@cloud-copilot/iam-policy 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/README.md +11 -0
  2. package/dist/cjs/index.d.ts +1 -0
  3. package/dist/cjs/index.d.ts.map +1 -1
  4. package/dist/cjs/index.js +9 -1
  5. package/dist/cjs/index.js.map +1 -1
  6. package/dist/cjs/parser.js.map +1 -1
  7. package/dist/cjs/validate/validate.d.ts +10 -1
  8. package/dist/cjs/validate/validate.d.ts.map +1 -1
  9. package/dist/cjs/validate/validate.js +27 -5
  10. package/dist/cjs/validate/validate.js.map +1 -1
  11. package/dist/cjs/validate/validateTypes.d.ts +51 -0
  12. package/dist/cjs/validate/validateTypes.d.ts.map +1 -0
  13. package/dist/cjs/validate/validateTypes.js +237 -0
  14. package/dist/cjs/validate/validateTypes.js.map +1 -0
  15. package/dist/esm/index.d.ts +1 -0
  16. package/dist/esm/index.d.ts.map +1 -1
  17. package/dist/esm/index.js +1 -0
  18. package/dist/esm/index.js.map +1 -1
  19. package/dist/esm/parser.js.map +1 -1
  20. package/dist/esm/validate/validate.d.ts +10 -1
  21. package/dist/esm/validate/validate.d.ts.map +1 -1
  22. package/dist/esm/validate/validate.js +27 -5
  23. package/dist/esm/validate/validate.js.map +1 -1
  24. package/dist/esm/validate/validateTypes.d.ts +51 -0
  25. package/dist/esm/validate/validateTypes.d.ts.map +1 -0
  26. package/dist/esm/validate/validateTypes.js +228 -0
  27. package/dist/esm/validate/validateTypes.js.map +1 -0
  28. package/package.json +1 -1
package/README.md CHANGED
@@ -73,6 +73,17 @@ validatePolicySyntax({
73
73
  */
74
74
  ```
75
75
 
76
+ ### Validate Specific Policy Types
77
+ There are functions to validate specific policy types, these do all of the general policy validation and additional checks for the specific policy type. For instance Service Control Policies only allow the Condition element when the Effect is Deny.
78
+
79
+ * `validateIdentityPolicy(policy: any): ValidationError[]`
80
+ * `validateServiceControlPolicy(policy: any): ValidationError[]`
81
+ * `validateResourcePolicy(policy: any): ValidationError[]`
82
+ * `validateTrustPolicy(policy: any): ValidationError[]`
83
+ * `validateResourceControlPolicy(policy: any): ValidationError[]`
84
+ * `validateEndpointPolicy(policy: any): ValidationError[]`
85
+ * `validateSessionPolicy(policy: any): ValidationError[]`
86
+
76
87
  ## IAM Policy Parsing and Processing with `loadPolicy`
77
88
  `loadPolicy` _**does not validate policies**_, if you want validation ahead of time use `validatePolicySyntax`.
78
89
 
package/dist/cjs/index.d.ts CHANGED
@@ -7,4 +7,5 @@ export type { AccountPrincipal, AwsPrincipal, CanonicalUserPrincipal, FederatedP
7
7
  export type { Resource } from './resources/resource.js';
8
8
  export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
9
9
  export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
10
+ export { validateEndpointPolicy, validateIdentityPolicy, validateResourceControlPolicy, validateResourcePolicy, validateServiceControlPolicy, validateSessionPolicy, validateTrustPolicy } from './validate/validateTypes.js';
10
11
  //# sourceMappingURL=index.d.ts.map
package/dist/cjs/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACnF,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,6BAA6B,EAC7B,sBAAsB,EACtB,4BAA4B,EAC5B,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,6BAA6B,CAAA"}
package/dist/cjs/index.js CHANGED
@@ -1,8 +1,16 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.validatePolicySyntax = exports.loadPolicy = void 0;
3
+ exports.validateTrustPolicy = exports.validateSessionPolicy = exports.validateServiceControlPolicy = exports.validateResourcePolicy = exports.validateResourceControlPolicy = exports.validateIdentityPolicy = exports.validateEndpointPolicy = exports.validatePolicySyntax = exports.loadPolicy = void 0;
4
4
  var parser_js_1 = require("./parser.js");
5
5
  Object.defineProperty(exports, "loadPolicy", { enumerable: true, get: function () { return parser_js_1.loadPolicy; } });
6
6
  var validate_js_1 = require("./validate/validate.js");
7
7
  Object.defineProperty(exports, "validatePolicySyntax", { enumerable: true, get: function () { return validate_js_1.validatePolicySyntax; } });
8
+ var validateTypes_js_1 = require("./validate/validateTypes.js");
9
+ Object.defineProperty(exports, "validateEndpointPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateEndpointPolicy; } });
10
+ Object.defineProperty(exports, "validateIdentityPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateIdentityPolicy; } });
11
+ Object.defineProperty(exports, "validateResourceControlPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateResourceControlPolicy; } });
12
+ Object.defineProperty(exports, "validateResourcePolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateResourcePolicy; } });
13
+ Object.defineProperty(exports, "validateServiceControlPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateServiceControlPolicy; } });
14
+ Object.defineProperty(exports, "validateSessionPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateSessionPolicy; } });
15
+ Object.defineProperty(exports, "validateTrustPolicy", { enumerable: true, get: function () { return validateTypes_js_1.validateTrustPolicy; } });
8
16
  //# sourceMappingURL=index.js.map
package/dist/cjs/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAGA,yCAAwC;AAA/B,uGAAA,UAAU,OAAA;AAKnB,sDAAmF;AAA1E,mHAAA,oBAAoB,OAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAGA,yCAAwC;AAA/B,uGAAA,UAAU,OAAA;AAKnB,sDAAmF;AAA1E,mHAAA,oBAAoB,OAAA;AAC7B,gEAQoC;AAPlC,0HAAA,sBAAsB,OAAA;AACtB,0HAAA,sBAAsB,OAAA;AACtB,iIAAA,6BAA6B,OAAA;AAC7B,0HAAA,sBAAsB,OAAA;AACtB,gIAAA,4BAA4B,OAAA;AAC5B,yHAAA,qBAAqB,OAAA;AACrB,uHAAA,mBAAmB,OAAA"}
package/dist/cjs/parser.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":";;AAQA,gCAEC;AAVD,oDAA0D;AAE1D;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,cAAmB;IAC1C,OAAO,IAAI,sBAAU,CAAC,cAAc,CAAC,CAAC;AAC1C,CAAC"}
1
+ {"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":";;AAQA,gCAEC;AAVD,oDAA0D;AAE1D;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,cAAmB;IAC5C,OAAO,IAAI,sBAAU,CAAC,cAAc,CAAC,CAAC;AACxC,CAAC"}
package/dist/cjs/validate/validate.d.ts CHANGED
@@ -2,5 +2,14 @@ export interface ValidationError {
2
2
  message: string;
3
3
  path: string;
4
4
  }
5
- export declare function validatePolicySyntax(policyDocument: any): ValidationError[];
5
+ export interface ValidationCallbacks {
6
+ validateStatement?: (statement: any, path: string) => ValidationError[];
7
+ validateAction?: (action: string, path: string) => ValidationError[];
8
+ validateNotAction?: (notAction: string, path: string) => ValidationError[];
9
+ validatePrincipal?: (principal: any, path: string) => ValidationError[];
10
+ validateNotPrincipal?: (notPrincipal: any, path: string) => ValidationError[];
11
+ validateResource?: (resource: string, path: string) => ValidationError[];
12
+ validateNotResource?: (notResource: string, path: string) => ValidationError[];
13
+ }
14
+ export declare function validatePolicySyntax(policyDocument: any, validationCallbacks?: ValidationCallbacks): ValidationError[];
6
15
  //# sourceMappingURL=validate.d.ts.map
package/dist/cjs/validate/validate.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AASD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA0C3E"}
1
+ {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AASD,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACvE,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACpE,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IAC1E,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACvE,oBAAoB,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IAC7E,gBAAgB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACxE,mBAAmB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;CAC/E;AAED,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,EAAE,mBAAmB,GAAE,mBAAwB,GAAG,eAAe,EAAE,CA0C1H"}
package/dist/cjs/validate/validate.js CHANGED
@@ -6,7 +6,7 @@ const allowedStatementKeys = new Set(['Sid', 'Effect', 'Action', 'NotAction', 'R
6
6
  const allowedPrincipalKeys = new Set(['AWS', 'Service', 'Federated', 'CanonicalUser']);
7
7
  const validConditionOperatorPattern = /^[a-zA-Z0-9:]+$/;
8
8
  const allowedSetOperators = new Set(["forallvalues", "foranyvalue"]);
9
- function validatePolicySyntax(policyDocument) {
9
+ function validatePolicySyntax(policyDocument, validationCallbacks = {}) {
10
10
  const allErrors = [];
11
11
  if (typeof policyDocument !== 'object') {
12
12
  return [{ path: '', message: `Policy must be an object, received type ${typeof policyDocument}` }];
@@ -25,11 +25,11 @@ function validatePolicySyntax(policyDocument) {
25
25
  }
26
26
  allErrors.push(...validateTypeOrArrayOfTypeIfExists(policyDocument.Statement, 'Statement', ['object']));
27
27
  if (typeof policyDocument.Statement === 'object' && !Array.isArray(policyDocument.Statement)) {
28
- allErrors.push(...validateStatement(policyDocument.Statement, 'Statement'));
28
+ allErrors.push(...validateStatement(policyDocument.Statement, 'Statement', validationCallbacks));
29
29
  }
30
30
  else if (Array.isArray(policyDocument.Statement)) {
31
31
  for (let i = 0; i < policyDocument.Statement.length; i++) {
32
- allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
32
+ allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`, validationCallbacks));
33
33
  }
34
34
  const statementIdCounts = policyDocument.Statement.reduce((acc, statement) => {
35
35
  if (statement.Sid) {
@@ -48,18 +48,21 @@ function validatePolicySyntax(policyDocument) {
48
48
  }
49
49
  return allErrors;
50
50
  }
51
- function validateStatement(statement, path) {
51
+ function validateStatement(statement, path, validationCallbacks) {
52
52
  const statementErrors = [];
53
53
  statementErrors.push(...validateKeys(statement, allowedStatementKeys, path));
54
54
  statementErrors.push(...validateDataTypeIfExists(statement.Sid, `${path}.Sid`, 'string'));
55
55
  if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
56
56
  statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
57
57
  }
58
+ statementErrors.push(...validationCallbacks.validateStatement?.(statement, path) || []);
58
59
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Action', 'NotAction'));
59
60
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Resource', 'NotResource'));
60
61
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Principal', 'NotPrincipal'));
61
62
  statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
62
63
  statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
64
+ statementErrors.push(...validateStringOrArrayStringCallback(statement, 'Action', path, validationCallbacks.validateAction));
65
+ statementErrors.push(...validateStringOrArrayStringCallback(statement, 'NotAction', path, validationCallbacks.validateNotAction));
63
66
  statementErrors.push(...validateResource(statement.Resource, `${path}.Resource`));
64
67
  statementErrors.push(...validateResource(statement.NotResource, `${path}.NotResource`));
65
68
  statementErrors.push(...validateDataTypeIfExists(statement.Principal, `${path}.Principal`, ['string', 'object']));
@@ -153,7 +156,7 @@ function validateCondition(condition, path) {
153
156
  });
154
157
  }
155
158
  else if (splitOperator.length === 2) {
156
- const setOperator = splitOperator[0];
159
+ const setOperator = splitOperator[0].toLowerCase();
157
160
  if (!allowedSetOperators.has(setOperator)) {
158
161
  conditionErrors.push({
159
162
  path: `${path}.${operator}`,
@@ -241,4 +244,23 @@ function validateOnlyOneOf(value, path, firstKey, secondKey) {
241
244
  }
242
245
  return [];
243
246
  }
247
+ function validateStringOrArrayStringCallback(statement, fieldName, path, callback) {
248
+ if (statement === undefined || !statement[fieldName] || !callback) {
249
+ return [];
250
+ }
251
+ const value = statement[fieldName];
252
+ path = `${path}.${fieldName}`;
253
+ if (typeof value === 'string') {
254
+ return callback(value, path);
255
+ }
256
+ else if (Array.isArray(value)) {
257
+ const errors = [];
258
+ for (let i = 0; i < value.length; i++) {
259
+ errors.push(...callback(value[i], `${path}[${i}]`));
260
+ }
261
+ return errors;
262
+ }
263
+ //If it's not a string or string array that is caught elsewhere
264
+ return [];
265
+ }
244
266
  //# sourceMappingURL=validate.js.map
package/dist/cjs/validate/validate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":";;AAYA,oDA0CC;AAjDD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AACvF,MAAM,6BAA6B,GAAG,iBAAiB,CAAA;AACvD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC,CAAA;AAGpE,SAAgB,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,yEAAyE;IACzE,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACjD,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,sBAAsB;QACtB,IAAG,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;YACpC,IAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;oBAC3B,OAAO,EAAE,mEAAmE;iBAC7E,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAC7D,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,8BAA8B;gBACzD,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC"}
1
+ {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":";;AAsBA,oDA0CC;AA3DD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AACvF,MAAM,6BAA6B,GAAG,iBAAiB,CAAA;AACvD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC,CAAA;AAapE,SAAgB,oBAAoB,CAAC,cAAmB,EAAE,sBAA2C,EAAE;IACrG,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,mBAAmB,CAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC,CAAA;QAC3G,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY,EAAE,mBAAwC;IAC/F,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,mCAAmC,CAAC,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAA;IAC3H,eAAe,CAAC,IAAI,CAAC,GAAG,mCAAmC,CAAC,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,CAAC,iBAAiB,CAAC,CAAC,CAAA;IAEjI,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,yEAAyE;IACzE,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACjD,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,sBAAsB;QACtB,IAAG,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;YAClD,IAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;oBAC3B,OAAO,EAAE,mEAAmE;iBAC7E,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAC7D,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,8BAA8B;gBACzD,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED,SAAS,mCAAmC,CAAC,SAAc,EAAE,SAAiB,EAAE,IAAY,EAAE,QAA6D;IACzJ,IAAG,SAAS,KAAK,SAAS,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACjE,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,CAAA;IAClC,IAAI,GAAG,GAAG,IAAI,IAAI,SAAS,EAAE,CAAA;IAC7B,IAAG,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChC,MAAM,MAAM,GAAsB,EAAE,CAAA;QACpC,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QACrD,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IACD,+DAA+D;IAC/D,OAAO,EAAE,CAAA;AACX,CAAC"}
package/dist/cjs/validate/validateTypes.d.ts ADDED
@@ -0,0 +1,51 @@
1
+ import { ValidationError } from "./validate.js";
2
+ /**
3
+ * Validates an Identity Policy attached to an IAM role or user, or managed policy
4
+ *
5
+ * @param policy the policy to validate
6
+ * @returns an array of validation errors
7
+ */
8
+ export declare function validateIdentityPolicy(policy: any): ValidationError[];
9
+ /**
10
+ * Validates a Service Control Policy (SCP)
11
+ *
12
+ * @param policy the policy to validate
13
+ * @returns an array of validation errors
14
+ */
15
+ export declare function validateServiceControlPolicy(policy: any): ValidationError[];
16
+ /**
17
+ * Validates a Resource Policy attached to an S3 bucket, SQS queue, or other resource
18
+ *
19
+ * @param policy the policy to validate
20
+ * @returns an array of validation errors
21
+ */
22
+ export declare function validateResourcePolicy(policy: any): ValidationError[];
23
+ /**
24
+ * Validates a Resource Control Policy (RCP)
25
+ *
26
+ * @param policy the policy to validate
27
+ * @returns an array of validation errors
28
+ */
29
+ export declare function validateResourceControlPolicy(policy: any): ValidationError[];
30
+ /**
31
+ * Validates a Trust Policy attached to a role
32
+ *
33
+ * @param policy the policy to validate
34
+ * @returns an array of validation errors
35
+ */
36
+ export declare function validateTrustPolicy(policy: any): ValidationError[];
37
+ /**
38
+ * Validates an VPC Endpoint Policy
39
+ *
40
+ * @param policy the policy to validate
41
+ * @returns an array of validation errors
42
+ */
43
+ export declare function validateEndpointPolicy(policy: any): ValidationError[];
44
+ /**
45
+ * Validates a session policy
46
+ *
47
+ * @param policy the policy to validate
48
+ * @returns an array of validation errors
49
+ */
50
+ export declare function validateSessionPolicy(policy: any): ValidationError[];
51
+ //# sourceMappingURL=validateTypes.d.ts.map
package/dist/cjs/validate/validateTypes.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validateTypes.d.ts","sourceRoot":"","sources":["../../../src/validate/validateTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,eAAe,EAAE,MAAM,eAAe,CAAC;AAEtE;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAmD3E;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAsC5E;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWlE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWpE"}
package/dist/cjs/validate/validateTypes.js ADDED
@@ -0,0 +1,237 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.validateIdentityPolicy = validateIdentityPolicy;
4
+ exports.validateServiceControlPolicy = validateServiceControlPolicy;
5
+ exports.validateResourcePolicy = validateResourcePolicy;
6
+ exports.validateResourceControlPolicy = validateResourceControlPolicy;
7
+ exports.validateTrustPolicy = validateTrustPolicy;
8
+ exports.validateEndpointPolicy = validateEndpointPolicy;
9
+ exports.validateSessionPolicy = validateSessionPolicy;
10
+ const validate_js_1 = require("./validate.js");
11
+ /**
12
+ * Validates an Identity Policy attached to an IAM role or user, or managed policy
13
+ *
14
+ * @param policy the policy to validate
15
+ * @returns an array of validation errors
16
+ */
17
+ function validateIdentityPolicy(policy) {
18
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
19
+ validateStatement: (statement, path) => {
20
+ const policyType = 'an identity policy';
21
+ const errors = [];
22
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal'], path, policyType));
23
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
24
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
25
+ return errors;
26
+ }
27
+ });
28
+ }
29
+ /**
30
+ * Validates a Service Control Policy (SCP)
31
+ *
32
+ * @param policy the policy to validate
33
+ * @returns an array of validation errors
34
+ */
35
+ function validateServiceControlPolicy(policy) {
36
+ const policyType = 'a service control policy';
37
+ const validateAction = (action, path, type) => {
38
+ const firstWildcard = Math.max(action.indexOf('*'), action.indexOf('?'));
39
+ if (firstWildcard === -1) {
40
+ return [];
41
+ }
42
+ if (firstWildcard == action.length - 1) {
43
+ return [];
44
+ }
45
+ return [{
46
+ path,
47
+ message: `Wildcard characters are only allowed at the end of ${type} in ${policyType}`
48
+ }];
49
+ };
50
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
51
+ validateStatement: (statement, path) => {
52
+ const errors = [];
53
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal', 'NotResource'], path, policyType));
54
+ errors.push(...validateAtLeastOneOf(statement, ['Resource'], path, policyType));
55
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
56
+ if (statement.Effect === "Allow") {
57
+ if (statement.Resource !== "*") {
58
+ errors.push({
59
+ path,
60
+ message: `Resource must be "*" when Effect is "Allow" in ${policyType}`
61
+ });
62
+ }
63
+ if (statement.NotAction) {
64
+ errors.push({
65
+ path,
66
+ message: `NotAction is not allowed when Effect is "Allow" in ${policyType}`
67
+ });
68
+ }
69
+ if (statement.Condition) {
70
+ errors.push({
71
+ path,
72
+ message: `Condition is not allowed when Effect is "Allow" in ${policyType}`
73
+ });
74
+ }
75
+ }
76
+ return errors;
77
+ },
78
+ validateAction: (action, path) => validateAction(action, path, 'Action'),
79
+ validateNotAction: (action, path) => validateAction(action, path, 'NotAction')
80
+ });
81
+ }
82
+ /**
83
+ * Validates a Resource Policy attached to an S3 bucket, SQS queue, or other resource
84
+ *
85
+ * @param policy the policy to validate
86
+ * @returns an array of validation errors
87
+ */
88
+ function validateResourcePolicy(policy) {
89
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
90
+ validateStatement: (statement, path) => {
91
+ const policyType = 'a resource policy';
92
+ const errors = [];
93
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
94
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
95
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
96
+ return errors;
97
+ }
98
+ });
99
+ }
100
+ /**
101
+ * Validates a Resource Control Policy (RCP)
102
+ *
103
+ * @param policy the policy to validate
104
+ * @returns an array of validation errors
105
+ */
106
+ function validateResourceControlPolicy(policy) {
107
+ const policyType = 'a resource control policy';
108
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
109
+ validateStatement: (statement, path) => {
110
+ const errors = [];
111
+ if (statement.Effect !== "Deny") {
112
+ errors.push({
113
+ path: `${path}.Effect`,
114
+ message: `Effect must be "Deny" in ${policyType}`
115
+ });
116
+ }
117
+ if (statement.Principal !== "*") {
118
+ errors.push({
119
+ path: `${path}.Principal`,
120
+ message: `Principal must be "*" in ${policyType}`
121
+ });
122
+ }
123
+ errors.push(...validateProhibitedFields(statement, ['NotPrincipal', 'NotAction'], path, policyType));
124
+ errors.push(...validateAtLeastOneOf(statement, ['Action'], path, policyType));
125
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
126
+ return errors;
127
+ },
128
+ validateAction: (action, path) => {
129
+ if (action === "*") {
130
+ return [{
131
+ path,
132
+ message: `Action cannot be "*" in ${policyType}`
133
+ }];
134
+ }
135
+ return [];
136
+ }
137
+ });
138
+ }
139
+ /**
140
+ * Validates a Trust Policy attached to a role
141
+ *
142
+ * @param policy the policy to validate
143
+ * @returns an array of validation errors
144
+ */
145
+ function validateTrustPolicy(policy) {
146
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
147
+ validateStatement: (statement, path) => {
148
+ const policyType = 'a trust policy';
149
+ const errors = [];
150
+ errors.push(...validateProhibitedFields(statement, ['Resource', 'NotResource'], path, policyType));
151
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
152
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
153
+ return errors;
154
+ }
155
+ });
156
+ }
157
+ /**
158
+ * Validates an VPC Endpoint Policy
159
+ *
160
+ * @param policy the policy to validate
161
+ * @returns an array of validation errors
162
+ */
163
+ function validateEndpointPolicy(policy) {
164
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
165
+ validateStatement: (statement, path) => {
166
+ const policyType = 'an endpoint policy';
167
+ const errors = [];
168
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
169
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
170
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
171
+ return errors;
172
+ }
173
+ });
174
+ }
175
+ /**
176
+ * Validates a session policy
177
+ *
178
+ * @param policy the policy to validate
179
+ * @returns an array of validation errors
180
+ */
181
+ function validateSessionPolicy(policy) {
182
+ return (0, validate_js_1.validatePolicySyntax)(policy, {
183
+ validateStatement: (statement, path) => {
184
+ const policyType = 'a session policy';
185
+ const errors = [];
186
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal'], path, policyType));
187
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
188
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
189
+ return errors;
190
+ }
191
+ });
192
+ }
193
+ /**
194
+ * Validates that at least one of the specified fields is present in a statement
195
+ *
196
+ * @param statement the statement to validate
197
+ * @param requiredFields the list of fields, that at least one must be present
198
+ * @param path the path to the statement in the policy
199
+ * @param policyType the type of policy being validated
200
+ * @returns an array of validation errors
201
+ */
202
+ function validateAtLeastOneOf(statement, requiredFields, path, policyType) {
203
+ const presentFields = requiredFields.filter(field => statement[field]);
204
+ let message = `One of ${requiredFields.join(' or ')} is required in ${policyType}`;
205
+ if (requiredFields.length === 1) {
206
+ message = `${requiredFields[0]} is required in ${policyType}`;
207
+ }
208
+ if (presentFields.length === 0) {
209
+ return [{
210
+ path,
211
+ message
212
+ }];
213
+ }
214
+ return [];
215
+ }
216
+ /**
217
+ * Validates prohibited fields do not exist in a statement
218
+ *
219
+ * @param statement the statement to validate
220
+ * @param prohibitedFields the list of fields that are not allowed
221
+ * @param path the path to the statement in the policy
222
+ * @param policyType the type of policy being validated
223
+ * @returns an array of validation errors
224
+ */
225
+ function validateProhibitedFields(statement, prohibitedFields, path, policyType) {
226
+ const errors = [];
227
+ for (const field of prohibitedFields) {
228
+ if (statement[field]) {
229
+ errors.push({
230
+ path: `${path}.${field}`,
231
+ message: `${field} is not allowed in ${policyType}`
232
+ });
233
+ }
234
+ }
235
+ return errors;
236
+ }
237
+ //# sourceMappingURL=validateTypes.js.map
package/dist/cjs/validate/validateTypes.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validateTypes.js","sourceRoot":"","sources":["../../../src/validate/validateTypes.ts"],"names":[],"mappings":";;AAQA,wDAWC;AAQD,oEAmDC;AAQD,wDAWC;AAQD,sEAsCC;AAQD,kDAWC;AAQD,wDAWC;AAQD,sDAWC;AAxMD,+CAAsE;AAEtE;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,MAAW;IAChD,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,oBAAoB,CAAA;YACvC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,4BAA4B,CAAC,MAAW;IACtD,MAAM,UAAU,GAAG,0BAA0B,CAAA;IAE7C,MAAM,cAAc,GAAG,CAAC,MAAc,EAAE,IAAY,EAAE,IAAY,EAAqB,EAAE;QACvF,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QACxE,IAAG,aAAa,KAAK,CAAC,CAAC,EAAE,CAAC;YACxB,OAAO,EAAE,CAAA;QACX,CAAC;QACD,IAAG,aAAa,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtC,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,CAAC;gBACN,IAAI;gBACJ,OAAO,EAAE,sDAAsD,IAAI,OAAO,UAAU,EAAE;aACvF,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACnH,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC/E,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAE1F,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAChC,IAAG,SAAS,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,kDAAkD,UAAU,EAAE;qBACxE,CAAC,CAAA;gBACJ,CAAC;gBACD,IAAG,SAAS,CAAC,SAAS,EAAE,CAAC;oBACvB,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,sDAAsD,UAAU,EAAE;qBAC5E,CAAC,CAAA;gBACJ,CAAC;gBACD,IAAG,SAAS,CAAC,SAAS,EAAE,CAAC;oBACvB,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,sDAAsD,UAAU,EAAE;qBAC5E,CAAC,CAAA;gBACJ,CAAC;YAGH,CAAC;YACD,OAAO,MAAM,CAAA;QACf,CAAC;QACD,cAAc,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC;QACxE,iBAAiB,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,WAAW,CAAC;KAC/E,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,MAAW;IAChD,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,mBAAmB,CAAA;YACtC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,6BAA6B,CAAC,MAAW;IACvD,MAAM,UAAU,GAAG,2BAA2B,CAAA;IAE9C,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YAErC,MAAM,MAAM,GAAsB,EAAE,CAAA;YAEpC,IAAG,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,GAAG,IAAI,SAAS;oBACtB,OAAO,EAAE,4BAA4B,UAAU,EAAE;iBAClD,CAAC,CAAA;YACJ,CAAC;YAED,IAAG,SAAS,CAAC,SAAS,KAAK,GAAG,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,GAAG,IAAI,YAAY;oBACzB,OAAO,EAAE,4BAA4B,UAAU,EAAE;iBAClD,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC7E,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;QAED,cAAc,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE;YAC/B,IAAG,MAAM,KAAK,GAAG,EAAE,CAAC;gBAClB,OAAO,CAAC;wBACN,IAAI;wBACJ,OAAO,EAAE,2BAA2B,UAAU,EAAE;qBACjD,CAAC,CAAA;YACJ,CAAC;YACD,OAAO,EAAE,CAAA;QACX,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,MAAW;IAC7C,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,gBAAgB,CAAA;YACnC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAClG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,MAAW;IAChD,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,oBAAoB,CAAA;YACvC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,MAAW;IAC/C,OAAO,IAAA,kCAAoB,EAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,kBAAkB,CAAA;YACrC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,oBAAoB,CAAC,SAAc,EAAE,cAAwB,EAAE,IAAY,EAAE,UAAkB;IACtG,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IACtE,IAAI,OAAO,GAAG,UAAU,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,mBAAmB,UAAU,EAAE,CAAA;IAClF,IAAG,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,mBAAmB,UAAU,EAAE,CAAA;IAC/D,CAAC;IAED,IAAG,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC;gBACN,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,wBAAwB,CAAC,SAAc,EAAE,gBAA0B,EAAE,IAAY,EAAE,UAAkB;IAC5G,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,KAAI,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;QACpC,IAAG,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,GAAG,IAAI,IAAI,KAAK,EAAE;gBACxB,OAAO,EAAE,GAAG,KAAK,sBAAsB,UAAU,EAAE;aACpD,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}
package/dist/esm/index.d.ts CHANGED
@@ -7,4 +7,5 @@ export type { AccountPrincipal, AwsPrincipal, CanonicalUserPrincipal, FederatedP
7
7
  export type { Resource } from './resources/resource.js';
8
8
  export type { ActionStatement, NotActionStatement, NotPrincipalStatement, NotResourceStatement, PrincipalStatement, ResourceStatement, Statement } from './statements/statement.js';
9
9
  export { validatePolicySyntax, type ValidationError } from './validate/validate.js';
10
+ export { validateEndpointPolicy, validateIdentityPolicy, validateResourceControlPolicy, validateResourcePolicy, validateServiceControlPolicy, validateSessionPolicy, validateTrustPolicy } from './validate/validateTypes.js';
10
11
  //# sourceMappingURL=index.d.ts.map
package/dist/esm/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAC5F,YAAY,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAA;AACzF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,YAAY,EAAE,gBAAgB,EAAE,YAAY,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,SAAS,EAAE,aAAa,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC1L,YAAY,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACvD,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACnL,OAAO,EAAE,oBAAoB,EAAE,KAAK,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACnF,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,6BAA6B,EAC7B,sBAAsB,EACtB,4BAA4B,EAC5B,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,6BAA6B,CAAA"}
package/dist/esm/index.js CHANGED
@@ -1,3 +1,4 @@
1
1
  export { loadPolicy } from './parser.js';
2
2
  export { validatePolicySyntax } from './validate/validate.js';
3
+ export { validateEndpointPolicy, validateIdentityPolicy, validateResourceControlPolicy, validateResourcePolicy, validateServiceControlPolicy, validateSessionPolicy, validateTrustPolicy } from './validate/validateTypes.js';
3
4
  //# sourceMappingURL=index.js.map
package/dist/esm/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAKxC,OAAO,EAAE,oBAAoB,EAAwB,MAAM,wBAAwB,CAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAKxC,OAAO,EAAE,oBAAoB,EAAwB,MAAM,wBAAwB,CAAA;AACnF,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,6BAA6B,EAC7B,sBAAsB,EACtB,4BAA4B,EAC5B,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,6BAA6B,CAAA"}
package/dist/esm/parser.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAU,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAmB;IAC1C,OAAO,IAAI,UAAU,CAAC,cAAc,CAAC,CAAC;AAC1C,CAAC"}
1
+ {"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAU,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAmB;IAC5C,OAAO,IAAI,UAAU,CAAC,cAAc,CAAC,CAAC;AACxC,CAAC"}
package/dist/esm/validate/validate.d.ts CHANGED
@@ -2,5 +2,14 @@ export interface ValidationError {
2
2
  message: string;
3
3
  path: string;
4
4
  }
5
- export declare function validatePolicySyntax(policyDocument: any): ValidationError[];
5
+ export interface ValidationCallbacks {
6
+ validateStatement?: (statement: any, path: string) => ValidationError[];
7
+ validateAction?: (action: string, path: string) => ValidationError[];
8
+ validateNotAction?: (notAction: string, path: string) => ValidationError[];
9
+ validatePrincipal?: (principal: any, path: string) => ValidationError[];
10
+ validateNotPrincipal?: (notPrincipal: any, path: string) => ValidationError[];
11
+ validateResource?: (resource: string, path: string) => ValidationError[];
12
+ validateNotResource?: (notResource: string, path: string) => ValidationError[];
13
+ }
14
+ export declare function validatePolicySyntax(policyDocument: any, validationCallbacks?: ValidationCallbacks): ValidationError[];
6
15
  //# sourceMappingURL=validate.d.ts.map
package/dist/esm/validate/validate.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AASD,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,GAAG,eAAe,EAAE,CA0C3E"}
1
+ {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb;AASD,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACvE,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACpE,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IAC1E,iBAAiB,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACvE,oBAAoB,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IAC7E,gBAAgB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;IACxE,mBAAmB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,eAAe,EAAE,CAAA;CAC/E;AAED,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,GAAG,EAAE,mBAAmB,GAAE,mBAAwB,GAAG,eAAe,EAAE,CA0C1H"}
package/dist/esm/validate/validate.js CHANGED
@@ -3,7 +3,7 @@ const allowedStatementKeys = new Set(['Sid', 'Effect', 'Action', 'NotAction', 'R
3
3
  const allowedPrincipalKeys = new Set(['AWS', 'Service', 'Federated', 'CanonicalUser']);
4
4
  const validConditionOperatorPattern = /^[a-zA-Z0-9:]+$/;
5
5
  const allowedSetOperators = new Set(["forallvalues", "foranyvalue"]);
6
- export function validatePolicySyntax(policyDocument) {
6
+ export function validatePolicySyntax(policyDocument, validationCallbacks = {}) {
7
7
  const allErrors = [];
8
8
  if (typeof policyDocument !== 'object') {
9
9
  return [{ path: '', message: `Policy must be an object, received type ${typeof policyDocument}` }];
@@ -22,11 +22,11 @@ export function validatePolicySyntax(policyDocument) {
22
22
  }
23
23
  allErrors.push(...validateTypeOrArrayOfTypeIfExists(policyDocument.Statement, 'Statement', ['object']));
24
24
  if (typeof policyDocument.Statement === 'object' && !Array.isArray(policyDocument.Statement)) {
25
- allErrors.push(...validateStatement(policyDocument.Statement, 'Statement'));
25
+ allErrors.push(...validateStatement(policyDocument.Statement, 'Statement', validationCallbacks));
26
26
  }
27
27
  else if (Array.isArray(policyDocument.Statement)) {
28
28
  for (let i = 0; i < policyDocument.Statement.length; i++) {
29
- allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`));
29
+ allErrors.push(...validateStatement(policyDocument.Statement[i], `Statement[${i}]`, validationCallbacks));
30
30
  }
31
31
  const statementIdCounts = policyDocument.Statement.reduce((acc, statement) => {
32
32
  if (statement.Sid) {
@@ -45,18 +45,21 @@ export function validatePolicySyntax(policyDocument) {
45
45
  }
46
46
  return allErrors;
47
47
  }
48
- function validateStatement(statement, path) {
48
+ function validateStatement(statement, path, validationCallbacks) {
49
49
  const statementErrors = [];
50
50
  statementErrors.push(...validateKeys(statement, allowedStatementKeys, path));
51
51
  statementErrors.push(...validateDataTypeIfExists(statement.Sid, `${path}.Sid`, 'string'));
52
52
  if (statement.Effect !== 'Allow' && statement.Effect !== 'Deny') {
53
53
  statementErrors.push({ path: `${path}.Effect`, message: `Effect must be present and exactly "Allow" or "Deny"` });
54
54
  }
55
+ statementErrors.push(...validationCallbacks.validateStatement?.(statement, path) || []);
55
56
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Action', 'NotAction'));
56
57
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Resource', 'NotResource'));
57
58
  statementErrors.push(...validateOnlyOneOf(statement, path, 'Principal', 'NotPrincipal'));
58
59
  statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.Action, `${path}.Action`, 'string'));
59
60
  statementErrors.push(...validateTypeOrArrayOfTypeIfExists(statement.NotAction, `${path}.NotAction`, 'string'));
61
+ statementErrors.push(...validateStringOrArrayStringCallback(statement, 'Action', path, validationCallbacks.validateAction));
62
+ statementErrors.push(...validateStringOrArrayStringCallback(statement, 'NotAction', path, validationCallbacks.validateNotAction));
60
63
  statementErrors.push(...validateResource(statement.Resource, `${path}.Resource`));
61
64
  statementErrors.push(...validateResource(statement.NotResource, `${path}.NotResource`));
62
65
  statementErrors.push(...validateDataTypeIfExists(statement.Principal, `${path}.Principal`, ['string', 'object']));
@@ -150,7 +153,7 @@ function validateCondition(condition, path) {
150
153
  });
151
154
  }
152
155
  else if (splitOperator.length === 2) {
153
- const setOperator = splitOperator[0];
156
+ const setOperator = splitOperator[0].toLowerCase();
154
157
  if (!allowedSetOperators.has(setOperator)) {
155
158
  conditionErrors.push({
156
159
  path: `${path}.${operator}`,
@@ -238,4 +241,23 @@ function validateOnlyOneOf(value, path, firstKey, secondKey) {
238
241
  }
239
242
  return [];
240
243
  }
244
+ function validateStringOrArrayStringCallback(statement, fieldName, path, callback) {
245
+ if (statement === undefined || !statement[fieldName] || !callback) {
246
+ return [];
247
+ }
248
+ const value = statement[fieldName];
249
+ path = `${path}.${fieldName}`;
250
+ if (typeof value === 'string') {
251
+ return callback(value, path);
252
+ }
253
+ else if (Array.isArray(value)) {
254
+ const errors = [];
255
+ for (let i = 0; i < value.length; i++) {
256
+ errors.push(...callback(value[i], `${path}[${i}]`));
257
+ }
258
+ return errors;
259
+ }
260
+ //If it's not a string or string array that is caught elsewhere
261
+ return [];
262
+ }
241
263
  //# sourceMappingURL=validate.js.map
package/dist/esm/validate/validate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAKA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AACvF,MAAM,6BAA6B,GAAG,iBAAiB,CAAA;AACvD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC,CAAA;AAGpE,MAAM,UAAU,oBAAoB,CAAC,cAAmB;IACtD,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAA;IAC7E,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACtF,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IAED,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,yEAAyE;IACzE,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACjD,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,sBAAsB;QACtB,IAAG,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;YACpC,IAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;oBAC3B,OAAO,EAAE,mEAAmE;iBAC7E,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAC7D,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,8BAA8B;gBACzD,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC"}
1
+ {"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/validate/validate.ts"],"names":[],"mappings":"AAKA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAE,CAAC,CAAA;AACnE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,CAAC,CAAC,CAAA;AACpJ,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,CAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAA;AACvF,MAAM,6BAA6B,GAAG,iBAAiB,CAAA;AACvD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC,CAAA;AAapE,MAAM,UAAU,oBAAoB,CAAC,cAAmB,EAAE,sBAA2C,EAAE;IACrG,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,2CAA2C,OAAO,cAAc,EAAE,EAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,OAAO,CAAC,EAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAC,CAAC,CAAA;IAC7E,CAAC;IAED,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,cAAc,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAA;IAEtE,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxF,SAAS,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,cAAc,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC9E,IAAG,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAA;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvG,IAAG,OAAO,cAAc,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5F,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,EAAE,WAAW,EAAE,mBAAmB,CAAC,CAAC,CAAA;IAClG,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,SAAS,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC,CAAA;QAC3G,CAAC;QACD,MAAM,iBAAiB,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAA2B,EAAE,SAAc,EAAE,EAAE;YACxG,IAAG,SAAS,CAAC,GAAG,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACtE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAA4B,CAAC,CAAA;QAChC,KAAI,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAS,iBAAiB,CAAC,EAAE,CAAC;YACpE,IAAG,KAAK,GAAG,CAAC,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,uCAAuC,GAAG,IAAI,KAAK,QAAQ;iBACrE,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY,EAAE,mBAAwC;IAC/F,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;IAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/D,eAAe,CAAC,IAAI,CAAC,EAAC,IAAI,EAAE,GAAG,IAAI,SAAS,EAAE,OAAO,EAAE,sDAAsD,EAAC,CAAC,CAAA;IACjH,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAA;IAClF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAA;IACtF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAA;IAExF,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;IAE9G,eAAe,CAAC,IAAI,CAAC,GAAG,mCAAmC,CAAC,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAA;IAC3H,eAAe,CAAC,IAAI,CAAC,GAAG,mCAAmC,CAAC,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,CAAC,iBAAiB,CAAC,CAAC,CAAA;IAEjI,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,WAAW,CAAC,CAAC,CAAA;IACjF,eAAe,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,IAAI,cAAc,CAAC,CAAC,CAAA;IAEvF,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACjH,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACvH,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC,CAAA;IAE1F,yEAAyE;IACzE,eAAe,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,CAAC,CAAC,CAAA;IACpF,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAE7C,IAAG,SAAS,KAAK,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,SAAS,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAA;QAC5E,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAClG,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC1G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,IAAI,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC9G,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,aAAa,EAAE,GAAG,IAAI,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,OAAO,eAAe,CAAA;AAExB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAa,EAAE,IAAY;IACnD,IAAG,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,cAAc,GAAsB,EAAE,CAAA;QAC5C,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9E,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO;QACL;YACE,IAAI;YACJ,OAAO,EAAE,sCAAsC;SAChD;KACF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,cAAmB,EAAE,IAAY;IAC/D,IAAG,cAAc,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvC,IAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;QAC5C,OAAO;YACL;gBACE,IAAI;gBACJ,OAAO,EAAE,yDAAyD;aACnE;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AAEX,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAc,EAAE,IAAY;IACrD,MAAM,eAAe,GAAsB,EAAE,CAAA;IAC7C,IAAG,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACjD,OAAO,EAAE,CAAA;IACX,CAAC;IACD,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5E,IAAG,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,OAAO,eAAe,CAAA;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,eAAe,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,6CAA6C;YACtD,IAAI;SACL,CAAC,CAAA;QACF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACjD,KAAI,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;QACzC,sBAAsB;QACtB,IAAG,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,eAAe,CAAC,IAAI,CAAC;gBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;gBAC3B,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;YAClD,IAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;oBAC3B,OAAO,EAAE,mEAAmE;iBAC7E,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,eAAe,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,IAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtC,eAAe,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,GAAG,IAAI,IAAI,QAAQ,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC;QAED,IAAG,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;YACtD,KAAI,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,eAAe,CAAC,IAAI,CAAC,GAAG,iCAAiC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,QAAQ,IAAI,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;YAC9H,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,SAAS,YAAY,CAAC,MAAW,EAAE,WAAwB,EAAE,IAAY;IACvE,MAAM,SAAS,GAAsB,EAAE,CAAA;IACvC,IAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,IAAI,GAAG,CAAA;IACnB,CAAC;IAED,KAAI,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,IAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAC7D,SAAS,CAAC,IAAI,CAAC;gBACb,OAAO,EAAE,eAAe,GAAG,8BAA8B;gBACzD,IAAI,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE;aACtB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,iCAAiC,CAAC,KAAU,EAAE,IAAY,EAAE,YAA6C;IAChH,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAAY,CAAE,CAAA;IAC5E,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,CAAC,CAAA;IAC5D,CAAC;SAAM,CAAC;QACN,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,iBAAiB,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAA;AAC1B,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAU,EAAE,IAAY,EAAE,gBAAiD;IAC3G,IAAG,KAAK,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAE,gBAAgB,CAAE,CAAA;IAC5F,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;IAClC,IAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAA+B,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,mBAAmB,aAAa,wBAAwB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9F,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAU,EAAE,IAAY,EAAE,QAAgB,EAAE,SAAiB;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAC/B,IAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACvD,OAAO;YACL;gBACE,OAAO,EAAE,eAAe,QAAQ,OAAO,SAAS,yBAAyB;gBACzE,IAAI;aACL;SACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED,SAAS,mCAAmC,CAAC,SAAc,EAAE,SAAiB,EAAE,IAAY,EAAE,QAA6D;IACzJ,IAAG,SAAS,KAAK,SAAS,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACjE,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,CAAA;IAClC,IAAI,GAAG,GAAG,IAAI,IAAI,SAAS,EAAE,CAAA;IAC7B,IAAG,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChC,MAAM,MAAM,GAAsB,EAAE,CAAA;QACpC,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QACrD,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IACD,+DAA+D;IAC/D,OAAO,EAAE,CAAA;AACX,CAAC"}
package/dist/esm/validate/validateTypes.d.ts ADDED
@@ -0,0 +1,51 @@
1
+ import { ValidationError } from "./validate.js";
2
+ /**
3
+ * Validates an Identity Policy attached to an IAM role or user, or managed policy
4
+ *
5
+ * @param policy the policy to validate
6
+ * @returns an array of validation errors
7
+ */
8
+ export declare function validateIdentityPolicy(policy: any): ValidationError[];
9
+ /**
10
+ * Validates a Service Control Policy (SCP)
11
+ *
12
+ * @param policy the policy to validate
13
+ * @returns an array of validation errors
14
+ */
15
+ export declare function validateServiceControlPolicy(policy: any): ValidationError[];
16
+ /**
17
+ * Validates a Resource Policy attached to an S3 bucket, SQS queue, or other resource
18
+ *
19
+ * @param policy the policy to validate
20
+ * @returns an array of validation errors
21
+ */
22
+ export declare function validateResourcePolicy(policy: any): ValidationError[];
23
+ /**
24
+ * Validates a Resource Control Policy (RCP)
25
+ *
26
+ * @param policy the policy to validate
27
+ * @returns an array of validation errors
28
+ */
29
+ export declare function validateResourceControlPolicy(policy: any): ValidationError[];
30
+ /**
31
+ * Validates a Trust Policy attached to a role
32
+ *
33
+ * @param policy the policy to validate
34
+ * @returns an array of validation errors
35
+ */
36
+ export declare function validateTrustPolicy(policy: any): ValidationError[];
37
+ /**
38
+ * Validates an VPC Endpoint Policy
39
+ *
40
+ * @param policy the policy to validate
41
+ * @returns an array of validation errors
42
+ */
43
+ export declare function validateEndpointPolicy(policy: any): ValidationError[];
44
+ /**
45
+ * Validates a session policy
46
+ *
47
+ * @param policy the policy to validate
48
+ * @returns an array of validation errors
49
+ */
50
+ export declare function validateSessionPolicy(policy: any): ValidationError[];
51
+ //# sourceMappingURL=validateTypes.d.ts.map
package/dist/esm/validate/validateTypes.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validateTypes.d.ts","sourceRoot":"","sources":["../../../src/validate/validateTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,eAAe,EAAE,MAAM,eAAe,CAAC;AAEtE;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAmD3E;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAsC5E;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWlE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWrE;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,GAAG,GAAG,eAAe,EAAE,CAWpE"}
package/dist/esm/validate/validateTypes.js ADDED
@@ -0,0 +1,228 @@
1
+ import { validatePolicySyntax } from "./validate.js";
2
+ /**
3
+ * Validates an Identity Policy attached to an IAM role or user, or managed policy
4
+ *
5
+ * @param policy the policy to validate
6
+ * @returns an array of validation errors
7
+ */
8
+ export function validateIdentityPolicy(policy) {
9
+ return validatePolicySyntax(policy, {
10
+ validateStatement: (statement, path) => {
11
+ const policyType = 'an identity policy';
12
+ const errors = [];
13
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal'], path, policyType));
14
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
15
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
16
+ return errors;
17
+ }
18
+ });
19
+ }
20
+ /**
21
+ * Validates a Service Control Policy (SCP)
22
+ *
23
+ * @param policy the policy to validate
24
+ * @returns an array of validation errors
25
+ */
26
+ export function validateServiceControlPolicy(policy) {
27
+ const policyType = 'a service control policy';
28
+ const validateAction = (action, path, type) => {
29
+ const firstWildcard = Math.max(action.indexOf('*'), action.indexOf('?'));
30
+ if (firstWildcard === -1) {
31
+ return [];
32
+ }
33
+ if (firstWildcard == action.length - 1) {
34
+ return [];
35
+ }
36
+ return [{
37
+ path,
38
+ message: `Wildcard characters are only allowed at the end of ${type} in ${policyType}`
39
+ }];
40
+ };
41
+ return validatePolicySyntax(policy, {
42
+ validateStatement: (statement, path) => {
43
+ const errors = [];
44
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal', 'NotResource'], path, policyType));
45
+ errors.push(...validateAtLeastOneOf(statement, ['Resource'], path, policyType));
46
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
47
+ if (statement.Effect === "Allow") {
48
+ if (statement.Resource !== "*") {
49
+ errors.push({
50
+ path,
51
+ message: `Resource must be "*" when Effect is "Allow" in ${policyType}`
52
+ });
53
+ }
54
+ if (statement.NotAction) {
55
+ errors.push({
56
+ path,
57
+ message: `NotAction is not allowed when Effect is "Allow" in ${policyType}`
58
+ });
59
+ }
60
+ if (statement.Condition) {
61
+ errors.push({
62
+ path,
63
+ message: `Condition is not allowed when Effect is "Allow" in ${policyType}`
64
+ });
65
+ }
66
+ }
67
+ return errors;
68
+ },
69
+ validateAction: (action, path) => validateAction(action, path, 'Action'),
70
+ validateNotAction: (action, path) => validateAction(action, path, 'NotAction')
71
+ });
72
+ }
73
+ /**
74
+ * Validates a Resource Policy attached to an S3 bucket, SQS queue, or other resource
75
+ *
76
+ * @param policy the policy to validate
77
+ * @returns an array of validation errors
78
+ */
79
+ export function validateResourcePolicy(policy) {
80
+ return validatePolicySyntax(policy, {
81
+ validateStatement: (statement, path) => {
82
+ const policyType = 'a resource policy';
83
+ const errors = [];
84
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
85
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
86
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
87
+ return errors;
88
+ }
89
+ });
90
+ }
91
+ /**
92
+ * Validates a Resource Control Policy (RCP)
93
+ *
94
+ * @param policy the policy to validate
95
+ * @returns an array of validation errors
96
+ */
97
+ export function validateResourceControlPolicy(policy) {
98
+ const policyType = 'a resource control policy';
99
+ return validatePolicySyntax(policy, {
100
+ validateStatement: (statement, path) => {
101
+ const errors = [];
102
+ if (statement.Effect !== "Deny") {
103
+ errors.push({
104
+ path: `${path}.Effect`,
105
+ message: `Effect must be "Deny" in ${policyType}`
106
+ });
107
+ }
108
+ if (statement.Principal !== "*") {
109
+ errors.push({
110
+ path: `${path}.Principal`,
111
+ message: `Principal must be "*" in ${policyType}`
112
+ });
113
+ }
114
+ errors.push(...validateProhibitedFields(statement, ['NotPrincipal', 'NotAction'], path, policyType));
115
+ errors.push(...validateAtLeastOneOf(statement, ['Action'], path, policyType));
116
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
117
+ return errors;
118
+ },
119
+ validateAction: (action, path) => {
120
+ if (action === "*") {
121
+ return [{
122
+ path,
123
+ message: `Action cannot be "*" in ${policyType}`
124
+ }];
125
+ }
126
+ return [];
127
+ }
128
+ });
129
+ }
130
+ /**
131
+ * Validates a Trust Policy attached to a role
132
+ *
133
+ * @param policy the policy to validate
134
+ * @returns an array of validation errors
135
+ */
136
+ export function validateTrustPolicy(policy) {
137
+ return validatePolicySyntax(policy, {
138
+ validateStatement: (statement, path) => {
139
+ const policyType = 'a trust policy';
140
+ const errors = [];
141
+ errors.push(...validateProhibitedFields(statement, ['Resource', 'NotResource'], path, policyType));
142
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
143
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
144
+ return errors;
145
+ }
146
+ });
147
+ }
148
+ /**
149
+ * Validates an VPC Endpoint Policy
150
+ *
151
+ * @param policy the policy to validate
152
+ * @returns an array of validation errors
153
+ */
154
+ export function validateEndpointPolicy(policy) {
155
+ return validatePolicySyntax(policy, {
156
+ validateStatement: (statement, path) => {
157
+ const policyType = 'an endpoint policy';
158
+ const errors = [];
159
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
160
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
161
+ errors.push(...validateAtLeastOneOf(statement, ['Principal', 'NotPrincipal'], path, policyType));
162
+ return errors;
163
+ }
164
+ });
165
+ }
166
+ /**
167
+ * Validates a session policy
168
+ *
169
+ * @param policy the policy to validate
170
+ * @returns an array of validation errors
171
+ */
172
+ export function validateSessionPolicy(policy) {
173
+ return validatePolicySyntax(policy, {
174
+ validateStatement: (statement, path) => {
175
+ const policyType = 'a session policy';
176
+ const errors = [];
177
+ errors.push(...validateProhibitedFields(statement, ['Principal', 'NotPrincipal'], path, policyType));
178
+ errors.push(...validateAtLeastOneOf(statement, ['Action', 'NotAction'], path, policyType));
179
+ errors.push(...validateAtLeastOneOf(statement, ['Resource', 'NotResource'], path, policyType));
180
+ return errors;
181
+ }
182
+ });
183
+ }
184
+ /**
185
+ * Validates that at least one of the specified fields is present in a statement
186
+ *
187
+ * @param statement the statement to validate
188
+ * @param requiredFields the list of fields, that at least one must be present
189
+ * @param path the path to the statement in the policy
190
+ * @param policyType the type of policy being validated
191
+ * @returns an array of validation errors
192
+ */
193
+ function validateAtLeastOneOf(statement, requiredFields, path, policyType) {
194
+ const presentFields = requiredFields.filter(field => statement[field]);
195
+ let message = `One of ${requiredFields.join(' or ')} is required in ${policyType}`;
196
+ if (requiredFields.length === 1) {
197
+ message = `${requiredFields[0]} is required in ${policyType}`;
198
+ }
199
+ if (presentFields.length === 0) {
200
+ return [{
201
+ path,
202
+ message
203
+ }];
204
+ }
205
+ return [];
206
+ }
207
+ /**
208
+ * Validates prohibited fields do not exist in a statement
209
+ *
210
+ * @param statement the statement to validate
211
+ * @param prohibitedFields the list of fields that are not allowed
212
+ * @param path the path to the statement in the policy
213
+ * @param policyType the type of policy being validated
214
+ * @returns an array of validation errors
215
+ */
216
+ function validateProhibitedFields(statement, prohibitedFields, path, policyType) {
217
+ const errors = [];
218
+ for (const field of prohibitedFields) {
219
+ if (statement[field]) {
220
+ errors.push({
221
+ path: `${path}.${field}`,
222
+ message: `${field} is not allowed in ${policyType}`
223
+ });
224
+ }
225
+ }
226
+ return errors;
227
+ }
228
+ //# sourceMappingURL=validateTypes.js.map
package/dist/esm/validate/validateTypes.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validateTypes.js","sourceRoot":"","sources":["../../../src/validate/validateTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAmB,MAAM,eAAe,CAAC;AAEtE;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAW;IAChD,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,oBAAoB,CAAA;YACvC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,4BAA4B,CAAC,MAAW;IACtD,MAAM,UAAU,GAAG,0BAA0B,CAAA;IAE7C,MAAM,cAAc,GAAG,CAAC,MAAc,EAAE,IAAY,EAAE,IAAY,EAAqB,EAAE;QACvF,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QACxE,IAAG,aAAa,KAAK,CAAC,CAAC,EAAE,CAAC;YACxB,OAAO,EAAE,CAAA;QACX,CAAC;QACD,IAAG,aAAa,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtC,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,CAAC;gBACN,IAAI;gBACJ,OAAO,EAAE,sDAAsD,IAAI,OAAO,UAAU,EAAE;aACvF,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACnH,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC/E,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAE1F,IAAG,SAAS,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAChC,IAAG,SAAS,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,kDAAkD,UAAU,EAAE;qBACxE,CAAC,CAAA;gBACJ,CAAC;gBACD,IAAG,SAAS,CAAC,SAAS,EAAE,CAAC;oBACvB,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,sDAAsD,UAAU,EAAE;qBAC5E,CAAC,CAAA;gBACJ,CAAC;gBACD,IAAG,SAAS,CAAC,SAAS,EAAE,CAAC;oBACvB,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI;wBACJ,OAAO,EAAE,sDAAsD,UAAU,EAAE;qBAC5E,CAAC,CAAA;gBACJ,CAAC;YAGH,CAAC;YACD,OAAO,MAAM,CAAA;QACf,CAAC;QACD,cAAc,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC;QACxE,iBAAiB,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,WAAW,CAAC;KAC/E,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAW;IAChD,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,mBAAmB,CAAA;YACtC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAAW;IACvD,MAAM,UAAU,GAAG,2BAA2B,CAAA;IAE9C,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YAErC,MAAM,MAAM,GAAsB,EAAE,CAAA;YAEpC,IAAG,SAAS,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,GAAG,IAAI,SAAS;oBACtB,OAAO,EAAE,4BAA4B,UAAU,EAAE;iBAClD,CAAC,CAAA;YACJ,CAAC;YAED,IAAG,SAAS,CAAC,SAAS,KAAK,GAAG,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,GAAG,IAAI,YAAY;oBACzB,OAAO,EAAE,4BAA4B,UAAU,EAAE;iBAClD,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC7E,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;QAED,cAAc,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE;YAC/B,IAAG,MAAM,KAAK,GAAG,EAAE,CAAC;gBAClB,OAAO,CAAC;wBACN,IAAI;wBACJ,OAAO,EAAE,2BAA2B,UAAU,EAAE;qBACjD,CAAC,CAAA;YACJ,CAAC;YACD,OAAO,EAAE,CAAA;QACX,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAW;IAC7C,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,gBAAgB,CAAA;YACnC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAClG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAW;IAChD,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,oBAAoB,CAAA;YACvC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAChG,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAW;IAC/C,OAAO,oBAAoB,CAAC,MAAM,EAAE;QAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACrC,MAAM,UAAU,GAAG,kBAAkB,CAAA;YACrC,MAAM,MAAM,GAAsB,EAAE,CAAA;YACpC,MAAM,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,SAAS,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YACpG,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;YAC9F,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,oBAAoB,CAAC,SAAc,EAAE,cAAwB,EAAE,IAAY,EAAE,UAAkB;IACtG,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IACtE,IAAI,OAAO,GAAG,UAAU,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,mBAAmB,UAAU,EAAE,CAAA;IAClF,IAAG,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,mBAAmB,UAAU,EAAE,CAAA;IAC/D,CAAC;IAED,IAAG,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC;gBACN,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,wBAAwB,CAAC,SAAc,EAAE,gBAA0B,EAAE,IAAY,EAAE,UAAkB;IAC5G,MAAM,MAAM,GAAsB,EAAE,CAAA;IACpC,KAAI,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;QACpC,IAAG,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,GAAG,IAAI,IAAI,KAAK,EAAE;gBACxB,OAAO,EAAE,GAAG,KAAK,sBAAsB,UAAU,EAAE;aACpD,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cloud-copilot/iam-policy",
3
- "version": "0.1.1",
3
+ "version": "0.1.3",
4
4
  "description": "An ORM for AWS IAM policies",
5
5
  "repository": {
6
6
  "type": "git",