@cloud-copilot/iam-policy 0.0.1 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +93 -58
- package/dist/actions/action.d.ts +51 -0
- package/dist/actions/action.d.ts.map +1 -0
- package/dist/actions/action.js +33 -0
- package/dist/actions/action.js.map +1 -0
- package/dist/actions/actions.test.d.ts +2 -0
- package/dist/actions/actions.test.d.ts.map +1 -0
- package/dist/actions/actions.test.js +91 -0
- package/dist/actions/actions.test.js.map +1 -0
- package/dist/cjs/conditions/condition.d.ts +3 -2
- package/dist/cjs/conditions/condition.d.ts.map +1 -1
- package/dist/cjs/conditions/condition.js +2 -1
- package/dist/cjs/conditions/condition.js.map +1 -1
- package/dist/cjs/conditions/conditionOperation.d.ts +31 -0
- package/dist/cjs/conditions/conditionOperation.d.ts.map +1 -0
- package/dist/cjs/conditions/conditionOperation.js +31 -0
- package/dist/cjs/conditions/conditionOperation.js.map +1 -0
- package/dist/cjs/index.d.ts +1 -0
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/policies/policy.js +1 -1
- package/dist/cjs/policies/policy.js.map +1 -1
- package/dist/cjs/statements/statement.d.ts +7 -1
- package/dist/cjs/statements/statement.d.ts.map +1 -1
- package/dist/cjs/statements/statement.js +6 -1
- package/dist/cjs/statements/statement.js.map +1 -1
- package/dist/conditions/condition.d.ts +16 -0
- package/dist/conditions/condition.d.ts.map +1 -0
- package/dist/conditions/condition.js +25 -0
- package/dist/conditions/condition.js.map +1 -0
- package/dist/conditions/conditionOperation.d.ts +31 -0
- package/dist/conditions/conditionOperation.d.ts.map +1 -0
- package/dist/conditions/conditionOperation.js +31 -0
- package/dist/conditions/conditionOperation.js.map +1 -0
- package/dist/esm/conditions/condition.d.ts +3 -2
- package/dist/esm/conditions/condition.d.ts.map +1 -1
- package/dist/esm/conditions/condition.js +2 -1
- package/dist/esm/conditions/condition.js.map +1 -1
- package/dist/esm/conditions/conditionOperation.d.ts +31 -0
- package/dist/esm/conditions/conditionOperation.d.ts.map +1 -0
- package/dist/esm/conditions/conditionOperation.js +26 -0
- package/dist/esm/conditions/conditionOperation.js.map +1 -0
- package/dist/esm/index.d.ts +1 -0
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/policies/policy.js +1 -1
- package/dist/esm/policies/policy.js.map +1 -1
- package/dist/esm/statements/statement.d.ts +7 -1
- package/dist/esm/statements/statement.d.ts.map +1 -1
- package/dist/esm/statements/statement.js +5 -1
- package/dist/esm/statements/statement.js.map +1 -1
- package/dist/index.d.ts +9 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +6 -0
- package/dist/index.js.map +1 -0
- package/dist/parser.d.ts +9 -0
- package/dist/parser.d.ts.map +1 -0
- package/dist/parser.js +14 -0
- package/dist/parser.js.map +1 -0
- package/dist/policies/policy.d.ts +14 -0
- package/dist/policies/policy.d.ts.map +1 -0
- package/dist/policies/policy.js +21 -0
- package/dist/policies/policy.js.map +1 -0
- package/dist/policies/policy.test.d.ts +2 -0
- package/dist/policies/policy.test.d.ts.map +1 -0
- package/dist/policies/policy.test.js +74 -0
- package/dist/policies/policy.test.js.map +1 -0
- package/dist/principals/principal.d.ts +21 -0
- package/dist/principals/principal.d.ts.map +1 -0
- package/dist/principals/principal.js +35 -0
- package/dist/principals/principal.js.map +1 -0
- package/dist/resources/resource.d.ts +20 -0
- package/dist/resources/resource.d.ts.map +1 -0
- package/dist/resources/resource.js +18 -0
- package/dist/resources/resource.js.map +1 -0
- package/dist/resources/resource.test.d.ts +2 -0
- package/dist/resources/resource.test.d.ts.map +1 -0
- package/dist/resources/resource.test.js +35 -0
- package/dist/resources/resource.test.js.map +1 -0
- package/dist/statements/statement.d.ts +146 -0
- package/dist/statements/statement.d.ts.map +1 -0
- package/dist/statements/statement.js +121 -0
- package/dist/statements/statement.js.map +1 -0
- package/dist/statements/statement.test.d.ts +2 -0
- package/dist/statements/statement.test.d.ts.map +1 -0
- package/dist/statements/statement.test.js +479 -0
- package/dist/statements/statement.test.js.map +1 -0
- package/dist/utils.d.ts +8 -0
- package/dist/utils.d.ts.map +1 -0
- package/dist/utils.js +13 -0
- package/dist/utils.js.map +1 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,46 +1,42 @@
|
|
|
1
1
|
# IAM Policy Parser
|
|
2
2
|
|
|
3
|
-
This is a simple IAM policy library that allows you parse and navigate IAM policies without
|
|
3
|
+
This is a simple IAM policy library that allows you parse and navigate IAM policies without worring about the more difficult details of parsing policies.
|
|
4
4
|
|
|
5
5
|
This may be updated in the future to allow modifying policies, right now it's read-only.
|
|
6
6
|
|
|
7
|
-
**This does not validate policies
|
|
7
|
+
_**This does not validate policies**_, it only parses them. If you pass in totally invalid JSON it will fail in glorious and unpredictable ways.
|
|
8
8
|
|
|
9
9
|
Here are some ways it helps:
|
|
10
10
|
|
|
11
|
-
## Normalizing Policy Elements that are Objects/Array of
|
|
11
|
+
## Normalizing Policy Elements that are Objects/Array of Objects or String/Array of Strings
|
|
12
12
|
```typescript
|
|
13
13
|
import{ loadPolicy } from '@cloud-copilot/iam-policy'
|
|
14
14
|
|
|
15
15
|
//Statement can be an array of objects
|
|
16
16
|
const policyOne = {
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
"Sid": "ArrayStatement",
|
|
22
|
-
"Effect": "Allow",
|
|
23
|
-
"Action": [
|
|
24
|
-
"s3:GetObject",
|
|
25
|
-
],
|
|
26
|
-
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
27
|
-
}
|
|
28
|
-
]
|
|
29
|
-
}
|
|
30
|
-
};
|
|
31
|
-
|
|
32
|
-
//Statement can also be a single object
|
|
33
|
-
const policyTwo = {
|
|
34
|
-
{
|
|
35
|
-
"Version": "2012-10-17",
|
|
36
|
-
"Statement": {
|
|
37
|
-
"Sid": "ObjectStatement",
|
|
17
|
+
"Version": "2012-10-17",
|
|
18
|
+
"Statement": [
|
|
19
|
+
{
|
|
20
|
+
"Sid": "ArrayStatement",
|
|
38
21
|
"Effect": "Allow",
|
|
39
22
|
"Action": [
|
|
40
23
|
"s3:GetObject",
|
|
41
24
|
],
|
|
42
25
|
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
43
26
|
}
|
|
27
|
+
]
|
|
28
|
+
};
|
|
29
|
+
|
|
30
|
+
//Statement can also be a single object
|
|
31
|
+
const policyTwo = {
|
|
32
|
+
"Version": "2012-10-17",
|
|
33
|
+
"Statement": {
|
|
34
|
+
"Sid": "ObjectStatement",
|
|
35
|
+
"Effect": "Allow",
|
|
36
|
+
"Action": [
|
|
37
|
+
"s3:GetObject",
|
|
38
|
+
],
|
|
39
|
+
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
44
40
|
}
|
|
45
41
|
};
|
|
46
42
|
|
|
@@ -53,36 +49,36 @@ console.log(p2.statements()[0].sid()); //ObjectStatement
|
|
|
53
49
|
|
|
54
50
|
There is similar support for condition values, principals, and resources.
|
|
55
51
|
|
|
56
|
-
## Mutually Exclusive Policy Elements
|
|
52
|
+
## Mutually Exclusive or Optional Policy Elements
|
|
57
53
|
|
|
58
|
-
In IAM policies there are some elements that are mutually exclusive. For example, you can't have a `Principal` and a `NotPrincipal` in the same statement. We leverage the Typescript type system to make sure you only access data that is confirmed to exist in the policy.
|
|
54
|
+
In IAM policies there are some elements that are mutually exclusive. For example, you can't have a `Principal` and a `NotPrincipal` in the same statement. Some elements are completely optional. We leverage the Typescript type system to make sure you only access data that is confirmed to exist in the policy.
|
|
59
55
|
|
|
60
56
|
```typescript
|
|
61
57
|
import{ loadPolicy } from '@cloud-copilot/iam-policy'
|
|
58
|
+
|
|
62
59
|
const actionPolicy = {
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
"
|
|
66
|
-
|
|
67
|
-
"
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
71
|
-
}
|
|
60
|
+
"Version": "2012-10-17",
|
|
61
|
+
"Statement": {
|
|
62
|
+
"Effect": "Allow",
|
|
63
|
+
"Action": [
|
|
64
|
+
"s3:GetObject",
|
|
65
|
+
],
|
|
66
|
+
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
72
67
|
}
|
|
73
68
|
};
|
|
74
69
|
|
|
75
70
|
const p = loadPolicy(actionPolicy);
|
|
76
71
|
const statement = p.statements()[0]; // Get the first statement out
|
|
77
72
|
|
|
78
|
-
statement.actions() //
|
|
73
|
+
statement.actions() // Compile time error because Statement does not the `actions` function
|
|
79
74
|
|
|
80
75
|
if(statement.isActionStatement()) {
|
|
81
|
-
|
|
76
|
+
// Type is narrowed to ActionStatement so `actions` is now available
|
|
77
|
+
statement.actions() /
|
|
82
78
|
}
|
|
83
79
|
|
|
84
80
|
if(statement.isNotActionStatement()) {
|
|
85
|
-
//
|
|
81
|
+
// Will not exectue because the statement does not have a NotAction element
|
|
86
82
|
}
|
|
87
83
|
```
|
|
88
84
|
|
|
@@ -92,29 +88,27 @@ There is similar support for `Action`, `NotAction`, `Principal`, `NotPrincipal`,
|
|
|
92
88
|
|
|
93
89
|
## Flatten Complex Structures
|
|
94
90
|
|
|
95
|
-
|
|
91
|
+
Simplifies complex elements by flattening them into an array of homogenous objects. For example the Principal value can be a string or an object; the object values can be strings or arrays of strings. We flatten those into an array of objects similar to what you would define in a terraform policy.
|
|
96
92
|
|
|
97
93
|
```typescript
|
|
98
94
|
import{ loadPolicy } from '@cloud-copilot/iam-policy'
|
|
99
95
|
|
|
100
96
|
const principalPolicy = {
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
"
|
|
104
|
-
|
|
105
|
-
"
|
|
106
|
-
"
|
|
107
|
-
|
|
108
|
-
"arn:aws:iam::123456789013:user/FoxMulder"
|
|
109
|
-
],
|
|
110
|
-
"CanonicalUser": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be",
|
|
111
|
-
"Federated": "cognito-identity.amazonaws.com"
|
|
112
|
-
},
|
|
113
|
-
"Action": [
|
|
114
|
-
"s3:GetObject",
|
|
97
|
+
"Version": "2012-10-17",
|
|
98
|
+
"Statement": {
|
|
99
|
+
"Effect": "Allow",
|
|
100
|
+
"Principal": {
|
|
101
|
+
"AWS": [
|
|
102
|
+
"arn:aws:iam::123456789012:root",
|
|
103
|
+
"arn:aws:iam::123456789013:user/FoxMulder"
|
|
115
104
|
],
|
|
116
|
-
"
|
|
117
|
-
|
|
105
|
+
"CanonicalUser": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be",
|
|
106
|
+
"Federated": "cognito-identity.amazonaws.com"
|
|
107
|
+
},
|
|
108
|
+
"Action": [
|
|
109
|
+
"s3:GetObject",
|
|
110
|
+
],
|
|
111
|
+
"Resource": "arn:aws:s3:::government-secrets/*"
|
|
118
112
|
}
|
|
119
113
|
};
|
|
120
114
|
|
|
@@ -126,10 +120,51 @@ if(statement.isPrincipalStatement()) {
|
|
|
126
120
|
const principals = statement.principals();
|
|
127
121
|
principals[0].type() //AWS
|
|
128
122
|
principals[0].value() //arn:aws:iam::123456789012:root
|
|
129
|
-
|
|
123
|
+
//and so on
|
|
130
124
|
principals[3].type() //Federated
|
|
131
|
-
principals[3].value() //
|
|
125
|
+
principals[3].value() //cognito-identity.amazonaws.com
|
|
132
126
|
}
|
|
133
127
|
```
|
|
134
128
|
|
|
135
|
-
There is flattening for the `Condition` element.
|
|
129
|
+
There is similar flattening for the `Condition` element.
|
|
130
|
+
|
|
131
|
+
```typescript
|
|
132
|
+
import{ loadPolicy } from '@cloud-copilot/iam-policy'
|
|
133
|
+
|
|
134
|
+
const principalPolicy = {
|
|
135
|
+
"Version": "2012-10-17",
|
|
136
|
+
"Statement": {
|
|
137
|
+
"Effect": "Allow",
|
|
138
|
+
"Principal": {
|
|
139
|
+
"AWS": "arn:aws:iam::123456789012:root",
|
|
140
|
+
},
|
|
141
|
+
"Action": [
|
|
142
|
+
"s3:GetObject",
|
|
143
|
+
],
|
|
144
|
+
"Resource": "arn:aws:s3:::government-secrets/*",
|
|
145
|
+
"Condition": {
|
|
146
|
+
"StringEquals": {
|
|
147
|
+
"s3:prefix": "home/${aws:username}",
|
|
148
|
+
"aws:PrincipalOrgID": "o-1234567890"
|
|
149
|
+
},
|
|
150
|
+
"StringLike": {
|
|
151
|
+
"s3:authType": "REST*",
|
|
152
|
+
"aws:TagKeys/Foo": ["Bar*", "Baz*"]
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
};
|
|
157
|
+
|
|
158
|
+
const p = loadPolicy(principalPolicy);
|
|
159
|
+
|
|
160
|
+
const statement = p.statements()[0]; // Get the first statement out
|
|
161
|
+
|
|
162
|
+
const conditions = statement.conditions();
|
|
163
|
+
conditions[0].operation().value() //StringEquals
|
|
164
|
+
conditions[0].conditionKey() //s3:prefix
|
|
165
|
+
conditions[0].conditionValues() //[ home/${aws:username} ]
|
|
166
|
+
//and so on
|
|
167
|
+
conditions[3].operation().value() //StringLike
|
|
168
|
+
conditions[3].conditionKey() //aws:TagKeys/Foo
|
|
169
|
+
conditions[3].conditionValues() // [Bar*, Baz*]
|
|
170
|
+
```
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
export type ActionType = 'service' | 'wildcard';
|
|
2
|
+
/**
|
|
3
|
+
* An Action string in an IAM policy
|
|
4
|
+
*/
|
|
5
|
+
export interface Action {
|
|
6
|
+
/**
|
|
7
|
+
* The type of actions
|
|
8
|
+
*/
|
|
9
|
+
type(): ActionType;
|
|
10
|
+
/**
|
|
11
|
+
* The raw string of the action
|
|
12
|
+
*/
|
|
13
|
+
value(): string;
|
|
14
|
+
/**
|
|
15
|
+
* Whether the action is a wildcard action: `"*"`
|
|
16
|
+
*/
|
|
17
|
+
isWildcardAction(): boolean;
|
|
18
|
+
/**
|
|
19
|
+
* Whether the action is a service action: `"service:Action"`
|
|
20
|
+
*/
|
|
21
|
+
isServiceAction(): boolean;
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* A wildcard action: `"*"`
|
|
25
|
+
*/
|
|
26
|
+
export interface WildcardAction extends Action {
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* A service action: `"service:Action"`
|
|
30
|
+
*/
|
|
31
|
+
export interface ServiceAction extends Action {
|
|
32
|
+
/**
|
|
33
|
+
* The service of the action
|
|
34
|
+
*/
|
|
35
|
+
service(): string;
|
|
36
|
+
/**
|
|
37
|
+
* The action within the service
|
|
38
|
+
*/
|
|
39
|
+
action(): string;
|
|
40
|
+
}
|
|
41
|
+
export declare class ActionImpl implements Action, WildcardAction, ServiceAction {
|
|
42
|
+
private readonly rawValue;
|
|
43
|
+
constructor(rawValue: string);
|
|
44
|
+
type(): ActionType;
|
|
45
|
+
value(): string;
|
|
46
|
+
isWildcardAction(): this is WildcardAction;
|
|
47
|
+
isServiceAction(): this is ServiceAction;
|
|
48
|
+
service(): string;
|
|
49
|
+
action(): string;
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=action.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,OAAO,CAAA;IAE3B;;OAEG;IACH,eAAe,IAAI,OAAO,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ActionImpl = void 0;
|
|
4
|
+
const utils_js_1 = require("../utils.js");
|
|
5
|
+
class ActionImpl {
|
|
6
|
+
rawValue;
|
|
7
|
+
constructor(rawValue) {
|
|
8
|
+
this.rawValue = rawValue;
|
|
9
|
+
}
|
|
10
|
+
type() {
|
|
11
|
+
if ((0, utils_js_1.isAllWildcards)(this.rawValue)) {
|
|
12
|
+
return 'wildcard';
|
|
13
|
+
}
|
|
14
|
+
return 'service';
|
|
15
|
+
}
|
|
16
|
+
value() {
|
|
17
|
+
return this.rawValue;
|
|
18
|
+
}
|
|
19
|
+
isWildcardAction() {
|
|
20
|
+
return this.type() === 'wildcard';
|
|
21
|
+
}
|
|
22
|
+
isServiceAction() {
|
|
23
|
+
return this.type() === 'service';
|
|
24
|
+
}
|
|
25
|
+
service() {
|
|
26
|
+
return this.rawValue.split(':')[0];
|
|
27
|
+
}
|
|
28
|
+
action() {
|
|
29
|
+
return this.rawValue.split(':')[1];
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
exports.ActionImpl = ActionImpl;
|
|
33
|
+
//# sourceMappingURL=action.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"action.js","sourceRoot":"","sources":["../../src/actions/action.ts"],"names":[],"mappings":";;;AAAA,0CAA4C;AAkD5C,MAAa,UAAU;IACQ;IAA7B,YAA6B,QAAgB;QAAhB,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAE1C,IAAI;QACT,IAAG,IAAA,yBAAc,EAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,SAAS,CAAA;IAClB,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,UAAU,CAAA;IACnC,CAAC;IAEM,eAAe;QACpB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,SAAS,CAAA;IAClC,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;CACF;AA7BD,gCA6BC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"actions.test.d.ts","sourceRoot":"","sources":["../../src/actions/actions.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const vitest_1 = require("vitest");
|
|
4
|
+
const action_js_1 = require("./action.js");
|
|
5
|
+
(0, vitest_1.describe)('ActionImpl', () => {
|
|
6
|
+
(0, vitest_1.describe)('type', () => {
|
|
7
|
+
(0, vitest_1.it)('should return wildcard when all wildcards', () => {
|
|
8
|
+
// Given an action wildcard
|
|
9
|
+
const actionString = "*";
|
|
10
|
+
// When an ActionImpl is created
|
|
11
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
12
|
+
// Assert
|
|
13
|
+
(0, vitest_1.expect)(action.type()).toBe('wildcard');
|
|
14
|
+
});
|
|
15
|
+
(0, vitest_1.it)('should return service when not all wildcards', () => {
|
|
16
|
+
// Given an action string
|
|
17
|
+
const actionString = "s3:GetObject";
|
|
18
|
+
// When an ActionImpl is created
|
|
19
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
20
|
+
// Assert
|
|
21
|
+
(0, vitest_1.expect)(action.type()).toBe('service');
|
|
22
|
+
});
|
|
23
|
+
});
|
|
24
|
+
(0, vitest_1.describe)('value', () => {
|
|
25
|
+
(0, vitest_1.it)('should return the value', () => {
|
|
26
|
+
// Given an action string
|
|
27
|
+
const actionString = "s3:GetObject";
|
|
28
|
+
// When an ActionImpl is created
|
|
29
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
30
|
+
// Assert
|
|
31
|
+
(0, vitest_1.expect)(action.value()).toBe(actionString);
|
|
32
|
+
});
|
|
33
|
+
});
|
|
34
|
+
(0, vitest_1.describe)('isWildcardAction', () => {
|
|
35
|
+
(0, vitest_1.it)('should return true when wildcard', () => {
|
|
36
|
+
// Given an action wildcard
|
|
37
|
+
const actionString = "*";
|
|
38
|
+
// When an ActionImpl is created
|
|
39
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
40
|
+
// Assert
|
|
41
|
+
(0, vitest_1.expect)(action.isWildcardAction()).toBe(true);
|
|
42
|
+
});
|
|
43
|
+
(0, vitest_1.it)('should return false when not wildcard', () => {
|
|
44
|
+
// Given an action string
|
|
45
|
+
const actionString = "s3:GetObject";
|
|
46
|
+
// When an ActionImpl is created
|
|
47
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
48
|
+
// Assert
|
|
49
|
+
(0, vitest_1.expect)(action.isWildcardAction()).toBe(false);
|
|
50
|
+
});
|
|
51
|
+
});
|
|
52
|
+
(0, vitest_1.describe)('isServiceAction', () => {
|
|
53
|
+
(0, vitest_1.it)('should return true when service', () => {
|
|
54
|
+
// Given an action string
|
|
55
|
+
const actionString = "s3:GetObject";
|
|
56
|
+
// When an ActionImpl is created
|
|
57
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
58
|
+
// Assert
|
|
59
|
+
(0, vitest_1.expect)(action.isServiceAction()).toBe(true);
|
|
60
|
+
});
|
|
61
|
+
(0, vitest_1.it)('should return false when not service', () => {
|
|
62
|
+
// Given an action wildcard
|
|
63
|
+
const actionString = "*";
|
|
64
|
+
// When an ActionImpl is created
|
|
65
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
66
|
+
// Assert
|
|
67
|
+
(0, vitest_1.expect)(action.isServiceAction()).toBe(false);
|
|
68
|
+
});
|
|
69
|
+
});
|
|
70
|
+
(0, vitest_1.describe)('service', () => {
|
|
71
|
+
(0, vitest_1.it)('should return the service', () => {
|
|
72
|
+
// Given an action string
|
|
73
|
+
const actionString = "s3:GetObject";
|
|
74
|
+
// When an ActionImpl is created
|
|
75
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
76
|
+
// Assert
|
|
77
|
+
(0, vitest_1.expect)(action.service()).toBe('s3');
|
|
78
|
+
});
|
|
79
|
+
});
|
|
80
|
+
(0, vitest_1.describe)('action', () => {
|
|
81
|
+
(0, vitest_1.it)('should return the action', () => {
|
|
82
|
+
// Given an action string
|
|
83
|
+
const actionString = "s3:GetObject";
|
|
84
|
+
// When an ActionImpl is created
|
|
85
|
+
const action = new action_js_1.ActionImpl(actionString);
|
|
86
|
+
// Assert
|
|
87
|
+
(0, vitest_1.expect)(action.action()).toBe('GetObject');
|
|
88
|
+
});
|
|
89
|
+
});
|
|
90
|
+
});
|
|
91
|
+
//# sourceMappingURL=actions.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"actions.test.js","sourceRoot":"","sources":["../../src/actions/actions.test.ts"],"names":[],"mappings":";;AAAA,mCAA6C;AAC7C,2CAAwC;AAExC,IAAA,iBAAQ,EAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,IAAA,iBAAQ,EAAC,MAAM,EAAE,GAAG,EAAE;QACpB,IAAA,WAAE,EAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,2BAA2B;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAA;YAExB,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACxC,CAAC,CAAC,CAAA;QAEF,IAAA,WAAE,EAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACvC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,IAAA,iBAAQ,EAAC,OAAO,EAAE,GAAG,EAAE;QACrB,IAAA,WAAE,EAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC3C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,IAAA,iBAAQ,EAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,IAAA,WAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,2BAA2B;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAA;YAExB,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC9C,CAAC,CAAC,CAAA;QAEF,IAAA,WAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC/C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,IAAA,iBAAQ,EAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC7C,CAAC,CAAC,CAAA;QAEF,IAAA,WAAE,EAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,2BAA2B;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAA;YAExB,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAC9C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,IAAA,iBAAQ,EAAC,SAAS,EAAE,GAAG,EAAE;QACvB,IAAA,WAAE,EAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACrC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,IAAA,iBAAQ,EAAC,QAAQ,EAAE,GAAG,EAAE;QACtB,IAAA,WAAE,EAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,yBAAyB;YACzB,MAAM,YAAY,GAAG,cAAc,CAAA;YAEnC,gCAAgC;YAChC,MAAM,MAAM,GAAG,IAAI,sBAAU,CAAC,YAAY,CAAC,CAAA;YAE3C,SAAS;YACT,IAAA,eAAM,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QAC3C,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
|
+
import { ConditionOperation } from "./conditionOperation.js";
|
|
1
2
|
export interface Condition {
|
|
2
|
-
operation():
|
|
3
|
+
operation(): ConditionOperation;
|
|
3
4
|
conditionKey(): string;
|
|
4
5
|
conditionValues(): string[];
|
|
5
6
|
}
|
|
@@ -8,7 +9,7 @@ export declare class ConditionImpl implements Condition {
|
|
|
8
9
|
private readonly key;
|
|
9
10
|
private readonly values;
|
|
10
11
|
constructor(op: string, key: string, values: string | string[]);
|
|
11
|
-
operation():
|
|
12
|
+
operation(): ConditionOperation;
|
|
12
13
|
conditionKey(): string;
|
|
13
14
|
conditionValues(): string[];
|
|
14
15
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"condition.d.ts","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,SAAS;IACxB,SAAS,IAAI,
|
|
1
|
+
{"version":3,"file":"condition.d.ts","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAA0B,MAAM,yBAAyB,CAAA;AAEpF,MAAM,WAAW,SAAS;IACxB,SAAS,IAAI,kBAAkB,CAAA;IAC/B,YAAY,IAAI,MAAM,CAAA;IACtB,eAAe,IAAI,MAAM,EAAE,CAAA;CAC5B;AAED,qBAAa,aAAc,YAAW,SAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,EAAE;IAAU,OAAO,CAAC,QAAQ,CAAC,GAAG;IAAU,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAjE,EAAE,EAAE,MAAM,EAAmB,GAAG,EAAE,MAAM,EAAmB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE;IAE1G,SAAS,IAAI,kBAAkB;IAI/B,YAAY,IAAI,MAAM;IAItB,eAAe,IAAI,MAAM,EAAE;CAGnC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.ConditionImpl = void 0;
|
|
4
|
+
const conditionOperation_js_1 = require("./conditionOperation.js");
|
|
4
5
|
class ConditionImpl {
|
|
5
6
|
op;
|
|
6
7
|
key;
|
|
@@ -11,7 +12,7 @@ class ConditionImpl {
|
|
|
11
12
|
this.values = values;
|
|
12
13
|
}
|
|
13
14
|
operation() {
|
|
14
|
-
return this.op;
|
|
15
|
+
return new conditionOperation_js_1.ConditionOperationImpl(this.op);
|
|
15
16
|
}
|
|
16
17
|
conditionKey() {
|
|
17
18
|
return this.key;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"condition.js","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"condition.js","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":";;;AAAA,mEAAoF;AAQpF,MAAa,aAAa;IACK;IAA6B;IAA8B;IAAxF,YAA6B,EAAU,EAAmB,GAAW,EAAmB,MAAyB;QAApF,OAAE,GAAF,EAAE,CAAQ;QAAmB,QAAG,GAAH,GAAG,CAAQ;QAAmB,WAAM,GAAN,MAAM,CAAmB;IAAG,CAAC;IAE9G,SAAS;QACd,OAAO,IAAI,8CAAsB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC5C,CAAC;IAEM,YAAY;QACjB,OAAO,IAAI,CAAC,GAAG,CAAA;IACjB,CAAC;IAEM,eAAe;QACpB,OAAO,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtE,CAAC;CACF;AAdD,sCAcC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
export type SetOperator = 'ForAllValues' | 'ForAnyValue';
|
|
2
|
+
/**
|
|
3
|
+
* ConditionOperation is a string that represents the operation of a condition.
|
|
4
|
+
*/
|
|
5
|
+
export interface ConditionOperation {
|
|
6
|
+
/**
|
|
7
|
+
* Returns the set modifier if present.
|
|
8
|
+
*/
|
|
9
|
+
setOperator(): SetOperator | undefined;
|
|
10
|
+
/**
|
|
11
|
+
* Returns the base operator of the condition without the set modifier or IfExists.
|
|
12
|
+
*/
|
|
13
|
+
baseOperator(): string;
|
|
14
|
+
/**
|
|
15
|
+
* Returns true if the condition operation ends with IfExists.
|
|
16
|
+
*/
|
|
17
|
+
isIfExists(): boolean;
|
|
18
|
+
/**
|
|
19
|
+
* Returns the raw string of the condition operation.
|
|
20
|
+
*/
|
|
21
|
+
value(): string;
|
|
22
|
+
}
|
|
23
|
+
export declare class ConditionOperationImpl implements ConditionOperation {
|
|
24
|
+
private readonly op;
|
|
25
|
+
constructor(op: string);
|
|
26
|
+
setOperator(): SetOperator | undefined;
|
|
27
|
+
isIfExists(): boolean;
|
|
28
|
+
baseOperator(): string;
|
|
29
|
+
value(): string;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=conditionOperation.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"conditionOperation.d.ts","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,aAAa,CAAA;AAExD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,WAAW,IAAI,WAAW,GAAG,SAAS,CAAA;IAEtC;;OAEG;IACH,YAAY,IAAI,MAAM,CAAA;IAEtB;;OAEG;IACH,UAAU,IAAI,OAAO,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;CAChB;AAID,qBAAa,sBAAuB,YAAW,kBAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,MAAM;IAEhC,WAAW,IAAI,WAAW,GAAG,SAAS;IAOtC,UAAU,IAAI,OAAO;IAIrB,YAAY,IAAI,MAAM;IAQtB,KAAK,IAAI,MAAM;CAIvB"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ConditionOperationImpl = void 0;
|
|
4
|
+
const ifExistsSlice = 'IfExists'.length * -1;
|
|
5
|
+
class ConditionOperationImpl {
|
|
6
|
+
op;
|
|
7
|
+
constructor(op) {
|
|
8
|
+
this.op = op;
|
|
9
|
+
}
|
|
10
|
+
setOperator() {
|
|
11
|
+
if (!this.op.includes(':')) {
|
|
12
|
+
return undefined;
|
|
13
|
+
}
|
|
14
|
+
return this.op.split(':').at(0);
|
|
15
|
+
}
|
|
16
|
+
isIfExists() {
|
|
17
|
+
return this.op.endsWith('IfExists');
|
|
18
|
+
}
|
|
19
|
+
baseOperator() {
|
|
20
|
+
const base = this.op.split(':').at(-1);
|
|
21
|
+
if (base?.endsWith('IfExists')) {
|
|
22
|
+
return base.slice(0, ifExistsSlice);
|
|
23
|
+
}
|
|
24
|
+
return base;
|
|
25
|
+
}
|
|
26
|
+
value() {
|
|
27
|
+
return this.op;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
exports.ConditionOperationImpl = ConditionOperationImpl;
|
|
31
|
+
//# sourceMappingURL=conditionOperation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"conditionOperation.js","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":";;;AA2BA,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAE5C,MAAa,sBAAsB;IACJ;IAA7B,YAA6B,EAAU;QAAV,OAAE,GAAF,EAAE,CAAQ;IAAG,CAAC;IAEpC,WAAW;QAChB,IAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,OAAO,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAgB,CAAA;IAChD,CAAC;IAEM,UAAU;QACf,OAAO,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;IACrC,CAAC;IAEM,YAAY;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QACvC,IAAG,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;QACrC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,CAAC,EAAE,CAAA;IAChB,CAAC;CAEF;AA1BD,wDA0BC"}
|
package/dist/cjs/index.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export type { Action, ActionType, ServiceAction, WildcardAction } from './actions/action.js';
|
|
2
2
|
export type { Condition } from './conditions/condition.js';
|
|
3
|
+
export type { ConditionOperation, SetOperator } from './conditions/conditionOperation.js';
|
|
3
4
|
export { loadPolicy } from './parser.js';
|
|
4
5
|
export type { Policy } from './policies/policy.js';
|
|
5
6
|
export type { Principal, PrincipalType } from './principals/principal.js';
|
package/dist/cjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA"}
|
package/dist/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAGA,yCAAwC;AAA/B,uGAAA,UAAU,OAAA"}
|
|
@@ -14,7 +14,7 @@ class PolicyImpl {
|
|
|
14
14
|
return this.policyObject.Id;
|
|
15
15
|
}
|
|
16
16
|
statements() {
|
|
17
|
-
return [this.policyObject.Statement].flat().map((statement) => new statement_js_1.StatementImpl(statement));
|
|
17
|
+
return [this.policyObject.Statement].flat().map((statement, index) => new statement_js_1.StatementImpl(statement, index + 1));
|
|
18
18
|
}
|
|
19
19
|
}
|
|
20
20
|
exports.PolicyImpl = PolicyImpl;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/policies/policy.ts"],"names":[],"mappings":";;;AAAA,6DAAqE;AAQrE,MAAa,UAAU;IACQ;IAA7B,YAA6B,YAAiB;QAAjB,iBAAY,GAAZ,YAAY,CAAK;IAAG,CAAC;IAE3C,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAA;IAClC,CAAC;IAEM,EAAE;QACP,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,CAAA;IAC7B,CAAC;IAEM,UAAU;QACf,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,SAAc,EAAE,EAAE,CAAC,IAAI,4BAAa,CAAC,SAAS,CAAC,CAAC,CAAA;
|
|
1
|
+
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/policies/policy.ts"],"names":[],"mappings":";;;AAAA,6DAAqE;AAQrE,MAAa,UAAU;IACQ;IAA7B,YAA6B,YAAiB;QAAjB,iBAAY,GAAZ,YAAY,CAAK;IAAG,CAAC;IAE3C,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAA;IAClC,CAAC;IAEM,EAAE;QACP,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,CAAA;IAC7B,CAAC;IAEM,UAAU;QACf,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,SAAc,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,4BAAa,CAAC,SAAS,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAA;IACrH,CAAC;CACF;AAdD,gCAcC"}
|
|
@@ -6,6 +6,10 @@ import { Resource } from "../resources/resource.js";
|
|
|
6
6
|
* Represents a statement in an IAM policy
|
|
7
7
|
*/
|
|
8
8
|
export interface Statement {
|
|
9
|
+
/**
|
|
10
|
+
* The index of the statement in the policy, starts from 1
|
|
11
|
+
*/
|
|
12
|
+
index(): number;
|
|
9
13
|
/**
|
|
10
14
|
* The optional Sid (Statement ID) for a statement
|
|
11
15
|
*/
|
|
@@ -114,7 +118,9 @@ export interface NotPrincipalStatement extends Statement {
|
|
|
114
118
|
*/
|
|
115
119
|
export declare class StatementImpl implements Statement, ActionStatement, NotActionStatement, ResourceStatement, NotResourceStatement, PrincipalStatement {
|
|
116
120
|
private readonly statementObject;
|
|
117
|
-
|
|
121
|
+
private readonly _index;
|
|
122
|
+
constructor(statementObject: any, _index: number);
|
|
123
|
+
index(): number;
|
|
118
124
|
sid(): string | undefined;
|
|
119
125
|
effect(): string;
|
|
120
126
|
isAllow(): boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"statement.d.ts","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAc,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,SAAS,EAAiB,MAAM,4BAA4B,CAAA;AACrE,OAAO,EAAE,SAAS,EAAgC,MAAM,4BAA4B,CAAA;AACpF,OAAO,EAAE,QAAQ,EAAgB,MAAM,0BAA0B,CAAA;AAEjE;;GAEG;AACH,MAAM,WAAW,SAAS;
|
|
1
|
+
{"version":3,"file":"statement.d.ts","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAc,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,SAAS,EAAiB,MAAM,4BAA4B,CAAA;AACrE,OAAO,EAAE,SAAS,EAAgC,MAAM,4BAA4B,CAAA;AACpF,OAAO,EAAE,QAAQ,EAAgB,MAAM,0BAA0B,CAAA;AAEjE;;GAEG;AACH,MAAM,WAAW,SAAS;IAExB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,GAAG,IAAI,MAAM,GAAG,SAAS,CAAA;IAEzB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;IAEhB;;OAEG;IACH,OAAO,IAAI,OAAO,CAAA;IAElB;;OAEG;IACH,MAAM,IAAI,OAAO,CAAA;IAEjB;;OAEG;IACH,UAAU,IAAI,SAAS,EAAE,CAAA;IAEzB;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,uBAAuB,IAAI,IAAI,IAAI,qBAAqB,CAAA;IAExD;;OAEG;IACH,iBAAiB,IAAI,IAAI,IAAI,eAAe,CAAA;IAE5C;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,mBAAmB,IAAI,IAAI,IAAI,iBAAiB,CAAA;IAEhD;;OAEG;IACH,sBAAsB,IAAI,IAAI,IAAI,oBAAoB,CAAA;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,eAAgB,SAAQ,SAAS;IAChD;;OAEG;IACH,OAAO,IAAI,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IAEnD;;OAEG;IACH,UAAU,IAAI,MAAM,EAAE,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD;;OAEG;IACH,SAAS,IAAI,QAAQ,EAAE,CAAA;IAEvB;;OAEG;IACH,yBAAyB,IAAI,OAAO,CAAA;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,SAAS;IACrD;;OAEG;IACH,YAAY,IAAI,QAAQ,EAAE,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IACnD;;OAEG;IACH,UAAU,IAAI,SAAS,EAAE,CAAA;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,SAAS;IAEtD;;OAEG;IACH,aAAa,IAAI,SAAS,EAAE,CAAA;CAC7B;AAED;;GAEG;AACH,qBAAa,aAAc,YAAW,SAAS,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,kBAAkB;IACnI,OAAO,CAAC,QAAQ,CAAC,eAAe;IAAO,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAA7C,eAAe,EAAE,GAAG,EAAmB,MAAM,EAAE,MAAM;IAE3E,KAAK,IAAI,MAAM;IAIf,GAAG,IAAI,MAAM,GAAG,SAAS;IAIzB,MAAM,IAAI,MAAM;IAIhB,OAAO,IAAI,OAAO;IAIlB,MAAM,IAAI,OAAO;IAIjB,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,uBAAuB,IAAI,IAAI,IAAI,qBAAqB;IAIxD,UAAU,IAAI,SAAS,EAAE;IAOzB,aAAa,IAAI,SAAS,EAAE;IAOnC;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAcrB,iBAAiB,IAAI,IAAI,IAAI,eAAe;IAI5C,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,OAAO,IAAI,MAAM,EAAE;IAOnB,UAAU,IAAI,MAAM,EAAE;IAOtB,mBAAmB,IAAI,IAAI,IAAI,iBAAiB;IAIhD,sBAAsB,IAAI,IAAI,IAAI,oBAAoB;IAItD,SAAS,IAAI,QAAQ,EAAE;IAOvB,YAAY,IAAI,QAAQ,EAAE;IAO1B,yBAAyB,IAAI,OAAO;IAOpC,UAAU,IAAI,SAAS,EAAE;CAWjC"}
|
|
@@ -10,8 +10,13 @@ const resource_js_1 = require("../resources/resource.js");
|
|
|
10
10
|
*/
|
|
11
11
|
class StatementImpl {
|
|
12
12
|
statementObject;
|
|
13
|
-
|
|
13
|
+
_index;
|
|
14
|
+
constructor(statementObject, _index) {
|
|
14
15
|
this.statementObject = statementObject;
|
|
16
|
+
this._index = _index;
|
|
17
|
+
}
|
|
18
|
+
index() {
|
|
19
|
+
return this._index;
|
|
15
20
|
}
|
|
16
21
|
sid() {
|
|
17
22
|
return this.statementObject.Sid;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"statement.js","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":";;;AAAA,oDAAyD;AACzD,6DAAqE;AACrE,6DAAoF;AACpF,0DAAiE;
|
|
1
|
+
{"version":3,"file":"statement.js","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":";;;AAAA,oDAAyD;AACzD,6DAAqE;AACrE,6DAAoF;AACpF,0DAAiE;AAuIjE;;GAEG;AACH,MAAa,aAAa;IACK;IAAuC;IAApE,YAA6B,eAAoB,EAAmB,MAAc;QAArD,oBAAe,GAAf,eAAe,CAAK;QAAmB,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/E,KAAK;QACV,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAEM,GAAG;QACR,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAA;IACjC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAA;IACpC,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,OAAO,CAAA;IAClC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,MAAM,CAAA;IACjC,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,KAAK,SAAS,CAAC;IACtD,CAAC;IAEM,uBAAuB;QAC5B,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,KAAK,SAAS,CAAC;IACzD,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC,CAAA;QAC3H,CAAC;QACD,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;IAClE,CAAC;IAEM,aAAa;QAClB,IAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC,CAAA;QACvI,CAAC;QACD,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;IACrE,CAAC;IAED;;;;;;;OAOG;IACK,oBAAoB,CAAC,UAAe;QAC1C,IAAG,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,CAAC,IAAI,4BAAa,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAA;QAC/C,CAAC;QACD,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,EAAE,cAAc,CAAC,EAAE,EAAE;YACxE,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;gBACtC,OAAO,IAAI,4BAAa,CAAC,aAA8B,EAAE,cAAc,CAAC,CAAA;YAC1E,CAAC;YACD,OAAO,MAAM,CAAC,OAAO,CAAC,cAAqB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBAChE,OAAO,IAAI,4BAAa,CAAC,aAA8B,EAAE,KAAe,CAAC,CAAA;YAC3E,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACX,CAAC;IAEM,iBAAiB;QACtB,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,SAAS,CAAC;IACnD,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,KAAK,SAAS,CAAC;IACtD,CAAC;IAEM,OAAO;QACZ,IAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAA;QAC/G,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,IAAI,sBAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IAC1F,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC,CAAA;QAC3H,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,IAAI,sBAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IAC7F,CAAC;IAEM,mBAAmB;QACxB,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,KAAK,SAAS,CAAC;IACrD,CAAC;IAEM,sBAAsB;QAC3B,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,KAAK,SAAS,CAAC;IACxD,CAAC;IAEM,SAAS;QACd,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,oGAAoG,CAAC,CAAA;QACvH,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,QAAa,EAAE,EAAE,CAAC,IAAI,0BAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;IAClG,CAAC;IAEM,YAAY;QACjB,IAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,gHAAgH,CAAC,CAAA;QACnI,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,QAAa,EAAE,EAAE,CAAC,IAAI,0BAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;IACrG,CAAC;IAEM,yBAAyB;QAC9B,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,oIAAoI,CAAC,CAAA;QACvJ,CAAC;QACD,OAAO,IAAI,CAAC,mBAAmB,EAAE,IAAI,IAAI,CAAC,eAAe,CAAC,QAAQ,KAAK,GAAG,CAAA;IAC5E,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;YACnC,OAAO,EAAE,CAAA;QACX,CAAC;QAED,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,EAAE;YAC7E,OAAO,MAAM,CAAC,OAAO,CAAC,OAAc,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,EAAE;gBACjE,OAAO,IAAI,4BAAa,CAAC,KAAK,EAAE,OAAO,EAAE,SAA8B,CAAC,CAAA;YAC1E,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACX,CAAC;CACF;AAjID,sCAiIC"}
|