npm - @cloud-copilot/iam-simulate - Versions diffs - 0.1.12 → 0.1.14 - Mend

@cloud-copilot/iam-simulate 0.1.12 → 0.1.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (329) hide show

package/dist/cjs/StatementAnalysis.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { Statement } from "@cloud-copilot/iam-policy";
 import { ConditionMatchResult } from "./condition/condition.js";
+import { StatementExplain } from "./explain/statementExplain.js";
 import { PrincipalMatchResult } from "./principal/principal.js";
 /**
  * The result of analyzing a statement against a request.
@@ -22,6 +23,19 @@ export interface StatementAnalysis {
      * Whether the Principal or NotPrincipal – if any – matches the request.
      */
     principalMatch: PrincipalMatchResult;
+    /**
+     * Whether the Conditions matches the request.
+     */
     conditionMatch: ConditionMatchResult;
+    explain?: StatementExplain;
 }
+/**
+ * Checks if a statement is an identity statement that allows the request.
+ *
+ * @param statement The statement to check.
+ * @returns Whether the statement is an identity statement that allows the request.
+ */
+export declare function identityStatementAllows(statement: StatementAnalysis): boolean;
+export declare function identityStatementExplicitDeny(statement: StatementAnalysis): boolean;
+export declare function statementMatches(analysis: Pick<StatementAnalysis, 'actionMatch' | 'conditionMatch' | 'principalMatch' | 'resourceMatch'>): boolean;
 //# sourceMappingURL=StatementAnalysis.d.ts.map

package/dist/cjs/StatementAnalysis.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"StatementAnalysis.d.ts","sourceRoot":"","sources":["../../src/StatementAnalysis.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhE;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,SAAS,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,WAAW,EAAE,OAAO,CAAC;IAErB;;OAEG;IACH,cAAc,EAAE,oBAAoB,CAAA;~~IACpC~~,cAAc,EAAE,oBAAoB,CAAA;~~CACrC~~"}
1	+ {"version":3,"file":"StatementAnalysis.d.ts","sourceRoot":"","sources":["../../src/StatementAnalysis.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhE;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,EAAE,SAAS,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,WAAW,EAAE,OAAO,CAAC;IAErB;;OAEG;IACH,cAAc,EAAE,oBAAoB,CAAA;IAEpC;;OAEG;IACH,cAAc,EAAE,oBAAoB,CAAA;IAEpC,OAAO,CAAC,EAAE,gBAAgB,CAAA;CAC3B;AAED;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,iBAAiB,GAAG,OAAO,CAQ7E;AAsBD,wBAAgB,6BAA6B,CAAC,SAAS,EAAE,iBAAiB,GAAG,OAAO,CAQnF;AAED,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,EAAE,aAAa,GAAG,gBAAgB,GAAG,gBAAgB,GAAG,eAAe,CAAC,GAAG,OAAO,CAKlJ"}

package/dist/cjs/StatementAnalysis.js CHANGED Viewed

@@ -1,3 +1,54 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.identityStatementAllows = identityStatementAllows;
+exports.identityStatementExplicitDeny = identityStatementExplicitDeny;
+exports.statementMatches = statementMatches;
+/**
+ * Checks if a statement is an identity statement that allows the request.
+ *
+ * @param statement The statement to check.
+ * @returns Whether the statement is an identity statement that allows the request.
+ */
+function identityStatementAllows(statement) {
+    if (statement.resourceMatch &&
+        statement.actionMatch &&
+        statement.conditionMatch === 'Match' &&
+        statement.statement.effect() === 'Allow') {
+        return true;
+    }
+    return false;
+}
+// export function identityStatementUknownAllow(statement: StatementAnalysis): boolean {
+//   if(statement.resourceMatch &&
+//     statement.actionMatch &&
+//     statement.conditionMatch === 'Unknown' &&
+//     statement.statement.effect() === 'Allow') {
+//       return true;
+//   }
+//   return false
+// }
+// export function identityStatementUknownDeny(statement: StatementAnalysis): boolean {
+//   if(statement.resourceMatch &&
+//     statement.actionMatch &&
+//     statement.conditionMatch === 'Unknown' &&
+//     statement.statement.effect() === 'Deny') {
+//       return true;
+//   }
+//   return false
+// }
+function identityStatementExplicitDeny(statement) {
+    if (statement.resourceMatch &&
+        statement.actionMatch &&
+        statement.conditionMatch === 'Match' &&
+        statement.statement.effect() === 'Deny') {
+        return true;
+    }
+    return false;
+}
+function statementMatches(analysis) {
+    return analysis.resourceMatch &&
+        analysis.actionMatch &&
+        analysis.conditionMatch === 'Match' &&
+        ['Match', 'AccountLevelMatch', 'SessionRoleMatch', 'SessionUserMatch'].includes(analysis.principalMatch);
+}
 //# sourceMappingURL=StatementAnalysis.js.map

package/dist/cjs/StatementAnalysis.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"StatementAnalysis.js","sourceRoot":"","sources":["../../src/StatementAnalysis.ts"],"names":[],"mappings":""}
1	+ {"version":3,"file":"StatementAnalysis.js","sourceRoot":"","sources":["../../src/StatementAnalysis.ts"],"names":[],"mappings":";;AA4CA,0DAQC;AAsBD,sEAQC;AAED,4CAKC;AAnDD;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,SAA4B;IAClE,IAAG,SAAS,CAAC,aAAa;QACxB,SAAS,CAAC,WAAW;QACrB,SAAS,CAAC,cAAc,KAAK,OAAO;QACpC,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,OAAO,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC;IAChB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,wFAAwF;AACxF,kCAAkC;AAClC,+BAA+B;AAC/B,gDAAgD;AAChD,kDAAkD;AAClD,qBAAqB;AACrB,MAAM;AACN,iBAAiB;AACjB,IAAI;AAEJ,uFAAuF;AACvF,kCAAkC;AAClC,+BAA+B;AAC/B,gDAAgD;AAChD,iDAAiD;AACjD,qBAAqB;AACrB,MAAM;AACN,iBAAiB;AACjB,IAAI;AAEJ,SAAgB,6BAA6B,CAAC,SAA4B;IACxE,IAAG,SAAS,CAAC,aAAa;QACxB,SAAS,CAAC,WAAW;QACrB,SAAS,CAAC,cAAc,KAAK,OAAO;QACpC,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,MAAM,EAAE,CAAC;QACxC,OAAO,IAAI,CAAC;IAChB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAgB,gBAAgB,CAAC,QAAwG;IACvI,OAAO,QAAQ,CAAC,aAAa;QAC3B,QAAQ,CAAC,WAAW;QACpB,QAAQ,CAAC,cAAc,KAAK,OAAO;QACnC,CAAC,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;AAC7G,CAAC"}

package/dist/cjs/action/action.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { Action, Statement } from "@cloud-copilot/iam-policy";
+import { ActionExplain, StatementExplain } from "../explain/statementExplain.js";
 import { AwsRequest } from "../request/request.js";
 /**
  * Check if a request matches the Action or NotAction elements of a statement.
@@ -7,7 +8,10 @@ import { AwsRequest } from "../request/request.js";
  * @param statement the statement to check against
  * @returns true if the request matches the Action or NotAction in the statement, false otherwise
  */
-export declare function requestMatchesStatementActions(request: AwsRequest, statement: Statement): boolean;
+export declare function requestMatchesStatementActions(request: AwsRequest, statement: Statement): {
+    matches: boolean;
+    details: Pick<StatementExplain, 'actions' | 'notActions'>;
+};
 /**
  * Check if a request matches a set of actions.
  *
@@ -15,7 +19,10 @@ export declare function requestMatchesStatementActions(request: AwsRequest, stat
  * @param actions the actions to check against
  * @returns true if the request matches any of the actions, false otherwise
  */
-export declare function requestMatchesActions(request: AwsRequest, actions: Action[]): boolean;
+export declare function requestMatchesActions(request: AwsRequest, actions: Action[]): {
+    matches: boolean;
+    explains: ActionExplain[];
+};
 /**
  * Check if a request does not match a set of actions.
  *
@@ -23,5 +30,8 @@ export declare function requestMatchesActions(request: AwsRequest, actions: Acti
  * @param actions the actions to check against
  * @returns true if the request does not match any of the actions, false if the request matches any of the actions
  */
-export declare function requestMatchesNotActions(request: AwsRequest, actions: Action[]): boolean;
+export declare function requestMatchesNotActions(request: AwsRequest, actions: Action[]): {
+    matches: boolean;
+    explains: ActionExplain[];
+};
 //# sourceMappingURL=action.d.ts.map

package/dist/cjs/action/action.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/action/action.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;~~AAGnD~~;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,GAAG,OAAO,~~CAOjG~~;AAiBD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,~~CAiBrF~~;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,~~CAExF~~"}
1	+ {"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/action/action.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,GAAG;IAAC,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE,SAAS,GAAG,YAAY,CAAC,CAAA;CAAC,CAevK;AAiBD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG;IAAC,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,aAAa,EAAE,CAAA;CAAC,CAI3H;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG;IAAC,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,aAAa,EAAE,CAAA;CAAC,CAS9H"}

package/dist/cjs/action/action.js CHANGED Viewed

@@ -12,10 +12,18 @@ exports.requestMatchesNotActions = requestMatchesNotActions;
  */
 function requestMatchesStatementActions(request, statement) {
     if (statement.isActionStatement()) {
-        return requestMatchesActions(request, statement.actions());
+        const { matches, explains } = requestMatchesActions(request, statement.actions());
+        if (!statement.actionIsArray()) {
+            return { matches, details: { actions: explains[0] } };
+        }
+        return { matches, details: { actions: explains } };
     }
     else if (statement.isNotActionStatement()) {
-        return requestMatchesNotActions(request, statement.notActions());
+        const { matches, explains } = requestMatchesNotActions(request, statement.notActions());
+        if (!statement.notActionIsArray()) {
+            return { matches, details: { notActions: explains[0] } };
+        }
+        return { matches, details: { notActions: explains } };
     }
     throw new Error('Statement has neither Actions nor NotActions');
 }
@@ -40,24 +48,9 @@ function convertActionToRegex(action) {
  * @returns true if the request matches any of the actions, false otherwise
  */
 function requestMatchesActions(request, actions) {
-    for (const action of actions) {
-        if (action.isWildcardAction()) {
-            return true;
-        }
-        else if (action.isServiceAction()) {
-            if (request.action.service() != action.service()) {
-                continue;
-            }
-            const actionRegex = convertActionToRegex(action.action());
-            if (actionRegex.test(request.action.action())) {
-                return true;
-            }
-        }
-        else {
-            throw new Error('Unknown action type');
-        }
-    }
-    return false;
+    const explains = actions.map(action => requestMatchesSingleAction(request, action));
+    const matches = explains.some(explain => explain.matches);
+    return { matches, explains };
 }
 /**
  * Check if a request does not match a set of actions.
@@ -67,6 +60,35 @@ function requestMatchesActions(request, actions) {
  * @returns true if the request does not match any of the actions, false if the request matches any of the actions
  */
 function requestMatchesNotActions(request, actions) {
-    return !requestMatchesActions(request, actions);
+    const explains = actions.map(action => {
+        const explain = requestMatchesSingleAction(request, action);
+        explain.matches = !explain.matches;
+        return explain;
+    });
+    const matches = !explains.some(explain => !explain.matches);
+    return { matches, explains };
+}
+function requestMatchesSingleAction(request, action) {
+    if (action.isWildcardAction()) {
+        return {
+            action: action.value(),
+            matches: true,
+        };
+    }
+    else if (action.isServiceAction()) {
+        if (request.action.service() != action.service()) {
+            return {
+                action: action.value(),
+                matches: false,
+            };
+        }
+        const actionRegex = convertActionToRegex(action.action());
+        const matches = actionRegex.test(request.action.action());
+        return {
+            action: action.value(),
+            matches
+        };
+    }
+    throw new Error('Unknown action type');
 }
 //# sourceMappingURL=action.js.map

package/dist/cjs/action/action.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"action.js","sourceRoot":"","sources":["../../../src/action/action.ts"],"names":[],"mappings":";;AAWA,~~wEAOC~~;AAwBD,~~sDAiBC~~;AASD,~~4DAEC~~;~~AAlED~~;;;;;;GAMG;AACH,SAAgB,8BAA8B,CAAC,OAAmB,EAAE,SAAoB;IACtF,IAAG,SAAS,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACjC,OAAO,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC;~~IAC7D~~,CAAC;SAAM,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC5C,OAAO,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;~~IACnE~~,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;AAClE,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,MAAc;IAC1C,IAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,GAAG,CAAA;IAC5E,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;AACjC,CAAC;AAGD;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,OAAmB,EAAE,OAAiB;IAC1E,~~KAAI,~~MAAM,MAAM,~~IAAI~~,OAAO,EAAE,CAAC;~~QAC5B~~,~~IAAI,~~MAAM,CAAC,~~gBAAgB~~,~~EAAE~~,EAAE,CAAC;~~YAC9B~~,OAAO,~~IAAI~~,CAAC;~~QACd~~,CAAC;~~aAAM~~,~~IAAG~~,~~MAAM~~,CAAC,~~eAAe~~,EAAE,~~EAAE~~,CAAC;~~YACnC~~,~~IAAG~~,OAAO,CAAC,MAAM,CAAC,OAAO,~~EAAE~~,~~IAAI~~,~~MAAM~~,CAAC,OAAO,~~EAAE~~,~~EAAE~~,~~CAAC~~;~~gBAChD~~,~~SAAQ~~;~~YACV~~,CAAC;~~YACD~~,MAAM,~~WAAW~~,GAAG,~~oBAAoB~~,CAAC,~~MAAM~~,CAAC,~~MAAM~~,EAAE,CAAC,CAAC~~;YAC1D~~,~~IAAG~~,~~WAAW,~~CAAC,~~IAAI~~,CAAC,OAAO,CAAC,~~MAAM~~,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC;~~gBAC7C~~,OAAO,IAAI,~~CAAC~~;~~YACd~~,CAAC;~~QACH~~,CAAC~~;aAAM~~,CAAC;~~YACN~~,MAAM,IAAI,~~KAAK~~,CAAC,~~qBAAqB~~,~~CAAC~~,CAAC;~~QACzC~~,~~CAAC~~;~~IACH~~,CAAC;~~IACD~~,OAAO,KAAK,~~CAAC~~;~~AACf~~,CAAC;~~AAED;;;;;;GAMG;AACH~~,~~SAAgB~~,~~wBAAwB~~,CAAC,~~OAAmB~~,EAAE,~~OAAiB~~;~~IAC7E~~,OAAO,CAAC,~~qBAAqB~~,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;~~AAClD~~,CAAC"}
1	+ {"version":3,"file":"action.js","sourceRoot":"","sources":["../../../src/action/action.ts"],"names":[],"mappings":";;AAWA,wEAeC;AAwBD,sDAIC;AASD,4DASC;AApED;;;;;;GAMG;AACH,SAAgB,8BAA8B,CAAC,OAAmB,EAAE,SAAoB;IACtF,IAAG,SAAS,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACjC,MAAM,EAAC,OAAO,EAAE,QAAQ,EAAC,GAAG,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC;QAChF,IAAG,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,CAAC;YAC9B,OAAO,EAAC,OAAO,EAAE,OAAO,EAAE,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAC,EAAC,CAAC;QACpD,CAAC;QACD,OAAO,EAAC,OAAO,EAAE,OAAO,EAAE,EAAC,OAAO,EAAE,QAAQ,EAAC,EAAC,CAAC;IACjD,CAAC;SAAM,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC5C,MAAM,EAAC,OAAO,EAAE,QAAQ,EAAC,GAAG,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;QACtF,IAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,EAAE,CAAC;YACjC,OAAO,EAAC,OAAO,EAAE,OAAO,EAAE,EAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAC,EAAC,CAAC;QACvD,CAAC;QACD,OAAO,EAAC,OAAO,EAAE,OAAO,EAAE,EAAC,UAAU,EAAE,QAAQ,EAAC,EAAC,CAAC;IACpD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;AAClE,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,MAAc;IAC1C,IAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,GAAG,CAAA;IAC5E,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;AACjC,CAAC;AAGD;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,OAAmB,EAAE,OAAiB;IAC1E,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,0BAA0B,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;IACpF,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1D,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,CAAC;AAC7B,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,wBAAwB,CAAC,OAAmB,EAAE,OAAiB;IAC7E,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QACpC,MAAM,OAAO,GAAG,0BAA0B,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC3D,OAAO,CAAC,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,CAAA;QAClC,OAAO,OAAO,CAAA;IAChB,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5D,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,CAAC;AAC7B,CAAC;AAED,SAAS,0BAA0B,CAAC,OAAmB,EAAE,MAAc;IACrE,IAAI,MAAM,CAAC,gBAAgB,EAAE,EAAE,CAAC;QAC9B,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE;YACtB,OAAO,EAAE,IAAI;SACd,CAAA;IACH,CAAC;SAAM,IAAG,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC;QACnC,IAAG,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;YAChD,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE;gBACtB,OAAO,EAAE,KAAK;aACf,CAAA;QACH,CAAC;QACD,MAAM,WAAW,GAAG,oBAAoB,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1D,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAA;QACzD,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE;YACtB,OAAO;SACR,CAAA;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;AACzC,CAAC"}

package/dist/cjs/condition/BaseConditionOperator.d.ts CHANGED Viewed

@@ -1,8 +1,13 @@
+import { ConditionValueExplain } from "../explain/statementExplain.js";
 import { AwsRequest } from "../request/request.js";
 export interface BaseConditionOperator {
     name: string;
-    matches: (request: AwsRequest, keyValue: string, policyValues: string[]) => boolean;
+    matches: (request: AwsRequest, keyValue: string, policyValues: string[]) => {
+        matches: boolean;
+        explains: ConditionValueExplain[];
+    };
     allowsVariables: boolean;
     allowsWildcards: boolean;
+    isNegative: boolean;
 }
 //# sourceMappingURL=BaseConditionOperator.d.ts.map

package/dist/cjs/condition/BaseConditionOperator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"BaseConditionOperator.d.ts","sourceRoot":"","sources":["../../../src/condition/BaseConditionOperator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,OAAO,CAAA;~~IACnF~~,eAAe,EAAE,OAAO,CAAA;IACxB,eAAe,EAAE,OAAO,CAAA;~~CACzB~~"}
1	+ {"version":3,"file":"BaseConditionOperator.d.ts","sourceRoot":"","sources":["../../../src/condition/BaseConditionOperator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,qBAAqB,EAAE,CAAA;KAAE,CAAA;IACnI,eAAe,EAAE,OAAO,CAAA;IACxB,eAAe,EAAE,OAAO,CAAA;IACxB,UAAU,EAAE,OAAO,CAAA;CACpB"}

package/dist/cjs/condition/arn/ArnEquals.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnEquals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,SAAS,EAAE,~~qBAKvB~~,CAAA"}
1	+ {"version":3,"file":"ArnEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnEquals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,SAAS,EAAE,qBAMvB,CAAA"}

package/dist/cjs/condition/arn/ArnEquals.js CHANGED Viewed

@@ -6,6 +6,7 @@ exports.ArnEquals = {
     name: 'ArnEquals',
     matches: ArnLike_js_1.ArnLike.matches,
     allowsVariables: ArnLike_js_1.ArnLike.allowsVariables,
-    allowsWildcards: ArnLike_js_1.ArnLike.allowsWildcards
+    allowsWildcards: ArnLike_js_1.ArnLike.allowsWildcards,
+    isNegative: ArnLike_js_1.ArnLike.isNegative
 };
 //# sourceMappingURL=ArnEquals.js.map

package/dist/cjs/condition/arn/ArnEquals.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnEquals.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnEquals.ts"],"names":[],"mappings":";;;AACA,6CAAuC;AAE1B,QAAA,SAAS,GAA0B;IAC9C,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,oBAAO,CAAC,OAAO;IACxB,eAAe,EAAE,oBAAO,CAAC,eAAe;IACxC,eAAe,EAAE,oBAAO,CAAC,eAAe;~~CACzC~~,CAAA"}
1	+ {"version":3,"file":"ArnEquals.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnEquals.ts"],"names":[],"mappings":";;;AACA,6CAAuC;AAE1B,QAAA,SAAS,GAA0B;IAC9C,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,oBAAO,CAAC,OAAO;IACxB,eAAe,EAAE,oBAAO,CAAC,eAAe;IACxC,eAAe,EAAE,oBAAO,CAAC,eAAe;IACxC,UAAU,EAAE,oBAAO,CAAC,UAAU;CAC/B,CAAA"}

package/dist/cjs/condition/arn/ArnLike.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnLike.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnLike.ts"],"names":[],"mappings":"~~AAEA~~,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;~~AAEpE~~,eAAO,MAAM,OAAO,EAAE,~~qBAOrB~~,CAAA"}
1	+ {"version":3,"file":"ArnLike.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnLike.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,OAAO,EAAE,qBAerB,CAAA"}

package/dist/cjs/condition/arn/ArnLike.js CHANGED Viewed

@@ -1,50 +1,18 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ArnLike = void 0;
-const util_js_1 = require("../../util.js");
+const arn_js_1 = require("./arn.js");
 exports.ArnLike = {
     name: 'ArnLike',
     matches: (request, keyValue, policyValues) => {
-        return policyValues.some(policyArn => arnMatches(policyArn, keyValue, request));
+        const explains = policyValues.map(policyArn => (0, arn_js_1.arnMatches)(policyArn, keyValue, request, true));
+        return {
+            matches: explains.some(explain => explain.matches),
+            explains
+        };
     },
     allowsVariables: true,
-    allowsWildcards: true
+    allowsWildcards: true,
+    isNegative: false
 };
-/**
- * Checks to see if a single ARN matches in ArnLike format
- *
- * @param policyArn the ARN to check against
- * @param requestArn the ARN to check
- * @param request the request to check
- * @returns if the ARN matches
- */
-function arnMatches(policyArn, requestArn, request) {
-    const policyParts = (0, util_js_1.splitArnParts)(policyArn);
-    const requestParts = (0, util_js_1.splitArnParts)(requestArn);
-    // If any of the parts are missing, return false
-    if ((0, util_js_1.isNotDefined)(policyParts.partition) ||
-        (0, util_js_1.isNotDefined)(policyParts.service) ||
-        (0, util_js_1.isNotDefined)(policyParts.region) ||
-        (0, util_js_1.isNotDefined)(policyParts.accountId) ||
-        (0, util_js_1.isNotDefined)(policyParts.resource)) {
-        return false;
-    }
-    // If any of the parts are missing, return false
-    if ((0, util_js_1.isNotDefined)(requestParts.partition) ||
-        (0, util_js_1.isNotDefined)(requestParts.service) ||
-        (0, util_js_1.isNotDefined)(requestParts.region) ||
-        (0, util_js_1.isNotDefined)(requestParts.accountId) ||
-        (0, util_js_1.isNotDefined)(requestParts.resource)) {
-        return false;
-    }
-    const replaceAndMatch = (policyPart, requestPart) => {
-        const pattern = (0, util_js_1.convertIamStringToRegex)(policyPart, request, { replaceWildcards: true });
-        return pattern.test(requestPart);
-    };
-    return replaceAndMatch(policyParts.partition, requestParts.partition) &&
-        replaceAndMatch(policyParts.service, requestParts.service) &&
-        replaceAndMatch(policyParts.region, requestParts.region) &&
-        replaceAndMatch(policyParts.accountId, requestParts.accountId) &&
-        replaceAndMatch(policyParts.resource, requestParts.resource);
-}
 //# sourceMappingURL=ArnLike.js.map

package/dist/cjs/condition/arn/ArnLike.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnLike.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnLike.ts"],"names":[],"mappings":";;;AACA,~~2CAAqF~~;~~AAGxE~~,QAAA,OAAO,GAA0B;IAC5C,IAAI,EAAE,SAAS;IACf,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,~~OAAO~~,YAAY,CAAC,~~IAAI~~,~~CAAC~~,SAAS,CAAC,EAAE,CAAC,~~UAAU~~,~~CAAC~~,SAAS,EAAE,QAAQ,EAAE,OAAO,~~CAAC,CAAC,CAAA;IACjF,CAAC;IACD,eAAe,~~EAAE,IAAI~~;IACrB~~,~~eAAe,EAAE,IAAI;CACtB,CAAA;AAED;;;;;;;GAOG;AACH,SAAS,UAAU,~~CAAC,~~SAAiB~~,~~EAAE,UAAkB,EAAE,OAAmB;IAC5E,MAAM,WAAW,GAAG,IAAA,uBAAa,EAAC,SAAS,CAAC,~~CAAA;~~IAC5C~~,~~MAAM,YAAY,GAAG,IAAA,uBAAa,EAAC,UAAU,CAAC,CAAA~~;~~IAC9C~~,~~gDAAgD;IAChD~~,~~IAAG~~,~~IAAA~~,~~sBAAY,EAAC,WAAW,~~CAAC,~~SAAS~~,CAAC~~;QACnC~~,~~IAAA,sBAAY,EAAC,WAAW,CAAC,~~OAAO,CAAC~~;QACjC~~,~~IAAA,sBAAY,EAAC,WAAW,CAAC,MAAM,CAAC;QAChC,IAAA,sBAAY,EAAC,WAAW,CAAC,SAAS,CAAC;QACnC,IAAA,sBAAY,EAAC,WAAW,CAAC,QAAQ,CAAC,~~EAAE,CAAC~~;QACtC~~,OAAO,~~KAAK,CAAA;IACd,~~CAAC~~;IAED~~,~~gDAAgD;IAChD,IAAG,IAAA,sBAAY,EAAC,YAAY,CAAC,SAAS,CAAC;QACpC,IAAA,sBAAY,EAAC,YAAY,CAAC,~~OAAO,CAAC;~~QAClC~~,~~IAAA,sBAAY,EAAC,YAAY,CAAC,MAAM,CAAC;QACjC,IAAA,sBAAY,EAAC,YAAY,CAAC,SAAS,CAAC;QACpC,IAAA,sBAAY,EAAC,YAAY,CAAC,~~QAAQ~~,CAAC,EAAE,CAAC~~;~~QACvC~~,~~OAAO,KAAK,~~CAAA;~~IACd~~,CAAC;~~IAED~~,~~MAAM,~~eAAe,~~GAAG,CAAC,UAAkB,~~EAAE,~~WAAmB,EAAW,EAAE;QAC3E,MAAM,OAAO,GAAG,IAAA,iCAAuB,EAAC,UAAU,EAAE,OAAO,EAAE,EAAC,gBAAgB,EAAE,~~IAAI~~,EAAC,CAAC,CAAA~~;~~QACtF~~,~~OAAO,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IAClC,CAAC,CAAA;IAED,OAAO,~~eAAe,~~CAAC,WAAW,CAAC,SAAS,~~EAAE,~~YAAY,CAAC,SAAS,CAAC~~;~~QAC9D~~,~~eAAe~~,~~CAAC,WAAW,CAAC,OAAO,~~EAAE,~~YAAY,CAAC,OAAO,CAAC~~;~~QAC1D~~,~~eAAe,CAAC,WAAW,CAAC,MAAM,EAAE,YAAY,CAAC,MAAM,CAAC;QACxD,eAAe,CAAC,WAAW,CAAC,SAAS,EAAE,YAAY,CAAC,SAAS,CAAC;QAC9D,eAAe,CAAC,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,CAAC,~~CAAA~~;AAErE,CAAC~~"}
1	+ {"version":3,"file":"ArnLike.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnLike.ts"],"names":[],"mappings":";;;AACA,qCAAsC;AAEzB,QAAA,OAAO,GAA0B;IAC5C,IAAI,EAAE,SAAS;IACf,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAC/B,SAAS,CAAC,EAAE,CAAC,IAAA,mBAAU,EAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,CAC5D,CAAA;QAED,OAAO;YACL,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;YAClD,QAAQ;SACT,CAAA;IACH,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;IACrB,UAAU,EAAE,KAAK;CAClB,CAAA"}

package/dist/cjs/condition/arn/ArnNotEquals.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnNotEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotEquals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,YAAY,EAAE,~~qBAK1B~~,CAAA"}
1	+ {"version":3,"file":"ArnNotEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotEquals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,YAAY,EAAE,qBAM1B,CAAA"}

package/dist/cjs/condition/arn/ArnNotEquals.js CHANGED Viewed

@@ -6,6 +6,7 @@ exports.ArnNotEquals = {
     name: 'ArnNotEquals',
     matches: ArnNotLike_js_1.ArnNotLike.matches,
     allowsVariables: ArnNotLike_js_1.ArnNotLike.allowsVariables,
-    allowsWildcards: ArnNotLike_js_1.ArnNotLike.allowsWildcards
+    allowsWildcards: ArnNotLike_js_1.ArnNotLike.allowsWildcards,
+    isNegative: ArnNotLike_js_1.ArnNotLike.isNegative
 };
 //# sourceMappingURL=ArnNotEquals.js.map

package/dist/cjs/condition/arn/ArnNotEquals.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnNotEquals.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotEquals.ts"],"names":[],"mappings":";;;AACA,mDAA6C;AAEhC,QAAA,YAAY,GAA0B;IACjD,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,0BAAU,CAAC,OAAO;IAC3B,eAAe,EAAE,0BAAU,CAAC,eAAe;IAC3C,eAAe,EAAE,0BAAU,CAAC,eAAe;~~CAC5C~~,CAAA"}
1	+ {"version":3,"file":"ArnNotEquals.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotEquals.ts"],"names":[],"mappings":";;;AACA,mDAA6C;AAEhC,QAAA,YAAY,GAA0B;IACjD,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,0BAAU,CAAC,OAAO;IAC3B,eAAe,EAAE,0BAAU,CAAC,eAAe;IAC3C,eAAe,EAAE,0BAAU,CAAC,eAAe;IAC3C,UAAU,EAAE,0BAAU,CAAC,UAAU;CAClC,CAAA"}

package/dist/cjs/condition/arn/ArnNotLike.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnNotLike.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotLike.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,UAAU,EAAE,~~qBAOxB~~,CAAA"}
1	+ {"version":3,"file":"ArnNotLike.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotLike.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE,eAAO,MAAM,UAAU,EAAE,qBAexB,CAAA"}

package/dist/cjs/condition/arn/ArnNotLike.js CHANGED Viewed

@@ -1,13 +1,18 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ArnNotLike = void 0;
-const ArnLike_js_1 = require("./ArnLike.js");
+const arn_js_1 = require("./arn.js");
 exports.ArnNotLike = {
     name: 'ArnNotLike',
     matches: (request, keyValue, policyValues) => {
-        return !ArnLike_js_1.ArnLike.matches(request, keyValue, policyValues);
+        const explains = policyValues.map(policyArn => (0, arn_js_1.arnMatches)(policyArn, keyValue, request, false));
+        return {
+            matches: !explains.some(explain => !explain.matches),
+            explains
+        };
     },
     allowsVariables: true,
-    allowsWildcards: true
+    allowsWildcards: true,
+    isNegative: true
 };
 //# sourceMappingURL=ArnNotLike.js.map

package/dist/cjs/condition/arn/ArnNotLike.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ArnNotLike.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotLike.ts"],"names":[],"mappings":";;;AACA,~~6CAAuC~~;~~AAE1B~~,QAAA,UAAU,GAA0B;IAC/C,IAAI,EAAE,YAAY;IAClB,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,~~OAAO~~,CAAC,~~oBAAO~~,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,EAAE,~~YAAY~~,CAAC,CAAA;~~IAC1D~~,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;~~CACtB~~,CAAA"}
1	+ {"version":3,"file":"ArnNotLike.js","sourceRoot":"","sources":["../../../../src/condition/arn/ArnNotLike.ts"],"names":[],"mappings":";;;AACA,qCAAsC;AAEzB,QAAA,UAAU,GAA0B;IAC/C,IAAI,EAAE,YAAY;IAClB,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAC/B,SAAS,CAAC,EAAE,CAAC,IAAA,mBAAU,EAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAC7D,CAAA;QAED,OAAO;YACL,OAAO,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;YACpD,QAAQ;SACT,CAAA;IACH,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;IACrB,UAAU,EAAE,IAAI;CACjB,CAAA"}

package/dist/cjs/condition/arn/arn.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { ConditionValueExplain } from "../../explain/statementExplain.js";
+import { AwsRequest } from "../../request/request.js";
+/**
+ * Checks to see if a single ARN matches in ArnLike format
+ *
+ * @param policyArn the ARN to check against
+ * @param requestArn the ARN to check
+ * @param request the request to check
+ * @returns if the ARN matches
+ */
+export declare function arnMatches(policyArn: string, requestArn: string, request: AwsRequest, expectMatch: boolean): ConditionValueExplain;
+//# sourceMappingURL=arn.d.ts.map

package/dist/cjs/condition/arn/arn.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"arn.d.ts","sourceRoot":"","sources":["../../../../src/condition/arn/arn.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAA;AACzE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAGrD;;;;;;;GAOG;AACH,wBAAgB,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,qBAAqB,CA6DlI"}

package/dist/cjs/condition/arn/arn.js ADDED Viewed

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.arnMatches = arnMatches;
+const util_js_1 = require("../../util.js");
+/**
+ * Checks to see if a single ARN matches in ArnLike format
+ *
+ * @param policyArn the ARN to check against
+ * @param requestArn the ARN to check
+ * @param request the request to check
+ * @returns if the ARN matches
+ */
+function arnMatches(policyArn, requestArn, request, expectMatch) {
+    const policyParts = (0, util_js_1.splitArnParts)(policyArn);
+    const requestParts = (0, util_js_1.splitArnParts)(requestArn);
+    // If any of the parts are missing, return false
+    if ((0, util_js_1.isNotDefined)(policyParts.partition) ||
+        (0, util_js_1.isNotDefined)(policyParts.service) ||
+        (0, util_js_1.isNotDefined)(policyParts.region) ||
+        (0, util_js_1.isNotDefined)(policyParts.accountId) ||
+        (0, util_js_1.isNotDefined)(policyParts.resource)) {
+        return {
+            matches: false,
+            value: policyArn,
+            errors: ['Invalid ARN']
+        };
+    }
+    const resolvedPolicyArn = [
+        'arn',
+        policyParts.partition,
+        policyParts.service,
+        policyParts.region,
+        policyParts.accountId,
+        policyParts.resource
+    ].map(part => (0, util_js_1.convertIamString)(part, request, { convertToRegex: false, replaceWildcards: false })).join(':');
+    const resolvedValue = resolvedPolicyArn == policyArn ? undefined : resolvedPolicyArn;
+    // If any of the parts are missing, return false
+    if ((0, util_js_1.isNotDefined)(requestParts.partition) ||
+        (0, util_js_1.isNotDefined)(requestParts.service) ||
+        (0, util_js_1.isNotDefined)(requestParts.region) ||
+        (0, util_js_1.isNotDefined)(requestParts.accountId) ||
+        (0, util_js_1.isNotDefined)(requestParts.resource)) {
+        return {
+            matches: false,
+            value: policyArn,
+            resolvedValue,
+            errors: [`request ARN '${requestArn}' is not a valid ARN`]
+        };
+    }
+    const allErrors = [];
+    const replaceAndMatch = (policyPart, requestPart) => {
+        const { pattern, errors } = (0, util_js_1.convertIamString)(policyPart, request, { replaceWildcards: true });
+        allErrors.push(...(errors || []));
+        return pattern.test(requestPart);
+    };
+    const matches = replaceAndMatch(policyParts.partition, requestParts.partition) &&
+        replaceAndMatch(policyParts.service, requestParts.service) &&
+        replaceAndMatch(policyParts.region, requestParts.region) &&
+        replaceAndMatch(policyParts.accountId, requestParts.accountId) &&
+        replaceAndMatch(policyParts.resource, requestParts.resource);
+    return {
+        matches: matches == expectMatch && allErrors.length == 0,
+        value: policyArn,
+        resolvedValue,
+        errors: allErrors.length > 0 ? allErrors : undefined
+    };
+}
+//# sourceMappingURL=arn.js.map

package/dist/cjs/condition/arn/arn.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"arn.js","sourceRoot":"","sources":["../../../../src/condition/arn/arn.ts"],"names":[],"mappings":";;AAYA,gCA6DC;AAvED,2CAA6E;AAE7E;;;;;;;GAOG;AACH,SAAgB,UAAU,CAAC,SAAiB,EAAE,UAAkB,EAAE,OAAmB,EAAE,WAAoB;IACzG,MAAM,WAAW,GAAG,IAAA,uBAAa,EAAC,SAAS,CAAC,CAAA;IAC5C,MAAM,YAAY,GAAG,IAAA,uBAAa,EAAC,UAAU,CAAC,CAAA;IAC9C,gDAAgD;IAChD,IAAG,IAAA,sBAAY,EAAC,WAAW,CAAC,SAAS,CAAC;QACnC,IAAA,sBAAY,EAAC,WAAW,CAAC,OAAO,CAAC;QACjC,IAAA,sBAAY,EAAC,WAAW,CAAC,MAAM,CAAC;QAChC,IAAA,sBAAY,EAAC,WAAW,CAAC,SAAS,CAAC;QACnC,IAAA,sBAAY,EAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;QACtC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,SAAS;YAChB,MAAM,EAAE,CAAC,aAAa,CAAC;SACxB,CAAA;IACH,CAAC;IAED,MAAM,iBAAiB,GAAG;QACxB,KAAK;QACL,WAAW,CAAC,SAAS;QACrB,WAAW,CAAC,OAAO;QACnB,WAAW,CAAC,MAAM;QAClB,WAAW,CAAC,SAAS;QACrB,WAAW,CAAC,QAAQ;KACrB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAA,0BAAgB,EAAC,IAAI,EAAE,OAAO,EAAE,EAAC,cAAc,EAAE,KAAK,EAAE,gBAAgB,EAAE,KAAK,EAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1G,MAAM,aAAa,GAAG,iBAAiB,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAA;IAEpF,gDAAgD;IAChD,IAAG,IAAA,sBAAY,EAAC,YAAY,CAAC,SAAS,CAAC;QACpC,IAAA,sBAAY,EAAC,YAAY,CAAC,OAAO,CAAC;QAClC,IAAA,sBAAY,EAAC,YAAY,CAAC,MAAM,CAAC;QACjC,IAAA,sBAAY,EAAC,YAAY,CAAC,SAAS,CAAC;QACpC,IAAA,sBAAY,EAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,SAAS;YAChB,aAAa;YACb,MAAM,EAAE,CAAC,gBAAgB,UAAU,sBAAsB,CAAC;SAC3D,CAAA;IACH,CAAC;IAED,MAAM,SAAS,GAAa,EAAE,CAAA;IAC9B,MAAM,eAAe,GAAG,CAAC,UAAkB,EAAE,WAAmB,EAAW,EAAE;QAC3E,MAAM,EAAC,OAAO,EAAE,MAAM,EAAC,GAAG,IAAA,0BAAgB,EAAC,UAAU,EAAE,OAAO,EAAE,EAAC,gBAAgB,EAAE,IAAI,EAAC,CAAC,CAAA;QACzF,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAA;QACjC,OAAO,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IAClC,CAAC,CAAA;IAGD,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW,CAAC,SAAS,EAAE,YAAY,CAAC,SAAS,CAAC;QAC9D,eAAe,CAAC,WAAW,CAAC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;QAC1D,eAAe,CAAC,WAAW,CAAC,MAAM,EAAE,YAAY,CAAC,MAAM,CAAC;QACxD,eAAe,CAAC,WAAW,CAAC,SAAS,EAAE,YAAY,CAAC,SAAS,CAAC;QAC9D,eAAe,CAAC,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,CAAC,CAAA;IAE5E,OAAO;QACL,OAAO,EAAE,OAAO,IAAI,WAAW,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC;QACxD,KAAK,EAAE,SAAS;QAChB,aAAa;QACb,MAAM,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;KACrD,CAAA;AACH,CAAC"}

package/dist/cjs/condition/baseConditionperatorTests.d.ts CHANGED Viewed

@@ -2,11 +2,17 @@ import { BaseConditionOperator } from "./BaseConditionOperator.js";
 export interface BaseOperatorTest {
     name: string;
     requestContext?: {
-        [key: string]: string;
+        [key: string]: string | string[];
     };
     policyValues: string[];
     testValue: string;
     expected: boolean;
+    explains?: {
+        value: string;
+        matches: boolean;
+        resolvedValue?: string;
+        errors?: string[];
+    }[];
 }
 export declare function testOperator(name: string, tests: BaseOperatorTest[], operator: BaseConditionOperator): void;
 //# sourceMappingURL=baseConditionperatorTests.d.ts.map

package/dist/cjs/condition/baseConditionperatorTests.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"baseConditionperatorTests.d.ts","sourceRoot":"","sources":["../../../src/condition/baseConditionperatorTests.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA;AAElE,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAA;IACZ,cAAc,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAA;~~IAC1C~~,YAAY,EAAE,MAAM,EAAE,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;~~CAClB~~;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE,QAAQ,EAAE,qBAAqB,~~QAcpG~~"}
1	+ {"version":3,"file":"baseConditionperatorTests.d.ts","sourceRoot":"","sources":["../../../src/condition/baseConditionperatorTests.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA;AAElE,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAA;IACZ,cAAc,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,EAAE,CAAA;KAAE,CAAA;IACrD,YAAY,EAAE,MAAM,EAAE,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE;QACT,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,OAAO,CAAA;QAChB,aAAa,CAAC,EAAE,MAAM,CAAA;QACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAClB,EAAE,CAAA;CACJ;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE,QAAQ,EAAE,qBAAqB,QA6BpG"}

package/dist/cjs/condition/baseConditionperatorTests.js CHANGED Viewed

@@ -13,7 +13,23 @@ function testOperator(name, tests, operator) {
                 //When the condition is evaluated
                 const result = operator.matches(request, test.testValue, test.policyValues);
                 //Then the result should be as expected
-                (0, vitest_1.expect)(result).toBe(test.expected);
+                (0, vitest_1.expect)(result.matches).toBe(test.expected);
+                if (test.explains) {
+                    for (const explain of test.explains) {
+                        const found = result.explains.find(e => e.value === explain.value);
+                        (0, vitest_1.expect)(found, `Missing explain for ${explain.value}`).toBeDefined();
+                        (0, vitest_1.expect)(found?.matches, `${explain.value} match`).toBe(explain.matches);
+                        if (explain.resolvedValue) {
+                            (0, vitest_1.expect)(found?.resolvedValue, `${explain.value} resolved value`).toBe(explain.resolvedValue);
+                        }
+                        else {
+                            (0, vitest_1.expect)(found?.resolvedValue, `${explain.value} resolved value to be undefined`).toBeUndefined();
+                        }
+                        if (explain.errors) {
+                            (0, vitest_1.expect)(found?.errors, `${explain.value} errors`).toEqual(explain.errors.sort());
+                        }
+                    }
+                }
             });
         }
     });

package/dist/cjs/condition/baseConditionperatorTests.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"baseConditionperatorTests.js","sourceRoot":"","sources":["../../../src/condition/baseConditionperatorTests.ts"],"names":[],"mappings":";;~~AAaA~~,~~oCAcC~~;~~AA3BD~~,mCAAyC;AACzC,sDAAsD;AACtD,4DAAyD;~~AAWzD~~,SAAgB,YAAY,CAAC,IAAY,EAAE,KAAyB,EAAE,QAA+B;IACnG,IAAA,iBAAQ,EAAC,IAAI,EAAE,EAAE,CAAC,EAAE;QAClB,KAAI,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACxB,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE;gBACjB,mBAAmB;gBACnB,MAAM,OAAO,GAAG,IAAI,2BAAc,CAAC,EAAE,EAAE,EAAC,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAC,EAAE,EAAE,EAAE,IAAI,sCAAkB,CAAC,IAAI,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,CAAA;gBAC5H,iCAAiC;gBACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;gBAE3E,uCAAuC;gBACvC,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;~~YACpC~~,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC"}
1	+ {"version":3,"file":"baseConditionperatorTests.js","sourceRoot":"","sources":["../../../src/condition/baseConditionperatorTests.ts"],"names":[],"mappings":";;AAmBA,oCA6BC;AAhDD,mCAAyC;AACzC,sDAAsD;AACtD,4DAAyD;AAiBzD,SAAgB,YAAY,CAAC,IAAY,EAAE,KAAyB,EAAE,QAA+B;IACnG,IAAA,iBAAQ,EAAC,IAAI,EAAE,EAAE,CAAC,EAAE;QAClB,KAAI,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACxB,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE;gBACjB,mBAAmB;gBACnB,MAAM,OAAO,GAAG,IAAI,2BAAc,CAAC,EAAE,EAAE,EAAC,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAC,EAAE,EAAE,EAAE,IAAI,sCAAkB,CAAC,IAAI,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,CAAA;gBAC5H,iCAAiC;gBACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;gBAE3E,uCAAuC;gBACvC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;gBAC1C,IAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACjB,KAAI,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACnC,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,CAAC,CAAA;wBAClE,IAAA,eAAM,EAAC,KAAK,EAAE,uBAAuB,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,WAAW,EAAE,CAAA;wBACnE,IAAA,eAAM,EAAC,KAAK,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;wBACtE,IAAG,OAAO,CAAC,aAAa,EAAE,CAAC;4BACzB,IAAA,eAAM,EAAC,KAAK,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC,KAAK,iBAAiB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;wBAC7F,CAAC;6BAAM,CAAC;4BACN,IAAA,eAAM,EAAC,KAAK,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC,KAAK,iCAAiC,CAAC,CAAC,aAAa,EAAE,CAAA;wBACjG,CAAC;wBACD,IAAG,OAAO,CAAC,MAAM,EAAE,CAAC;4BAClB,IAAA,eAAM,EAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,SAAS,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;wBACjF,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/dist/cjs/condition/binary/BinaryEquals.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"BinaryEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/binary/BinaryEquals.ts"],"names":[],"mappings":"~~AAAA~~,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;~~AAEpE~~;;;GAGG;AACH,eAAO,MAAM,YAAY,EAAE,~~qBAO1B~~,CAAA"}
1	+ {"version":3,"file":"BinaryEquals.d.ts","sourceRoot":"","sources":["../../../../src/condition/binary/BinaryEquals.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAGpE;;;GAGG;AACH,eAAO,MAAM,YAAY,EAAE,qBAmB1B,CAAA"}

package/dist/cjs/condition/binary/BinaryEquals.js CHANGED Viewed

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BinaryEquals = void 0;
+const conditionUtil_js_1 = require("../conditionUtil.js");
 /**
  * For Binary we don't really have the ability to accept binary
  * values right now, so just do a string match.
@@ -8,9 +9,20 @@ exports.BinaryEquals = void 0;
 exports.BinaryEquals = {
     name: 'BinaryEquals',
     matches: (request, keyValue, policyValues) => {
-        return policyValues.includes(keyValue);
+        const explains = policyValues.map((policyValue) => {
+            return {
+                value: policyValue,
+                matches: policyValue === keyValue,
+                resolvedValue: (0, conditionUtil_js_1.resolvedValue)(policyValue, request),
+            };
+        });
+        return {
+            matches: explains.some((explain) => explain.matches),
+            explains
+        };
     },
     allowsVariables: true,
-    allowsWildcards: false
+    allowsWildcards: false,
+    isNegative: false
 };
 //# sourceMappingURL=BinaryEquals.js.map

package/dist/cjs/condition/binary/BinaryEquals.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"BinaryEquals.js","sourceRoot":"","sources":["../../../../src/condition/binary/BinaryEquals.ts"],"names":[],"mappings":";;;AAEA;;;GAGG;AACU,QAAA,YAAY,GAA0B;IACjD,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,~~OAAO~~,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;~~IACzC~~,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;~~CACvB~~,CAAA"}
1	+ {"version":3,"file":"BinaryEquals.js","sourceRoot":"","sources":["../../../../src/condition/binary/BinaryEquals.ts"],"names":[],"mappings":";;;AAEA,0DAAoD;AAEpD;;;GAGG;AACU,QAAA,YAAY,GAA0B;IACjD,IAAI,EAAE,cAAc;IACpB,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE;QAC3C,MAAM,QAAQ,GAA4B,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE;YACzE,OAAO;gBACL,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,WAAW,KAAK,QAAQ;gBACjC,aAAa,EAAE,IAAA,gCAAa,EAAC,WAAW,EAAE,OAAO,CAAC;aACnD,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;YACpD,QAAQ;SACT,CAAA;IACH,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,UAAU,EAAE,KAAK;CAClB,CAAA"}

package/dist/cjs/condition/boolean/Bool.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Bool.d.ts","sourceRoot":"","sources":["../../../../src/condition/boolean/Bool.ts"],"names":[],"mappings":"~~AACA~~,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAEpE,eAAO,MAAM,IAAI,EAAE,~~qBAclB~~,CAAA"}
1	+ {"version":3,"file":"Bool.d.ts","sourceRoot":"","sources":["../../../../src/condition/boolean/Bool.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAEpE,eAAO,MAAM,IAAI,EAAE,qBAiDlB,CAAA"}