@cloud-copilot/iam-policy 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.txt +674 -0
- package/README.md +135 -0
- package/dist/cjs/actions/action.d.ts +51 -0
- package/dist/cjs/actions/action.d.ts.map +1 -0
- package/dist/cjs/actions/action.js +33 -0
- package/dist/cjs/actions/action.js.map +1 -0
- package/dist/cjs/conditions/condition.d.ts +15 -0
- package/dist/cjs/conditions/condition.d.ts.map +1 -0
- package/dist/cjs/conditions/condition.js +24 -0
- package/dist/cjs/conditions/condition.js.map +1 -0
- package/dist/cjs/conditions/conditions.d.ts +15 -0
- package/dist/cjs/conditions/conditions.d.ts.map +1 -0
- package/dist/cjs/conditions/conditions.js +24 -0
- package/dist/cjs/conditions/conditions.js.map +1 -0
- package/dist/cjs/index.d.ts +8 -0
- package/dist/cjs/index.d.ts.map +1 -0
- package/dist/cjs/index.js +6 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/cjs/package.json +3 -0
- package/dist/cjs/parser.d.ts +9 -0
- package/dist/cjs/parser.d.ts.map +1 -0
- package/dist/cjs/parser.js +14 -0
- package/dist/cjs/parser.js.map +1 -0
- package/dist/cjs/policies/policy.d.ts +14 -0
- package/dist/cjs/policies/policy.d.ts.map +1 -0
- package/dist/cjs/policies/policy.js +21 -0
- package/dist/cjs/policies/policy.js.map +1 -0
- package/dist/cjs/principals/principal.d.ts +21 -0
- package/dist/cjs/principals/principal.d.ts.map +1 -0
- package/dist/cjs/principals/principal.js +35 -0
- package/dist/cjs/principals/principal.js.map +1 -0
- package/dist/cjs/principals/principals.d.ts +21 -0
- package/dist/cjs/principals/principals.d.ts.map +1 -0
- package/dist/cjs/principals/principals.js +35 -0
- package/dist/cjs/principals/principals.js.map +1 -0
- package/dist/cjs/resources/resource.d.ts +20 -0
- package/dist/cjs/resources/resource.d.ts.map +1 -0
- package/dist/cjs/resources/resource.js +18 -0
- package/dist/cjs/resources/resource.js.map +1 -0
- package/dist/cjs/statements/statement.d.ts +146 -0
- package/dist/cjs/statements/statement.d.ts.map +1 -0
- package/dist/cjs/statements/statement.js +121 -0
- package/dist/cjs/statements/statement.js.map +1 -0
- package/dist/cjs/utils.d.ts +8 -0
- package/dist/cjs/utils.d.ts.map +1 -0
- package/dist/cjs/utils.js +13 -0
- package/dist/cjs/utils.js.map +1 -0
- package/dist/esm/actions/action.d.ts +51 -0
- package/dist/esm/actions/action.d.ts.map +1 -0
- package/dist/esm/actions/action.js +28 -0
- package/dist/esm/actions/action.js.map +1 -0
- package/dist/esm/conditions/condition.d.ts +15 -0
- package/dist/esm/conditions/condition.d.ts.map +1 -0
- package/dist/esm/conditions/condition.js +17 -0
- package/dist/esm/conditions/condition.js.map +1 -0
- package/dist/esm/index.d.ts +8 -0
- package/dist/esm/index.d.ts.map +1 -0
- package/dist/esm/index.js +2 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/package.json +3 -0
- package/dist/esm/parser.d.ts +9 -0
- package/dist/esm/parser.d.ts.map +1 -0
- package/dist/esm/parser.js +11 -0
- package/dist/esm/parser.js.map +1 -0
- package/dist/esm/policies/policy.d.ts +14 -0
- package/dist/esm/policies/policy.d.ts.map +1 -0
- package/dist/esm/policies/policy.js +16 -0
- package/dist/esm/policies/policy.js.map +1 -0
- package/dist/esm/principals/principal.d.ts +21 -0
- package/dist/esm/principals/principal.d.ts.map +1 -0
- package/dist/esm/principals/principal.js +25 -0
- package/dist/esm/principals/principal.js.map +1 -0
- package/dist/esm/resources/resource.d.ts +20 -0
- package/dist/esm/resources/resource.d.ts.map +1 -0
- package/dist/esm/resources/resource.js +13 -0
- package/dist/esm/resources/resource.js.map +1 -0
- package/dist/esm/statements/statement.d.ts +146 -0
- package/dist/esm/statements/statement.d.ts.map +1 -0
- package/dist/esm/statements/statement.js +116 -0
- package/dist/esm/statements/statement.js.map +1 -0
- package/dist/esm/utils.d.ts +8 -0
- package/dist/esm/utils.d.ts.map +1 -0
- package/dist/esm/utils.js +10 -0
- package/dist/esm/utils.js.map +1 -0
- package/package.json +40 -0
|
@@ -0,0 +1,146 @@
|
|
|
1
|
+
import { Action } from "../actions/action.js";
|
|
2
|
+
import { Condition } from "../conditions/condition.js";
|
|
3
|
+
import { Principal } from "../principals/principal.js";
|
|
4
|
+
import { Resource } from "../resources/resource.js";
|
|
5
|
+
/**
|
|
6
|
+
* Represents a statement in an IAM policy
|
|
7
|
+
*/
|
|
8
|
+
export interface Statement {
|
|
9
|
+
/**
|
|
10
|
+
* The optional Sid (Statement ID) for a statement
|
|
11
|
+
*/
|
|
12
|
+
sid(): string | undefined;
|
|
13
|
+
/**
|
|
14
|
+
* The effect of the statement, either 'Allow' or 'Deny'
|
|
15
|
+
*/
|
|
16
|
+
effect(): string;
|
|
17
|
+
/**
|
|
18
|
+
* Is the statement an Allow statement
|
|
19
|
+
*/
|
|
20
|
+
isAllow(): boolean;
|
|
21
|
+
/**
|
|
22
|
+
* Is the statement a Deny statement
|
|
23
|
+
*/
|
|
24
|
+
isDeny(): boolean;
|
|
25
|
+
/**
|
|
26
|
+
* The conditions for the statement
|
|
27
|
+
*/
|
|
28
|
+
conditions(): Condition[];
|
|
29
|
+
/**
|
|
30
|
+
* Does the statement have a Principal
|
|
31
|
+
*/
|
|
32
|
+
isPrincipalStatement(): this is PrincipalStatement;
|
|
33
|
+
/**
|
|
34
|
+
* Does the statement have a NotPrincipal
|
|
35
|
+
*/
|
|
36
|
+
isNotPrincipalStatement(): this is NotPrincipalStatement;
|
|
37
|
+
/**
|
|
38
|
+
* Does the statement have an Action
|
|
39
|
+
*/
|
|
40
|
+
isActionStatement(): this is ActionStatement;
|
|
41
|
+
/**
|
|
42
|
+
* Does the statement have a NotAction
|
|
43
|
+
*/
|
|
44
|
+
isNotActionStatement(): this is NotActionStatement;
|
|
45
|
+
/**
|
|
46
|
+
* Does the statement have a Resource
|
|
47
|
+
*/
|
|
48
|
+
isResourceStatement(): this is ResourceStatement;
|
|
49
|
+
/**
|
|
50
|
+
* Does the statement have a NotResource
|
|
51
|
+
*/
|
|
52
|
+
isNotResourceStatement(): this is NotResourceStatement;
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* Represents a statement in an IAM policy that has Action
|
|
56
|
+
*/
|
|
57
|
+
export interface ActionStatement extends Statement {
|
|
58
|
+
/**
|
|
59
|
+
* The actions for the statement
|
|
60
|
+
*/
|
|
61
|
+
actions(): Action[];
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Represents a statement in an IAM policy that has NotAction
|
|
65
|
+
*/
|
|
66
|
+
export interface NotActionStatement extends Statement {
|
|
67
|
+
/**
|
|
68
|
+
* The not actions for the statement
|
|
69
|
+
*/
|
|
70
|
+
notActions(): Action[];
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Represents a statement in an IAM policy that has Resource
|
|
74
|
+
*/
|
|
75
|
+
export interface ResourceStatement extends Statement {
|
|
76
|
+
/**
|
|
77
|
+
* The resources for the statement
|
|
78
|
+
*/
|
|
79
|
+
resources(): Resource[];
|
|
80
|
+
/**
|
|
81
|
+
* Is the resource element exactly a single wildcard: `"*"`
|
|
82
|
+
*/
|
|
83
|
+
hasSingleResourceWildcard(): boolean;
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Represents a statement in an IAM policy that has NotResource
|
|
87
|
+
*/
|
|
88
|
+
export interface NotResourceStatement extends Statement {
|
|
89
|
+
/**
|
|
90
|
+
* The not resources for the statement
|
|
91
|
+
*/
|
|
92
|
+
notResources(): Resource[];
|
|
93
|
+
}
|
|
94
|
+
/**
|
|
95
|
+
* Represents a statement in an IAM policy that has Principal
|
|
96
|
+
*/
|
|
97
|
+
export interface PrincipalStatement extends Statement {
|
|
98
|
+
/**
|
|
99
|
+
* The principals for the statement
|
|
100
|
+
*/
|
|
101
|
+
principals(): Principal[];
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Represents a statement in an IAM policy that has NotPrincipal
|
|
105
|
+
*/
|
|
106
|
+
export interface NotPrincipalStatement extends Statement {
|
|
107
|
+
/**
|
|
108
|
+
* The not principals for the statement
|
|
109
|
+
*/
|
|
110
|
+
notPrincipals(): Principal[];
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Implementation of the Statement interface and all its sub-interfaces
|
|
114
|
+
*/
|
|
115
|
+
export declare class StatementImpl implements Statement, ActionStatement, NotActionStatement, ResourceStatement, NotResourceStatement, PrincipalStatement {
|
|
116
|
+
private readonly statementObject;
|
|
117
|
+
constructor(statementObject: any);
|
|
118
|
+
sid(): string | undefined;
|
|
119
|
+
effect(): string;
|
|
120
|
+
isAllow(): boolean;
|
|
121
|
+
isDeny(): boolean;
|
|
122
|
+
isPrincipalStatement(): this is PrincipalStatement;
|
|
123
|
+
isNotPrincipalStatement(): this is NotPrincipalStatement;
|
|
124
|
+
principals(): Principal[];
|
|
125
|
+
notPrincipals(): Principal[];
|
|
126
|
+
/**
|
|
127
|
+
* Parse the principal object into PrincipalImpl objects.
|
|
128
|
+
*
|
|
129
|
+
* This is non trivial and we don't want to implement this in each function.
|
|
130
|
+
*
|
|
131
|
+
* @param principals the Principal or NotPrincipal object ot parse
|
|
132
|
+
* @returns the backing principals for a Principal or NotPrincipal object
|
|
133
|
+
*/
|
|
134
|
+
private parsePrincipalObject;
|
|
135
|
+
isActionStatement(): this is ActionStatement;
|
|
136
|
+
isNotActionStatement(): this is NotActionStatement;
|
|
137
|
+
actions(): Action[];
|
|
138
|
+
notActions(): Action[];
|
|
139
|
+
isResourceStatement(): this is ResourceStatement;
|
|
140
|
+
isNotResourceStatement(): this is NotResourceStatement;
|
|
141
|
+
resources(): Resource[];
|
|
142
|
+
notResources(): Resource[];
|
|
143
|
+
hasSingleResourceWildcard(): boolean;
|
|
144
|
+
conditions(): Condition[];
|
|
145
|
+
}
|
|
146
|
+
//# sourceMappingURL=statement.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"statement.d.ts","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAc,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,SAAS,EAAiB,MAAM,4BAA4B,CAAA;AACrE,OAAO,EAAE,SAAS,EAAgC,MAAM,4BAA4B,CAAA;AACpF,OAAO,EAAE,QAAQ,EAAgB,MAAM,0BAA0B,CAAA;AAEjE;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;OAEG;IACH,GAAG,IAAI,MAAM,GAAG,SAAS,CAAA;IAEzB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;IAEhB;;OAEG;IACH,OAAO,IAAI,OAAO,CAAA;IAElB;;OAEG;IACH,MAAM,IAAI,OAAO,CAAA;IAEjB;;OAEG;IACH,UAAU,IAAI,SAAS,EAAE,CAAA;IAEzB;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,uBAAuB,IAAI,IAAI,IAAI,qBAAqB,CAAA;IAExD;;OAEG;IACH,iBAAiB,IAAI,IAAI,IAAI,eAAe,CAAA;IAE5C;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,mBAAmB,IAAI,IAAI,IAAI,iBAAiB,CAAA;IAEhD;;OAEG;IACH,sBAAsB,IAAI,IAAI,IAAI,oBAAoB,CAAA;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,eAAgB,SAAQ,SAAS;IAChD;;OAEG;IACH,OAAO,IAAI,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IAEnD;;OAEG;IACH,UAAU,IAAI,MAAM,EAAE,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD;;OAEG;IACH,SAAS,IAAI,QAAQ,EAAE,CAAA;IAEvB;;OAEG;IACH,yBAAyB,IAAI,OAAO,CAAA;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,SAAS;IACrD;;OAEG;IACH,YAAY,IAAI,QAAQ,EAAE,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IACnD;;OAEG;IACH,UAAU,IAAI,SAAS,EAAE,CAAA;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,SAAS;IAEtD;;OAEG;IACH,aAAa,IAAI,SAAS,EAAE,CAAA;CAC7B;AAED;;GAEG;AACH,qBAAa,aAAc,YAAW,SAAS,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,kBAAkB;IACnI,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAAf,eAAe,EAAE,GAAG;IAE1C,GAAG,IAAI,MAAM,GAAG,SAAS;IAIzB,MAAM,IAAI,MAAM;IAIhB,OAAO,IAAI,OAAO;IAIlB,MAAM,IAAI,OAAO;IAIjB,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,uBAAuB,IAAI,IAAI,IAAI,qBAAqB;IAIxD,UAAU,IAAI,SAAS,EAAE;IAOzB,aAAa,IAAI,SAAS,EAAE;IAOnC;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAcrB,iBAAiB,IAAI,IAAI,IAAI,eAAe;IAI5C,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,OAAO,IAAI,MAAM,EAAE;IAOnB,UAAU,IAAI,MAAM,EAAE;IAOtB,mBAAmB,IAAI,IAAI,IAAI,iBAAiB;IAIhD,sBAAsB,IAAI,IAAI,IAAI,oBAAoB;IAItD,SAAS,IAAI,QAAQ,EAAE;IAOvB,YAAY,IAAI,QAAQ,EAAE;IAO1B,yBAAyB,IAAI,OAAO;IAOpC,UAAU,IAAI,SAAS,EAAE;CAWjC"}
|
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.StatementImpl = void 0;
|
|
4
|
+
const action_js_1 = require("../actions/action.js");
|
|
5
|
+
const condition_js_1 = require("../conditions/condition.js");
|
|
6
|
+
const principal_js_1 = require("../principals/principal.js");
|
|
7
|
+
const resource_js_1 = require("../resources/resource.js");
|
|
8
|
+
/**
|
|
9
|
+
* Implementation of the Statement interface and all its sub-interfaces
|
|
10
|
+
*/
|
|
11
|
+
class StatementImpl {
|
|
12
|
+
statementObject;
|
|
13
|
+
constructor(statementObject) {
|
|
14
|
+
this.statementObject = statementObject;
|
|
15
|
+
}
|
|
16
|
+
sid() {
|
|
17
|
+
return this.statementObject.Sid;
|
|
18
|
+
}
|
|
19
|
+
effect() {
|
|
20
|
+
return this.statementObject.Effect;
|
|
21
|
+
}
|
|
22
|
+
isAllow() {
|
|
23
|
+
return this.effect() === 'Allow';
|
|
24
|
+
}
|
|
25
|
+
isDeny() {
|
|
26
|
+
return this.effect() === 'Deny';
|
|
27
|
+
}
|
|
28
|
+
isPrincipalStatement() {
|
|
29
|
+
return this.statementObject.Principal !== undefined;
|
|
30
|
+
}
|
|
31
|
+
isNotPrincipalStatement() {
|
|
32
|
+
return this.statementObject.NotPrincipal !== undefined;
|
|
33
|
+
}
|
|
34
|
+
principals() {
|
|
35
|
+
if (!this.isPrincipalStatement()) {
|
|
36
|
+
throw new Error('Called principals on a statement without Principal, use isPrincipalStatement before calling principals');
|
|
37
|
+
}
|
|
38
|
+
return this.parsePrincipalObject(this.statementObject.Principal);
|
|
39
|
+
}
|
|
40
|
+
notPrincipals() {
|
|
41
|
+
if (!this.isNotPrincipalStatement()) {
|
|
42
|
+
throw new Error('Called notPrincipals on a statement without NotPrincipal, use isNotPrincipalStatement before calling notPrincipals');
|
|
43
|
+
}
|
|
44
|
+
return this.parsePrincipalObject(this.statementObject.NotPrincipal);
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* Parse the principal object into PrincipalImpl objects.
|
|
48
|
+
*
|
|
49
|
+
* This is non trivial and we don't want to implement this in each function.
|
|
50
|
+
*
|
|
51
|
+
* @param principals the Principal or NotPrincipal object ot parse
|
|
52
|
+
* @returns the backing principals for a Principal or NotPrincipal object
|
|
53
|
+
*/
|
|
54
|
+
parsePrincipalObject(principals) {
|
|
55
|
+
if (typeof principals === 'string') {
|
|
56
|
+
return [new principal_js_1.PrincipalImpl('AWS', principals)];
|
|
57
|
+
}
|
|
58
|
+
return Object.entries(principals).map(([principalType, principalValue]) => {
|
|
59
|
+
if (typeof principalValue === 'string') {
|
|
60
|
+
return new principal_js_1.PrincipalImpl(principalType, principalValue);
|
|
61
|
+
}
|
|
62
|
+
return Object.entries(principalValue).map(([key, value]) => {
|
|
63
|
+
return new principal_js_1.PrincipalImpl(principalType, value);
|
|
64
|
+
});
|
|
65
|
+
}).flat();
|
|
66
|
+
}
|
|
67
|
+
isActionStatement() {
|
|
68
|
+
return this.statementObject.Action !== undefined;
|
|
69
|
+
}
|
|
70
|
+
isNotActionStatement() {
|
|
71
|
+
return this.statementObject.NotAction !== undefined;
|
|
72
|
+
}
|
|
73
|
+
actions() {
|
|
74
|
+
if (!this.isActionStatement()) {
|
|
75
|
+
throw new Error('Called actions on a statement without Action, use isActionStatement before calling actions');
|
|
76
|
+
}
|
|
77
|
+
return [this.statementObject.Action].flat().map((action) => new action_js_1.ActionImpl(action));
|
|
78
|
+
}
|
|
79
|
+
notActions() {
|
|
80
|
+
if (!this.isNotActionStatement()) {
|
|
81
|
+
throw new Error('Called notActions on a statement without NotAction, use isNotActionStatement before calling notActions');
|
|
82
|
+
}
|
|
83
|
+
return [this.statementObject.NotAction].flat().map((action) => new action_js_1.ActionImpl(action));
|
|
84
|
+
}
|
|
85
|
+
isResourceStatement() {
|
|
86
|
+
return this.statementObject.Resource !== undefined;
|
|
87
|
+
}
|
|
88
|
+
isNotResourceStatement() {
|
|
89
|
+
return this.statementObject.NotResource !== undefined;
|
|
90
|
+
}
|
|
91
|
+
resources() {
|
|
92
|
+
if (!this.isResourceStatement()) {
|
|
93
|
+
throw new Error('Called resources on a statement without Resource, use isResourceStatement before calling resources');
|
|
94
|
+
}
|
|
95
|
+
return [this.statementObject.Resource].flat().map((resource) => new resource_js_1.ResourceImpl(resource));
|
|
96
|
+
}
|
|
97
|
+
notResources() {
|
|
98
|
+
if (!this.isNotResourceStatement()) {
|
|
99
|
+
throw new Error('Called notResources on a statement without NotResource, use isNotResourceStatement before calling notResources');
|
|
100
|
+
}
|
|
101
|
+
return [this.statementObject.NotResource].flat().map((resource) => new resource_js_1.ResourceImpl(resource));
|
|
102
|
+
}
|
|
103
|
+
hasSingleResourceWildcard() {
|
|
104
|
+
if (!this.isResourceStatement()) {
|
|
105
|
+
throw new Error('Called hasSingleResourceWildcard on a statement without Resource, use isResourceStatement before calling hasSingleResourceWildcard');
|
|
106
|
+
}
|
|
107
|
+
return this.isResourceStatement() && this.statementObject.Resource === '*';
|
|
108
|
+
}
|
|
109
|
+
conditions() {
|
|
110
|
+
if (!this.statementObject.Condition) {
|
|
111
|
+
return [];
|
|
112
|
+
}
|
|
113
|
+
return Object.entries(this.statementObject.Condition).map(([opKey, opValue]) => {
|
|
114
|
+
return Object.entries(opValue).map(([condKey, condValue]) => {
|
|
115
|
+
return new condition_js_1.ConditionImpl(opKey, condKey, condValue);
|
|
116
|
+
});
|
|
117
|
+
}).flat();
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
exports.StatementImpl = StatementImpl;
|
|
121
|
+
//# sourceMappingURL=statement.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"statement.js","sourceRoot":"","sources":["../../../src/statements/statement.ts"],"names":[],"mappings":";;;AAAA,oDAAyD;AACzD,6DAAqE;AACrE,6DAAoF;AACpF,0DAAiE;AAiIjE;;GAEG;AACH,MAAa,aAAa;IACK;IAA7B,YAA6B,eAAoB;QAApB,oBAAe,GAAf,eAAe,CAAK;IAAG,CAAC;IAE9C,GAAG;QACR,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAA;IACjC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAA;IACpC,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,OAAO,CAAA;IAClC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,MAAM,CAAA;IACjC,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,KAAK,SAAS,CAAC;IACtD,CAAC;IAEM,uBAAuB;QAC5B,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,KAAK,SAAS,CAAC;IACzD,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC,CAAA;QAC3H,CAAC;QACD,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;IAClE,CAAC;IAEM,aAAa;QAClB,IAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC,CAAA;QACvI,CAAC;QACD,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;IACrE,CAAC;IAED;;;;;;;OAOG;IACK,oBAAoB,CAAC,UAAe;QAC1C,IAAG,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,CAAC,IAAI,4BAAa,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAA;QAC/C,CAAC;QACD,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,EAAE,cAAc,CAAC,EAAE,EAAE;YACxE,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;gBACtC,OAAO,IAAI,4BAAa,CAAC,aAA8B,EAAE,cAAc,CAAC,CAAA;YAC1E,CAAC;YACD,OAAO,MAAM,CAAC,OAAO,CAAC,cAAqB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBAChE,OAAO,IAAI,4BAAa,CAAC,aAA8B,EAAE,KAAe,CAAC,CAAA;YAC3E,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACX,CAAC;IAEM,iBAAiB;QACtB,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,SAAS,CAAC;IACnD,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,KAAK,SAAS,CAAC;IACtD,CAAC;IAEM,OAAO;QACZ,IAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAA;QAC/G,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,IAAI,sBAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IAC1F,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC,CAAA;QAC3H,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,MAAW,EAAE,EAAE,CAAC,IAAI,sBAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IAC7F,CAAC;IAEM,mBAAmB;QACxB,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,KAAK,SAAS,CAAC;IACrD,CAAC;IAEM,sBAAsB;QAC3B,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,KAAK,SAAS,CAAC;IACxD,CAAC;IAEM,SAAS;QACd,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,oGAAoG,CAAC,CAAA;QACvH,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,QAAa,EAAE,EAAE,CAAC,IAAI,0BAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;IAClG,CAAC;IAEM,YAAY;QACjB,IAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,gHAAgH,CAAC,CAAA;QACnI,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,QAAa,EAAE,EAAE,CAAC,IAAI,0BAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;IACrG,CAAC;IAEM,yBAAyB;QAC9B,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,oIAAoI,CAAC,CAAA;QACvJ,CAAC;QACD,OAAO,IAAI,CAAC,mBAAmB,EAAE,IAAI,IAAI,CAAC,eAAe,CAAC,QAAQ,KAAK,GAAG,CAAA;IAC5E,CAAC;IAEM,UAAU;QACf,IAAG,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;YACnC,OAAO,EAAE,CAAA;QACX,CAAC;QAED,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,EAAE;YAC7E,OAAO,MAAM,CAAC,OAAO,CAAC,OAAc,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,EAAE;gBACjE,OAAO,IAAI,4BAAa,CAAC,KAAK,EAAE,OAAO,EAAE,SAA8B,CAAC,CAAA;YAC1E,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACX,CAAC;CACF;AA7HD,sCA6HC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Checks if a string is all wildcards(*)
|
|
3
|
+
*
|
|
4
|
+
* @param value The value to check if it is a wildcard
|
|
5
|
+
* @returns True if the value is all wildcards, false otherwise
|
|
6
|
+
*/
|
|
7
|
+
export declare function isAllWildcards(value: string): boolean;
|
|
8
|
+
//# sourceMappingURL=utils.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AACA;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAErD"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.isAllWildcards = isAllWildcards;
|
|
4
|
+
/**
|
|
5
|
+
* Checks if a string is all wildcards(*)
|
|
6
|
+
*
|
|
7
|
+
* @param value The value to check if it is a wildcard
|
|
8
|
+
* @returns True if the value is all wildcards, false otherwise
|
|
9
|
+
*/
|
|
10
|
+
function isAllWildcards(value) {
|
|
11
|
+
return value.match(/^\**$/) !== null;
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":";;AAOA,wCAEC;AARD;;;;;GAKG;AACH,SAAgB,cAAc,CAAC,KAAa;IAC1C,OAAO,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,CAAA;AACtC,CAAC"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
export type ActionType = 'service' | 'wildcard';
|
|
2
|
+
/**
|
|
3
|
+
* An Action string in an IAM policy
|
|
4
|
+
*/
|
|
5
|
+
export interface Action {
|
|
6
|
+
/**
|
|
7
|
+
* The type of actions
|
|
8
|
+
*/
|
|
9
|
+
type(): ActionType;
|
|
10
|
+
/**
|
|
11
|
+
* The raw string of the action
|
|
12
|
+
*/
|
|
13
|
+
value(): string;
|
|
14
|
+
/**
|
|
15
|
+
* Whether the action is a wildcard action: `"*"`
|
|
16
|
+
*/
|
|
17
|
+
isWildcardAction(): boolean;
|
|
18
|
+
/**
|
|
19
|
+
* Whether the action is a service action: `"service:Action"`
|
|
20
|
+
*/
|
|
21
|
+
isServiceAction(): boolean;
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* A wildcard action: `"*"`
|
|
25
|
+
*/
|
|
26
|
+
export interface WildcardAction extends Action {
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* A service action: `"service:Action"`
|
|
30
|
+
*/
|
|
31
|
+
export interface ServiceAction extends Action {
|
|
32
|
+
/**
|
|
33
|
+
* The service of the action
|
|
34
|
+
*/
|
|
35
|
+
service(): string;
|
|
36
|
+
/**
|
|
37
|
+
* The action within the service
|
|
38
|
+
*/
|
|
39
|
+
action(): string;
|
|
40
|
+
}
|
|
41
|
+
export declare class ActionImpl implements Action, WildcardAction, ServiceAction {
|
|
42
|
+
private readonly rawValue;
|
|
43
|
+
constructor(rawValue: string);
|
|
44
|
+
type(): ActionType;
|
|
45
|
+
value(): string;
|
|
46
|
+
isWildcardAction(): this is WildcardAction;
|
|
47
|
+
isServiceAction(): this is ServiceAction;
|
|
48
|
+
service(): string;
|
|
49
|
+
action(): string;
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=action.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,OAAO,CAAA;IAE3B;;OAEG;IACH,eAAe,IAAI,OAAO,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { isAllWildcards } from "../utils.js";
|
|
2
|
+
export class ActionImpl {
|
|
3
|
+
constructor(rawValue) {
|
|
4
|
+
this.rawValue = rawValue;
|
|
5
|
+
}
|
|
6
|
+
type() {
|
|
7
|
+
if (isAllWildcards(this.rawValue)) {
|
|
8
|
+
return 'wildcard';
|
|
9
|
+
}
|
|
10
|
+
return 'service';
|
|
11
|
+
}
|
|
12
|
+
value() {
|
|
13
|
+
return this.rawValue;
|
|
14
|
+
}
|
|
15
|
+
isWildcardAction() {
|
|
16
|
+
return this.type() === 'wildcard';
|
|
17
|
+
}
|
|
18
|
+
isServiceAction() {
|
|
19
|
+
return this.type() === 'service';
|
|
20
|
+
}
|
|
21
|
+
service() {
|
|
22
|
+
return this.rawValue.split(':')[0];
|
|
23
|
+
}
|
|
24
|
+
action() {
|
|
25
|
+
return this.rawValue.split(':')[1];
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
//# sourceMappingURL=action.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"action.js","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAkD5C,MAAM,OAAO,UAAU;IACrB,YAA6B,QAAgB;QAAhB,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAE1C,IAAI;QACT,IAAG,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,SAAS,CAAA;IAClB,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,UAAU,CAAA;IACnC,CAAC;IAEM,eAAe;QACpB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,SAAS,CAAA;IAClC,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;IAEM,MAAM;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;CACF"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
export interface Condition {
|
|
2
|
+
operation(): string;
|
|
3
|
+
conditionKey(): string;
|
|
4
|
+
conditionValues(): string[];
|
|
5
|
+
}
|
|
6
|
+
export declare class ConditionImpl implements Condition {
|
|
7
|
+
private readonly op;
|
|
8
|
+
private readonly key;
|
|
9
|
+
private readonly values;
|
|
10
|
+
constructor(op: string, key: string, values: string | string[]);
|
|
11
|
+
operation(): string;
|
|
12
|
+
conditionKey(): string;
|
|
13
|
+
conditionValues(): string[];
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=condition.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"condition.d.ts","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,SAAS;IACxB,SAAS,IAAI,MAAM,CAAA;IACnB,YAAY,IAAI,MAAM,CAAA;IACtB,eAAe,IAAI,MAAM,EAAE,CAAA;CAC5B;AAED,qBAAa,aAAc,YAAW,SAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,EAAE;IAAU,OAAO,CAAC,QAAQ,CAAC,GAAG;IAAU,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAjE,EAAE,EAAE,MAAM,EAAmB,GAAG,EAAE,MAAM,EAAmB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE;IAE1G,SAAS,IAAI,MAAM;IAInB,YAAY,IAAI,MAAM;IAItB,eAAe,IAAI,MAAM,EAAE;CAGnC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
export class ConditionImpl {
|
|
2
|
+
constructor(op, key, values) {
|
|
3
|
+
this.op = op;
|
|
4
|
+
this.key = key;
|
|
5
|
+
this.values = values;
|
|
6
|
+
}
|
|
7
|
+
operation() {
|
|
8
|
+
return this.op;
|
|
9
|
+
}
|
|
10
|
+
conditionKey() {
|
|
11
|
+
return this.key;
|
|
12
|
+
}
|
|
13
|
+
conditionValues() {
|
|
14
|
+
return typeof this.values === 'string' ? [this.values] : this.values;
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=condition.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"condition.js","sourceRoot":"","sources":["../../../src/conditions/condition.ts"],"names":[],"mappings":"AAMA,MAAM,OAAO,aAAa;IACxB,YAA6B,EAAU,EAAmB,GAAW,EAAmB,MAAyB;QAApF,OAAE,GAAF,EAAE,CAAQ;QAAmB,QAAG,GAAH,GAAG,CAAQ;QAAmB,WAAM,GAAN,MAAM,CAAmB;IAAG,CAAC;IAE9G,SAAS;QACd,OAAO,IAAI,CAAC,EAAE,CAAA;IAChB,CAAC;IAEM,YAAY;QACjB,OAAO,IAAI,CAAC,GAAG,CAAA;IACjB,CAAC;IAEM,eAAe;QACpB,OAAO,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtE,CAAC;CACF"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export type { Action, ActionType, ServiceAction, WildcardAction } from './actions/action.js';
|
|
2
|
+
export type { Condition } from './conditions/condition.js';
|
|
3
|
+
export { loadPolicy } from './parser.js';
|
|
4
|
+
export type { Policy } from './policies/policy.js';
|
|
5
|
+
export type { Principal, PrincipalType } from './principals/principal.js';
|
|
6
|
+
export type { Resource } from './resources/resource.js';
|
|
7
|
+
export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
|
|
8
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { PolicyImpl } from "./policies/policy.js";
|
|
2
|
+
/**
|
|
3
|
+
* Load a Policy from a policy document
|
|
4
|
+
*
|
|
5
|
+
* @param policyDocument the policy document JSON object
|
|
6
|
+
* @returns the Policy object for the backing policy document
|
|
7
|
+
*/
|
|
8
|
+
export declare function loadPolicy(policyDocument: any): PolicyImpl;
|
|
9
|
+
//# sourceMappingURL=parser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAElD;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,cAAc,EAAE,GAAG,cAE7C"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { PolicyImpl } from "./policies/policy.js";
|
|
2
|
+
/**
|
|
3
|
+
* Load a Policy from a policy document
|
|
4
|
+
*
|
|
5
|
+
* @param policyDocument the policy document JSON object
|
|
6
|
+
* @returns the Policy object for the backing policy document
|
|
7
|
+
*/
|
|
8
|
+
export function loadPolicy(policyDocument) {
|
|
9
|
+
return new PolicyImpl(policyDocument);
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=parser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAElD;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAmB;IAC1C,OAAO,IAAI,UAAU,CAAC,cAAc,CAAC,CAAC;AAC1C,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { Statement } from '../statements/statement.js';
|
|
2
|
+
export interface Policy {
|
|
3
|
+
version(): string | undefined;
|
|
4
|
+
id(): string | undefined;
|
|
5
|
+
statements(): Statement[];
|
|
6
|
+
}
|
|
7
|
+
export declare class PolicyImpl {
|
|
8
|
+
private readonly policyObject;
|
|
9
|
+
constructor(policyObject: any);
|
|
10
|
+
version(): string | undefined;
|
|
11
|
+
id(): string | undefined;
|
|
12
|
+
statements(): Statement[];
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=policy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../../src/policies/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAiB,MAAM,4BAA4B,CAAA;AAErE,MAAM,WAAW,MAAM;IACrB,OAAO,IAAI,MAAM,GAAG,SAAS,CAAA;IAC7B,EAAE,IAAI,MAAM,GAAG,SAAS,CAAA;IACxB,UAAU,IAAI,SAAS,EAAE,CAAA;CAC1B;AAED,qBAAa,UAAU;IACT,OAAO,CAAC,QAAQ,CAAC,YAAY;gBAAZ,YAAY,EAAE,GAAG;IAEvC,OAAO,IAAI,MAAM,GAAG,SAAS;IAI7B,EAAE,IAAI,MAAM,GAAG,SAAS;IAIxB,UAAU,IAAI,SAAS,EAAE;CAGjC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { StatementImpl } from '../statements/statement.js';
|
|
2
|
+
export class PolicyImpl {
|
|
3
|
+
constructor(policyObject) {
|
|
4
|
+
this.policyObject = policyObject;
|
|
5
|
+
}
|
|
6
|
+
version() {
|
|
7
|
+
return this.policyObject.Version;
|
|
8
|
+
}
|
|
9
|
+
id() {
|
|
10
|
+
return this.policyObject.Id;
|
|
11
|
+
}
|
|
12
|
+
statements() {
|
|
13
|
+
return [this.policyObject.Statement].flat().map((statement) => new StatementImpl(statement));
|
|
14
|
+
}
|
|
15
|
+
}
|
|
16
|
+
//# sourceMappingURL=policy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/policies/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,aAAa,EAAE,MAAM,4BAA4B,CAAA;AAQrE,MAAM,OAAO,UAAU;IACrB,YAA6B,YAAiB;QAAjB,iBAAY,GAAZ,YAAY,CAAK;IAAG,CAAC;IAE3C,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAA;IAClC,CAAC;IAEM,EAAE;QACP,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,CAAA;IAC7B,CAAC;IAEM,UAAU;QACf,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,SAAc,EAAE,EAAE,CAAC,IAAI,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;IACnG,CAAC;CACF"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
export type PrincipalType = 'AWS' | 'Service' | 'Federated' | 'CanonicalUser';
|
|
2
|
+
export interface Principal {
|
|
3
|
+
type(): PrincipalType;
|
|
4
|
+
value(): string;
|
|
5
|
+
}
|
|
6
|
+
export declare class PrincipalImpl {
|
|
7
|
+
private readonly principalType;
|
|
8
|
+
private readonly principalId;
|
|
9
|
+
constructor(principalType: PrincipalType, principalId: string);
|
|
10
|
+
value(): string;
|
|
11
|
+
type(): PrincipalType;
|
|
12
|
+
}
|
|
13
|
+
export declare class AwsPrincipal extends PrincipalImpl {
|
|
14
|
+
}
|
|
15
|
+
export declare class ServicePrincipal extends PrincipalImpl {
|
|
16
|
+
}
|
|
17
|
+
export declare class FederatedPrincipal extends PrincipalImpl {
|
|
18
|
+
}
|
|
19
|
+
export declare class CanonicalUserPrincipal extends PrincipalImpl {
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,CAAA;AAE7E,MAAM,WAAW,SAAS;IACxB,IAAI,IAAI,aAAa,CAAA;IACrB,KAAK,IAAI,MAAM,CAAA;CAChB;AAED,qBAAa,aAAa;IACZ,OAAO,CAAC,QAAQ,CAAC,aAAa;IAAiB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAA1D,aAAa,EAAE,aAAa,EAAmB,WAAW,EAAE,MAAM;IAExF,KAAK,IAAI,MAAM;IAIf,IAAI,IAAI,aAAa;CAG7B;AAGD,qBAAa,YAAa,SAAQ,aAAa;CAC9C;AAGD,qBAAa,gBAAiB,SAAQ,aAAa;CAClD;AAGD,qBAAa,kBAAmB,SAAQ,aAAa;CACpD;AAGD,qBAAa,sBAAuB,SAAQ,aAAa;CACxD"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
export class PrincipalImpl {
|
|
2
|
+
constructor(principalType, principalId) {
|
|
3
|
+
this.principalType = principalType;
|
|
4
|
+
this.principalId = principalId;
|
|
5
|
+
}
|
|
6
|
+
value() {
|
|
7
|
+
return this.principalId;
|
|
8
|
+
}
|
|
9
|
+
type() {
|
|
10
|
+
return this.principalType;
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
//AWS
|
|
14
|
+
export class AwsPrincipal extends PrincipalImpl {
|
|
15
|
+
}
|
|
16
|
+
//Service
|
|
17
|
+
export class ServicePrincipal extends PrincipalImpl {
|
|
18
|
+
}
|
|
19
|
+
//Federated
|
|
20
|
+
export class FederatedPrincipal extends PrincipalImpl {
|
|
21
|
+
}
|
|
22
|
+
//CanonicalUser
|
|
23
|
+
export class CanonicalUserPrincipal extends PrincipalImpl {
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=principal.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAOA,MAAM,OAAO,aAAa;IACxB,YAA6B,aAA4B,EAAmB,WAAmB;QAAlE,kBAAa,GAAb,aAAa,CAAe;QAAmB,gBAAW,GAAX,WAAW,CAAQ;IAAG,CAAC;IAE5F,KAAK;QACV,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,IAAI;QACT,OAAO,IAAI,CAAC,aAAa,CAAA;IAC3B,CAAC;CACF;AAED,KAAK;AACL,MAAM,OAAO,YAAa,SAAQ,aAAa;CAC9C;AAED,SAAS;AACT,MAAM,OAAO,gBAAiB,SAAQ,aAAa;CAClD;AAED,WAAW;AACX,MAAM,OAAO,kBAAmB,SAAQ,aAAa;CACpD;AAED,eAAe;AACf,MAAM,OAAO,sBAAuB,SAAQ,aAAa;CACxD"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* A resource string in an IAM policy
|
|
3
|
+
*/
|
|
4
|
+
export interface Resource {
|
|
5
|
+
/**
|
|
6
|
+
* The raw string of the resource
|
|
7
|
+
*/
|
|
8
|
+
value(): string;
|
|
9
|
+
/**
|
|
10
|
+
* Whether the resource is all resources: `"*"`
|
|
11
|
+
*/
|
|
12
|
+
isAllResources(): boolean;
|
|
13
|
+
}
|
|
14
|
+
export declare class ResourceImpl implements Resource {
|
|
15
|
+
private readonly rawValue;
|
|
16
|
+
constructor(rawValue: string);
|
|
17
|
+
value(): string;
|
|
18
|
+
isAllResources(): boolean;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=resource.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"resource.d.ts","sourceRoot":"","sources":["../../../src/resources/resource.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,cAAc,IAAI,OAAO,CAAA;CAC1B;AAGD,qBAAa,YAAa,YAAW,QAAQ;IAC/B,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,KAAK,IAAI,MAAM;IAIf,cAAc,IAAI,OAAO;CAGjC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { isAllWildcards } from "../utils.js";
|
|
2
|
+
export class ResourceImpl {
|
|
3
|
+
constructor(rawValue) {
|
|
4
|
+
this.rawValue = rawValue;
|
|
5
|
+
}
|
|
6
|
+
value() {
|
|
7
|
+
return this.rawValue;
|
|
8
|
+
}
|
|
9
|
+
isAllResources() {
|
|
10
|
+
return isAllWildcards(this.rawValue);
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=resource.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"resource.js","sourceRoot":"","sources":["../../../src/resources/resource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAkB7C,MAAM,OAAO,YAAY;IACvB,YAA6B,QAAgB;QAAhB,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAE1C,KAAK;QACV,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAEM,cAAc;QACnB,OAAO,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACtC,CAAC;CACF"}
|