@cloud-copilot/iam-lens 0.1.99 → 0.1.101
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/collect/client.d.ts +12 -4
- package/dist/cjs/collect/client.d.ts.map +1 -1
- package/dist/cjs/collect/client.js +15 -3
- package/dist/cjs/collect/client.js.map +1 -1
- package/dist/cjs/collect/collect.d.ts +30 -4
- package/dist/cjs/collect/collect.d.ts.map +1 -1
- package/dist/cjs/collect/collect.js +26 -5
- package/dist/cjs/collect/collect.js.map +1 -1
- package/dist/cjs/index.d.ts +4 -3
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/whoCan/WhoCanWorkerThreadWorker.js +3 -2
- package/dist/cjs/whoCan/WhoCanWorkerThreadWorker.js.map +1 -1
- package/dist/cjs/whoCan/principalScope.d.ts +35 -0
- package/dist/cjs/whoCan/principalScope.d.ts.map +1 -0
- package/dist/cjs/whoCan/principalScope.js +104 -0
- package/dist/cjs/whoCan/principalScope.js.map +1 -0
- package/dist/cjs/whoCan/whoCan.d.ts +26 -0
- package/dist/cjs/whoCan/whoCan.d.ts.map +1 -1
- package/dist/cjs/whoCan/whoCan.js +20 -6
- package/dist/cjs/whoCan/whoCan.js.map +1 -1
- package/dist/esm/collect/client.d.ts +12 -4
- package/dist/esm/collect/client.d.ts.map +1 -1
- package/dist/esm/collect/client.js +15 -3
- package/dist/esm/collect/client.js.map +1 -1
- package/dist/esm/collect/collect.d.ts +30 -4
- package/dist/esm/collect/collect.d.ts.map +1 -1
- package/dist/esm/collect/collect.js +26 -5
- package/dist/esm/collect/collect.js.map +1 -1
- package/dist/esm/index.d.ts +4 -3
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/whoCan/WhoCanWorkerThreadWorker.js +3 -2
- package/dist/esm/whoCan/WhoCanWorkerThreadWorker.js.map +1 -1
- package/dist/esm/whoCan/principalScope.d.ts +35 -0
- package/dist/esm/whoCan/principalScope.d.ts.map +1 -0
- package/dist/esm/whoCan/principalScope.js +102 -0
- package/dist/esm/whoCan/principalScope.js.map +1 -0
- package/dist/esm/whoCan/whoCan.d.ts +26 -0
- package/dist/esm/whoCan/whoCan.d.ts.map +1 -1
- package/dist/esm/whoCan/whoCan.js +21 -6
- package/dist/esm/whoCan/whoCan.js.map +1 -1
- package/package.json +3 -3
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,qBAAqB,EACrB,eAAe,EACf,KAAK,aAAa,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,qBAAqB,EACrB,eAAe,EACf,KAAK,aAAa,EAClB,KAAK,uBAAuB,EAC7B,MAAM,qBAAqB,CAAA;AAC5B,YAAY,EACV,aAAa,EACb,YAAY,EACZ,SAAS,EACT,qBAAqB,EACrB,aAAa,EACb,cAAc,EACf,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EAC1B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,YAAY,EAAE,KAAK,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAA;AAC3E,YAAY,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAA;AAC5D,OAAO,EAAE,eAAe,EAAE,KAAK,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAChF,OAAO,EACL,MAAM,EACN,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,aAAa,EAClB,KAAK,cAAc,EACpB,MAAM,oBAAoB,CAAA"}
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,qBAAqB,EACrB,eAAe,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,qBAAqB,EACrB,eAAe,EAGhB,MAAM,qBAAqB,CAAA;AAS5B,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAGnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,YAAY,EAA0B,MAAM,gCAAgC,CAAA;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAA;AAE3E,OAAO,EAAE,eAAe,EAA0B,MAAM,wBAAwB,CAAA;AAChF,OAAO,EACL,MAAM,EAKP,MAAM,oBAAoB,CAAA"}
|
|
@@ -11,7 +11,7 @@ if (!parentPort) {
|
|
|
11
11
|
throw new Error('Must be run as a worker thread');
|
|
12
12
|
}
|
|
13
13
|
// Get config from the main thread
|
|
14
|
-
const { concurrency, collectConfigs, partition, s3AbacOverride, collectDenyDetails, collectGrantDetails, strictContextKeys } = workerData;
|
|
14
|
+
const { concurrency, collectConfigs, partition, s3AbacOverride, collectDenyDetails, collectGrantDetails, strictContextKeys, clientFactoryPlugin } = workerData;
|
|
15
15
|
const taskPromises = {};
|
|
16
16
|
// Pending deny details checks - keyed by a unique id for each check
|
|
17
17
|
let denyDetailsCheckId = 0;
|
|
@@ -40,7 +40,8 @@ parentPort.on('message', (msg) => {
|
|
|
40
40
|
}
|
|
41
41
|
});
|
|
42
42
|
const collectClient = getCollectClient(collectConfigs, partition, {
|
|
43
|
-
cacheProvider: new SharedArrayBufferWorkerCache(parentPort)
|
|
43
|
+
cacheProvider: new SharedArrayBufferWorkerCache(parentPort),
|
|
44
|
+
clientFactoryPlugin
|
|
44
45
|
});
|
|
45
46
|
const jobRunner = new PullBasedJobRunner(concurrency, async (workerId) => {
|
|
46
47
|
return new Promise((resolve) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WhoCanWorkerThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorkerThreadWorker.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAuB,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,
|
|
1
|
+
{"version":3,"file":"WhoCanWorkerThreadWorker.js","sourceRoot":"","sources":["../../../src/whoCan/WhoCanWorkerThreadWorker.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAuB,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AACvD,OAAO,EAA4B,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAClF,OAAO,EAAuB,MAAM,oBAAoB,CAAA;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAA;AACzF,OAAO,EAAE,sBAAsB,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AACrF,OAAO,EAAE,aAAa,EAAmD,MAAM,mBAAmB,CAAA;AAElG,IAAI,CAAC,UAAU,EAAE,CAAC;IAChB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;AACnD,CAAC;AAED,kCAAkC;AAClC,MAAM,EACJ,WAAW,EACX,cAAc,EACd,SAAS,EACT,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EACpB,GAAG,UASH,CAAA;AAED,MAAM,YAAY,GAAuC,EAAE,CAAA;AAE3D,oEAAoE;AACpE,IAAI,kBAAkB,GAAG,CAAC,CAAA;AAC1B,MAAM,wBAAwB,GAAqD,EAAE,CAAA;AAErF,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;IAC/B,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;QACxD,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACpC,OAAO,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACnC,CAAC;SAAM,IAAI,GAAG,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QACxC,SAAS,CAAC,mBAAmB,EAAE,CAAA;IACjC,CAAC;SAAM,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QACrC,SAAS,CAAC,aAAa,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;YAClC,UAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAC/C,CAAC,CAAC,CAAA;IACJ,CAAC;SAAM,IAAI,GAAG,CAAC,IAAI,KAAK,wBAAwB,EAAE,CAAC;QACjD,yEAAyE;QACzE,MAAM,OAAO,GAAG,GAAG,CAAC,OAAiB,CAAA;QACrC,MAAM,SAAS,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAA;QACnD,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;YAC5B,OAAO,wBAAwB,CAAC,OAAO,CAAC,CAAA;QAC1C,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,SAAS,EAAE;IAChE,aAAa,EAAE,IAAI,4BAA4B,CAAC,UAAU,CAAC;IAC3D,mBAAmB;CACpB,CAAC,CAAA;AAEF,MAAM,SAAS,GAAG,IAAI,kBAAkB,CAKtC,WAAW,EACX,KAAK,EAAE,QAAQ,EAAE,EAAE;IACjB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,UAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC1D,YAAY,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAA;IAClC,CAAC,CAAC,CAAA;AACJ,CAAC,EACD,CAAC,WAAW,EAAE,EAAE;IACd,OAAO;QACL,UAAU,EAAE,EAAE;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACzB,OAAO,aAAa,CAAC,WAAW,EAAE,aAAa,EAAE;gBAC/C,cAAc;gBACd,kBAAkB;gBAClB,mBAAmB;gBACnB,iBAAiB;aAClB,CAAC,CAAA;QACJ,CAAC;KACF,CAAA;AACH,CAAC,EACD,KAAK,EAAE,MAAM,EAAE,EAAE;IACf,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAA;QAEpC,IAAI,eAAe,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACvC,4CAA4C;YAC5C,UAAW,CAAC,WAAW,CAAC;gBACtB,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE;oBACN,MAAM,EAAE,WAAW;oBACnB,KAAK,EAAE,eAAe,CAAC,OAAO;oBAC9B,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B;aACF,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,8EAA8E;YAC9E,UAAW,CAAC,WAAW,CAAC;gBACtB,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE;oBACN,MAAM,EAAE,WAAW;oBACnB,KAAK,EAAE,SAAS;oBAChB,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B;aACF,CAAC,CAAA;YAEF,0CAA0C;YAC1C,MAAM,UAAU,GACd,eAAe,CAAC,IAAI,KAAK,eAAe,IAAI,eAAe,CAAC,IAAI,KAAK,iBAAiB,CAAA;YAExF,IAAI,kBAAkB,IAAI,UAAU,EAAE,CAAC;gBACrC,MAAM,aAAa,GAAG,sBAAsB,CAAC,eAAe,CAAC,CAAA;gBAC7D,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAA;gBAEpC,oCAAoC;gBACpC,UAAW,CAAC,WAAW,CAAC;oBACtB,IAAI,EAAE,kBAAkB;oBACxB,OAAO;oBACP,QAAQ,EAAE,eAAe,CAAC,QAAQ;oBAClC,aAAa;iBACd,CAAC,CAAA;gBAEF,qCAAqC;gBACrC,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAU,CAAC,OAAO,EAAE,EAAE;oBAC3D,wBAAwB,CAAC,OAAO,CAAC,GAAG,OAAO,CAAA;gBAC7C,CAAC,CAAC,CAAA;gBAEF,IAAI,aAAa,EAAE,CAAC;oBAClB,kDAAkD;oBAClD,UAAW,CAAC,WAAW,CAAC;wBACtB,IAAI,EAAE,mBAAmB;wBACzB,UAAU,EAAE,sBAAsB,CAAC,eAAe,CAAC;qBACpD,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4BAA4B;QAC5B,UAAW,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;IACrD,CAAC;AACH,CAAC,CACF,CAAA"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { IamCollectClient } from '../collect/client.js';
|
|
2
|
+
import { type WhoCanPrincipalScope } from './whoCan.js';
|
|
3
|
+
/**
|
|
4
|
+
* Resolves a `WhoCanPrincipalScope` into concrete sets of account IDs and principal ARNs
|
|
5
|
+
* using the collect client for OU lookups.
|
|
6
|
+
*
|
|
7
|
+
* `scope.principals` are kept separate from `scope.accounts` — a scope like
|
|
8
|
+
* `{ principals: ['arn:...:role/Foo'] }` tests only that one role and does NOT
|
|
9
|
+
* expand to search every principal in Foo's account.
|
|
10
|
+
*
|
|
11
|
+
* @param client The collect client used to resolve OU paths to account IDs.
|
|
12
|
+
* @param scope The principal scope to resolve.
|
|
13
|
+
* @returns An object with `accounts` and `principals` sets.
|
|
14
|
+
*/
|
|
15
|
+
export declare function resolvePrincipalScope(client: IamCollectClient, scope: WhoCanPrincipalScope): Promise<{
|
|
16
|
+
accounts: Set<string>;
|
|
17
|
+
principals: Set<string>;
|
|
18
|
+
}>;
|
|
19
|
+
/**
|
|
20
|
+
* Intersects the resource-policy-derived scope with a caller-supplied principal scope.
|
|
21
|
+
* Returns the narrowed set of accounts (for full-account search) and principals
|
|
22
|
+
* (for individual principal testing).
|
|
23
|
+
*
|
|
24
|
+
* @param resourcePolicyAccounts Account IDs derived from the resource policy.
|
|
25
|
+
* @param resourcePolicyPrincipals Individual principal ARNs derived from the resource policy.
|
|
26
|
+
* @param resourcePolicyCheckAllAccounts Whether the resource policy implies all accounts should be checked.
|
|
27
|
+
* @param scopeAccounts Account IDs from the resolved principal scope.
|
|
28
|
+
* @param suggestedPrincipals Principal ARNs from the resolved principal scope.
|
|
29
|
+
* @returns The intersected accounts and principals to search.
|
|
30
|
+
*/
|
|
31
|
+
export declare function intersectWithPrincipalScope(resourcePolicyAccounts: string[], resourcePolicyPrincipals: string[], resourcePolicyCheckAllAccounts: boolean, scopeAccounts: Set<string>, scopePrincipals: Set<string>): {
|
|
32
|
+
accounts: string[];
|
|
33
|
+
principals: string[];
|
|
34
|
+
};
|
|
35
|
+
//# sourceMappingURL=principalScope.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principalScope.d.ts","sourceRoot":"","sources":["../../../src/whoCan/principalScope.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAEvD;;;;;;;;;;;GAWG;AACH,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,gBAAgB,EACxB,KAAK,EAAE,oBAAoB,GAC1B,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAAC,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;CAAE,CAAC,CAuB7D;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,2BAA2B,CACzC,sBAAsB,EAAE,MAAM,EAAE,EAChC,wBAAwB,EAAE,MAAM,EAAE,EAClC,8BAA8B,EAAE,OAAO,EACvC,aAAa,EAAE,GAAG,CAAC,MAAM,CAAC,EAC1B,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,GAC3B;IAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;IAAC,UAAU,EAAE,MAAM,EAAE,CAAA;CAAE,CAwD9C"}
|
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
import { isServicePrincipal, splitArnParts } from '@cloud-copilot/iam-utils';
|
|
2
|
+
import { IamCollectClient } from '../collect/client.js';
|
|
3
|
+
import {} from './whoCan.js';
|
|
4
|
+
/**
|
|
5
|
+
* Resolves a `WhoCanPrincipalScope` into concrete sets of account IDs and principal ARNs
|
|
6
|
+
* using the collect client for OU lookups.
|
|
7
|
+
*
|
|
8
|
+
* `scope.principals` are kept separate from `scope.accounts` — a scope like
|
|
9
|
+
* `{ principals: ['arn:...:role/Foo'] }` tests only that one role and does NOT
|
|
10
|
+
* expand to search every principal in Foo's account.
|
|
11
|
+
*
|
|
12
|
+
* @param client The collect client used to resolve OU paths to account IDs.
|
|
13
|
+
* @param scope The principal scope to resolve.
|
|
14
|
+
* @returns An object with `accounts` and `principals` sets.
|
|
15
|
+
*/
|
|
16
|
+
export async function resolvePrincipalScope(client, scope) {
|
|
17
|
+
const accounts = new Set();
|
|
18
|
+
const principals = new Set();
|
|
19
|
+
for (const p of scope.principals ?? []) {
|
|
20
|
+
principals.add(p);
|
|
21
|
+
}
|
|
22
|
+
for (const a of scope.accounts ?? []) {
|
|
23
|
+
accounts.add(a);
|
|
24
|
+
}
|
|
25
|
+
for (const ouPath of scope.ous ?? []) {
|
|
26
|
+
const parts = ouPath.split('/');
|
|
27
|
+
const orgId = parts[0];
|
|
28
|
+
const pathParts = parts.slice(1);
|
|
29
|
+
const [, ouAccounts] = await client.getAccountsForOrgPath(orgId, pathParts);
|
|
30
|
+
for (const a of ouAccounts) {
|
|
31
|
+
accounts.add(a);
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
return { accounts, principals };
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Intersects the resource-policy-derived scope with a caller-supplied principal scope.
|
|
38
|
+
* Returns the narrowed set of accounts (for full-account search) and principals
|
|
39
|
+
* (for individual principal testing).
|
|
40
|
+
*
|
|
41
|
+
* @param resourcePolicyAccounts Account IDs derived from the resource policy.
|
|
42
|
+
* @param resourcePolicyPrincipals Individual principal ARNs derived from the resource policy.
|
|
43
|
+
* @param resourcePolicyCheckAllAccounts Whether the resource policy implies all accounts should be checked.
|
|
44
|
+
* @param scopeAccounts Account IDs from the resolved principal scope.
|
|
45
|
+
* @param suggestedPrincipals Principal ARNs from the resolved principal scope.
|
|
46
|
+
* @returns The intersected accounts and principals to search.
|
|
47
|
+
*/
|
|
48
|
+
export function intersectWithPrincipalScope(resourcePolicyAccounts, resourcePolicyPrincipals, resourcePolicyCheckAllAccounts, scopeAccounts, scopePrincipals) {
|
|
49
|
+
// Accounts: intersection of resource policy accounts and scope accounts
|
|
50
|
+
const rpAccountSet = new Set(resourcePolicyAccounts);
|
|
51
|
+
const accounts = resourcePolicyCheckAllAccounts
|
|
52
|
+
? Array.from(scopeAccounts)
|
|
53
|
+
: resourcePolicyAccounts.filter((a) => scopeAccounts.has(a));
|
|
54
|
+
const accountsResultSet = new Set(accounts);
|
|
55
|
+
// Principals: merge from both sides, filtering by the other side's scope
|
|
56
|
+
const principalSet = new Set();
|
|
57
|
+
// From resource policy principals: keep if the principal's account is in scopeAccounts,
|
|
58
|
+
// OR the principal ARN is in scopePrincipals.
|
|
59
|
+
for (const p of resourcePolicyPrincipals) {
|
|
60
|
+
if (isServicePrincipal(p)) {
|
|
61
|
+
if (scopePrincipals.has(p)) {
|
|
62
|
+
principalSet.add(p);
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
else {
|
|
66
|
+
const accountId = splitArnParts(p).accountId;
|
|
67
|
+
if (accountId && accountsResultSet.has(accountId)) {
|
|
68
|
+
// Account loop already covers this principal — skip
|
|
69
|
+
continue;
|
|
70
|
+
}
|
|
71
|
+
if (accountId && scopeAccounts.has(accountId)) {
|
|
72
|
+
principalSet.add(p);
|
|
73
|
+
}
|
|
74
|
+
else if (scopePrincipals.has(p)) {
|
|
75
|
+
principalSet.add(p);
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
const rpPrincipalSet = new Set(resourcePolicyPrincipals);
|
|
80
|
+
// From scope principals: keep if the principal's account is in resource policy accounts
|
|
81
|
+
// or resourcePolicyCheckAllAccounts is true. Exclude if account is already in accounts result.
|
|
82
|
+
// Service principals only survive if resourcePolicyCheckAllAccounts or the resource policy named them.
|
|
83
|
+
for (const p of scopePrincipals) {
|
|
84
|
+
if (isServicePrincipal(p)) {
|
|
85
|
+
if (resourcePolicyCheckAllAccounts || rpPrincipalSet.has(p)) {
|
|
86
|
+
principalSet.add(p);
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
else {
|
|
90
|
+
const accountId = splitArnParts(p).accountId;
|
|
91
|
+
if (accountId && accountsResultSet.has(accountId)) {
|
|
92
|
+
// Account loop already covers this principal — skip
|
|
93
|
+
continue;
|
|
94
|
+
}
|
|
95
|
+
if (resourcePolicyCheckAllAccounts || (accountId && rpAccountSet.has(accountId))) {
|
|
96
|
+
principalSet.add(p);
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
return { accounts, principals: Array.from(principalSet) };
|
|
101
|
+
}
|
|
102
|
+
//# sourceMappingURL=principalScope.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principalScope.js","sourceRoot":"","sources":["../../../src/whoCan/principalScope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAA6B,MAAM,aAAa,CAAA;AAEvD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,MAAwB,EACxB,KAA2B;IAE3B,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAA;IAClC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAA;IAEpC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;QACvC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;QACrC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,EAAE,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAChC,MAAM,CAAC,EAAE,UAAU,CAAC,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QAC3E,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAA;AACjC,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,2BAA2B,CACzC,sBAAgC,EAChC,wBAAkC,EAClC,8BAAuC,EACvC,aAA0B,EAC1B,eAA4B;IAE5B,wEAAwE;IACxE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAAA;IACpD,MAAM,QAAQ,GAAG,8BAA8B;QAC7C,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC;QAC3B,CAAC,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAE9D,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;IAE3C,yEAAyE;IACzE,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;IAEtC,wFAAwF;IACxF,8CAA8C;IAC9C,KAAK,MAAM,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACzC,IAAI,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1B,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3B,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC5C,IAAI,SAAS,IAAI,iBAAiB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClD,oDAAoD;gBACpD,SAAQ;YACV,CAAC;YACD,IAAI,SAAS,IAAI,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC9C,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;iBAAM,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,wBAAwB,CAAC,CAAA;IAExD,wFAAwF;IACxF,+FAA+F;IAC/F,uGAAuG;IACvG,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,IAAI,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1B,IAAI,8BAA8B,IAAI,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC5D,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC5C,IAAI,SAAS,IAAI,iBAAiB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClD,oDAAoD;gBACpD,SAAQ;YACV,CAAC;YACD,IAAI,8BAA8B,IAAI,CAAC,SAAS,IAAI,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;gBACjF,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAA;AAC3D,CAAC"}
|
|
@@ -1,9 +1,24 @@
|
|
|
1
1
|
import { type TopLevelConfig } from '@cloud-copilot/iam-collect';
|
|
2
|
+
import { type ClientFactoryPlugin } from '../collect/collect.js';
|
|
2
3
|
import { type ResourceType } from '@cloud-copilot/iam-data';
|
|
3
4
|
import { type RequestDenial, type RequestGrant } from '@cloud-copilot/iam-simulate';
|
|
4
5
|
import { IamCollectClient } from '../collect/client.js';
|
|
5
6
|
import { type S3AbacOverride } from '../utils/s3Abac.js';
|
|
6
7
|
import { type LightRequestAnalysis } from './requestAnalysis.js';
|
|
8
|
+
/**
|
|
9
|
+
* Limits the set of principals that `whoCan` tests. The scope is a union of
|
|
10
|
+
* principal ARNs, account IDs, and OU paths. It is **intersected** with the
|
|
11
|
+
* resource-policy-derived scope so that principals outside the resource
|
|
12
|
+
* policy's reach are still excluded.
|
|
13
|
+
*/
|
|
14
|
+
export interface WhoCanPrincipalScope {
|
|
15
|
+
/** Exact principal ARNs to test individually (does NOT expand to whole-account search). */
|
|
16
|
+
principals?: string[];
|
|
17
|
+
/** Account IDs — test all principals in these accounts. */
|
|
18
|
+
accounts?: string[];
|
|
19
|
+
/** OU paths — test all principals in accounts under these OUs. Each string is a slash-separated path like `o-aaa/r-bbb/ou-ccc`, matching the format used by `aws:PrincipalOrgPaths` and `specificOrganizationalUnits`. */
|
|
20
|
+
ous?: string[];
|
|
21
|
+
}
|
|
7
22
|
export interface ResourceAccessRequest {
|
|
8
23
|
/**
|
|
9
24
|
* The ARN of the resource to check access for. If not provided, actions must be specified.
|
|
@@ -45,6 +60,17 @@ export interface ResourceAccessRequest {
|
|
|
45
60
|
* These will be added to the simulation strict context keys used by default.
|
|
46
61
|
*/
|
|
47
62
|
strictContextKeys?: string[];
|
|
63
|
+
/**
|
|
64
|
+
* Optional plugin to wrap the collect client with a custom implementation.
|
|
65
|
+
* Used for scenario testing where a layered client needs to be used in worker threads.
|
|
66
|
+
*/
|
|
67
|
+
clientFactoryPlugin?: ClientFactoryPlugin;
|
|
68
|
+
/**
|
|
69
|
+
* Optional scope to limit the set of principals tested. When provided, the
|
|
70
|
+
* scope is intersected with the resource-policy-derived scope to narrow the
|
|
71
|
+
* search space.
|
|
72
|
+
*/
|
|
73
|
+
principalScope?: WhoCanPrincipalScope;
|
|
48
74
|
}
|
|
49
75
|
/**
|
|
50
76
|
* Represents a resource pattern that is allowed for a principal, used when wildcards
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"whoCan.d.ts","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAOL,KAAK,YAAY,EAClB,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAUnF,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAIvD,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"whoCan.d.ts","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,KAAK,mBAAmB,EAAE,MAAM,uBAAuB,CAAA;AAChE,OAAO,EAOL,KAAK,YAAY,EAClB,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAUnF,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAIvD,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAA;AASxD,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,sBAAsB,CAAA;AAEhE;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACnC,2FAA2F;IAC3F,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,2DAA2D;IAC3D,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,0NAA0N;IAC1N,GAAG,CAAC,EAAE,MAAM,EAAE,CAAA;CACf;AAED,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IAEjB;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IAExB;;OAEG;IACH,OAAO,EAAE,MAAM,EAAE,CAAA;IAEjB;;OAEG;IACH,IAAI,CAAC,EAAE,OAAO,CAAA;IAEd;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAA;IAE/B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IAEtB;;OAEG;IACH,mBAAmB,CAAC,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,OAAO,CAAA;IAEhE;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAE7B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAA;IAE5B;;;OAGG;IACH,mBAAmB,CAAC,EAAE,mBAAmB,CAAA;IAEzC;;;;OAIG;IACH,cAAc,CAAC,EAAE,oBAAoB,CAAA;CACtC;AAED;;;GAGG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;OAEG;IACH,OAAO,EAAE,MAAM,CAAA;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAA;IAEpB;;OAEG;IACH,UAAU,CAAC,EAAE,GAAG,CAAA;IAEhB;;OAEG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;OAEG;IACH,OAAO,CAAC,EAAE,YAAY,EAAE,CAAA;CACzB;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IAEb;;;;OAIG;IACH,UAAU,CAAC,EAAE,GAAG,CAAA;IAEhB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAA;IAErB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;;OAGG;IACH,eAAe,CAAC,EAAE,4BAA4B,EAAE,CAAA;IAEhD;;;;OAIG;IACH,OAAO,CAAC,EAAE,YAAY,EAAE,CAAA;CACzB;AAED;;GAEG;AACH,UAAU,oBAAoB;IAC5B;;OAEG;IACH,SAAS,EAAE,MAAM,CAAA;IAEjB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAA;IAEf;;OAEG;IACH,MAAM,EAAE,MAAM,CAAA;CACf;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,oBAAoB;IAClE,IAAI,EAAE,QAAQ,CAAA;IAEd;;OAEG;IACH,OAAO,EAAE,aAAa,EAAE,CAAA;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,wBAAyB,SAAQ,oBAAoB;IACpE,IAAI,EAAE,UAAU,CAAA;IAEhB;;;;;;OAMG;IACH,eAAe,EAAE;QACf;;WAEG;QACH,OAAO,EAAE,MAAM,CAAA;QAEf;;WAEG;QACH,YAAY,EAAE,MAAM,CAAA;QAEpB;;WAEG;QACH,OAAO,EAAE,aAAa,EAAE,CAAA;KACzB,EAAE,CAAA;CACJ;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,sBAAsB,GAAG,wBAAwB,CAAA;AAEhF,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,MAAM,CAAA;IACvB,OAAO,EAAE,aAAa,EAAE,CAAA;IACxB,kBAAkB,EAAE,OAAO,CAAA;IAC3B,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;IACrC,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,WAAW,CAAC,EAAE,gBAAgB,EAAE,GAAG,SAAS,CAAA;CAC7C;AAeD,wBAAsB,MAAM,CAC1B,cAAc,EAAE,cAAc,EAAE,EAChC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,cAAc,CAAC,CAwRzB;AAoBD,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,eAAe,EAAE,eAAe,GAC/B,OAAO,CAAC;IACT,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;IACrC,QAAQ,EAAE,MAAM,EAAE,CAAA;CACnB,CAAC,CAiDD;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,OAAO,CAAA;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,2BAA2B,EAAE,MAAM,EAAE,CAAA;CACtC;AAED,wBAAsB,oCAAoC,CACxD,cAAc,EAAE,GAAG,EACnB,eAAe,EAAE,MAAM,GAAG,SAAS,GAClC,OAAO,CAAC,eAAe,CAAC,CA2E1B;AAED,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,qBAAqB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CA4BxF;AAED;;;;;;;GAOG;AACH,wBAAsB,2BAA2B,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAsBxF;AAED,wBAAsB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAqBjG;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAOrE;AAcD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,cAAc,EAAE,cAAc,QAyB/D"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import {} from '@cloud-copilot/iam-collect';
|
|
2
|
+
import {} from '../collect/collect.js';
|
|
2
3
|
import { iamActionDetails, iamActionExists, iamActionsForService, iamResourceTypeDetails, iamResourceTypesForService, iamServiceExists } from '@cloud-copilot/iam-data';
|
|
3
4
|
import { loadPolicy } from '@cloud-copilot/iam-policy';
|
|
4
5
|
import {} from '@cloud-copilot/iam-simulate';
|
|
@@ -17,6 +18,7 @@ import { SharedArrayBufferMainCache } from '../workers/SharedArrayBufferMainCach
|
|
|
17
18
|
import { StreamingWorkQueue } from '../workers/StreamingWorkQueue.js';
|
|
18
19
|
import { createMainThreadStreamingWorkQueue } from './WhoCanMainThreadWorker.js';
|
|
19
20
|
import {} from './WhoCanWorker.js';
|
|
21
|
+
import { intersectWithPrincipalScope, resolvePrincipalScope } from './principalScope.js';
|
|
20
22
|
import {} from './requestAnalysis.js';
|
|
21
23
|
/**
|
|
22
24
|
* Get the number of worker threads to use, defaulting to number of CPUs - 1
|
|
@@ -49,12 +51,14 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
49
51
|
s3AbacOverride: request.s3AbacOverride,
|
|
50
52
|
collectDenyDetails,
|
|
51
53
|
collectGrantDetails,
|
|
52
|
-
strictContextKeys: request.strictContextKeys
|
|
54
|
+
strictContextKeys: request.strictContextKeys,
|
|
55
|
+
clientFactoryPlugin: request.clientFactoryPlugin
|
|
53
56
|
}
|
|
54
57
|
});
|
|
55
58
|
});
|
|
56
59
|
const collectClient = getCollectClient(collectConfigs, partition, {
|
|
57
|
-
cacheProvider: new SharedArrayBufferMainCache(workers)
|
|
60
|
+
cacheProvider: new SharedArrayBufferMainCache(workers),
|
|
61
|
+
clientFactoryPlugin: request.clientFactoryPlugin
|
|
58
62
|
});
|
|
59
63
|
if (!request.resourceAccount && !request.resource) {
|
|
60
64
|
throw new Error('Either resourceAccount or resource must be provided in the request.');
|
|
@@ -79,6 +83,16 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
79
83
|
}
|
|
80
84
|
const accountsToCheck = await accountsToCheckBasedOnResourcePolicy(resourcePolicy, resourceAccount);
|
|
81
85
|
const uniqueAccounts = await uniqueAccountsToCheck(collectClient, accountsToCheck);
|
|
86
|
+
let accountsForSearch = uniqueAccounts.accounts;
|
|
87
|
+
let principalsForSearch = accountsToCheck.specificPrincipals;
|
|
88
|
+
let scopeIncludesResourceAccount = true;
|
|
89
|
+
if (request.principalScope) {
|
|
90
|
+
const resolved = await resolvePrincipalScope(collectClient, request.principalScope);
|
|
91
|
+
const intersection = intersectWithPrincipalScope(uniqueAccounts.accounts, accountsToCheck.specificPrincipals, accountsToCheck.allAccounts, resolved.accounts, resolved.principals);
|
|
92
|
+
accountsForSearch = intersection.accounts;
|
|
93
|
+
principalsForSearch = intersection.principals;
|
|
94
|
+
scopeIncludesResourceAccount = resolved.accounts.has(resourceAccount);
|
|
95
|
+
}
|
|
82
96
|
const whoCanResults = [];
|
|
83
97
|
const concurrency = Math.min(50, Math.max(1, numberOfCpus() * 2));
|
|
84
98
|
let simulationCount = 0;
|
|
@@ -126,8 +140,9 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
126
140
|
const accountQueue = new StreamingJobQueue(concurrency, console, async (response) => { });
|
|
127
141
|
const principalIndexExists = await collectClient.principalIndexExists();
|
|
128
142
|
if (principalIndexExists) {
|
|
143
|
+
const allFromAccount = scopeIncludesResourceAccount ? resourceAccount : undefined;
|
|
129
144
|
for (const action of actions) {
|
|
130
|
-
const indexedPrincipals = await collectClient.getPrincipalsWithActionAllowed(
|
|
145
|
+
const indexedPrincipals = await collectClient.getPrincipalsWithActionAllowed(allFromAccount, accountsForSearch, action);
|
|
131
146
|
for (const principal of indexedPrincipals || []) {
|
|
132
147
|
simulateQueue.enqueue({
|
|
133
148
|
resource,
|
|
@@ -139,7 +154,7 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
139
154
|
}
|
|
140
155
|
}
|
|
141
156
|
else {
|
|
142
|
-
for (const account of
|
|
157
|
+
for (const account of accountsForSearch) {
|
|
143
158
|
accountQueue.enqueue({
|
|
144
159
|
properties: {},
|
|
145
160
|
execute: async () => {
|
|
@@ -152,7 +167,7 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
152
167
|
}
|
|
153
168
|
}
|
|
154
169
|
const principalsNotFound = [];
|
|
155
|
-
for (const principal of
|
|
170
|
+
for (const principal of principalsForSearch) {
|
|
156
171
|
accountQueue.enqueue({
|
|
157
172
|
properties: {},
|
|
158
173
|
execute: async () => {
|
|
@@ -204,7 +219,7 @@ export async function whoCan(collectConfigs, partition, request) {
|
|
|
204
219
|
const results = {
|
|
205
220
|
simulationCount,
|
|
206
221
|
allowed: whoCanResults,
|
|
207
|
-
allAccountsChecked: accountsToCheck.allAccounts,
|
|
222
|
+
allAccountsChecked: request.principalScope ? false : accountsToCheck.allAccounts,
|
|
208
223
|
accountsNotFound: uniqueAccounts.accountsNotFound,
|
|
209
224
|
organizationsNotFound: uniqueAccounts.organizationsNotFound,
|
|
210
225
|
organizationalUnitsNotFound: uniqueAccounts.organizationalUnitsNotFound,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"whoCan.js","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,MAAM,4BAA4B,CAAA;AAChE,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACtB,0BAA0B,EAC1B,gBAAgB,EAEjB,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,EAAyC,MAAM,6BAA6B,CAAA;AACnF,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACd,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAkB,YAAY,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AACpF,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,uBAAuB,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAA;AACvF,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAuB,MAAM,oBAAoB,CAAA;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAA;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,kCAAkC,EAAE,MAAM,6BAA6B,CAAA;AAChF,OAAO,EAAuB,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAA6B,MAAM,sBAAsB,CAAA;AA0MhE;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,aAAiC;IAC3D,IAAI,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,CAAA;AACxC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,cAAgC,EAChC,SAAiB,EACjB,OAA8B;IAE9B,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAE5B,wDAAwD;IACxD,iHAAiH;IACjH,MAAM,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IAC5D,MAAM,UAAU,GAAG,mBAAmB,CAAC,oCAAoC,CAAC,CAAA;IAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAA;IACxD,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAA;IACzD,MAAM,OAAO,GAAG,CAAC,UAAU;QACzB,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YAChD,OAAO,IAAI,MAAM,CAAC,UAAU,EAAE;gBAC5B,UAAU,EAAE;oBACV,cAAc,EAAE,cAAc;oBAC9B,SAAS;oBACT,WAAW,EAAE,EAAE;oBACf,cAAc,EAAE,OAAO,CAAC,cAAc;oBACtC,kBAAkB;oBAClB,mBAAmB;oBACnB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;iBAC7C;aACF,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IAEN,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,SAAS,EAAE;QAChE,aAAa,EAAE,IAAI,0BAA0B,CAAC,OAAO,CAAC;KACvD,CAAC,CAAA;IAEF,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAA;IACxF,CAAC;IAED,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,CAAC,MAAM,uBAAuB,CAAC,aAAa,EAAE,QAAS,CAAC,CAAC,CAAA;IAEtF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,+CAA+C,QAAQ,0DAA0D,CAClH,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IAC/C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;IACzE,CAAC;IAED,IAAI,cAAc,GAAQ,SAAS,CAAA;IACnC,IAAI,QAAQ,EAAE,CAAC;QACb,cAAc,GAAG,MAAM,4BAA4B,CAAC,aAAa,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAA;QAC7F,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;QACrC,IACE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;YAC5D,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,CAAC,cAAc,EACf,CAAC;YACD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,iDAAiD,CAChG,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,oCAAoC,CAChE,cAAc,EACd,eAAe,CAChB,CAAA;IAED,MAAM,cAAc,GAAG,MAAM,qBAAqB,CAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAElF,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC,CAAA;IAEjE,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,aAAa,GAAG,IAAI,kBAAkB,EAAkB,CAAA;IAE9D,MAAM,gBAAgB,GAAU,EAAE,CAAA;IAClC,MAAM,WAAW,GAAuB,EAAE,CAAA;IAE1C,MAAM,UAAU,GAAG,CAAC,MAAqE,EAAE,EAAE;QAC3F,eAAe,EAAE,CAAA;QACjB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YAClD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAClC,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACzD,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC/B,CAAC;IACH,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,kCAAkC,CACzD,aAAa,EACb,aAAa,EACb,OAAO,CAAC,cAAc,EACtB,UAAU,EACV,OAAO,CAAC,mBAAmB,EAC3B,CAAC,MAAM,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EACpC,mBAAmB,EACnB,OAAO,CAAC,iBAAiB,CAC1B,CAAA;IAED,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,CAAA;gBACpC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpE,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACxB,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACpC,6EAA6E;gBAC7E,MAAM,aAAa,GAAG,OAAO,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,KAAK,CAAA;gBAC/E,MAAM,CAAC,WAAW,CAAC;oBACjB,IAAI,EAAE,wBAAwB;oBAC9B,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,aAAa;iBACd,CAAC,CAAA;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACrC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAClC,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,aAAa,CAAC,wBAAwB,CAAC,GAAG,EAAE;QAC1C,gBAAgB,CAAC,mBAAmB,EAAE,CAAA;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAA;IAClE,CAAC,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG,IAAI,iBAAiB,CACxC,WAAW,EACX,OAAO,EACP,KAAK,EAAE,QAAQ,EAAE,EAAE,GAAE,CAAC,CACvB,CAAA;IAED,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,oBAAoB,EAAE,CAAA;IACvE,IAAI,oBAAoB,EAAE,CAAC;QACzB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,iBAAiB,GAAG,MAAM,aAAa,CAAC,8BAA8B,CAC1E,eAAe,EACf,cAAc,CAAC,QAAQ,EACvB,MAAM,CACP,CAAA;YACD,KAAK,MAAM,SAAS,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAC;gBAChD,aAAa,CAAC,OAAO,CAAC;oBACpB,QAAQ;oBACR,MAAM;oBACN,SAAS;oBACT,eAAe;iBAChB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC9C,YAAY,CAAC,OAAO,CAAC;gBACnB,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,KAAK,IAAI,EAAE;oBAClB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;oBACzE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,SAAS,IAAI,eAAe,CAAC,kBAAkB,EAAE,CAAC;QAC3D,YAAY,CAAC,OAAO,CAAC;YACnB,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,IAAI,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;oBAClC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;gBACH,CAAC;qBAAM,IACL,YAAY,CAAC,SAAS,CAAC;oBACvB,YAAY,CAAC,SAAS,CAAC;oBACvB,gBAAgB,CAAC,SAAS,CAAC,EAC3B,CAAC;oBACD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;oBACtE,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACpC,CAAC;yBAAM,CAAC;wBACN,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,qDAAqD;oBACrD,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,CAAC,aAAa,EAAE,CAAA;IAElC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC5C,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC5B,MAAM,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC1C,CAAC;YACH,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACzB,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;gBACnC,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,EAAE;QACF,gBAAgB,CAAC,aAAa,EAAE;QAChC,GAAG,cAAc;KAClB,CAAC,CAAA;IAEF,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,kBAAkB,gBAAgB,CAAC,MAAM,qBAAqB,CAAC,CAAA;QAC7E,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,CAAC,MAAM,wCAAwC,CAClF,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG;QACd,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,kBAAkB,EAAE,eAAe,CAAC,WAAW;QAC/C,gBAAgB,EAAE,cAAc,CAAC,gBAAgB;QACjD,qBAAqB,EAAE,cAAc,CAAC,qBAAqB;QAC3D,2BAA2B,EAAE,cAAc,CAAC,2BAA2B;QACvE,kBAAkB,EAAE,kBAAkB;QACtC,WAAW,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;KACnE,CAAA;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,iBAAiB,CAAC,OAAO,CAAC,CAAA;IAC5B,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,aAA+B,EAC/B,eAA6F,EAC7F,SAAiB,EACjB,QAA4B,EAC5B,eAAuB,EACvB,OAAiB;IAEjB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,eAAe,CAAC,OAAO,CAAC;YACtB,QAAQ;YACR,MAAM;YACN,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,eAAgC;IAOhC,MAAM,WAAW,GAAG;QAClB,gBAAgB,EAAE,EAAc;QAChC,qBAAqB,EAAE,EAAc;QACrC,2BAA2B,EAAE,EAAc;QAC3C,QAAQ,EAAE,EAAc;KACzB,CAAA;IAED,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;QAChC,WAAW,CAAC,QAAQ,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,CAAA;QACxD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;IACxC,KAAK,MAAM,OAAO,IAAI,eAAe,CAAC,gBAAgB,IAAI,EAAE,EAAE,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;QAChE,IAAI,aAAa,EAAE,CAAC;YAClB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,eAAe,CAAC,2BAA2B,IAAI,EAAE,EAAE,CAAC;QACvE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QACrF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,eAAe,CAAC,qBAAqB,IAAI,EAAE,EAAE,CAAC;QAChE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAC/E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/C,CAAC;IACH,CAAC;IAED,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACjD,OAAO,WAAW,CAAA;AACpB,CAAC;AAUD,MAAM,CAAC,KAAK,UAAU,oCAAoC,CACxD,cAAmB,EACnB,eAAmC;IAEnC,MAAM,eAAe,GAAoB;QACvC,WAAW,EAAE,KAAK;QAClB,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,qBAAqB,EAAE,EAAE;QACzB,2BAA2B,EAAE,EAAE;KAChC,CAAA;IACD,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACxD,CAAC;IACD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,cAAc,CAAC,CAAA;IACzC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;QACpC,CAAC;QACD,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAC5D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;YACzC,IAAI,oBAAoB,GAAG,KAAK,CAAA;YAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,SAAS,CAAC,mBAAmB,EAAE,EAAE,CAAC;oBACpC,oBAAoB,GAAG,IAAI,CAAA;gBAC7B,CAAC;qBAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,EAAE,CAAC;oBAC1C,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBAC5D,CAAC;YACH,CAAC;YAED,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,EAAE,CAAA;gBACvB,MAAM,WAAW,GAAG,EAAE,CAAA;gBACtB,MAAM,gBAAgB,GAAG,EAAE,CAAA;gBAE3B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;gBACzC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,oBAAoB;wBAC1D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC9C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,uBAAuB;wBAC7D,IAAI,CAAC,SAAS,EAAE,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACxE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC7C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,sBAAsB;wBAC5D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,gBAAgB,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAClD,CAAC;gBACH,CAAC;gBACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChC,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAA;gBAC5D,CAAC;qBAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,eAAe,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAA;gBAClE,CAAC;qBAAM,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACnC,eAAe,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;gBAC7D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAA8B;IACnE,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAE3B,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,YAAY,GAAa,EAAE,CAAA;QACjC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,SAAQ;YACV,CAAC;YACD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,KAAK,CAAA;YACnC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;YACrD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,SAAQ;YACV,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YAED,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC3B,CAAC;QACD,OAAO,YAAY,CAAA;IACrB,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,2BAA2B,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;AACtD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAAC,WAAmB;IACnE,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC,CAAA;IACzE,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAA;IAExC,MAAM,eAAe,GAAa,EAAE,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAA;IAC1D,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7D,KAAK,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;YAC7C,IAAI,EAAE,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,OAAO,IAAI,MAAM,EAAE,CAAC,CAAA;gBAC5C,MAAK,CAAC,wDAAwD;YAChE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAA;IACrF,IAAI,MAAM,EAAE,CAAC;QACX,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IACrD,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAQ,CAAC,WAAW,EAAE,CAAA;IAE/C,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,0BAA0B,OAAO,iBAAiB,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,mBAAmB,GAAG,MAAM,2BAA2B,CAAC,OAAO,CAAC,CAAA;IACtE,KAAK,MAAM,EAAE,IAAI,mBAAmB,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;QACrD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;QACpD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACtB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,OAAO,iBAAiB,WAAW,GAAG,CACnF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED,KAAK,UAAU,2BAA2B,CAAC,OAAe;IACxD,MAAM,gBAAgB,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC,CAAA;IAClE,MAAM,mBAAmB,GAAmB,EAAE,CAAA;IAC9C,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAC1D,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvC,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACpC,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,cAA8B;IAC9D,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACnC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAA;QACvC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,CAAA;QACpC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,CAAA;QAClC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAA;QACjC,OAAO,CAAC,CAAA;IACV,CAAC,CAAC,CAAA;IAEF,cAAc,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAA;QACvC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,CAAA;QACpC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,CAAA;QAClC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAA;QACjC,OAAO,CAAC,CAAA;IACV,CAAC,CAAC,CAAA;IAEF,cAAc,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;IACtC,cAAc,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAA;IAC3C,cAAc,CAAC,2BAA2B,CAAC,IAAI,EAAE,CAAA;IACjD,cAAc,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAA;AAC1C,CAAC"}
|
|
1
|
+
{"version":3,"file":"whoCan.js","sourceRoot":"","sources":["../../../src/whoCan/whoCan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAA4B,MAAM,uBAAuB,CAAA;AAChE,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACtB,0BAA0B,EAC1B,gBAAgB,EAEjB,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,EAAyC,MAAM,6BAA6B,CAAA;AACnF,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACd,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAkB,YAAY,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AACpF,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,uBAAuB,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAA;AACvF,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAuB,MAAM,oBAAoB,CAAA;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAA;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,kCAAkC,EAAE,MAAM,6BAA6B,CAAA;AAChF,OAAO,EAAuB,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,2BAA2B,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AACxF,OAAO,EAA6B,MAAM,sBAAsB,CAAA;AAsOhE;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,aAAiC;IAC3D,IAAI,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,CAAA;AACxC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,cAAgC,EAChC,SAAiB,EACjB,OAA8B;IAE9B,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAE5B,wDAAwD;IACxD,iHAAiH;IACjH,MAAM,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IAC5D,MAAM,UAAU,GAAG,mBAAmB,CAAC,oCAAoC,CAAC,CAAA;IAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAA;IACxD,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAA;IACzD,MAAM,OAAO,GAAG,CAAC,UAAU;QACzB,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YAChD,OAAO,IAAI,MAAM,CAAC,UAAU,EAAE;gBAC5B,UAAU,EAAE;oBACV,cAAc,EAAE,cAAc;oBAC9B,SAAS;oBACT,WAAW,EAAE,EAAE;oBACf,cAAc,EAAE,OAAO,CAAC,cAAc;oBACtC,kBAAkB;oBAClB,mBAAmB;oBACnB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;oBAC5C,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;iBACjD;aACF,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IAEN,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,SAAS,EAAE;QAChE,aAAa,EAAE,IAAI,0BAA0B,CAAC,OAAO,CAAC;QACtD,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;KACjD,CAAC,CAAA;IAEF,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAA;IACxF,CAAC;IAED,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,CAAC,MAAM,uBAAuB,CAAC,aAAa,EAAE,QAAS,CAAC,CAAC,CAAA;IAEtF,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,+CAA+C,QAAQ,0DAA0D,CAClH,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IAC/C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;IACzE,CAAC;IAED,IAAI,cAAc,GAAQ,SAAS,CAAA;IACnC,IAAI,QAAQ,EAAE,CAAC;QACb,cAAc,GAAG,MAAM,4BAA4B,CAAC,aAAa,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAA;QAC7F,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;QACrC,IACE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;YAC5D,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,CAAC,cAAc,EACf,CAAC;YACD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,iDAAiD,CAChG,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,oCAAoC,CAChE,cAAc,EACd,eAAe,CAChB,CAAA;IAED,MAAM,cAAc,GAAG,MAAM,qBAAqB,CAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAElF,IAAI,iBAAiB,GAAG,cAAc,CAAC,QAAQ,CAAA;IAC/C,IAAI,mBAAmB,GAAG,eAAe,CAAC,kBAAkB,CAAA;IAC5D,IAAI,4BAA4B,GAAG,IAAI,CAAA;IAEvC,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,aAAa,EAAE,OAAO,CAAC,cAAc,CAAC,CAAA;QACnF,MAAM,YAAY,GAAG,2BAA2B,CAC9C,cAAc,CAAC,QAAQ,EACvB,eAAe,CAAC,kBAAkB,EAClC,eAAe,CAAC,WAAW,EAC3B,QAAQ,CAAC,QAAQ,EACjB,QAAQ,CAAC,UAAU,CACpB,CAAA;QACD,iBAAiB,GAAG,YAAY,CAAC,QAAQ,CAAA;QACzC,mBAAmB,GAAG,YAAY,CAAC,UAAU,CAAA;QAC7C,4BAA4B,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC,CAAA;IAEjE,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,aAAa,GAAG,IAAI,kBAAkB,EAAkB,CAAA;IAE9D,MAAM,gBAAgB,GAAU,EAAE,CAAA;IAClC,MAAM,WAAW,GAAuB,EAAE,CAAA;IAE1C,MAAM,UAAU,GAAG,CAAC,MAAqE,EAAE,EAAE;QAC3F,eAAe,EAAE,CAAA;QACjB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YAClD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAClC,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACzD,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC/B,CAAC;IACH,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,kCAAkC,CACzD,aAAa,EACb,aAAa,EACb,OAAO,CAAC,cAAc,EACtB,UAAU,EACV,OAAO,CAAC,mBAAmB,EAC3B,CAAC,MAAM,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EACpC,mBAAmB,EACnB,OAAO,CAAC,iBAAiB,CAC1B,CAAA;IAED,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,CAAA;gBACpC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpE,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACxB,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACpC,6EAA6E;gBAC7E,MAAM,aAAa,GAAG,OAAO,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,KAAK,CAAA;gBAC/E,MAAM,CAAC,WAAW,CAAC;oBACjB,IAAI,EAAE,wBAAwB;oBAC9B,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,aAAa;iBACd,CAAC,CAAA;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACrC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAClC,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,aAAa,CAAC,wBAAwB,CAAC,GAAG,EAAE;QAC1C,gBAAgB,CAAC,mBAAmB,EAAE,CAAA;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC,CAAA;IAClE,CAAC,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG,IAAI,iBAAiB,CACxC,WAAW,EACX,OAAO,EACP,KAAK,EAAE,QAAQ,EAAE,EAAE,GAAE,CAAC,CACvB,CAAA;IAED,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,oBAAoB,EAAE,CAAA;IACvE,IAAI,oBAAoB,EAAE,CAAC;QACzB,MAAM,cAAc,GAAG,4BAA4B,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAA;QACjF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,iBAAiB,GAAG,MAAM,aAAa,CAAC,8BAA8B,CAC1E,cAAc,EACd,iBAAiB,EACjB,MAAM,CACP,CAAA;YACD,KAAK,MAAM,SAAS,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAC;gBAChD,aAAa,CAAC,OAAO,CAAC;oBACpB,QAAQ;oBACR,MAAM;oBACN,SAAS;oBACT,eAAe;iBAChB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACxC,YAAY,CAAC,OAAO,CAAC;gBACnB,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,KAAK,IAAI,EAAE;oBAClB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;oBACzE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,SAAS,IAAI,mBAAmB,EAAE,CAAC;QAC5C,YAAY,CAAC,OAAO,CAAC;YACnB,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,IAAI,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;oBAClC,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;gBACH,CAAC;qBAAM,IACL,YAAY,CAAC,SAAS,CAAC;oBACvB,YAAY,CAAC,SAAS,CAAC;oBACvB,gBAAgB,CAAC,SAAS,CAAC,EAC3B,CAAC;oBACD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;oBACtE,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACpC,CAAC;yBAAM,CAAC;wBACN,MAAM,sBAAsB,CAC1B,aAAa,EACb,aAAa,EACb,SAAS,EACT,QAAQ,EACR,eAAe,EACf,OAAO,CACR,CAAA;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,qDAAqD;oBACrD,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,CAAC,aAAa,EAAE,CAAA;IAElC,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;QAC5C,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC5B,MAAM,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC1C,CAAC;YACH,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACzB,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;gBACnC,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,EAAE;QACF,gBAAgB,CAAC,aAAa,EAAE;QAChC,GAAG,cAAc;KAClB,CAAC,CAAA;IAEF,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,kBAAkB,gBAAgB,CAAC,MAAM,qBAAqB,CAAC,CAAA;QAC7E,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,CAAC,MAAM,wCAAwC,CAClF,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG;QACd,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,kBAAkB,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,WAAW;QAChF,gBAAgB,EAAE,cAAc,CAAC,gBAAgB;QACjD,qBAAqB,EAAE,cAAc,CAAC,qBAAqB;QAC3D,2BAA2B,EAAE,cAAc,CAAC,2BAA2B;QACvE,kBAAkB,EAAE,kBAAkB;QACtC,WAAW,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;KACnE,CAAA;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,iBAAiB,CAAC,OAAO,CAAC,CAAA;IAC5B,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,aAA+B,EAC/B,eAA6F,EAC7F,SAAiB,EACjB,QAA4B,EAC5B,eAAuB,EACvB,OAAiB;IAEjB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,eAAe,CAAC,OAAO,CAAC;YACtB,QAAQ;YACR,MAAM;YACN,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,eAAgC;IAOhC,MAAM,WAAW,GAAG;QAClB,gBAAgB,EAAE,EAAc;QAChC,qBAAqB,EAAE,EAAc;QACrC,2BAA2B,EAAE,EAAc;QAC3C,QAAQ,EAAE,EAAc;KACzB,CAAA;IAED,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;QAChC,WAAW,CAAC,QAAQ,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,CAAA;QACxD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;IACxC,KAAK,MAAM,OAAO,IAAI,eAAe,CAAC,gBAAgB,IAAI,EAAE,EAAE,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;QAChE,IAAI,aAAa,EAAE,CAAC;YAClB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,eAAe,CAAC,2BAA2B,IAAI,EAAE,EAAE,CAAC;QACvE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QACrF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,eAAe,CAAC,qBAAqB,IAAI,EAAE,EAAE,CAAC;QAChE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAC/E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/C,CAAC;IACH,CAAC;IAED,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACjD,OAAO,WAAW,CAAA;AACpB,CAAC;AAUD,MAAM,CAAC,KAAK,UAAU,oCAAoC,CACxD,cAAmB,EACnB,eAAmC;IAEnC,MAAM,eAAe,GAAoB;QACvC,WAAW,EAAE,KAAK;QAClB,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,qBAAqB,EAAE,EAAE;QACzB,2BAA2B,EAAE,EAAE;KAChC,CAAA;IACD,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACxD,CAAC;IACD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,cAAc,CAAC,CAAA;IACzC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;QACpC,CAAC;QACD,IAAI,SAAS,CAAC,OAAO,EAAE,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAC5D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;YACzC,IAAI,oBAAoB,GAAG,KAAK,CAAA;YAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,SAAS,CAAC,mBAAmB,EAAE,EAAE,CAAC;oBACpC,oBAAoB,GAAG,IAAI,CAAA;gBAC7B,CAAC;qBAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,EAAE,CAAC;oBAC1C,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBAC5D,CAAC;YACH,CAAC;YAED,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,EAAE,CAAA;gBACvB,MAAM,WAAW,GAAG,EAAE,CAAA;gBACtB,MAAM,gBAAgB,GAAG,EAAE,CAAA;gBAE3B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAA;gBACzC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,oBAAoB;wBAC1D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC9C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,uBAAuB;wBAC7D,IAAI,CAAC,SAAS,EAAE,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACxE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAC7C,CAAC;oBACD,IACE,IAAI,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,KAAK,sBAAsB;wBAC5D,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;wBACjE,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,gCAAgC;sBAC7F,CAAC;wBACD,gBAAgB,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAA;oBAClD,CAAC;gBACH,CAAC;gBACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChC,eAAe,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAA;gBAC5D,CAAC;qBAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,eAAe,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAA;gBAClE,CAAC;qBAAM,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACnC,eAAe,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;gBAC7D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,WAAW,GAAG,IAAI,CAAA;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAA8B;IACnE,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAE3B,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,YAAY,GAAa,EAAE,CAAA;QACjC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,SAAQ;YACV,CAAC;YACD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,KAAK,CAAA;YACnC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;YACrD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,SAAQ;YACV,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YAED,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC3B,CAAC;QACD,OAAO,YAAY,CAAA;IACrB,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,2BAA2B,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;AACtD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAAC,WAAmB;IACnE,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,MAAM,sBAAsB,CAAC,WAAW,CAAC,CAAA;IACzE,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAA;IAExC,MAAM,eAAe,GAAa,EAAE,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAA;IAC1D,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7D,KAAK,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;YAC7C,IAAI,EAAE,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,OAAO,IAAI,MAAM,EAAE,CAAC,CAAA;gBAC5C,MAAK,CAAC,wDAAwD;YAChE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAA;IACrF,IAAI,MAAM,EAAE,CAAC;QACX,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IACrD,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,WAAmB;IAC9D,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAQ,CAAC,WAAW,EAAE,CAAA;IAE/C,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,0BAA0B,OAAO,iBAAiB,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC;IAED,MAAM,mBAAmB,GAAG,MAAM,2BAA2B,CAAC,OAAO,CAAC,CAAA;IACtE,KAAK,MAAM,EAAE,IAAI,mBAAmB,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;QACrD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;QACpD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACtB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,OAAO,iBAAiB,WAAW,GAAG,CACnF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED,KAAK,UAAU,2BAA2B,CAAC,OAAe;IACxD,MAAM,gBAAgB,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC,CAAA;IAClE,MAAM,mBAAmB,GAAmB,EAAE,CAAA;IAC9C,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAC1D,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvC,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACpC,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,cAA8B;IAC9D,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACnC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAA;QACvC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,CAAA;QACpC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,CAAA;QAClC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAA;QACjC,OAAO,CAAC,CAAA;IACV,CAAC,CAAC,CAAA;IAEF,cAAc,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAC,CAAA;QACxC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS;YAAE,OAAO,CAAC,CAAA;QACvC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,CAAA;QACpC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO;YAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,CAAA;QAClC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAA;QACjC,OAAO,CAAC,CAAA;IACV,CAAC,CAAC,CAAA;IAEF,cAAc,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;IACtC,cAAc,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAA;IAC3C,cAAc,CAAC,2BAA2B,CAAC,IAAI,EAAE,CAAA;IACjD,cAAc,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAA;AAC1C,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cloud-copilot/iam-lens",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.101",
|
|
4
4
|
"description": "Visibility in IAM in and across AWS accounts",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"aws",
|
|
@@ -116,8 +116,8 @@
|
|
|
116
116
|
"@cloud-copilot/iam-expand": "^0.11.29",
|
|
117
117
|
"@cloud-copilot/iam-policy": "^0.1.77",
|
|
118
118
|
"@cloud-copilot/iam-shrink": "^0.1.21",
|
|
119
|
-
"@cloud-copilot/iam-simulate": "^0.1.
|
|
120
|
-
"@cloud-copilot/iam-utils": "^0.1.
|
|
119
|
+
"@cloud-copilot/iam-simulate": "^0.1.126",
|
|
120
|
+
"@cloud-copilot/iam-utils": "^0.1.54",
|
|
121
121
|
"@cloud-copilot/job": "^0.1.0",
|
|
122
122
|
"@cloud-copilot/log": "^0.1.0",
|
|
123
123
|
"bitset": "^5.2.3"
|