npm - @cloud-copilot/iam-policy - Versions diffs - 0.0.3 → 0.0.5 - Mend

@cloud-copilot/iam-policy 0.0.3 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

package/README.md +75 -7
package/dist/cjs/actions/action.d.ts +2 -2
package/dist/cjs/actions/action.d.ts.map +1 -1
package/dist/cjs/index.d.ts +1 -0
package/dist/cjs/index.d.ts.map +1 -1
package/dist/cjs/index.js +3 -1
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/validate/validate.d.ts +6 -0
package/dist/cjs/validate/validate.d.ts.map +1 -0
package/dist/cjs/validate/validate.js +147 -0
package/dist/cjs/validate/validate.js.map +1 -0
package/dist/esm/actions/action.d.ts +2 -2
package/dist/esm/actions/action.d.ts.map +1 -1
package/dist/esm/index.d.ts +1 -0
package/dist/esm/index.d.ts.map +1 -1
package/dist/esm/index.js +1 -0
package/dist/esm/index.js.map +1 -1
package/dist/esm/validate/validate.d.ts +6 -0
package/dist/esm/validate/validate.d.ts.map +1 -0
package/dist/esm/validate/validate.js +144 -0
package/dist/esm/validate/validate.js.map +1 -0
package/package.json +4 -2
package/dist/actions/action.d.ts +0 -51
package/dist/actions/action.d.ts.map +0 -1
package/dist/actions/action.js +0 -33
package/dist/actions/action.js.map +0 -1
package/dist/actions/actions.test.d.ts +0 -2
package/dist/actions/actions.test.d.ts.map +0 -1
package/dist/actions/actions.test.js +0 -91
package/dist/actions/actions.test.js.map +0 -1
package/dist/cjs/conditions/conditions.d.ts +0 -15
package/dist/cjs/conditions/conditions.d.ts.map +0 -1
package/dist/cjs/conditions/conditions.js +0 -24
package/dist/cjs/conditions/conditions.js.map +0 -1
package/dist/cjs/principals/principals.d.ts +0 -21
package/dist/cjs/principals/principals.d.ts.map +0 -1
package/dist/cjs/principals/principals.js +0 -35
package/dist/cjs/principals/principals.js.map +0 -1
package/dist/conditions/condition.d.ts +0 -16
package/dist/conditions/condition.d.ts.map +0 -1
package/dist/conditions/condition.js +0 -25
package/dist/conditions/condition.js.map +0 -1
package/dist/conditions/conditionOperation.d.ts +0 -31
package/dist/conditions/conditionOperation.d.ts.map +0 -1
package/dist/conditions/conditionOperation.js +0 -31
package/dist/conditions/conditionOperation.js.map +0 -1
package/dist/index.d.ts +0 -9
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -6
package/dist/index.js.map +0 -1
package/dist/parser.d.ts +0 -9
package/dist/parser.d.ts.map +0 -1
package/dist/parser.js +0 -14
package/dist/parser.js.map +0 -1
package/dist/policies/policy.d.ts +0 -14
package/dist/policies/policy.d.ts.map +0 -1
package/dist/policies/policy.js +0 -21
package/dist/policies/policy.js.map +0 -1
package/dist/policies/policy.test.d.ts +0 -2
package/dist/policies/policy.test.d.ts.map +0 -1
package/dist/policies/policy.test.js +0 -74
package/dist/policies/policy.test.js.map +0 -1
package/dist/principals/principal.d.ts +0 -21
package/dist/principals/principal.d.ts.map +0 -1
package/dist/principals/principal.js +0 -35
package/dist/principals/principal.js.map +0 -1
package/dist/resources/resource.d.ts +0 -20
package/dist/resources/resource.d.ts.map +0 -1
package/dist/resources/resource.js +0 -18
package/dist/resources/resource.js.map +0 -1
package/dist/resources/resource.test.d.ts +0 -2
package/dist/resources/resource.test.d.ts.map +0 -1
package/dist/resources/resource.test.js +0 -35
package/dist/resources/resource.test.js.map +0 -1
package/dist/statements/statement.d.ts +0 -146
package/dist/statements/statement.d.ts.map +0 -1
package/dist/statements/statement.js +0 -121
package/dist/statements/statement.js.map +0 -1
package/dist/statements/statement.test.d.ts +0 -2
package/dist/statements/statement.test.d.ts.map +0 -1
package/dist/statements/statement.test.js +0 -479
package/dist/statements/statement.test.js.map +0 -1
package/dist/utils.d.ts +0 -8
package/dist/utils.d.ts.map +0 -1
package/dist/utils.js +0 -13
package/dist/utils.js.map +0 -1

package/README.md CHANGED Viewed

@@ -1,14 +1,82 @@
-# IAM Policy Parser
+# IAM Policy Syntax Validator and Parser
-This is a simple IAM policy library that allows you parse and navigate IAM policies without worring about the more difficult details of parsing policies.
+This is a simple IAM policy library that allows you to safely parse and navigate IAM policies without worring about the more difficult details of parsing policies or validating syntax.
 This may be updated in the future to allow modifying policies, right now it's read-only.
-_**This does not validate policies**_, it only parses them. If you pass in totally invalid JSON it will fail in glorious and unpredictable ways.
+## Validate Policy Syntax with `validatePolicySyntax`
+`validatePolicySyntax` is a syntax linter and will not validate the the policy is logical, secure, or correct.
-Here are some ways it helps:
+This will take any object and return back an array of findings. If the array is empty then the policy is valid.
+```typescript
+import { validatePolicySyntax } from '@cloud-copilot/iam-policy'
+validatePolicySyntax({
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "VisualEditor0",
+      "Effect": "Allow",
+      "Action": "s3:GetObject",
+      "Resource": "arn:aws:s3:::mybucket/*"
+    }
+  ]
+}); // []
+validatePolicySyntax({
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": 7,
+      "Effect": "Allow",
+      "Action": "s3:GetObject",
+      "Resource": "arn:aws:s3:::mybucket/*"
+    }
+  ]
+}); // [{ message: 'Found data type number allowed type(s) are string', path: 'Statement[0].Sid'}]
+/* It will attempt to find as many issues as possible in one pass */
+validatePolicySyntax({
+  "Version": "2012-10-17",
+  "Comment": "Jacob is kewl",
+  "Statement": [
+    {
+      "Sid": "SomeStatement",
+      "Effect": 7,
+      "Action": "s3:GetObject",
+      "Resource": "arn:aws:s3:::mybucket/*"
+    }, {
+      "Sid": "SomeStatement",
+      "Effect": ["Allow"],
+      "Action": "s3:GetObject",
+      "Resource": "arn:aws:s3:::mybucket/*",
+      "Condition": {
+        "NumericLessThan": {
+          "s3:max-keys": 7,
+        },
+        "StringLike": {
+          "s3:authType": new RegExp(/REST.*/),
+          "aws:TagKeys/Foo": ["Bar*", "Baz*"]
+        }
+      }
+    }
+  ]
+}); /*
+[
+  { message: 'Invalid key Comment', path: 'Comment' },
+  { message: 'Effect must be present and exactly "Allow" or "Deny"', path: 'Statement[0].Effect' },
+  { message: 'Effect must be present and exactly "Allow" or "Deny"', path: 'Statement[1].Effect' },
+  { message: 'Found data type number allowed type(s) are string', path: 'Statement[1].Condition.NumericLessThan s3:max-keys' },
+  { message: 'Found data type object allowed type(s) are string', path: 'Statement[1].Condition.StringLike.s3:authType' }
+]
+*/
+```
+## IAM Policy Parsing and Processing with `loadPolicy`
+`loadPolicy` _**does not validate policies**_, if you want validation ahead of time use `validatePolicySyntax`.
-## Normalizing Policy Elements that are Objects/Array of Objects or String/Array of Strings
+### Normalizes Policy Elements that are Objects/Array of Objects or String/Array of Strings
 ```typescript
 import{ loadPolicy } from '@cloud-copilot/iam-policy'
@@ -49,7 +117,7 @@ console.log(p2.statements()[0].sid()); //ObjectStatement
 There is similar support for condition values, principals, and resources.
-## Mutually Exclusive or Optional Policy Elements
+### Mutually Exclusive or Optional Policy Elements
 In IAM policies there are some elements that are mutually exclusive. For example, you can't have a `Principal` and a `NotPrincipal` in the same statement. Some elements are completely optional. We leverage the Typescript type system to make sure you only access data that is confirmed to exist in the policy.
@@ -86,7 +154,7 @@ if(statement.isNotActionStatement()) {
 There is similar support for `Action`, `NotAction`, `Principal`, `NotPrincipal`, `Resource`, and `NotResource` elements.
-## Flatten Complex Structures
+### Flatten Complex Structures
 Simplifies complex elements by flattening them into an array of homogenous objects. For example the Principal value can be a string or an object; the object values can be strings or arrays of strings.  We flatten those into an array of objects similar to what you would define in a terraform policy.

package/dist/cjs/actions/action.d.ts CHANGED Viewed

@@ -14,11 +14,11 @@ export interface Action {
     /**
      * Whether the action is a wildcard action: `"*"`
      */
-    isWildcardAction(): boolean;
+    isWildcardAction(): this is WildcardAction;
     /**
      * Whether the action is a service action: `"service:Action"`
      */
-    isServiceAction(): boolean;
+    isServiceAction(): this is ServiceAction;
 }
 /**
  * A wildcard action: `"*"`

package/dist/cjs/actions/action.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,~~OAAO~~,CAAA;~~IAE3B~~;;OAEG;IACH,eAAe,IAAI,~~OAAO~~,CAAA;~~CAC3B~~;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}
1	+ {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,IAAI,IAAI,cAAc,CAAA;IAE1C;;OAEG;IACH,eAAe,IAAI,IAAI,IAAI,aAAa,CAAA;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}

package/dist/cjs/index.d.ts CHANGED Viewed

@@ -6,4 +6,5 @@ export type { Policy } from './policies/policy.js';
 export type { Principal, PrincipalType } from './principals/principal.js';
 export type { Resource } from './resources/resource.js';
 export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
+export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/cjs/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}

package/dist/cjs/index.js CHANGED Viewed

@@ -1,6 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.loadPolicy = void 0;
+exports.validatePolicySyntax = exports.loadPolicy = void 0;
 var parser_js_1 = require("./parser.js");
 Object.defineProperty(exports, "loadPolicy", { enumerable: true, get: function () { return parser_js_1.loadPolicy; } });
+var validate_js_1 = require("./validate/validate.js");
+Object.defineProperty(exports, "validatePolicySyntax", { enumerable: true, get: function () { return validate_js_1.validatePolicySyntax; } });
 //# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAGA,yCAAwC;AAA/B,uGAAA,UAAU,OAAA"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAGA,yCAAwC;AAA/B,uGAAA,UAAU,OAAA;AAKnB,sDAAmF;AAA1E,mHAAA,oBAAoB,OAAA"}

package/dist/cjs/validate/validate.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export interface ValidationError {
+    message: string;
+    path: string;
+}
+export declare function validatePolicySyntax(policyDocument: any): ValidationError[];
+//# sourceMappingURL=validate.d.ts.map

package/dist/cjs/validate/validate.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA4B3E"}

package/dist/cjs/validate/validate.js ADDED Viewed

@@ -0,0 +1,147 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validatePolicySyntax = validatePolicySyntax;
+const allowedPolicyKeys = new Set(['Version', 'Statement', 'Id']);
+const allowedStatementKeys = new Set(['Sid', 'Effect', 'Action', 'NotAction', 'Resource', 'NotResource', 'Principal', 'NotPrincipal', 'Condition']);
+const allowedPrincipalKeys = new Set(['AWS', 'Service', 'Federated', 'CanonicalUser']);
+function validatePolicySyntax(policyDocument) {
+    const allErrors = [];
+    if (typeof policyDocument !== 'object') {
+        return [{ path: '', message: `Policy must be an object, received type ${typeof policyDocument}` }];
+    }
+    else if (Array.isArray(policyDocument)) {
+        return [{ path: '', message: 'Policy must be an object, received an array' }];
+    }
+    allErrors.push(...validateKeys(policyDocument, allowedPolicyKeys, ''));
+    allErrors.push(...validateDataTypeIfExists(policyDocument.Version, 'Version', 'string'));
+    allErrors.push(...validateDataTypeIfExists(policyDocument.Id, 'Id', 'string'));
+    if (!policyDocument.Statement) {
+        allErrors.push({
+            path: 'Statement',
+            message: 'Statement is required',
+        });
+    }
+    allErrors.push(...validateTypeOrArrayOfTypeIfExists(policyDocument.Statement, 'Statement', ['object']));
+    if (typeof policyDocument.Statement === 'object' && !Array.isArray(policyDocument.Statement)) {
+        allErrors.push(...validateStatement(policyDocument.Statement, 'Statement'));
+    }
+    else if (Array.isArray(policyDocument.Statement)) {
+        for (let i = 0; i < policyDocument.Statement.length; i++) {
+            allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
+        }
+    }
+    return allErrors;
+}
+function validateStatement(statement, path) {
+    const statementErrors = [];
+    statementErrors.push(...validateKeys(statement, allowedStatementKeys, path));
+    statementErrors.push(...validateDataTypeIfExists(statement.Sid, `${path}.Sid`, 'string'));
+    if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
+        statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
+    }
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Resource, `${path}.Resource`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotResource, `${path}.NotResource`, 'string'));
+    statementErrors.push(...validateDataTypeIfExists(statement.Principal, `${path}.Principal`, ['string', 'object']));
+    statementErrors.push(...validateDataTypeIfExists(statement.NotPrincipal, `${path}.NotPrincipal`, ['string', 'object']));
+    statementErrors.push(...validatePrincipal(statement.Principal, `${path}.Principal`));
+    statementErrors.push(...validatePrincipal(statement.NotPrincipal, `${path}.NotPrincipal`));
+    statementErrors.push(...validateCondition(statement.Condition, `${path}.Condition`));
+    return statementErrors;
+}
+function validatePrincipal(principal, path) {
+    const principalErrors = [];
+    if (principal === undefined || typeof principal === 'string') {
+        return [];
+    }
+    if (typeof principal === 'object') {
+        principalErrors.push(...validateKeys(principal, allowedPrincipalKeys, path));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.AWS, `${path}.AWS`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.Service, `${path}.Service`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.Federated, `${path}.Federated`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.CanonicalUser, `${path}.CanonicalUser`, 'string'));
+    }
+    return principalErrors;
+}
+function validateCondition(condition, path) {
+    const conditionErrors = [];
+    if (condition === undefined) {
+        return [];
+    }
+    conditionErrors.push(...validateDataTypeIfExists(condition, path, 'object'));
+    if (typeof condition !== 'object') {
+        return conditionErrors;
+    }
+    else if (Array.isArray(condition)) {
+        conditionErrors.push({
+            message: 'Condition must be an object, found an array',
+            path
+        });
+        return conditionErrors;
+    }
+    const conditionOperators = Object.keys(condition);
+    for (const operator of conditionOperators) {
+        conditionErrors.push(...validateDataTypeIfExists(condition[operator], `${path}.${operator}`, 'object'));
+        if (Array.isArray(condition[operator])) {
+            conditionErrors.push({
+                message: 'Condition operator must be an object, found an array',
+                path: `${path}.${operator}`
+            });
+        }
+        if (typeof condition[operator] === 'object' && !Array.isArray(condition[operator])) {
+            const conditionKeys = Object.keys(condition[operator]);
+            for (const key of conditionKeys) {
+                conditionErrors.push(...validateTypeOrArrayOfTypeIfExists(condition[operator][key], `${path}.${operator}.${key}`, 'string'));
+            }
+        }
+    }
+    return conditionErrors;
+}
+function validateKeys(object, allowedKeys, path) {
+    const keyErrors = [];
+    if (path != '') {
+        path = `${path}.`;
+    }
+    for (const key of Object.keys(object)) {
+        if (!allowedKeys.has(key)) {
+            keyErrors.push({
+                message: `Invalid key ${key}`,
+                path: `${path}${key}`
+            });
+        }
+    }
+    return keyErrors;
+}
+function validateTypeOrArrayOfTypeIfExists(value, path, allowedTypes) {
+    if (value === undefined) {
+        return [];
+    }
+    allowedTypes = Array.isArray(allowedTypes) ? allowedTypes : [allowedTypes];
+    const arrayOfTypeErrors = [];
+    if (!Array.isArray(value)) {
+        return validateDataTypeIfExists(value, path, allowedTypes);
+    }
+    else {
+        for (let i = 0; i < value.length; i++) {
+            arrayOfTypeErrors.push(...validateDataTypeIfExists(value[i], `${path}[${i}]`, allowedTypes));
+        }
+    }
+    return arrayOfTypeErrors;
+}
+function validateDataTypeIfExists(value, path, allowedDataTypes) {
+    if (value === undefined) {
+        return [];
+    }
+    allowedDataTypes = Array.isArray(allowedDataTypes) ? allowedDataTypes : [allowedDataTypes];
+    const errors = [];
+    const foundDataType = typeof value;
+    if (!allowedDataTypes.includes(foundDataType)) {
+        errors.push({
+            message: `Found data type ${foundDataType} allowed type(s) are ${allowedDataTypes.join(', ')}`,
+            path
+        });
+    }
+    return errors;
+}
+//# sourceMappingURL=validate.js.map

package/dist/cjs/validate/validate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":";;AAUA,oDA4BC;AAjCD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AAGvF,SAAgB,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,EAAE,QAAQ,CAAC,CAAC,CAAA;IAElH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/esm/actions/action.d.ts CHANGED Viewed

@@ -14,11 +14,11 @@ export interface Action {
     /**
      * Whether the action is a wildcard action: `"*"`
      */
-    isWildcardAction(): boolean;
+    isWildcardAction(): this is WildcardAction;
     /**
      * Whether the action is a service action: `"service:Action"`
      */
-    isServiceAction(): boolean;
+    isServiceAction(): this is ServiceAction;
 }
 /**
  * A wildcard action: `"*"`

package/dist/esm/actions/action.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,~~OAAO~~,CAAA;~~IAE3B~~;;OAEG;IACH,eAAe,IAAI,~~OAAO~~,CAAA;~~CAC3B~~;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}
1	+ {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,IAAI,IAAI,cAAc,CAAA;IAE1C;;OAEG;IACH,eAAe,IAAI,IAAI,IAAI,aAAa,CAAA;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}

package/dist/esm/index.d.ts CHANGED Viewed

@@ -6,4 +6,5 @@ export type { Policy } from './policies/policy.js';
 export type { Principal, PrincipalType } from './principals/principal.js';
 export type { Resource } from './resources/resource.js';
 export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
+export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzE,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}

package/dist/esm/index.js CHANGED Viewed

@@ -1,2 +1,3 @@
 export { loadPolicy } from './parser.js';
+export { validatePolicySyntax } from './validate/validate.js';
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAKxC,OAAO,EAAE,oBAAoB,EAAwB,MAAM,wBAAwB,CAAA"}

package/dist/esm/validate/validate.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export interface ValidationError {
+    message: string;
+    path: string;
+}
+export declare function validatePolicySyntax(policyDocument: any): ValidationError[];
+//# sourceMappingURL=validate.d.ts.map

package/dist/esm/validate/validate.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA4B3E"}

package/dist/esm/validate/validate.js ADDED Viewed

@@ -0,0 +1,144 @@
+const allowedPolicyKeys = new Set(['Version', 'Statement', 'Id']);
+const allowedStatementKeys = new Set(['Sid', 'Effect', 'Action', 'NotAction', 'Resource', 'NotResource', 'Principal', 'NotPrincipal', 'Condition']);
+const allowedPrincipalKeys = new Set(['AWS', 'Service', 'Federated', 'CanonicalUser']);
+export function validatePolicySyntax(policyDocument) {
+    const allErrors = [];
+    if (typeof policyDocument !== 'object') {
+        return [{ path: '', message: `Policy must be an object, received type ${typeof policyDocument}` }];
+    }
+    else if (Array.isArray(policyDocument)) {
+        return [{ path: '', message: 'Policy must be an object, received an array' }];
+    }
+    allErrors.push(...validateKeys(policyDocument, allowedPolicyKeys, ''));
+    allErrors.push(...validateDataTypeIfExists(policyDocument.Version, 'Version', 'string'));
+    allErrors.push(...validateDataTypeIfExists(policyDocument.Id, 'Id', 'string'));
+    if (!policyDocument.Statement) {
+        allErrors.push({
+            path: 'Statement',
+            message: 'Statement is required',
+        });
+    }
+    allErrors.push(...validateTypeOrArrayOfTypeIfExists(policyDocument.Statement, 'Statement', ['object']));
+    if (typeof policyDocument.Statement === 'object' && !Array.isArray(policyDocument.Statement)) {
+        allErrors.push(...validateStatement(policyDocument.Statement, 'Statement'));
+    }
+    else if (Array.isArray(policyDocument.Statement)) {
+        for (let i = 0; i < policyDocument.Statement.length; i++) {
+            allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
+        }
+    }
+    return allErrors;
+}
+function validateStatement(statement, path) {
+    const statementErrors = [];
+    statementErrors.push(...validateKeys(statement, allowedStatementKeys, path));
+    statementErrors.push(...validateDataTypeIfExists(statement.Sid, `${path}.Sid`, 'string'));
+    if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
+        statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
+    }
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Resource, `${path}.Resource`, 'string'));
+    statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotResource, `${path}.NotResource`, 'string'));
+    statementErrors.push(...validateDataTypeIfExists(statement.Principal, `${path}.Principal`, ['string', 'object']));
+    statementErrors.push(...validateDataTypeIfExists(statement.NotPrincipal, `${path}.NotPrincipal`, ['string', 'object']));
+    statementErrors.push(...validatePrincipal(statement.Principal, `${path}.Principal`));
+    statementErrors.push(...validatePrincipal(statement.NotPrincipal, `${path}.NotPrincipal`));
+    statementErrors.push(...validateCondition(statement.Condition, `${path}.Condition`));
+    return statementErrors;
+}
+function validatePrincipal(principal, path) {
+    const principalErrors = [];
+    if (principal === undefined || typeof principal === 'string') {
+        return [];
+    }
+    if (typeof principal === 'object') {
+        principalErrors.push(...validateKeys(principal, allowedPrincipalKeys, path));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.AWS, `${path}.AWS`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.Service, `${path}.Service`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.Federated, `${path}.Federated`, 'string'));
+        principalErrors.push(...validateTypeOrArrayOfTypeIfExists(principal.CanonicalUser, `${path}.CanonicalUser`, 'string'));
+    }
+    return principalErrors;
+}
+function validateCondition(condition, path) {
+    const conditionErrors = [];
+    if (condition === undefined) {
+        return [];
+    }
+    conditionErrors.push(...validateDataTypeIfExists(condition, path, 'object'));
+    if (typeof condition !== 'object') {
+        return conditionErrors;
+    }
+    else if (Array.isArray(condition)) {
+        conditionErrors.push({
+            message: 'Condition must be an object, found an array',
+            path
+        });
+        return conditionErrors;
+    }
+    const conditionOperators = Object.keys(condition);
+    for (const operator of conditionOperators) {
+        conditionErrors.push(...validateDataTypeIfExists(condition[operator], `${path}.${operator}`, 'object'));
+        if (Array.isArray(condition[operator])) {
+            conditionErrors.push({
+                message: 'Condition operator must be an object, found an array',
+                path: `${path}.${operator}`
+            });
+        }
+        if (typeof condition[operator] === 'object' && !Array.isArray(condition[operator])) {
+            const conditionKeys = Object.keys(condition[operator]);
+            for (const key of conditionKeys) {
+                conditionErrors.push(...validateTypeOrArrayOfTypeIfExists(condition[operator][key], `${path}.${operator}.${key}`, 'string'));
+            }
+        }
+    }
+    return conditionErrors;
+}
+function validateKeys(object, allowedKeys, path) {
+    const keyErrors = [];
+    if (path != '') {
+        path = `${path}.`;
+    }
+    for (const key of Object.keys(object)) {
+        if (!allowedKeys.has(key)) {
+            keyErrors.push({
+                message: `Invalid key ${key}`,
+                path: `${path}${key}`
+            });
+        }
+    }
+    return keyErrors;
+}
+function validateTypeOrArrayOfTypeIfExists(value, path, allowedTypes) {
+    if (value === undefined) {
+        return [];
+    }
+    allowedTypes = Array.isArray(allowedTypes) ? allowedTypes : [allowedTypes];
+    const arrayOfTypeErrors = [];
+    if (!Array.isArray(value)) {
+        return validateDataTypeIfExists(value, path, allowedTypes);
+    }
+    else {
+        for (let i = 0; i < value.length; i++) {
+            arrayOfTypeErrors.push(...validateDataTypeIfExists(value[i], `${path}[${i}]`, allowedTypes));
+        }
+    }
+    return arrayOfTypeErrors;
+}
+function validateDataTypeIfExists(value, path, allowedDataTypes) {
+    if (value === undefined) {
+        return [];
+    }
+    allowedDataTypes = Array.isArray(allowedDataTypes) ? allowedDataTypes : [allowedDataTypes];
+    const errors = [];
+    const foundDataType = typeof value;
+    if (!allowedDataTypes.includes(foundDataType)) {
+        errors.push({
+            message: `Found data type ${foundDataType} allowed type(s) are ${allowedDataTypes.join(', ')}`,
+            path
+        });
+    }
+    return errors;
+}
+//# sourceMappingURL=validate.js.map

package/dist/esm/validate/validate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAKA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AAGvF,MAAM,UAAU,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,EAAE,QAAQ,CAAC,CAAC,CAAA;IAElH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cloud-copilot/iam-policy",
-  "version": "0.0.3",
+  "version": "0.0.5",
   "description": "An ORM for AWS IAM policies",
   "repository": {
     "type": "git",
@@ -18,8 +18,10 @@
   "types": "dist/cjs/index.d.ts",
   "scripts": {
     "build": "npx tsc -p tsconfig.cjs.json && npx tsc -p tsconfig.esm.json && ./postbuild.sh",
+    "clean": "rm -rf dist",
     "test": "npx vitest --run --coverage",
-    "prepare": "npm run build"
+    "release": "npm run clean && npm run build && npm test && npm publish"
   },
   "keywords": [
     "AWS",

package/dist/actions/action.d.ts DELETED Viewed

@@ -1,51 +0,0 @@
-export type ActionType = 'service' | 'wildcard';
-/**
- * An Action string in an IAM policy
- */
-export interface Action {
-    /**
-     * The type of actions
-     */
-    type(): ActionType;
-    /**
-     * The raw string of the action
-     */
-    value(): string;
-    /**
-     * Whether the action is a wildcard action: `"*"`
-     */
-    isWildcardAction(): boolean;
-    /**
-     * Whether the action is a service action: `"service:Action"`
-     */
-    isServiceAction(): boolean;
-}
-/**
- * A wildcard action: `"*"`
- */
-export interface WildcardAction extends Action {
-}
-/**
- * A service action: `"service:Action"`
- */
-export interface ServiceAction extends Action {
-    /**
-     * The service of the action
-     */
-    service(): string;
-    /**
-     * The action within the service
-     */
-    action(): string;
-}
-export declare class ActionImpl implements Action, WildcardAction, ServiceAction {
-    private readonly rawValue;
-    constructor(rawValue: string);
-    type(): ActionType;
-    value(): string;
-    isWildcardAction(): this is WildcardAction;
-    isServiceAction(): this is ServiceAction;
-    service(): string;
-    action(): string;
-}
-//# sourceMappingURL=action.d.ts.map

package/dist/actions/action.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/actions/action.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/C;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,IAAI,IAAI,UAAU,CAAA;IAElB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,gBAAgB,IAAI,OAAO,CAAA;IAE3B;;OAEG;IACH,eAAe,IAAI,OAAO,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,MAAM;IAC3C;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,IAAI,MAAM,CAAA;CACjB;AAED,qBAAa,UAAW,YAAW,MAAM,EAAG,cAAc,EAAE,aAAa;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,MAAM;IAEtC,IAAI,IAAI,UAAU;IAOlB,KAAK,IAAI,MAAM;IAIf,gBAAgB,IAAI,IAAI,IAAI,cAAc;IAI1C,eAAe,IAAI,IAAI,IAAI,aAAa;IAIxC,OAAO,IAAI,MAAM;IAIjB,MAAM,IAAI,MAAM;CAGxB"}