SAAS,yBAAyB,CAChC,KAA+B;IAE/B,MAAM,MAAM,GAAsC,EAAE,CAAA;IACpD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACxB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;QACrB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,IAAI,EAAE;KACH,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACX,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC;KACD,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;KACd,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA"}
|
|
@@ -261,11 +261,20 @@ export declare class IamCollectClient {
|
|
|
261
261
|
data: T;
|
|
262
262
|
}>;
|
|
263
263
|
/**
|
|
264
|
-
*
|
|
264
|
+
* Get the account ID for a given S3 bucket name.
|
|
265
|
+
*
|
|
265
266
|
* @param bucketName The name of the bucket.
|
|
266
267
|
* @returns The account ID for the bucket, or undefined if not found.
|
|
267
268
|
*/
|
|
268
269
|
getAccountIdForBucket(bucketName: string): Promise<string | undefined>;
|
|
270
|
+
/**
|
|
271
|
+
* Check if ABAC is enabled for a specific S3 bucket
|
|
272
|
+
*
|
|
273
|
+
* @param accountId The account ID of the bucket
|
|
274
|
+
* @param bucketOrObjectArn The ARN of the bucket or object
|
|
275
|
+
* @returns true if ABAC is enabled for the bucket, false otherwise
|
|
276
|
+
*/
|
|
277
|
+
getAbacEnabledForBucket(accountId: string, bucketOrObjectArn: string): Promise<boolean>;
|
|
269
278
|
/**
|
|
270
279
|
* Gets the account ID for a given API Gateway ARN.
|
|
271
280
|
* @param apiArn The ARN of the API Gateway.
|
|
@@ -366,9 +375,12 @@ export declare class IamCollectClient {
|
|
|
366
375
|
*
|
|
367
376
|
* @param resourceArn The ARN of the resource.
|
|
368
377
|
* @param accountId The ID of the account.
|
|
369
|
-
* @returns
|
|
378
|
+
* @returns an object to indicate if the resource is present and its tags (if any)
|
|
370
379
|
*/
|
|
371
|
-
getTagsForResource(resourceArn: string, accountId: string): Promise<
|
|
380
|
+
getTagsForResource(resourceArn: string, accountId: string): Promise<{
|
|
381
|
+
present: boolean;
|
|
382
|
+
tags: Record<string, string>;
|
|
383
|
+
}>;
|
|
372
384
|
/**
|
|
373
385
|
* Gets a unique ID for an IAM resource based on its ARN and account ID.
|
|
374
386
|
* Used specifically for IAM Users and Roles
|