@cloud-copilot/iam-policy 0.0.8 → 0.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/conditions/conditionOperation.d.ts.map +1 -1
- package/dist/cjs/conditions/conditionOperation.js +10 -3
- package/dist/cjs/conditions/conditionOperation.js.map +1 -1
- package/dist/cjs/index.d.ts +1 -1
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/principals/principal.d.ts +97 -9
- package/dist/cjs/principals/principal.d.ts.map +1 -1
- package/dist/cjs/principals/principal.js +66 -17
- package/dist/cjs/principals/principal.js.map +1 -1
- package/dist/cjs/validate/validate.d.ts.map +1 -1
- package/dist/cjs/validate/validate.js +29 -0
- package/dist/cjs/validate/validate.js.map +1 -1
- package/dist/esm/conditions/conditionOperation.d.ts.map +1 -1
- package/dist/esm/conditions/conditionOperation.js +10 -3
- package/dist/esm/conditions/conditionOperation.js.map +1 -1
- package/dist/esm/index.d.ts +1 -1
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/principals/principal.d.ts +97 -9
- package/dist/esm/principals/principal.d.ts.map +1 -1
- package/dist/esm/principals/principal.js +65 -12
- package/dist/esm/principals/principal.js.map +1 -1
- package/dist/esm/validate/validate.d.ts.map +1 -1
- package/dist/esm/validate/validate.js +29 -0
- package/dist/esm/validate/validate.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conditionOperation.d.ts","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,aAAa,CAAA;AAExD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,WAAW,IAAI,WAAW,GAAG,SAAS,CAAA;IAEtC;;OAEG;IACH,YAAY,IAAI,MAAM,CAAA;IAEtB;;OAEG;IACH,UAAU,IAAI,OAAO,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;CAChB;AAID,qBAAa,sBAAuB,YAAW,kBAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,MAAM;IAEhC,WAAW,IAAI,WAAW,GAAG,SAAS;
|
|
1
|
+
{"version":3,"file":"conditionOperation.d.ts","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,aAAa,CAAA;AAExD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,WAAW,IAAI,WAAW,GAAG,SAAS,CAAA;IAEtC;;OAEG;IACH,YAAY,IAAI,MAAM,CAAA;IAEtB;;OAEG;IACH,UAAU,IAAI,OAAO,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;CAChB;AAID,qBAAa,sBAAuB,YAAW,kBAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,MAAM;IAEhC,WAAW,IAAI,WAAW,GAAG,SAAS;IAatC,UAAU,IAAI,OAAO;IAIrB,YAAY,IAAI,MAAM;IAQtB,KAAK,IAAI,MAAM;CAIvB"}
|
|
@@ -11,14 +11,21 @@ class ConditionOperationImpl {
|
|
|
11
11
|
if (!this.op.includes(':')) {
|
|
12
12
|
return undefined;
|
|
13
13
|
}
|
|
14
|
-
|
|
14
|
+
const setOp = this.op.split(':').at(0)?.toLowerCase();
|
|
15
|
+
if (setOp === 'forallvalues') {
|
|
16
|
+
return 'ForAllValues';
|
|
17
|
+
}
|
|
18
|
+
else if (setOp === 'foranyvalue') {
|
|
19
|
+
return 'ForAnyValue';
|
|
20
|
+
}
|
|
21
|
+
throw new Error(`Unknown set operator: ${setOp}`);
|
|
15
22
|
}
|
|
16
23
|
isIfExists() {
|
|
17
|
-
return this.op.endsWith('
|
|
24
|
+
return this.op.toLowerCase().endsWith('ifexists');
|
|
18
25
|
}
|
|
19
26
|
baseOperator() {
|
|
20
27
|
const base = this.op.split(':').at(-1);
|
|
21
|
-
if (base?.endsWith('
|
|
28
|
+
if (base?.toLowerCase().endsWith('ifexists')) {
|
|
22
29
|
return base.slice(0, ifExistsSlice);
|
|
23
30
|
}
|
|
24
31
|
return base;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conditionOperation.js","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":";;;AA2BA,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAE5C,MAAa,sBAAsB;IACJ;IAA7B,YAA6B,EAAU;QAAV,OAAE,GAAF,EAAE,CAAQ;IAAG,CAAC;IAEpC,WAAW;QAChB,IAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,
|
|
1
|
+
{"version":3,"file":"conditionOperation.js","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":";;;AA2BA,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAE5C,MAAa,sBAAsB;IACJ;IAA7B,YAA6B,EAAU;QAAV,OAAE,GAAF,EAAE,CAAQ;IAAG,CAAC;IAEpC,WAAW;QAChB,IAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAA;QACrD,IAAG,KAAK,KAAK,cAAc,EAAE,CAAC;YAC5B,OAAO,cAAc,CAAA;QACvB,CAAC;aAAM,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;YACnC,OAAO,aAAa,CAAA;QACtB,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAA;IACnD,CAAC;IAEM,UAAU;QACf,OAAO,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;IACnD,CAAC;IAEM,YAAY;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QACvC,IAAG,IAAI,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;QACrC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,CAAC,EAAE,CAAA;IAChB,CAAC;CAEF;AAhCD,wDAgCC"}
|
package/dist/cjs/index.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ export type { Condition } from './conditions/condition.js';
|
|
|
3
3
|
export type { ConditionOperation, SetOperator } from './conditions/conditionOperation.js';
|
|
4
4
|
export { loadPolicy } from './parser.js';
|
|
5
5
|
export type { Policy } from './policies/policy.js';
|
|
6
|
-
export type { Principal, PrincipalType } from './principals/principal.js';
|
|
6
|
+
export type { AccountPrincipal, AwsPrincipal, CanonicalUserPrincipal, FederatedPrincipal, Principal, PrincipalType, ServicePrincipal, WildcardPrincipal } from './principals/principal.js';
|
|
7
7
|
export type { Resource } from './resources/resource.js';
|
|
8
8
|
export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
|
|
9
9
|
export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
|
package/dist/cjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}
|
|
@@ -1,21 +1,109 @@
|
|
|
1
1
|
export type PrincipalType = 'AWS' | 'Service' | 'Federated' | 'CanonicalUser';
|
|
2
|
+
/**
|
|
3
|
+
* A Principal in a policy statement
|
|
4
|
+
*/
|
|
2
5
|
export interface Principal {
|
|
6
|
+
/**
|
|
7
|
+
* The type of principal, such as "AWS", "Service", "Federated", "CanonicalUser"
|
|
8
|
+
*/
|
|
3
9
|
type(): PrincipalType;
|
|
10
|
+
/**
|
|
11
|
+
* The raw string of the principal
|
|
12
|
+
*/
|
|
4
13
|
value(): string;
|
|
14
|
+
/**
|
|
15
|
+
* Whether the principal is a wildcard principal: `"*"`
|
|
16
|
+
*/
|
|
17
|
+
isWildcardPrincipal(): this is WildcardPrincipal;
|
|
18
|
+
/**
|
|
19
|
+
* Whether the principal is an AWS principal
|
|
20
|
+
*/
|
|
21
|
+
isServicePrincipal(): this is ServicePrincipal;
|
|
22
|
+
/**
|
|
23
|
+
* Whether the principal is an AWS principal that is not an account or wildcard principal
|
|
24
|
+
*/
|
|
25
|
+
isAwsPrincipal(): this is AwsPrincipal;
|
|
26
|
+
/**
|
|
27
|
+
* Whether the principal is a federated principal
|
|
28
|
+
*/
|
|
29
|
+
isFederatedPrincipal(): this is FederatedPrincipal;
|
|
30
|
+
/**
|
|
31
|
+
* Whether the principal is a canonical user principal
|
|
32
|
+
*/
|
|
33
|
+
isCanonicalUserPrincipal(): this is CanonicalUserPrincipal;
|
|
34
|
+
/**
|
|
35
|
+
* Whether the principal is an account principal
|
|
36
|
+
*/
|
|
37
|
+
isAccountPrincipal(): this is AccountPrincipal;
|
|
5
38
|
}
|
|
6
|
-
|
|
39
|
+
/**
|
|
40
|
+
* A wildcard principal: `"*"`
|
|
41
|
+
*/
|
|
42
|
+
export interface WildcardPrincipal extends Principal {
|
|
43
|
+
/**
|
|
44
|
+
* The wildcard character `"*"`, this exists to differentiate between this interface and the Principal interface
|
|
45
|
+
*/
|
|
46
|
+
wildcard(): '*';
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* An AWS principal: `"arn:aws:iam::account-id:root"` or a 12 digit account id
|
|
50
|
+
*/
|
|
51
|
+
export interface AccountPrincipal extends Principal {
|
|
52
|
+
/**
|
|
53
|
+
* The 12 digit account id of the principal
|
|
54
|
+
*/
|
|
55
|
+
accountId(): string;
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* An AWS principal this is an ARN that is not an account or wildcard principal
|
|
59
|
+
*/
|
|
60
|
+
export interface AwsPrincipal extends Principal {
|
|
61
|
+
arn(): string;
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* An AWS principal that is a service principal: `"service"`
|
|
65
|
+
*/
|
|
66
|
+
export interface ServicePrincipal extends Principal {
|
|
67
|
+
/**
|
|
68
|
+
* The service the principal represents
|
|
69
|
+
*/
|
|
70
|
+
service(): string;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* A federated principal
|
|
74
|
+
*/
|
|
75
|
+
export interface FederatedPrincipal extends Principal {
|
|
76
|
+
/**
|
|
77
|
+
* The id of the federated principal
|
|
78
|
+
*/
|
|
79
|
+
federated(): string;
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* A canonical user principal
|
|
83
|
+
*/
|
|
84
|
+
export interface CanonicalUserPrincipal extends Principal {
|
|
85
|
+
/**
|
|
86
|
+
* The canonical user id of the principal
|
|
87
|
+
*/
|
|
88
|
+
canonicalUser(): string;
|
|
89
|
+
}
|
|
90
|
+
export declare class PrincipalImpl implements Principal, WildcardPrincipal, AccountPrincipal, AwsPrincipal, ServicePrincipal, FederatedPrincipal, CanonicalUserPrincipal {
|
|
7
91
|
private readonly principalType;
|
|
8
92
|
private readonly principalId;
|
|
9
93
|
constructor(principalType: PrincipalType, principalId: string);
|
|
10
94
|
value(): string;
|
|
11
95
|
type(): PrincipalType;
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
96
|
+
isWildcardPrincipal(): this is WildcardPrincipal;
|
|
97
|
+
isAccountPrincipal(): this is AccountPrincipal;
|
|
98
|
+
isAwsPrincipal(): this is AwsPrincipal;
|
|
99
|
+
isServicePrincipal(): this is ServicePrincipal;
|
|
100
|
+
isFederatedPrincipal(): this is FederatedPrincipal;
|
|
101
|
+
isCanonicalUserPrincipal(): this is CanonicalUserPrincipal;
|
|
102
|
+
wildcard(): '*';
|
|
103
|
+
accountId(): string;
|
|
104
|
+
arn(): string;
|
|
105
|
+
service(): string;
|
|
106
|
+
federated(): string;
|
|
107
|
+
canonicalUser(): string;
|
|
20
108
|
}
|
|
21
109
|
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,CAAA;AAE7E,MAAM,WAAW,SAAS;IACxB,IAAI,IAAI,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,CAAA;AAE7E;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;OAEG;IACH,IAAI,IAAI,aAAa,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,mBAAmB,IAAI,IAAI,IAAI,iBAAiB,CAAA;IAEhD;;OAEG;IACH,kBAAkB,IAAI,IAAI,IAAI,gBAAgB,CAAA;IAE9C;;OAEG;IACH,cAAc,IAAI,IAAI,IAAI,YAAY,CAAA;IAEtC;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,wBAAwB,IAAI,IAAI,IAAI,sBAAsB,CAAA;IAE1D;;OAEG;IACH,kBAAkB,IAAI,IAAI,IAAI,gBAAgB,CAAA;CAE/C;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD;;OAEG;IACH,QAAQ,IAAI,GAAG,CAAA;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,SAAS;IAEjD;;OAEG;IACH,SAAS,IAAI,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,YAAa,SAAQ,SAAS;IAC7C,GAAG,IAAI,MAAM,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,SAAS;IAEjD;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IACnD;;OAEG;IACH,SAAS,IAAI,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,SAAS;IACvD;;OAEG;IACH,aAAa,IAAI,MAAM,CAAA;CACxB;AAKD,qBAAa,aAAc,YAAW,SAAS,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,YAAY,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,sBAAsB;IAClJ,OAAO,CAAC,QAAQ,CAAC,aAAa;IAAiB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAA1D,aAAa,EAAE,aAAa,EAAmB,WAAW,EAAE,MAAM;IAExF,KAAK,IAAI,MAAM;IAIf,IAAI,IAAI,aAAa;IAIrB,mBAAmB,IAAI,IAAI,IAAI,iBAAiB;IAIhD,kBAAkB,IAAI,IAAI,IAAI,gBAAgB;IAO9C,cAAc,IAAI,IAAI,IAAI,YAAY;IAQtC,kBAAkB,IAAI,IAAI,IAAI,gBAAgB;IAI9C,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,wBAAwB,IAAI,IAAI,IAAI,sBAAsB;IAI1D,QAAQ,IAAI,GAAG;IAOf,SAAS,IAAI,MAAM;IAUnB,GAAG,IAAI,MAAM;IAOb,OAAO,IAAI,MAAM;IAOjB,SAAS,IAAI,MAAM;IAOnB,aAAa,IAAI,MAAM;CAO/B"}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.PrincipalImpl = void 0;
|
|
4
|
+
const accountIdRegex = /^[0-9]{12}$/;
|
|
5
|
+
const accountArnRegex = /^arn:.*?:iam::[0-9]{12}:root$/;
|
|
4
6
|
class PrincipalImpl {
|
|
5
7
|
principalType;
|
|
6
8
|
principalId;
|
|
@@ -14,22 +16,69 @@ class PrincipalImpl {
|
|
|
14
16
|
type() {
|
|
15
17
|
return this.principalType;
|
|
16
18
|
}
|
|
19
|
+
isWildcardPrincipal() {
|
|
20
|
+
return this.principalType === 'AWS' && this.principalId === '*';
|
|
21
|
+
}
|
|
22
|
+
isAccountPrincipal() {
|
|
23
|
+
if (this.principalType !== 'AWS') {
|
|
24
|
+
return false;
|
|
25
|
+
}
|
|
26
|
+
return accountIdRegex.test(this.principalId) || accountArnRegex.test(this.principalId);
|
|
27
|
+
}
|
|
28
|
+
isAwsPrincipal() {
|
|
29
|
+
if (this.principalType !== 'AWS') {
|
|
30
|
+
return false;
|
|
31
|
+
}
|
|
32
|
+
return this.principalId != "*" && !this.isAccountPrincipal();
|
|
33
|
+
}
|
|
34
|
+
isServicePrincipal() {
|
|
35
|
+
return this.principalType === 'Service';
|
|
36
|
+
}
|
|
37
|
+
isFederatedPrincipal() {
|
|
38
|
+
return this.principalType === 'Federated';
|
|
39
|
+
}
|
|
40
|
+
isCanonicalUserPrincipal() {
|
|
41
|
+
return this.principalType === 'CanonicalUser';
|
|
42
|
+
}
|
|
43
|
+
wildcard() {
|
|
44
|
+
if (!this.isWildcardPrincipal()) {
|
|
45
|
+
throw new Error('Principal is not a wildcard principal, call isWildcardPrincipal() before calling wildcard()');
|
|
46
|
+
}
|
|
47
|
+
return '*';
|
|
48
|
+
}
|
|
49
|
+
accountId() {
|
|
50
|
+
if (!this.isAccountPrincipal()) {
|
|
51
|
+
throw new Error('Principal is not an account principal, call isAccountPrincipal() before calling accountId()');
|
|
52
|
+
}
|
|
53
|
+
if (accountArnRegex.test(this.principalId)) {
|
|
54
|
+
return this.principalId.split(':')[4];
|
|
55
|
+
}
|
|
56
|
+
return this.principalId;
|
|
57
|
+
}
|
|
58
|
+
arn() {
|
|
59
|
+
if (!this.isAwsPrincipal()) {
|
|
60
|
+
throw new Error('Principal is not an AWS principal, call isAwsPrincipal() before calling arn()');
|
|
61
|
+
}
|
|
62
|
+
return this.principalId;
|
|
63
|
+
}
|
|
64
|
+
service() {
|
|
65
|
+
if (!this.isServicePrincipal()) {
|
|
66
|
+
throw new Error('Principal is not a service principal, call isServicePrincipal() before calling service()');
|
|
67
|
+
}
|
|
68
|
+
return this.principalId;
|
|
69
|
+
}
|
|
70
|
+
federated() {
|
|
71
|
+
if (this.principalType !== 'Federated') {
|
|
72
|
+
throw new Error('Principal is not a federated principal, call isFederatedPrincipal() before calling federated()');
|
|
73
|
+
}
|
|
74
|
+
return this.principalId;
|
|
75
|
+
}
|
|
76
|
+
canonicalUser() {
|
|
77
|
+
if (this.principalType !== 'CanonicalUser') {
|
|
78
|
+
throw new Error('Principal is not a canonical user principal, call isCanonicalUserPrincipal() before calling canonicalUser()');
|
|
79
|
+
}
|
|
80
|
+
return this.principalId;
|
|
81
|
+
}
|
|
17
82
|
}
|
|
18
83
|
exports.PrincipalImpl = PrincipalImpl;
|
|
19
|
-
//AWS
|
|
20
|
-
class AwsPrincipal extends PrincipalImpl {
|
|
21
|
-
}
|
|
22
|
-
exports.AwsPrincipal = AwsPrincipal;
|
|
23
|
-
//Service
|
|
24
|
-
class ServicePrincipal extends PrincipalImpl {
|
|
25
|
-
}
|
|
26
|
-
exports.ServicePrincipal = ServicePrincipal;
|
|
27
|
-
//Federated
|
|
28
|
-
class FederatedPrincipal extends PrincipalImpl {
|
|
29
|
-
}
|
|
30
|
-
exports.FederatedPrincipal = FederatedPrincipal;
|
|
31
|
-
//CanonicalUser
|
|
32
|
-
class CanonicalUserPrincipal extends PrincipalImpl {
|
|
33
|
-
}
|
|
34
|
-
exports.CanonicalUserPrincipal = CanonicalUserPrincipal;
|
|
35
84
|
//# sourceMappingURL=principal.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":";;;AA2GA,MAAM,cAAc,GAAG,aAAa,CAAA;AACpC,MAAM,eAAe,GAAG,+BAA+B,CAAA;AAEvD,MAAa,aAAa;IACK;IAA+C;IAA5E,YAA6B,aAA4B,EAAmB,WAAmB;QAAlE,kBAAa,GAAb,aAAa,CAAe;QAAmB,gBAAW,GAAX,WAAW,CAAQ;IAAG,CAAC;IAE5F,KAAK;QACV,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,IAAI;QACT,OAAO,IAAI,CAAC,aAAa,CAAA;IAC3B,CAAC;IAEM,mBAAmB;QACxB,OAAO,IAAI,CAAC,aAAa,KAAK,KAAK,IAAI,IAAI,CAAC,WAAW,KAAK,GAAG,CAAA;IACjE,CAAC;IAEM,kBAAkB;QACvB,IAAG,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YAChC,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IACxF,CAAC;IAEM,cAAc;QACnB,IAAG,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YAChC,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAA;IAC9D,CAAC;IAGM,kBAAkB;QACvB,OAAO,IAAI,CAAC,aAAa,KAAK,SAAS,CAAA;IACzC,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,aAAa,KAAK,WAAW,CAAA;IAC3C,CAAC;IAEM,wBAAwB;QAC7B,OAAO,IAAI,CAAC,aAAa,KAAK,eAAe,CAAA;IAC/C,CAAC;IAEM,QAAQ;QACb,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;QAChH,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAEM,SAAS;QACd,IAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;QAChH,CAAC;QACD,IAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QACvC,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,GAAG;QACR,IAAG,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,+EAA+E,CAAC,CAAA;QAClG,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,OAAO;QACZ,IAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,SAAS;QACd,IAAG,IAAI,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,gGAAgG,CAAC,CAAA;QACnH,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,aAAa;QAClB,IAAG,IAAI,CAAC,aAAa,KAAK,eAAe,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,6GAA6G,CAAC,CAAA;QAChI,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;CAEF;AAvFD,sCAuFC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA0C3E"}
|
|
@@ -29,6 +29,20 @@ function validatePolicySyntax(policyDocument) {
|
|
|
29
29
|
for (let i = 0; i < policyDocument.Statement.length; i++) {
|
|
30
30
|
allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
|
|
31
31
|
}
|
|
32
|
+
const statementIdCounts = policyDocument.Statement.reduce((acc, statement) => {
|
|
33
|
+
if (statement.Sid) {
|
|
34
|
+
acc[statement.Sid] = acc[statement.Sid] ? acc[statement.Sid] + 1 : 1;
|
|
35
|
+
}
|
|
36
|
+
return acc;
|
|
37
|
+
}, {});
|
|
38
|
+
for (const [sid, count] of Object.entries(statementIdCounts)) {
|
|
39
|
+
if (count > 1) {
|
|
40
|
+
allErrors.push({
|
|
41
|
+
path: `Statement`,
|
|
42
|
+
message: `Statement Ids must be unique, found ${sid} ${count} times`
|
|
43
|
+
});
|
|
44
|
+
}
|
|
45
|
+
}
|
|
32
46
|
}
|
|
33
47
|
return allErrors;
|
|
34
48
|
}
|
|
@@ -39,6 +53,9 @@ function validateStatement(statement, path) {
|
|
|
39
53
|
if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
|
|
40
54
|
statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
|
|
41
55
|
}
|
|
56
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Action', 'NotAction'));
|
|
57
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Resource', 'NotResource'));
|
|
58
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Principal', 'NotPrincipal'));
|
|
42
59
|
statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
|
|
43
60
|
statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
|
|
44
61
|
statementErrors.push(...validateResource(statement.Resource, `${path}.Resource`));
|
|
@@ -180,4 +197,16 @@ function validateDataTypeIfExists(value, path, allowedDataTypes) {
|
|
|
180
197
|
}
|
|
181
198
|
return errors;
|
|
182
199
|
}
|
|
200
|
+
function validateOnlyOneOf(value, path, firstKey, secondKey) {
|
|
201
|
+
const keys = Object.keys(value);
|
|
202
|
+
if (keys.includes(firstKey) && keys.includes(secondKey)) {
|
|
203
|
+
return [
|
|
204
|
+
{
|
|
205
|
+
message: `Only one of ${firstKey} or ${secondKey} is allowed, found both`,
|
|
206
|
+
path
|
|
207
|
+
}
|
|
208
|
+
];
|
|
209
|
+
}
|
|
210
|
+
return [];
|
|
211
|
+
}
|
|
183
212
|
//# sourceMappingURL=validate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":";;AAUA,
|
|
1
|
+
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":";;AAUA,oDA0CC;AA/CD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AAGvF,SAAgB,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conditionOperation.d.ts","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,aAAa,CAAA;AAExD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,WAAW,IAAI,WAAW,GAAG,SAAS,CAAA;IAEtC;;OAEG;IACH,YAAY,IAAI,MAAM,CAAA;IAEtB;;OAEG;IACH,UAAU,IAAI,OAAO,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;CAChB;AAID,qBAAa,sBAAuB,YAAW,kBAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,MAAM;IAEhC,WAAW,IAAI,WAAW,GAAG,SAAS;
|
|
1
|
+
{"version":3,"file":"conditionOperation.d.ts","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,aAAa,CAAA;AAExD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,WAAW,IAAI,WAAW,GAAG,SAAS,CAAA;IAEtC;;OAEG;IACH,YAAY,IAAI,MAAM,CAAA;IAEtB;;OAEG;IACH,UAAU,IAAI,OAAO,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;CAChB;AAID,qBAAa,sBAAuB,YAAW,kBAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,MAAM;IAEhC,WAAW,IAAI,WAAW,GAAG,SAAS;IAatC,UAAU,IAAI,OAAO;IAIrB,YAAY,IAAI,MAAM;IAQtB,KAAK,IAAI,MAAM;CAIvB"}
|
|
@@ -7,14 +7,21 @@ export class ConditionOperationImpl {
|
|
|
7
7
|
if (!this.op.includes(':')) {
|
|
8
8
|
return undefined;
|
|
9
9
|
}
|
|
10
|
-
|
|
10
|
+
const setOp = this.op.split(':').at(0)?.toLowerCase();
|
|
11
|
+
if (setOp === 'forallvalues') {
|
|
12
|
+
return 'ForAllValues';
|
|
13
|
+
}
|
|
14
|
+
else if (setOp === 'foranyvalue') {
|
|
15
|
+
return 'ForAnyValue';
|
|
16
|
+
}
|
|
17
|
+
throw new Error(`Unknown set operator: ${setOp}`);
|
|
11
18
|
}
|
|
12
19
|
isIfExists() {
|
|
13
|
-
return this.op.endsWith('
|
|
20
|
+
return this.op.toLowerCase().endsWith('ifexists');
|
|
14
21
|
}
|
|
15
22
|
baseOperator() {
|
|
16
23
|
const base = this.op.split(':').at(-1);
|
|
17
|
-
if (base?.endsWith('
|
|
24
|
+
if (base?.toLowerCase().endsWith('ifexists')) {
|
|
18
25
|
return base.slice(0, ifExistsSlice);
|
|
19
26
|
}
|
|
20
27
|
return base;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conditionOperation.js","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AA2BA,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAE5C,MAAM,OAAO,sBAAsB;IACjC,YAA6B,EAAU;QAAV,OAAE,GAAF,EAAE,CAAQ;IAAG,CAAC;IAEpC,WAAW;QAChB,IAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,
|
|
1
|
+
{"version":3,"file":"conditionOperation.js","sourceRoot":"","sources":["../../../src/conditions/conditionOperation.ts"],"names":[],"mappings":"AA2BA,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAE5C,MAAM,OAAO,sBAAsB;IACjC,YAA6B,EAAU;QAAV,OAAE,GAAF,EAAE,CAAQ;IAAG,CAAC;IAEpC,WAAW;QAChB,IAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAA;QACrD,IAAG,KAAK,KAAK,cAAc,EAAE,CAAC;YAC5B,OAAO,cAAc,CAAA;QACvB,CAAC;aAAM,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;YACnC,OAAO,aAAa,CAAA;QACtB,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAA;IACnD,CAAC;IAEM,UAAU;QACf,OAAO,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;IACnD,CAAC;IAEM,YAAY;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QACvC,IAAG,IAAI,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;QACrC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,KAAK;QACV,OAAO,IAAI,CAAC,EAAE,CAAA;IAChB,CAAC;CAEF"}
|
package/dist/esm/index.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ export type { Condition } from './conditions/condition.js';
|
|
|
3
3
|
export type { ConditionOperation, SetOperator } from './conditions/conditionOperation.js';
|
|
4
4
|
export { loadPolicy } from './parser.js';
|
|
5
5
|
export type { Policy } from './policies/policy.js';
|
|
6
|
-
export type { Principal, PrincipalType } from './principals/principal.js';
|
|
6
|
+
export type { AccountPrincipal, AwsPrincipal, CanonicalUserPrincipal, FederatedPrincipal, Principal, PrincipalType, ServicePrincipal, WildcardPrincipal } from './principals/principal.js';
|
|
7
7
|
export type { Resource } from './resources/resource.js';
|
|
8
8
|
export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
|
|
9
9
|
export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
|
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}
|
|
@@ -1,21 +1,109 @@
|
|
|
1
1
|
export type PrincipalType = 'AWS' | 'Service' | 'Federated' | 'CanonicalUser';
|
|
2
|
+
/**
|
|
3
|
+
* A Principal in a policy statement
|
|
4
|
+
*/
|
|
2
5
|
export interface Principal {
|
|
6
|
+
/**
|
|
7
|
+
* The type of principal, such as "AWS", "Service", "Federated", "CanonicalUser"
|
|
8
|
+
*/
|
|
3
9
|
type(): PrincipalType;
|
|
10
|
+
/**
|
|
11
|
+
* The raw string of the principal
|
|
12
|
+
*/
|
|
4
13
|
value(): string;
|
|
14
|
+
/**
|
|
15
|
+
* Whether the principal is a wildcard principal: `"*"`
|
|
16
|
+
*/
|
|
17
|
+
isWildcardPrincipal(): this is WildcardPrincipal;
|
|
18
|
+
/**
|
|
19
|
+
* Whether the principal is an AWS principal
|
|
20
|
+
*/
|
|
21
|
+
isServicePrincipal(): this is ServicePrincipal;
|
|
22
|
+
/**
|
|
23
|
+
* Whether the principal is an AWS principal that is not an account or wildcard principal
|
|
24
|
+
*/
|
|
25
|
+
isAwsPrincipal(): this is AwsPrincipal;
|
|
26
|
+
/**
|
|
27
|
+
* Whether the principal is a federated principal
|
|
28
|
+
*/
|
|
29
|
+
isFederatedPrincipal(): this is FederatedPrincipal;
|
|
30
|
+
/**
|
|
31
|
+
* Whether the principal is a canonical user principal
|
|
32
|
+
*/
|
|
33
|
+
isCanonicalUserPrincipal(): this is CanonicalUserPrincipal;
|
|
34
|
+
/**
|
|
35
|
+
* Whether the principal is an account principal
|
|
36
|
+
*/
|
|
37
|
+
isAccountPrincipal(): this is AccountPrincipal;
|
|
5
38
|
}
|
|
6
|
-
|
|
39
|
+
/**
|
|
40
|
+
* A wildcard principal: `"*"`
|
|
41
|
+
*/
|
|
42
|
+
export interface WildcardPrincipal extends Principal {
|
|
43
|
+
/**
|
|
44
|
+
* The wildcard character `"*"`, this exists to differentiate between this interface and the Principal interface
|
|
45
|
+
*/
|
|
46
|
+
wildcard(): '*';
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* An AWS principal: `"arn:aws:iam::account-id:root"` or a 12 digit account id
|
|
50
|
+
*/
|
|
51
|
+
export interface AccountPrincipal extends Principal {
|
|
52
|
+
/**
|
|
53
|
+
* The 12 digit account id of the principal
|
|
54
|
+
*/
|
|
55
|
+
accountId(): string;
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* An AWS principal this is an ARN that is not an account or wildcard principal
|
|
59
|
+
*/
|
|
60
|
+
export interface AwsPrincipal extends Principal {
|
|
61
|
+
arn(): string;
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* An AWS principal that is a service principal: `"service"`
|
|
65
|
+
*/
|
|
66
|
+
export interface ServicePrincipal extends Principal {
|
|
67
|
+
/**
|
|
68
|
+
* The service the principal represents
|
|
69
|
+
*/
|
|
70
|
+
service(): string;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* A federated principal
|
|
74
|
+
*/
|
|
75
|
+
export interface FederatedPrincipal extends Principal {
|
|
76
|
+
/**
|
|
77
|
+
* The id of the federated principal
|
|
78
|
+
*/
|
|
79
|
+
federated(): string;
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* A canonical user principal
|
|
83
|
+
*/
|
|
84
|
+
export interface CanonicalUserPrincipal extends Principal {
|
|
85
|
+
/**
|
|
86
|
+
* The canonical user id of the principal
|
|
87
|
+
*/
|
|
88
|
+
canonicalUser(): string;
|
|
89
|
+
}
|
|
90
|
+
export declare class PrincipalImpl implements Principal, WildcardPrincipal, AccountPrincipal, AwsPrincipal, ServicePrincipal, FederatedPrincipal, CanonicalUserPrincipal {
|
|
7
91
|
private readonly principalType;
|
|
8
92
|
private readonly principalId;
|
|
9
93
|
constructor(principalType: PrincipalType, principalId: string);
|
|
10
94
|
value(): string;
|
|
11
95
|
type(): PrincipalType;
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
96
|
+
isWildcardPrincipal(): this is WildcardPrincipal;
|
|
97
|
+
isAccountPrincipal(): this is AccountPrincipal;
|
|
98
|
+
isAwsPrincipal(): this is AwsPrincipal;
|
|
99
|
+
isServicePrincipal(): this is ServicePrincipal;
|
|
100
|
+
isFederatedPrincipal(): this is FederatedPrincipal;
|
|
101
|
+
isCanonicalUserPrincipal(): this is CanonicalUserPrincipal;
|
|
102
|
+
wildcard(): '*';
|
|
103
|
+
accountId(): string;
|
|
104
|
+
arn(): string;
|
|
105
|
+
service(): string;
|
|
106
|
+
federated(): string;
|
|
107
|
+
canonicalUser(): string;
|
|
20
108
|
}
|
|
21
109
|
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,CAAA;AAE7E,MAAM,WAAW,SAAS;IACxB,IAAI,IAAI,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,SAAS,GAAG,WAAW,GAAG,eAAe,CAAA;AAE7E;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;OAEG;IACH,IAAI,IAAI,aAAa,CAAA;IAErB;;OAEG;IACH,KAAK,IAAI,MAAM,CAAA;IAEf;;OAEG;IACH,mBAAmB,IAAI,IAAI,IAAI,iBAAiB,CAAA;IAEhD;;OAEG;IACH,kBAAkB,IAAI,IAAI,IAAI,gBAAgB,CAAA;IAE9C;;OAEG;IACH,cAAc,IAAI,IAAI,IAAI,YAAY,CAAA;IAEtC;;OAEG;IACH,oBAAoB,IAAI,IAAI,IAAI,kBAAkB,CAAA;IAElD;;OAEG;IACH,wBAAwB,IAAI,IAAI,IAAI,sBAAsB,CAAA;IAE1D;;OAEG;IACH,kBAAkB,IAAI,IAAI,IAAI,gBAAgB,CAAA;CAE/C;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD;;OAEG;IACH,QAAQ,IAAI,GAAG,CAAA;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,SAAS;IAEjD;;OAEG;IACH,SAAS,IAAI,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,YAAa,SAAQ,SAAS;IAC7C,GAAG,IAAI,MAAM,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,SAAS;IAEjD;;OAEG;IACH,OAAO,IAAI,MAAM,CAAA;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,SAAS;IACnD;;OAEG;IACH,SAAS,IAAI,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,SAAS;IACvD;;OAEG;IACH,aAAa,IAAI,MAAM,CAAA;CACxB;AAKD,qBAAa,aAAc,YAAW,SAAS,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,YAAY,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,sBAAsB;IAClJ,OAAO,CAAC,QAAQ,CAAC,aAAa;IAAiB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAA1D,aAAa,EAAE,aAAa,EAAmB,WAAW,EAAE,MAAM;IAExF,KAAK,IAAI,MAAM;IAIf,IAAI,IAAI,aAAa;IAIrB,mBAAmB,IAAI,IAAI,IAAI,iBAAiB;IAIhD,kBAAkB,IAAI,IAAI,IAAI,gBAAgB;IAO9C,cAAc,IAAI,IAAI,IAAI,YAAY;IAQtC,kBAAkB,IAAI,IAAI,IAAI,gBAAgB;IAI9C,oBAAoB,IAAI,IAAI,IAAI,kBAAkB;IAIlD,wBAAwB,IAAI,IAAI,IAAI,sBAAsB;IAI1D,QAAQ,IAAI,GAAG;IAOf,SAAS,IAAI,MAAM;IAUnB,GAAG,IAAI,MAAM;IAOb,OAAO,IAAI,MAAM;IAOjB,SAAS,IAAI,MAAM;IAOnB,aAAa,IAAI,MAAM;CAO/B"}
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
const accountIdRegex = /^[0-9]{12}$/;
|
|
2
|
+
const accountArnRegex = /^arn:.*?:iam::[0-9]{12}:root$/;
|
|
1
3
|
export class PrincipalImpl {
|
|
2
4
|
constructor(principalType, principalId) {
|
|
3
5
|
this.principalType = principalType;
|
|
@@ -9,17 +11,68 @@ export class PrincipalImpl {
|
|
|
9
11
|
type() {
|
|
10
12
|
return this.principalType;
|
|
11
13
|
}
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
14
|
+
isWildcardPrincipal() {
|
|
15
|
+
return this.principalType === 'AWS' && this.principalId === '*';
|
|
16
|
+
}
|
|
17
|
+
isAccountPrincipal() {
|
|
18
|
+
if (this.principalType !== 'AWS') {
|
|
19
|
+
return false;
|
|
20
|
+
}
|
|
21
|
+
return accountIdRegex.test(this.principalId) || accountArnRegex.test(this.principalId);
|
|
22
|
+
}
|
|
23
|
+
isAwsPrincipal() {
|
|
24
|
+
if (this.principalType !== 'AWS') {
|
|
25
|
+
return false;
|
|
26
|
+
}
|
|
27
|
+
return this.principalId != "*" && !this.isAccountPrincipal();
|
|
28
|
+
}
|
|
29
|
+
isServicePrincipal() {
|
|
30
|
+
return this.principalType === 'Service';
|
|
31
|
+
}
|
|
32
|
+
isFederatedPrincipal() {
|
|
33
|
+
return this.principalType === 'Federated';
|
|
34
|
+
}
|
|
35
|
+
isCanonicalUserPrincipal() {
|
|
36
|
+
return this.principalType === 'CanonicalUser';
|
|
37
|
+
}
|
|
38
|
+
wildcard() {
|
|
39
|
+
if (!this.isWildcardPrincipal()) {
|
|
40
|
+
throw new Error('Principal is not a wildcard principal, call isWildcardPrincipal() before calling wildcard()');
|
|
41
|
+
}
|
|
42
|
+
return '*';
|
|
43
|
+
}
|
|
44
|
+
accountId() {
|
|
45
|
+
if (!this.isAccountPrincipal()) {
|
|
46
|
+
throw new Error('Principal is not an account principal, call isAccountPrincipal() before calling accountId()');
|
|
47
|
+
}
|
|
48
|
+
if (accountArnRegex.test(this.principalId)) {
|
|
49
|
+
return this.principalId.split(':')[4];
|
|
50
|
+
}
|
|
51
|
+
return this.principalId;
|
|
52
|
+
}
|
|
53
|
+
arn() {
|
|
54
|
+
if (!this.isAwsPrincipal()) {
|
|
55
|
+
throw new Error('Principal is not an AWS principal, call isAwsPrincipal() before calling arn()');
|
|
56
|
+
}
|
|
57
|
+
return this.principalId;
|
|
58
|
+
}
|
|
59
|
+
service() {
|
|
60
|
+
if (!this.isServicePrincipal()) {
|
|
61
|
+
throw new Error('Principal is not a service principal, call isServicePrincipal() before calling service()');
|
|
62
|
+
}
|
|
63
|
+
return this.principalId;
|
|
64
|
+
}
|
|
65
|
+
federated() {
|
|
66
|
+
if (this.principalType !== 'Federated') {
|
|
67
|
+
throw new Error('Principal is not a federated principal, call isFederatedPrincipal() before calling federated()');
|
|
68
|
+
}
|
|
69
|
+
return this.principalId;
|
|
70
|
+
}
|
|
71
|
+
canonicalUser() {
|
|
72
|
+
if (this.principalType !== 'CanonicalUser') {
|
|
73
|
+
throw new Error('Principal is not a canonical user principal, call isCanonicalUserPrincipal() before calling canonicalUser()');
|
|
74
|
+
}
|
|
75
|
+
return this.principalId;
|
|
76
|
+
}
|
|
24
77
|
}
|
|
25
78
|
//# sourceMappingURL=principal.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principals/principal.ts"],"names":[],"mappings":"AA2GA,MAAM,cAAc,GAAG,aAAa,CAAA;AACpC,MAAM,eAAe,GAAG,+BAA+B,CAAA;AAEvD,MAAM,OAAO,aAAa;IACxB,YAA6B,aAA4B,EAAmB,WAAmB;QAAlE,kBAAa,GAAb,aAAa,CAAe;QAAmB,gBAAW,GAAX,WAAW,CAAQ;IAAG,CAAC;IAE5F,KAAK;QACV,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,IAAI;QACT,OAAO,IAAI,CAAC,aAAa,CAAA;IAC3B,CAAC;IAEM,mBAAmB;QACxB,OAAO,IAAI,CAAC,aAAa,KAAK,KAAK,IAAI,IAAI,CAAC,WAAW,KAAK,GAAG,CAAA;IACjE,CAAC;IAEM,kBAAkB;QACvB,IAAG,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YAChC,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IACxF,CAAC;IAEM,cAAc;QACnB,IAAG,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YAChC,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAA;IAC9D,CAAC;IAGM,kBAAkB;QACvB,OAAO,IAAI,CAAC,aAAa,KAAK,SAAS,CAAA;IACzC,CAAC;IAEM,oBAAoB;QACzB,OAAO,IAAI,CAAC,aAAa,KAAK,WAAW,CAAA;IAC3C,CAAC;IAEM,wBAAwB;QAC7B,OAAO,IAAI,CAAC,aAAa,KAAK,eAAe,CAAA;IAC/C,CAAC;IAEM,QAAQ;QACb,IAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;QAChH,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAEM,SAAS;QACd,IAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;QAChH,CAAC;QACD,IAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QACvC,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,GAAG;QACR,IAAG,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,+EAA+E,CAAC,CAAA;QAClG,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,OAAO;QACZ,IAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,SAAS;QACd,IAAG,IAAI,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,gGAAgG,CAAC,CAAA;QACnH,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAEM,aAAa;QAClB,IAAG,IAAI,CAAC,aAAa,KAAK,eAAe,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,6GAA6G,CAAC,CAAA;QAChI,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;CAEF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AAOD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA0C3E"}
|
|
@@ -26,6 +26,20 @@ export function validatePolicySyntax(policyDocument) {
|
|
|
26
26
|
for (let i = 0; i < policyDocument.Statement.length; i++) {
|
|
27
27
|
allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
|
|
28
28
|
}
|
|
29
|
+
const statementIdCounts = policyDocument.Statement.reduce((acc, statement) => {
|
|
30
|
+
if (statement.Sid) {
|
|
31
|
+
acc[statement.Sid] = acc[statement.Sid] ? acc[statement.Sid] + 1 : 1;
|
|
32
|
+
}
|
|
33
|
+
return acc;
|
|
34
|
+
}, {});
|
|
35
|
+
for (const [sid, count] of Object.entries(statementIdCounts)) {
|
|
36
|
+
if (count > 1) {
|
|
37
|
+
allErrors.push({
|
|
38
|
+
path: `Statement`,
|
|
39
|
+
message: `Statement Ids must be unique, found ${sid} ${count} times`
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
}
|
|
29
43
|
}
|
|
30
44
|
return allErrors;
|
|
31
45
|
}
|
|
@@ -36,6 +50,9 @@ function validateStatement(statement, path) {
|
|
|
36
50
|
if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
|
|
37
51
|
statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
|
|
38
52
|
}
|
|
53
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Action', 'NotAction'));
|
|
54
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Resource', 'NotResource'));
|
|
55
|
+
statementErrors.push(...validateOnlyOneOf(statement, path, 'Principal', 'NotPrincipal'));
|
|
39
56
|
statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
|
|
40
57
|
statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
|
|
41
58
|
statementErrors.push(...validateResource(statement.Resource, `${path}.Resource`));
|
|
@@ -177,4 +194,16 @@ function validateDataTypeIfExists(value, path, allowedDataTypes) {
|
|
|
177
194
|
}
|
|
178
195
|
return errors;
|
|
179
196
|
}
|
|
197
|
+
function validateOnlyOneOf(value, path, firstKey, secondKey) {
|
|
198
|
+
const keys = Object.keys(value);
|
|
199
|
+
if (keys.includes(firstKey) && keys.includes(secondKey)) {
|
|
200
|
+
return [
|
|
201
|
+
{
|
|
202
|
+
message: `Only one of ${firstKey} or ${secondKey} is allowed, found both`,
|
|
203
|
+
path
|
|
204
|
+
}
|
|
205
|
+
];
|
|
206
|
+
}
|
|
207
|
+
return [];
|
|
208
|
+
}
|
|
180
209
|
//# sourceMappingURL=validate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAKA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AAGvF,MAAM,UAAU,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}
|
|
1
|
+
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAKA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AAGvF,MAAM,UAAU,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC"}
|