@cloud-copilot/iam-simulate 0.1.130 → 0.1.131
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/core_engine/CoreSimulatorEngine.d.ts +3 -2
- package/dist/cjs/core_engine/CoreSimulatorEngine.d.ts.map +1 -1
- package/dist/cjs/core_engine/CoreSimulatorEngine.js +11 -11
- package/dist/cjs/core_engine/CoreSimulatorEngine.js.map +1 -1
- package/dist/cjs/policyType.d.ts +13 -0
- package/dist/cjs/policyType.d.ts.map +1 -0
- package/dist/cjs/policyType.js +3 -0
- package/dist/cjs/policyType.js.map +1 -0
- package/dist/cjs/resource/resource.d.ts +11 -3
- package/dist/cjs/resource/resource.d.ts.map +1 -1
- package/dist/cjs/resource/resource.js +88 -8
- package/dist/cjs/resource/resource.js.map +1 -1
- package/dist/cjs/simulation_engine/policyResources.d.ts +6 -3
- package/dist/cjs/simulation_engine/policyResources.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/policyResources.js +18 -9
- package/dist/cjs/simulation_engine/policyResources.js.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.js +7 -3
- package/dist/cjs/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/cjs/util/resourceStrings.d.ts +9 -0
- package/dist/cjs/util/resourceStrings.d.ts.map +1 -1
- package/dist/cjs/util/resourceStrings.js +28 -2
- package/dist/cjs/util/resourceStrings.js.map +1 -1
- package/dist/esm/core_engine/CoreSimulatorEngine.d.ts +3 -2
- package/dist/esm/core_engine/CoreSimulatorEngine.d.ts.map +1 -1
- package/dist/esm/core_engine/CoreSimulatorEngine.js +12 -11
- package/dist/esm/core_engine/CoreSimulatorEngine.js.map +1 -1
- package/dist/esm/policyType.d.ts +13 -0
- package/dist/esm/policyType.d.ts.map +1 -0
- package/dist/esm/policyType.js +2 -0
- package/dist/esm/policyType.js.map +1 -0
- package/dist/esm/resource/resource.d.ts +11 -3
- package/dist/esm/resource/resource.d.ts.map +1 -1
- package/dist/esm/resource/resource.js +89 -8
- package/dist/esm/resource/resource.js.map +1 -1
- package/dist/esm/simulation_engine/policyResources.d.ts +6 -3
- package/dist/esm/simulation_engine/policyResources.d.ts.map +1 -1
- package/dist/esm/simulation_engine/policyResources.js +19 -10
- package/dist/esm/simulation_engine/policyResources.js.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.js +7 -3
- package/dist/esm/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/esm/util/resourceStrings.d.ts +9 -0
- package/dist/esm/util/resourceStrings.d.ts.map +1 -1
- package/dist/esm/util/resourceStrings.js +27 -2
- package/dist/esm/util/resourceStrings.js.map +1 -1
- package/package.json +2 -2
|
@@ -15,6 +15,7 @@ const util_js_1 = require("../util.js");
|
|
|
15
15
|
const contextKeys_js_2 = require("./contextKeys.js");
|
|
16
16
|
const overallResult_js_1 = require("./overallResult.js");
|
|
17
17
|
const policyResources_js_1 = require("./policyResources.js");
|
|
18
|
+
const resourceStrings_js_1 = require("../util/resourceStrings.js");
|
|
18
19
|
const resourceTypes_js_1 = require("./resourceTypes.js");
|
|
19
20
|
const DEFAULT_RCP = {
|
|
20
21
|
name: 'RCPFullAWSAccess',
|
|
@@ -236,7 +237,7 @@ async function runSimulation(simulation, simulationOptions) {
|
|
|
236
237
|
: new strictContextKeys_js_1.StrictContextKeys([]);
|
|
237
238
|
const curriedAuthorize = (curriedResourceString, curriedContextValues) => (0, CoreSimulatorEngine_js_1.authorize)({
|
|
238
239
|
request: new request_js_1.AwsRequestImpl(principal, {
|
|
239
|
-
resource: curriedResourceString,
|
|
240
|
+
resource: (0, resourceStrings_js_1.expandShortArn)(curriedResourceString),
|
|
240
241
|
accountId: simulation.request.resource.accountId
|
|
241
242
|
}, simulation.request.action, new requestContext_js_1.RequestContextImpl(curriedContextValues), isWildCardOnlyAction),
|
|
242
243
|
sessionPolicy,
|
|
@@ -251,7 +252,8 @@ async function runSimulation(simulation, simulationOptions) {
|
|
|
251
252
|
strictConditionKeys: strictConditionKeys
|
|
252
253
|
}
|
|
253
254
|
});
|
|
254
|
-
const
|
|
255
|
+
const identityPoliciesThatGrantAccess = [...identityPolicies];
|
|
256
|
+
const resourcePoliciesThatGrantAccess = [resourcePolicy];
|
|
255
257
|
// If there is only one simulation to run, run it
|
|
256
258
|
if (!runMultipleSimulations) {
|
|
257
259
|
const { validContextValues, ignoredContextKeys } = await normalizeSimulationParameters(simulation, undefined);
|
|
@@ -284,7 +286,9 @@ async function runSimulation(simulation, simulationOptions) {
|
|
|
284
286
|
}
|
|
285
287
|
else {
|
|
286
288
|
let resourceStrings = [simulation.request.resource.resource];
|
|
287
|
-
|
|
289
|
+
const identityResourceStrings = (0, policyResources_js_1.getMatchingResourceStringsForPolicies)(identityPoliciesThatGrantAccess, simulation.request.action, resourceType, simulation.request.resource.resource, true);
|
|
290
|
+
const resourcePolicyResourceStrings = (0, policyResources_js_1.getMatchingResourceStringsForPolicies)(resourcePoliciesThatGrantAccess, simulation.request.action, resourceType, simulation.request.resource.resource, false);
|
|
291
|
+
resourceStrings = [...new Set([...identityResourceStrings, ...resourcePolicyResourceStrings])];
|
|
288
292
|
for (const resourceString of resourceStrings) {
|
|
289
293
|
const simulationResult = curriedAuthorize(resourceString, validContextValues);
|
|
290
294
|
simulationResults.push({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"simulationEngine.js","sourceRoot":"","sources":["../../../src/simulation_engine/simulationEngine.ts"],"names":[],"mappings":";;AAyLA,sCA+TC;AAED,sEAgDC;AA1iBD,sDAA8F;AAC9F,0DAQkC;AAClC,wDAA6F;AAC7F,2EAAwE;AACxE,mEAA2F;AAC3F,+EAAwE;AACxE,kFAM8C;AAE9C,sDAAsD;AACtD,4DAAyD;AACzD,wCAAiD;AACjD,qDAA+D;AAC/D,yDAA2D;AAC3D,6DAA4E;AAC5E,yDAA8D;AAI9D,MAAM,WAAW,GAAG;IAClB,IAAI,EAAE,kBAAkB;IACxB,MAAM,EAAE;QACN,OAAO,EAAE,YAAY;QACrB,SAAS,EAAE;YACT;gBACE,MAAM,EAAE,OAAO;gBACf,SAAS,EAAE,GAAG;gBACd,MAAM,EAAE,GAAG;gBACX,QAAQ,EAAE,GAAG;aACd;SACF;KACF;CACF,CAAA;AAqID;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CACjC,UAAsB,EACtB,iBAA6C;IAE7C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAA;IAC9C,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;IACxD,MAAM,mBAAmB,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;IAErD,IAAI,UAAU,CAAC,aAAa,EAAE,CAAC;QAC7B,IACE,CAAC,IAAA,wBAAY,EAAC,SAAS,CAAC;YACxB,CAAC,IAAA,4BAAgB,EAAC,SAAS,CAAC;YAC5B,CAAC,IAAA,8BAAkB,EAAC,SAAS,CAAC,EAC9B,CAAC;YACD,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,kCAAkC;iBAC5C;aACF,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,mBAAmB,GAAG,UAAU,CAAC,aAAa;QAClD,CAAC,CAAC,IAAA,mCAAsB,EAAC,UAAU,CAAC,aAAa,CAAC;QAClD,CAAC,CAAC,EAAE,CAAA;IACN,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa;QAC5C,CAAC,CAAC,IAAA,uBAAU,EAAC,UAAU,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;QACjE,CAAC,CAAC,SAAS,CAAA;IAEb,MAAM,oBAAoB,GAAsC,EAAE,CAAA;IAClE,MAAM,gBAAgB,GAAqB,EAAE,CAAA;IAC7C,UAAU,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QAC5C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;QAC9B,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,gBAAgB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACN,oBAAoB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QAC/C,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,0BAA0B,GAAsC,EAAE,CAAA;IACxE,MAAM,sBAAsB,GAAsB,UAAU,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC9F,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAA;QAC9B,MAAM,aAAa,GAAqB,EAAE,CAAA;QAE1C,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAC7B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;YAC9B,MAAM,gBAAgB,GAAG,IAAA,yCAA4B,EAAC,MAAM,CAAC,CAAA;YAC7D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,0BAA0B,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;YACrD,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,aAAa;SACxB,CAAA;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,2BAA2B,GAAsC,EAAE,CAAA;IACzE,MAAM,uBAAuB,GAAsB,UAAU,CAAC,uBAAuB,CAAC,GAAG,CACvF,CAAC,GAAG,EAAE,EAAE;QACN,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAA;QAC9B,MAAM,aAAa,GAAqB,EAAE,CAAA;QAC1C,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,WAAW,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;QAE9E,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAC7B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;YAC9B,MAAM,gBAAgB,GAAG,IAAA,0CAA6B,EAAC,MAAM,CAAC,CAAA;YAC9D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,2BAA2B,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;YACtD,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,aAAa;SACxB,CAAA;IACH,CAAC,CACF,CAAA;IAED,MAAM,oBAAoB,GAAG,UAAU,CAAC,cAAc;QACpD,CAAC,CAAC,IAAA,mCAAsB,EAAC,UAAU,CAAC,cAAc,CAAC;QACnD,CAAC,CAAC,EAAE,CAAA;IAEN,MAAM,oBAAoB,GAAiC,UAAU,CAAC,0BAA0B;QAC9F,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,SAAS,CAAA;IACb,MAAM,wBAAwB,GAAsC,EAAE,CAAA;IACtE,UAAU,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QAChD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,CAAA;QAC3B,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,oBAAqB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QAC1D,CAAC;aAAM,CAAC;YACN,wBAAwB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QACnD,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,mBAAmB,GAAiC,UAAU,CAAC,mBAAmB;QACtF,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,SAAS,CAAA;IACb,MAAM,iBAAiB,GAAsC,EAAE,CAAA;IAC/D,UAAU,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE;QACrD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,cAAc,CAAA;QACvC,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,mBAAoB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QACzD,CAAC;aAAM,CAAC;YACN,iBAAiB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QAC5C,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,IACE,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,GAAG,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,MAAM,GAAG,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,MAAM,GAAG,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC;QACzC,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAC/B,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAC9B,CAAC;QACD,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,GAAG,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBAC9D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,oBAAoB,EAAE,CAAC;gBAC7E,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,0BAA0B,EAAE,CAAC;gBACzF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,2BAA2B,EAAE,CAAC;gBAC3F,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,oBAAoB,EAAE,CAAC;gBAChE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,wBAAwB,EAAE,CAAC;gBACrF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,iBAAiB,EAAE,CAAC;gBACvE,OAAO,EAAE,eAAe;aACzB;SACF,CAAA;IACH,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,cAAc;QAC9C,CAAC,CAAC,IAAA,uBAAU,EAAC,UAAU,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QACjF,CAAC,CAAC,SAAS,CAAA;IAEb,IAAI,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,gBAAgB;aAC1B;SACF,CAAA;IACH,CAAC;IAED,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,YAAY,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;IACpD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,iBAAiB;aAC3B;SACF,CAAA;IACH,CAAC;IACD,MAAM,WAAW,GAAG,MAAM,IAAA,0BAAe,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,gBAAgB;aAC1B;SACF,CAAA;IACH,CAAC;IAED,MAAM,oBAAoB,GAAG,MAAM,IAAA,8BAAoB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACxE,MAAM,sBAAsB,GAAG,mBAAmB,IAAI,CAAC,oBAAoB,CAAA;IAC3E,IAAI,aAAa,GAA+B,SAAS,CAAA;IACzD,IAAI,oBAAoB,EAAE,CAAC;QACzB,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;YACxB,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,mBAAmB;iBAC7B;aACF,CAAA;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,mBAAmB,GAAG,MAAM,IAAA,4CAAyB,EAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,CAAA;QACzF,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,mBAAmB;iBAC7B;aACF,CAAA;QACH,CAAC;aAAM,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAClE,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,yBAAyB;iBACnC;aACF,CAAA;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;QACzD,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,6CAAoB,CAAC,QAAQ,CAClD,iBAAiB,CAAC,cAAgC,CACnD;QACC,CAAC,CAAE,iBAAiB,CAAC,cAAiC;QACtD,CAAC,CAAC,QAAQ,CAAA;IAEZ,yFAAyF;IAEzF,MAAM,mBAAmB,GACvB,cAAc,KAAK,WAAW;QAC5B,CAAC,CAAC,IAAI,wCAAiB,CAAC,iBAAiB,CAAC,mBAAmB,IAAI,EAAE,CAAC;QACpE,CAAC,CAAC,IAAI,wCAAiB,CAAC,EAAE,CAAC,CAAA;IAE/B,MAAM,gBAAgB,GAAG,CACvB,qBAA6B,EAC7B,oBAAuD,EACvD,EAAE,CACF,IAAA,kCAAS,EAAC;QACR,OAAO,EAAE,IAAI,2BAAc,CACzB,SAAS,EACT;YACE,QAAQ,EAAE,qBAAqB;YAC/B,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS;SACjD,EACD,UAAU,CAAC,OAAO,CAAC,MAAM,EACzB,IAAI,sCAAkB,CAAC,oBAAoB,CAAC,EAC5C,oBAAoB,CACrB;QACD,aAAa;QACb,gBAAgB;QAChB,sBAAsB;QACtB,uBAAuB;QACvB,cAAc;QACd,oBAAoB;QACpB,mBAAmB;QACnB,oBAAoB,EAAE;YACpB,cAAc,EAAE,cAAc;YAC9B,mBAAmB,EAAE,mBAAmB;SACzC;KACF,CAAC,CAAA;IAEJ,MAAM,uBAAuB,GAAG,CAAC,cAAc,EAAE,GAAG,gBAAgB,CAAC,CAAA;IAErE,iDAAiD;IACjD,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAC5B,MAAM,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,MAAM,6BAA6B,CACpF,UAAU,EACV,SAAS,CACV,CAAA;QACD,MAAM,YAAY,GAAG,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAA;QACtE,OAAO;YACL,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,YAAY,CAAC,MAAM;YAClC,MAAM,EAAE;gBACN,QAAQ,EAAE,YAAY;gBACtB,GAAG,CAAC,aAAa,EAAE,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,aAAc,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/E,kBAAkB;aACnB;SACF,CAAA;IACH,CAAC;IAED,iHAAiH;IACjH,MAAM,iBAAiB,GAAuC,EAAE,CAAA;IAChE,MAAM,uBAAuB,GAC3B,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAA;IAChE,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE,CAAC;QACnD,2GAA2G;QAE3G,MAAM,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,MAAM,6BAA6B,CACpF,UAAU,EACV,YAAY,CACb,CAAA;QAED,iCAAiC;QACjC,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAA;QAC5E,IAAI,kBAAkB,CAAC,MAAM,KAAK,kBAAkB,EAAE,CAAC;YACrD,iBAAiB,CAAC,IAAI,CAAC;gBACrB,QAAQ,EAAE,kBAAkB;gBAC5B,kBAAkB;gBAClB,YAAY,EAAE,YAAY,CAAC,GAAG;gBAC9B,eAAe,EAAE,WAAW;aAC7B,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,eAAe,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;YAC5D,eAAe,GAAG,IAAA,0DAAqC,EACrD,uBAAuB,EACvB,UAAU,CAAC,OAAO,CAAC,MAAM,EACzB,YAAY,EACZ,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CACrC,CAAA;YAED,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAA;gBAE7E,iBAAiB,CAAC,IAAI,CAAC;oBACrB,QAAQ,EAAE,gBAAgB;oBAC1B,kBAAkB;oBAClB,YAAY,EAAE,YAAY,CAAC,GAAG;oBAC9B,eAAe,EAAE,cAAc;iBAChC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,IAAA,yCAAsB,EAAC,iBAAiB,CAAC,CAAA;IAC/D,OAAO;QACL,UAAU,EAAE,UAAU;QACtB,aAAa;QACb,OAAO,EAAE,iBAAiB;KAC3B,CAAA;AACH,CAAC;AAEM,KAAK,UAAU,6BAA6B,CACjD,UAAsB,EACtB,qBAA+C;IAK/C,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;IACxD,MAAM,yBAAyB,GAAG,IAAI,GAAG,CACvC,MAAM,IAAA,6CAA4B,EAChC,OAAO,EACP,MAAM,EACN,WAAW,EACX,CAAC,CAAC,UAAU,CAAC,kBAAkB,EAAE,EAAE,EAAE,iBAAiB,EACtD,qBAAqB,CACtB,CACF,CAAA;IAED,4FAA4F;IAC5F,MAAM,kBAAkB,GAAsC,EAAE,CAAA;IAChE,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACnE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACtD,MAAM,YAAY,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;QACtC,IACE,yBAAyB,CAAC,GAAG,CAAC,YAAY,CAAC;YAC3C,uBAAuB,CAAC,YAAY,EAAE,yBAAyB,CAAC,EAChE,CAAC;YACD,MAAM,aAAa,GAAG,MAAM,IAAA,kCAAiB,EAAC,YAAY,CAAC,CAAA;YAC3D,MAAM,aAAa,GAAG,MAAM,IAAA,wCAAuB,EAAC,GAAG,CAAC,CAAA;YAExD,IAAI,IAAA,wCAAmB,EAAC,aAAa,CAAC,EAAE,CAAC;gBACvC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;YACpD,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,kBAAkB,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YAC9C,CAAC;iBAAM,CAAC;gBACN,kBAAkB,CAAC,aAAa,CAAC,GAAG,KAAK,CAAA;YAC3C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IAED,OAAO;QACL,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,uBAAuB,CAAC,YAAoB,EAAE,gBAA6B;IAClF,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjD,IAAI,eAAe,KAAK,CAAC,CAAC,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,GAAG,CAAC,CAAC,CAAA;IACzD,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE,CAAC;QACxC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC"}
|
|
1
|
+
{"version":3,"file":"simulationEngine.js","sourceRoot":"","sources":["../../../src/simulation_engine/simulationEngine.ts"],"names":[],"mappings":";;AA0LA,sCAyUC;AAED,sEAgDC;AArjBD,sDAA8F;AAC9F,0DAQkC;AAClC,wDAA6F;AAC7F,2EAAwE;AACxE,mEAA2F;AAC3F,+EAAwE;AACxE,kFAM8C;AAE9C,sDAAsD;AACtD,4DAAyD;AACzD,wCAAiD;AACjD,qDAA+D;AAC/D,yDAA2D;AAC3D,6DAA4E;AAC5E,mEAA2D;AAC3D,yDAA8D;AAI9D,MAAM,WAAW,GAAG;IAClB,IAAI,EAAE,kBAAkB;IACxB,MAAM,EAAE;QACN,OAAO,EAAE,YAAY;QACrB,SAAS,EAAE;YACT;gBACE,MAAM,EAAE,OAAO;gBACf,SAAS,EAAE,GAAG;gBACd,MAAM,EAAE,GAAG;gBACX,QAAQ,EAAE,GAAG;aACd;SACF;KACF;CACF,CAAA;AAqID;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CACjC,UAAsB,EACtB,iBAA6C;IAE7C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAA;IAC9C,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;IACxD,MAAM,mBAAmB,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;IAErD,IAAI,UAAU,CAAC,aAAa,EAAE,CAAC;QAC7B,IACE,CAAC,IAAA,wBAAY,EAAC,SAAS,CAAC;YACxB,CAAC,IAAA,4BAAgB,EAAC,SAAS,CAAC;YAC5B,CAAC,IAAA,8BAAkB,EAAC,SAAS,CAAC,EAC9B,CAAC;YACD,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,kCAAkC;iBAC5C;aACF,CAAA;QACH,CAAC;IACH,CAAC;IAED,MAAM,mBAAmB,GAAG,UAAU,CAAC,aAAa;QAClD,CAAC,CAAC,IAAA,mCAAsB,EAAC,UAAU,CAAC,aAAa,CAAC;QAClD,CAAC,CAAC,EAAE,CAAA;IACN,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa;QAC5C,CAAC,CAAC,IAAA,uBAAU,EAAC,UAAU,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;QACjE,CAAC,CAAC,SAAS,CAAA;IAEb,MAAM,oBAAoB,GAAsC,EAAE,CAAA;IAClE,MAAM,gBAAgB,GAAqB,EAAE,CAAA;IAC7C,UAAU,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QAC5C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;QAC9B,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,gBAAgB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACN,oBAAoB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QAC/C,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,0BAA0B,GAAsC,EAAE,CAAA;IACxE,MAAM,sBAAsB,GAAsB,UAAU,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC9F,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAA;QAC9B,MAAM,aAAa,GAAqB,EAAE,CAAA;QAE1C,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAC7B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;YAC9B,MAAM,gBAAgB,GAAG,IAAA,yCAA4B,EAAC,MAAM,CAAC,CAAA;YAC7D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,0BAA0B,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;YACrD,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,aAAa;SACxB,CAAA;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,2BAA2B,GAAsC,EAAE,CAAA;IACzE,MAAM,uBAAuB,GAAsB,UAAU,CAAC,uBAAuB,CAAC,GAAG,CACvF,CAAC,GAAG,EAAE,EAAE;QACN,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAA;QAC9B,MAAM,aAAa,GAAqB,EAAE,CAAA;QAC1C,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,WAAW,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;QAE9E,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAC7B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;YAC9B,MAAM,gBAAgB,GAAG,IAAA,0CAA6B,EAAC,MAAM,CAAC,CAAA;YAC9D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,2BAA2B,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;YACtD,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,aAAa;SACxB,CAAA;IACH,CAAC,CACF,CAAA;IAED,MAAM,oBAAoB,GAAG,UAAU,CAAC,cAAc;QACpD,CAAC,CAAC,IAAA,mCAAsB,EAAC,UAAU,CAAC,cAAc,CAAC;QACnD,CAAC,CAAC,EAAE,CAAA;IAEN,MAAM,oBAAoB,GAAiC,UAAU,CAAC,0BAA0B;QAC9F,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,SAAS,CAAA;IACb,MAAM,wBAAwB,GAAsC,EAAE,CAAA;IACtE,UAAU,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QAChD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,CAAA;QAC3B,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,oBAAqB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QAC1D,CAAC;aAAM,CAAC;YACN,wBAAwB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QACnD,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,MAAM,mBAAmB,GAAiC,UAAU,CAAC,mBAAmB;QACtF,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,SAAS,CAAA;IACb,MAAM,iBAAiB,GAAsC,EAAE,CAAA;IAC/D,UAAU,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE;QACrD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,cAAc,CAAA;QACvC,MAAM,gBAAgB,GAAG,IAAA,mCAAsB,EAAC,MAAM,CAAC,CAAA;QACvD,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACjC,mBAAoB,CAAC,IAAI,CAAC,IAAA,uBAAU,EAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QACzD,CAAC;aAAM,CAAC;YACN,iBAAiB,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAA;QAC5C,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,IACE,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,GAAG,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,MAAM,GAAG,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,MAAM,GAAG,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC;QACzC,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAC/B,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAC9B,CAAC;QACD,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,GAAG,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBAC9D,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,oBAAoB,EAAE,CAAC;gBAC7E,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,0BAA0B,EAAE,CAAC;gBACzF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,2BAA2B,EAAE,CAAC;gBAC3F,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,oBAAoB,EAAE,CAAC;gBAChE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,wBAAwB,EAAE,CAAC;gBACrF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,iBAAiB,EAAE,CAAC;gBACvE,OAAO,EAAE,eAAe;aACzB;SACF,CAAA;IACH,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,cAAc;QAC9C,CAAC,CAAC,IAAA,uBAAU,EAAC,UAAU,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QACjF,CAAC,CAAC,SAAS,CAAA;IAEb,IAAI,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,gBAAgB;aAC1B;SACF,CAAA;IACH,CAAC;IAED,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,YAAY,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;IACpD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,iBAAiB;aAC3B;SACF,CAAA;IACH,CAAC;IACD,MAAM,WAAW,GAAG,MAAM,IAAA,0BAAe,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,gBAAgB;aAC1B;SACF,CAAA;IACH,CAAC;IAED,MAAM,oBAAoB,GAAG,MAAM,IAAA,8BAAoB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACxE,MAAM,sBAAsB,GAAG,mBAAmB,IAAI,CAAC,oBAAoB,CAAA;IAC3E,IAAI,aAAa,GAA+B,SAAS,CAAA;IACzD,IAAI,oBAAoB,EAAE,CAAC;QACzB,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;YACxB,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,mBAAmB;iBAC7B;aACF,CAAA;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,mBAAmB,GAAG,MAAM,IAAA,4CAAyB,EAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,CAAA;QACzF,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,mBAAmB;iBAC7B;aACF,CAAA;QACH,CAAC;aAAM,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAClE,OAAO;gBACL,UAAU,EAAE,OAAO;gBACnB,MAAM,EAAE;oBACN,OAAO,EAAE,yBAAyB;iBACnC;aACF,CAAA;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;QACzD,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,6CAAoB,CAAC,QAAQ,CAClD,iBAAiB,CAAC,cAAgC,CACnD;QACC,CAAC,CAAE,iBAAiB,CAAC,cAAiC;QACtD,CAAC,CAAC,QAAQ,CAAA;IAEZ,yFAAyF;IAEzF,MAAM,mBAAmB,GACvB,cAAc,KAAK,WAAW;QAC5B,CAAC,CAAC,IAAI,wCAAiB,CAAC,iBAAiB,CAAC,mBAAmB,IAAI,EAAE,CAAC;QACpE,CAAC,CAAC,IAAI,wCAAiB,CAAC,EAAE,CAAC,CAAA;IAE/B,MAAM,gBAAgB,GAAG,CACvB,qBAA6B,EAC7B,oBAAuD,EACvD,EAAE,CACF,IAAA,kCAAS,EAAC;QACR,OAAO,EAAE,IAAI,2BAAc,CACzB,SAAS,EACT;YACE,QAAQ,EAAE,IAAA,mCAAc,EAAC,qBAAqB,CAAC;YAC/C,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS;SACjD,EACD,UAAU,CAAC,OAAO,CAAC,MAAM,EACzB,IAAI,sCAAkB,CAAC,oBAAoB,CAAC,EAC5C,oBAAoB,CACrB;QACD,aAAa;QACb,gBAAgB;QAChB,sBAAsB;QACtB,uBAAuB;QACvB,cAAc;QACd,oBAAoB;QACpB,mBAAmB;QACnB,oBAAoB,EAAE;YACpB,cAAc,EAAE,cAAc;YAC9B,mBAAmB,EAAE,mBAAmB;SACzC;KACF,CAAC,CAAA;IAEJ,MAAM,+BAA+B,GAAmC,CAAC,GAAG,gBAAgB,CAAC,CAAA;IAC7F,MAAM,+BAA+B,GAAmC,CAAC,cAAc,CAAC,CAAA;IAExF,iDAAiD;IACjD,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAC5B,MAAM,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,MAAM,6BAA6B,CACpF,UAAU,EACV,SAAS,CACV,CAAA;QACD,MAAM,YAAY,GAAG,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAA;QACtE,OAAO;YACL,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,YAAY,CAAC,MAAM;YAClC,MAAM,EAAE;gBACN,QAAQ,EAAE,YAAY;gBACtB,GAAG,CAAC,aAAa,EAAE,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,aAAc,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/E,kBAAkB;aACnB;SACF,CAAA;IACH,CAAC;IAED,iHAAiH;IACjH,MAAM,iBAAiB,GAAuC,EAAE,CAAA;IAChE,MAAM,uBAAuB,GAC3B,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAA;IAChE,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE,CAAC;QACnD,2GAA2G;QAE3G,MAAM,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,MAAM,6BAA6B,CACpF,UAAU,EACV,YAAY,CACb,CAAA;QAED,iCAAiC;QACjC,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAA;QAC5E,IAAI,kBAAkB,CAAC,MAAM,KAAK,kBAAkB,EAAE,CAAC;YACrD,iBAAiB,CAAC,IAAI,CAAC;gBACrB,QAAQ,EAAE,kBAAkB;gBAC5B,kBAAkB;gBAClB,YAAY,EAAE,YAAY,CAAC,GAAG;gBAC9B,eAAe,EAAE,WAAW;aAC7B,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,eAAe,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;YAC5D,MAAM,uBAAuB,GAAG,IAAA,0DAAqC,EACnE,+BAA+B,EAC/B,UAAU,CAAC,OAAO,CAAC,MAAM,EACzB,YAAY,EACZ,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,EACpC,IAAI,CACL,CAAA;YACD,MAAM,6BAA6B,GAAG,IAAA,0DAAqC,EACzE,+BAA+B,EAC/B,UAAU,CAAC,OAAO,CAAC,MAAM,EACzB,YAAY,EACZ,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,EACpC,KAAK,CACN,CAAA;YACD,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,uBAAuB,EAAE,GAAG,6BAA6B,CAAC,CAAC,CAAC,CAAA;YAE9F,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAA;gBAE7E,iBAAiB,CAAC,IAAI,CAAC;oBACrB,QAAQ,EAAE,gBAAgB;oBAC1B,kBAAkB;oBAClB,YAAY,EAAE,YAAY,CAAC,GAAG;oBAC9B,eAAe,EAAE,cAAc;iBAChC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,IAAA,yCAAsB,EAAC,iBAAiB,CAAC,CAAA;IAC/D,OAAO;QACL,UAAU,EAAE,UAAU;QACtB,aAAa;QACb,OAAO,EAAE,iBAAiB;KAC3B,CAAA;AACH,CAAC;AAEM,KAAK,UAAU,6BAA6B,CACjD,UAAsB,EACtB,qBAA+C;IAK/C,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;IACxD,MAAM,yBAAyB,GAAG,IAAI,GAAG,CACvC,MAAM,IAAA,6CAA4B,EAChC,OAAO,EACP,MAAM,EACN,WAAW,EACX,CAAC,CAAC,UAAU,CAAC,kBAAkB,EAAE,EAAE,EAAE,iBAAiB,EACtD,qBAAqB,CACtB,CACF,CAAA;IAED,4FAA4F;IAC5F,MAAM,kBAAkB,GAAsC,EAAE,CAAA;IAChE,MAAM,kBAAkB,GAAa,EAAE,CAAA;IACvC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACnE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACtD,MAAM,YAAY,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;QACtC,IACE,yBAAyB,CAAC,GAAG,CAAC,YAAY,CAAC;YAC3C,uBAAuB,CAAC,YAAY,EAAE,yBAAyB,CAAC,EAChE,CAAC;YACD,MAAM,aAAa,GAAG,MAAM,IAAA,kCAAiB,EAAC,YAAY,CAAC,CAAA;YAC3D,MAAM,aAAa,GAAG,MAAM,IAAA,wCAAuB,EAAC,GAAG,CAAC,CAAA;YAExD,IAAI,IAAA,wCAAmB,EAAC,aAAa,CAAC,EAAE,CAAC;gBACvC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;YACpD,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,kBAAkB,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YAC9C,CAAC;iBAAM,CAAC;gBACN,kBAAkB,CAAC,aAAa,CAAC,GAAG,KAAK,CAAA;YAC3C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IAED,OAAO;QACL,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,uBAAuB,CAAC,YAAoB,EAAE,gBAA6B;IAClF,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjD,IAAI,eAAe,KAAK,CAAC,CAAC,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,GAAG,CAAC,CAAC,CAAA;IACzD,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE,CAAC;QACxC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC"}
|
|
@@ -7,4 +7,13 @@
|
|
|
7
7
|
* @returns true if the patterns could match some of the same resources, false if they are completely disjoint
|
|
8
8
|
*/
|
|
9
9
|
export declare function resourceArnsOverlap(arn1: string, arn2: string): boolean;
|
|
10
|
+
/**
|
|
11
|
+
* Expands a short ARN (fewer than 6 colon-separated segments) by padding
|
|
12
|
+
* missing trailing segments with `*`. Non-ARN strings and full ARNs are
|
|
13
|
+
* returned unchanged.
|
|
14
|
+
*
|
|
15
|
+
* @param arn the ARN string to expand
|
|
16
|
+
* @returns the expanded ARN string with missing segments filled with `*`
|
|
17
|
+
*/
|
|
18
|
+
export declare function expandShortArn(arn: string): string;
|
|
10
19
|
//# sourceMappingURL=resourceStrings.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resourceStrings.d.ts","sourceRoot":"","sources":["../../../src/util/resourceStrings.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"resourceStrings.d.ts","sourceRoot":"","sources":["../../../src/util/resourceStrings.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAqDvE;AA4BD;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAYlD"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.resourceArnsOverlap = resourceArnsOverlap;
|
|
4
|
+
exports.expandShortArn = expandShortArn;
|
|
4
5
|
/**
|
|
5
6
|
* Determines if two AWS ARN patterns have any overlap in the resources they could match.
|
|
6
7
|
* Handles wildcards (*) and single-character patterns (?) in both ARN strings.
|
|
@@ -15,8 +16,12 @@ function resourceArnsOverlap(arn1, arn2) {
|
|
|
15
16
|
return true;
|
|
16
17
|
if (arn1 === '*' || arn2 === '*')
|
|
17
18
|
return true;
|
|
18
|
-
|
|
19
|
-
|
|
19
|
+
// Short ARN expansion: ARNs with fewer than 6 colon-separated segments
|
|
20
|
+
// have missing trailing segments treated as implicit wildcards.
|
|
21
|
+
const expanded1 = expandShortArn(arn1);
|
|
22
|
+
const expanded2 = expandShortArn(arn2);
|
|
23
|
+
const A = [...expanded1];
|
|
24
|
+
const B = [...expanded2];
|
|
20
25
|
const n = A.length;
|
|
21
26
|
const m = B.length;
|
|
22
27
|
// BFS over states (i, j) meaning:
|
|
@@ -78,4 +83,25 @@ function nextIdxAfterOneChar(p, idx) {
|
|
|
78
83
|
return [idx]; // '*' stays and can keep consuming
|
|
79
84
|
return [idx + 1]; // literal or '?' consumes one and advances
|
|
80
85
|
}
|
|
86
|
+
/**
|
|
87
|
+
* Expands a short ARN (fewer than 6 colon-separated segments) by padding
|
|
88
|
+
* missing trailing segments with `*`. Non-ARN strings and full ARNs are
|
|
89
|
+
* returned unchanged.
|
|
90
|
+
*
|
|
91
|
+
* @param arn the ARN string to expand
|
|
92
|
+
* @returns the expanded ARN string with missing segments filled with `*`
|
|
93
|
+
*/
|
|
94
|
+
function expandShortArn(arn) {
|
|
95
|
+
if (!arn.startsWith('arn:')) {
|
|
96
|
+
return arn;
|
|
97
|
+
}
|
|
98
|
+
const segments = arn.split(':');
|
|
99
|
+
if (segments.length >= 6) {
|
|
100
|
+
return arn;
|
|
101
|
+
}
|
|
102
|
+
while (segments.length < 6) {
|
|
103
|
+
segments.push('*');
|
|
104
|
+
}
|
|
105
|
+
return segments.join(':');
|
|
106
|
+
}
|
|
81
107
|
//# sourceMappingURL=resourceStrings.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resourceStrings.js","sourceRoot":"","sources":["../../../src/util/resourceStrings.ts"],"names":[],"mappings":";;AAQA,
|
|
1
|
+
{"version":3,"file":"resourceStrings.js","sourceRoot":"","sources":["../../../src/util/resourceStrings.ts"],"names":[],"mappings":";;AAQA,kDAqDC;AAoCD,wCAYC;AA7GD;;;;;;;GAOG;AACH,SAAgB,mBAAmB,CAAC,IAAY,EAAE,IAAY;IAC5D,YAAY;IACZ,IAAI,IAAI,KAAK,IAAI;QAAE,OAAO,IAAI,CAAA;IAC9B,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG;QAAE,OAAO,IAAI,CAAA;IAE7C,uEAAuE;IACvE,gEAAgE;IAChE,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,CAAA;IACtC,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,CAAA;IAEtC,MAAM,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,CAAA;IACxB,MAAM,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,CAAA;IAExB,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAA;IAClB,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAA;IAElB,kCAAkC;IAClC,+CAA+C;IAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAA;IACjC,MAAM,KAAK,GAA4B,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAE/C,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAA;IAEjD,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,EAAG,CAAA;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;QACnB,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAQ;QAC5B,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAEd,uBAAuB;QACvB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAEnC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;QACxB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;QAExB,2CAA2C;QAC3C,IAAI,IAAI,KAAK,GAAG;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QACxC,IAAI,IAAI,KAAK,GAAG;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAExC,qCAAqC;QACrC,qEAAqE;QACrE,IAAI,kBAAkB,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YACxC,MAAM,MAAM,GAAG,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YACxC,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;gBACxB,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;oBACxB,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;gBACtB,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,KAAK,CAAC,CAAW,EAAE,GAAW;IACrC,OAAO,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA,CAAC,aAAa;AACrD,CAAC;AAED,uEAAuE;AACvE,SAAS,kBAAkB,CAAC,CAAgB,EAAE,CAAgB;IAC5D,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAE1C,MAAM,IAAI,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAA;IACnC,MAAM,IAAI,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAA;IAEnC,gBAAgB;IAChB,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI;QAAE,OAAO,CAAC,KAAK,CAAC,CAAA;IAElC,uCAAuC;IACvC,OAAO,IAAI,CAAA;AACb,CAAC;AAED,2EAA2E;AAC3E,SAAS,mBAAmB,CAAC,CAAW,EAAE,GAAW;IACnD,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;IACvB,IAAI,CAAC,KAAK,IAAI;QAAE,OAAO,EAAE,CAAA;IACzB,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,CAAA,CAAC,mCAAmC;IAC/D,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA,CAAC,2CAA2C;AAC9D,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,cAAc,CAAC,GAAW;IACxC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,OAAO,GAAG,CAAA;IACZ,CAAC;IACD,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC/B,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACzB,OAAO,GAAG,CAAA;IACZ,CAAC;IACD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACpB,CAAC;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;AAC3B,CAAC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { type Policy } from '@cloud-copilot/iam-policy';
|
|
2
2
|
import { StrictContextKeys } from '../context_keys/strictContextKeys.js';
|
|
3
3
|
import { type IdentityAnalysis, type RcpAnalysis, type RequestAnalysis, type ResourceAnalysis, type ScpAnalysis } from '../evaluate.js';
|
|
4
|
+
import { type PolicyType } from '../policyType.js';
|
|
4
5
|
import { type AwsRequest } from '../request/request.js';
|
|
5
6
|
import { type ServiceAuthorizer } from '../services/ServiceAuthorizer.js';
|
|
6
7
|
export declare const validSimulationModes: readonly ["Strict", "Discovery"];
|
|
@@ -107,7 +108,7 @@ export declare function getServiceAuthorizer(request: AuthorizationRequest): Ser
|
|
|
107
108
|
* @param request the request to analyze against
|
|
108
109
|
* @returns an array of statement analysis results
|
|
109
110
|
*/
|
|
110
|
-
export declare function analyzeIdentityPolicies(identityPolicies: PolicyWithName[], request: AwsRequest, simulationParameters: SimulationParameters): IdentityAnalysis;
|
|
111
|
+
export declare function analyzeIdentityPolicies(identityPolicies: PolicyWithName[], request: AwsRequest, simulationParameters: SimulationParameters, policyType: PolicyType): IdentityAnalysis;
|
|
111
112
|
/**
|
|
112
113
|
* Analyzes a set of service or resource control policies and the statements within them.
|
|
113
114
|
*
|
|
@@ -115,7 +116,7 @@ export declare function analyzeIdentityPolicies(identityPolicies: PolicyWithName
|
|
|
115
116
|
* @param request the request to analyze against
|
|
116
117
|
* @returns an array of SCP or RCP analysis results
|
|
117
118
|
*/
|
|
118
|
-
export declare function analyzeControlPolicies(controlPolicies: ControlPolicies[], request: AwsRequest, simulationParameters: SimulationParameters): ScpAnalysis | RcpAnalysis;
|
|
119
|
+
export declare function analyzeControlPolicies(controlPolicies: ControlPolicies[], request: AwsRequest, simulationParameters: SimulationParameters, policyType: PolicyType): ScpAnalysis | RcpAnalysis;
|
|
119
120
|
/**
|
|
120
121
|
* Analyze a resource policy and return the results
|
|
121
122
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CoreSimulatorEngine.d.ts","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,MAAM,EAAkB,MAAM,2BAA2B,CAAA;AAGvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAEL,KAAK,gBAAgB,EAIrB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,WAAW,EACjB,MAAM,gBAAgB,CAAA;AAMvB,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAKvD,OAAO,EAAE,KAAK,iBAAiB,EAAE,MAAM,kCAAkC,CAAA;AAUzE,eAAO,MAAM,oBAAoB,kCAAmC,CAAA;AAEpE,MAAM,MAAM,cAAc,GAAG,MAAM,CAAC;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAAA;AAErD;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA;AAElE;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,cAAc,EAAE,cAAc,CAAA;IAE9B;;;OAGG;IACH,mBAAmB,EAAE,iBAAiB,CAAA;CACvC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAA;IAErB;;OAEG;IACH,QAAQ,EAAE,cAAc,EAAE,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,UAAU,CAAA;IAEnB;;OAEG;IACH,aAAa,EAAE,cAAc,GAAG,SAAS,CAAA;IAEzC;;OAEG;IACH,gBAAgB,EAAE,cAAc,EAAE,CAAA;IAElC;;;OAGG;IACH,sBAAsB,EAAE,eAAe,EAAE,CAAA;IAEzC;;;OAGG;IACH,uBAAuB,EAAE,eAAe,EAAE,CAAA;IAE1C;;OAEG;IACH,cAAc,EAAE,cAAc,GAAG,SAAS,CAAA;IAE1C;;OAEG;IACH,oBAAoB,EAAE,cAAc,EAAE,GAAG,SAAS,CAAA;IAElD;;OAEG;IACH,mBAAmB,EAAE,cAAc,EAAE,GAAG,SAAS,CAAA;IAEjD;;OAEG;IACH,oBAAoB,EAAE,oBAAoB,CAAA;CAC3C;AAQD;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,oBAAoB,GAAG,eAAe,
|
|
1
|
+
{"version":3,"file":"CoreSimulatorEngine.d.ts","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,MAAM,EAAkB,MAAM,2BAA2B,CAAA;AAGvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAEL,KAAK,gBAAgB,EAIrB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,WAAW,EACjB,MAAM,gBAAgB,CAAA;AAMvB,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAKvD,OAAO,EAAE,KAAK,iBAAiB,EAAE,MAAM,kCAAkC,CAAA;AAUzE,eAAO,MAAM,oBAAoB,kCAAmC,CAAA;AAEpE,MAAM,MAAM,cAAc,GAAG,MAAM,CAAC;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAAA;AAErD;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA;AAElE;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,cAAc,EAAE,cAAc,CAAA;IAE9B;;;OAGG;IACH,mBAAmB,EAAE,iBAAiB,CAAA;CACvC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAA;IAErB;;OAEG;IACH,QAAQ,EAAE,cAAc,EAAE,CAAA;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,UAAU,CAAA;IAEnB;;OAEG;IACH,aAAa,EAAE,cAAc,GAAG,SAAS,CAAA;IAEzC;;OAEG;IACH,gBAAgB,EAAE,cAAc,EAAE,CAAA;IAElC;;;OAGG;IACH,sBAAsB,EAAE,eAAe,EAAE,CAAA;IAEzC;;;OAGG;IACH,uBAAuB,EAAE,eAAe,EAAE,CAAA;IAE1C;;OAEG;IACH,cAAc,EAAE,cAAc,GAAG,SAAS,CAAA;IAE1C;;OAEG;IACH,oBAAoB,EAAE,cAAc,EAAE,GAAG,SAAS,CAAA;IAElD;;OAEG;IACH,mBAAmB,EAAE,cAAc,EAAE,GAAG,SAAS,CAAA;IAEjD;;OAEG;IACH,oBAAoB,EAAE,oBAAoB,CAAA;CAC3C;AAQD;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,oBAAoB,GAAG,eAAe,CAwFxE;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,oBAAoB,GAAG,iBAAiB,CAMrF;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,gBAAgB,EAAE,cAAc,EAAE,EAClC,OAAO,EAAE,UAAU,EACnB,oBAAoB,EAAE,oBAAoB,EAC1C,UAAU,EAAE,UAAU,GACrB,gBAAgB,CAgFlB;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CACpC,eAAe,EAAE,eAAe,EAAE,EAClC,OAAO,EAAE,UAAU,EACnB,oBAAoB,EAAE,oBAAoB,EAC1C,UAAU,EAAE,UAAU,GACrB,WAAW,GAAG,WAAW,CA6F3B;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CACnC,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,OAAO,EAAE,UAAU,EACnB,8BAA8B,EAAE,OAAO,EACvC,oBAAoB,EAAE,oBAAoB,GACzC,gBAAgB,CAkIlB;AAED,wBAAgB,iCAAiC,CAC/C,oBAAoB,EAAE,cAAc,EAAE,GAAG,SAAS,EAClD,OAAO,EAAE,UAAU,EACnB,oBAAoB,EAAE,oBAAoB,GACzC,gBAAgB,GAAG,SAAS,CAM9B;AAED,wBAAgB,0BAA0B,CACxC,mBAAmB,EAAE,cAAc,EAAE,GAAG,SAAS,EACjD,OAAO,EAAE,UAAU,EACnB,oBAAoB,EAAE,oBAAoB,GACzC,gBAAgB,GAAG,SAAS,CAK9B"}
|
|
@@ -5,6 +5,7 @@ import { StrictContextKeys } from '../context_keys/strictContextKeys.js';
|
|
|
5
5
|
import {} from '../evaluate.js';
|
|
6
6
|
import {} from '../explain/statementExplain.js';
|
|
7
7
|
import { requestMatchesStatementPrincipals } from '../principal/principal.js';
|
|
8
|
+
import {} from '../policyType.js';
|
|
8
9
|
import {} from '../request/request.js';
|
|
9
10
|
import { requestMatchesStatementResources } from '../resource/resource.js';
|
|
10
11
|
import { DefaultServiceAuthorizer } from '../services/DefaultServiceAuthorizer.js';
|
|
@@ -31,12 +32,12 @@ export function authorize(request) {
|
|
|
31
32
|
const principalHasPermissionBoundary = !!request.permissionBoundaries && request.permissionBoundaries.length > 0;
|
|
32
33
|
const simulationParameters = request.simulationParameters;
|
|
33
34
|
const sessionAnalysis = request.sessionPolicy
|
|
34
|
-
? analyzeIdentityPolicies([request.sessionPolicy], request.request, simulationParameters)
|
|
35
|
+
? analyzeIdentityPolicies([request.sessionPolicy], request.request, simulationParameters, 'session')
|
|
35
36
|
: undefined;
|
|
36
|
-
const identityAnalysis = analyzeIdentityPolicies(request.identityPolicies, request.request, simulationParameters);
|
|
37
|
+
const identityAnalysis = analyzeIdentityPolicies(request.identityPolicies, request.request, simulationParameters, 'identity');
|
|
37
38
|
const permissionBoundaryAnalysis = analyzePermissionBoundaryPolicies(request.permissionBoundaries, request.request, simulationParameters);
|
|
38
|
-
const scpAnalysis = analyzeControlPolicies(request.serviceControlPolicies, request.request, simulationParameters);
|
|
39
|
-
const rcpAnalysis = analyzeControlPolicies(request.resourceControlPolicies, request.request, simulationParameters);
|
|
39
|
+
const scpAnalysis = analyzeControlPolicies(request.serviceControlPolicies, request.request, simulationParameters, 'scp');
|
|
40
|
+
const rcpAnalysis = analyzeControlPolicies(request.resourceControlPolicies, request.request, simulationParameters, 'rcp');
|
|
40
41
|
const resourceAnalysis = analyzeResourcePolicy(request.resourcePolicy, request.request, principalHasPermissionBoundary, simulationParameters);
|
|
41
42
|
const endpointAnalysis = analyzeVpcEndpointPolicies(request.vpcEndpointPolicies, request.request, simulationParameters);
|
|
42
43
|
const serviceAuthorizer = getServiceAuthorizer(request);
|
|
@@ -78,7 +79,7 @@ export function getServiceAuthorizer(request) {
|
|
|
78
79
|
* @param request the request to analyze against
|
|
79
80
|
* @returns an array of statement analysis results
|
|
80
81
|
*/
|
|
81
|
-
export function analyzeIdentityPolicies(identityPolicies, request, simulationParameters) {
|
|
82
|
+
export function analyzeIdentityPolicies(identityPolicies, request, simulationParameters, policyType) {
|
|
82
83
|
const identityAnalysis = {
|
|
83
84
|
result: 'ImplicitlyDenied',
|
|
84
85
|
allowStatements: [],
|
|
@@ -87,7 +88,7 @@ export function analyzeIdentityPolicies(identityPolicies, request, simulationPar
|
|
|
87
88
|
};
|
|
88
89
|
for (const policy of identityPolicies) {
|
|
89
90
|
for (const statement of policy.statements()) {
|
|
90
|
-
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement);
|
|
91
|
+
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement, policyType);
|
|
91
92
|
const { matches: actionMatch, details: actionDetails } = requestMatchesStatementActions(request, statement);
|
|
92
93
|
const { matches: conditionMatch, details: conditionDetails, ignoredConditions } = requestMatchesConditions(request, statement.conditions(), statement.effect(), simulationParameters);
|
|
93
94
|
const principalMatch = 'Match';
|
|
@@ -138,7 +139,7 @@ export function analyzeIdentityPolicies(identityPolicies, request, simulationPar
|
|
|
138
139
|
* @param request the request to analyze against
|
|
139
140
|
* @returns an array of SCP or RCP analysis results
|
|
140
141
|
*/
|
|
141
|
-
export function analyzeControlPolicies(controlPolicies, request, simulationParameters) {
|
|
142
|
+
export function analyzeControlPolicies(controlPolicies, request, simulationParameters, policyType) {
|
|
142
143
|
const analysis = [];
|
|
143
144
|
for (const controlPolicy of controlPolicies) {
|
|
144
145
|
const ouAnalysis = {
|
|
@@ -150,7 +151,7 @@ export function analyzeControlPolicies(controlPolicies, request, simulationParam
|
|
|
150
151
|
};
|
|
151
152
|
for (const policy of controlPolicy.policies) {
|
|
152
153
|
for (const statement of policy.statements()) {
|
|
153
|
-
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement);
|
|
154
|
+
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement, policyType);
|
|
154
155
|
const { matches: actionMatch, details: actionDetails } = requestMatchesStatementActions(request, statement);
|
|
155
156
|
const { matches: conditionMatch, details: conditionDetails, ignoredConditions } = requestMatchesConditions(request, statement.conditions(), statement.effect(), simulationParameters);
|
|
156
157
|
const principalMatch = 'Match';
|
|
@@ -232,7 +233,7 @@ export function analyzeResourcePolicy(resourcePolicy, request, principalHasPermi
|
|
|
232
233
|
'SessionUserMatch'
|
|
233
234
|
];
|
|
234
235
|
for (const statement of resourcePolicy.statements()) {
|
|
235
|
-
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement);
|
|
236
|
+
const { matches: resourceMatch, details: resourceDetails } = requestMatchesStatementResources(request, statement, 'resource');
|
|
236
237
|
const { matches: actionMatch, details: actionDetails } = requestMatchesStatementActions(request, statement);
|
|
237
238
|
let { matches: principalMatch, details: principalDetails, ignoredRoleSessionName } = requestMatchesStatementPrincipals(request, statement, simulationParameters);
|
|
238
239
|
const permissionBoundaryDetails = {};
|
|
@@ -308,13 +309,13 @@ export function analyzePermissionBoundaryPolicies(permissionBoundaries, request,
|
|
|
308
309
|
if (!permissionBoundaries || permissionBoundaries.length === 0) {
|
|
309
310
|
return undefined;
|
|
310
311
|
}
|
|
311
|
-
return analyzeIdentityPolicies(permissionBoundaries, request, simulationParameters);
|
|
312
|
+
return analyzeIdentityPolicies(permissionBoundaries, request, simulationParameters, 'pb');
|
|
312
313
|
}
|
|
313
314
|
export function analyzeVpcEndpointPolicies(vpcEndPointPolicies, request, simulationParameters) {
|
|
314
315
|
if (!vpcEndPointPolicies || vpcEndPointPolicies.length === 0) {
|
|
315
316
|
return undefined;
|
|
316
317
|
}
|
|
317
|
-
return analyzeIdentityPolicies(vpcEndPointPolicies, request, simulationParameters);
|
|
318
|
+
return analyzeIdentityPolicies(vpcEndPointPolicies, request, simulationParameters, 'vpce');
|
|
318
319
|
}
|
|
319
320
|
function makeStatementExplain(statement, overallMatch, actionMatch, principalMatch, resourceMatch, conditionMatch, details) {
|
|
320
321
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CoreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAA+B,MAAM,2BAA2B,CAAA;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAA6B,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AAC/F,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAUN,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAqD,MAAM,gCAAgC,CAAA;AAClG,OAAO,EAEL,iCAAiC,EAClC,MAAM,2BAA2B,CAAA;AAClC,OAAO,EAAmB,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAA;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAA0B,MAAM,kCAAkC,CAAA;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EACL,uBAAuB,EACvB,6BAA6B,EAC7B,uBAAuB,EAEvB,gBAAgB,EACjB,MAAM,yBAAyB,CAAA;AAEhC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAU,CAAA;AA8FpE,MAAM,cAAc,GAAgD;IAClE,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;CAC1B,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,8BAA8B,GAClC,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAA;IAC3E,MAAM,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAA;IAEzD,MAAM,eAAe,GAAG,OAAO,CAAC,aAAa;QAC3C,CAAC,CAAC,uBAAuB,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC,OAAO,EAAE,oBAAoB,CAAC;QACzF,CAAC,CAAC,SAAS,CAAA;IAEb,MAAM,gBAAgB,GAAG,uBAAuB,CAC9C,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,0BAA0B,GAAG,iCAAiC,CAClE,OAAO,CAAC,oBAAoB,EAC5B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,sBAAsB,EAC9B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACN,CAAA;IAEhB,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,uBAAuB,EAC/B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACN,CAAA;IAEhB,MAAM,gBAAgB,GAAG,qBAAqB,CAC5C,OAAO,CAAC,cAAc,EACtB,OAAO,CAAC,OAAO,EACf,8BAA8B,EAC9B,oBAAoB,CACrB,CAAA;IAED,MAAM,gBAAgB,GAAG,0BAA0B,CACjD,OAAO,CAAC,mBAAmB,EAC3B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAA;IACvD,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC;QACzC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,eAAe;QACf,gBAAgB;QAChB,WAAW;QACX,WAAW;QACX,gBAAgB;QAChB,0BAA0B;QAC1B,gBAAgB;QAChB,oBAAoB;KACrB,CAAC,CAAA;IAEF,IAAI,oBAAoB,CAAC,cAAc,KAAK,WAAW,EAAE,CAAC;QACxD,MAAM,CAAC,iBAAiB,GAAG,yBAAyB,CAClD,eAAe,EACf,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,EAC1B,gBAAgB,CACjB,CAAA;QACD,MAAM,CAAC,sBAAsB,GAAG,sBAAsB,CACpD,eAAe,EACf,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,CAC3B,CAAA;IACH,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAA;IAClE,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAA;IAC1C,CAAC;IACD,OAAO,IAAI,wBAAwB,EAAE,CAAA;AACvC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,gBAAkC,EAClC,OAAmB,EACnB,oBAA0C;IAE1C,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,kBAAkB;QAC1B,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACtC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;YAED,MAAM,cAAc,GAAyB,OAAO,CAAA;YACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;gBACpC,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;gBAC5D,WAAW;gBACX,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YAEF,MAAM,iBAAiB,GAAsB;gBAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,IAAI;gBAChC,SAAS;gBACT,aAAa;gBACb,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;gBAChF,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;aACF,CAAA;YAED,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACrD,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACtD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,gBAAgB,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IAAI,gBAAgB,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,eAAkC,EAClC,OAAmB,EACnB,oBAA0C;IAE1C,MAAM,QAAQ,GAAoB,EAAE,CAAA;IACpC,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;QAC5C,MAAM,UAAU,GAAkB;YAChC,aAAa,EAAE,aAAa,CAAC,aAAa;YAC1C,MAAM,EAAE,kBAAkB;YAC1B,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,mBAAmB,EAAE,EAAE;SACxB,CAAA;QACD,KAAK,MAAM,MAAM,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5C,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GACxD,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;gBACtD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;gBACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;gBAED,MAAM,cAAc,GAAyB,OAAO,CAAA;gBACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;oBACpC,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;oBAC5D,WAAW;oBACX,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBAEF,MAAM,iBAAiB,GAAsB;oBAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,IAAI;oBAChC,SAAS;oBACT,aAAa;oBACb,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE;oBACzE,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;iBACF,CAAA;gBAED,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC/C,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACpD,CAAC;qBAAM,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC5D,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACnD,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzC,UAAU,CAAC,MAAM,GAAG,kBAAkB,CAAA;QACxC,CAAC;aAAM,IAAI,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,UAAU,CAAC,MAAM,GAAG,SAAS,CAAA;QAC/B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED,IAAI,aAAa,GAAqB,kBAAkB,CAAA;IACxD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC5D,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QAClE,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE,CAAC;QAC3D,aAAa,GAAG,SAAS,CAAA;IAC3B,CAAC;IAED,OAAO;QACL,MAAM,EAAE,aAAa;QACrB,UAAU,EAAE,QAAQ;KACrB,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,cAA0C,EAC1C,OAAmB,EACnB,8BAAuC,EACvC,oBAA0C;IAE1C,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,eAAe;QACvB,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,MAAM,qBAAqB,GAA2B;QACpD,OAAO;QACP,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;IAED,KAAK,MAAM,SAAS,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QACpD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;QACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;QACD,IAAI,EACF,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,sBAAsB,EACvB,GAAG,iCAAiC,CAAC,OAAO,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAA;QAE/E,MAAM,yBAAyB,GAAqD,EAAE,CAAA;QAEtF;;;;;;;;;;;WAWG;QACH,IACE,8BAA8B;YAC9B,SAAS,CAAC,uBAAuB,EAAE;YACnC,SAAS,CAAC,MAAM,EAAE,KAAK,MAAM,EAC7B,CAAC;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,yBAAyB,CAAC,sBAAsB,GAAG,IAAI,CAAA;QACzD,CAAC;QAED,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;QAED,MAAM,YAAY,GAAG,gBAAgB,CAAC;YACpC,WAAW;YACX,cAAc;YACd,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;YAC5D,WAAW;YACX,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAsB;YAClC,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC,IAAI;YACxC,SAAS;YACT,aAAa,EAAE,aAAa;YAC5B,WAAW;YACX,cAAc;YACd,cAAc;YACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;YAChF,sBAAsB;YACtB,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,GAAG,gBAAgB,EAAE,CACnF;SACF,CAAA;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACrF,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAChD,CAAC;aAAM,IAAI,uBAAuB,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACtF,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,IACE,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC7F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACrF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC9F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACtF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,mBAAmB,CAAA;IAC/C,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,oBAAkD,EAClD,OAAmB,EACnB,oBAA0C;IAE1C,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,uBAAuB,CAAC,oBAAoB,EAAE,OAAO,EAAE,oBAAoB,CAAC,CAAA;AACrF,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,mBAAiD,EACjD,OAAmB,EACnB,oBAA0C;IAE1C,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,OAAO,uBAAuB,CAAC,mBAAmB,EAAE,OAAO,EAAE,oBAAoB,CAAC,CAAA;AACpF,CAAC;AAED,SAAS,oBAAoB,CAC3B,SAAoB,EACpB,YAAqB,EACrB,WAAoB,EACpB,cAAqC,EACrC,aAAsB,EACtB,cAAoC,EACpC,OAAkC;IAElC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE;QAC1B,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC3D,OAAO,EAAE,YAAY;QACrB,WAAW;QACX,cAAc;QACd,aAAa;QACb,cAAc,EAAE,cAAc,KAAK,OAAO;QAC1C,GAAG,OAAO;KACX,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,yBAAyB,CAChC,eAA6C,EAC7C,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C,EAC7C,gBAAmC;IAEnC,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAI,eAAe,EAAE,CAAC;QACpB,8BAA8B,CAAC,iBAAiB,EAAE,SAAS,EAAE,CAAC,eAAe,CAAC,CAAC,CAAA;IACjF,CAAC;IACD,8BAA8B,CAAC,iBAAiB,EAAE,KAAK,EAAE,WAAW,CAAC,UAAU,CAAC,CAAA;IAChF,8BAA8B,CAAC,iBAAiB,EAAE,KAAK,EAAE,WAAW,CAAC,UAAU,CAAC,CAAA;IAChF,8BAA8B,CAAC,iBAAiB,EAAE,UAAU,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACjF,8BAA8B,CAAC,iBAAiB,EAAE,UAAU,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACjF,8BAA8B,CAC5B,iBAAiB,EACjB,oBAAoB,EACpB,0BAA0B,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,CAAC,EAAE,CAC/D,CAAA;IACD,8BAA8B,CAC5B,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,CAC3C,CAAA;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;GAKG;AACH,SAAS,8BAA8B,CACrC,iBAA6C,EAC7C,GAA4B,EAC5B,QAIG;IAEH,MAAM,KAAK,GAAuB,EAAE,CAAA;IACpC,MAAM,IAAI,GAAuB,EAAE,CAAA;IACnC,MAAM,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC;QACnD,GAAG,QAAQ,CAAC,eAAe;QAC3B,GAAG,QAAQ,CAAC,cAAc;QAC1B,GAAG,QAAQ,CAAC,mBAAmB;KAChC,CAAC,CAAA;IAEF,KAAK,MAAM,SAAS,IAAI,aAAa,EAAE,CAAC;QACtC,IAAI,SAAS,CAAC,iBAAiB,IAAI,SAAS,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1E,IAAI,SAAS,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;gBAClC,KAAK,CAAC,IAAI,CACR,GAAG,SAAS,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACzC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE;oBACzB,GAAG,EAAE,CAAC,CAAC,YAAY,EAAE;oBACrB,MAAM,EAAE,CAAC,CAAC,eAAe,EAAE;iBAC5B,CAAC,CAAC,CACJ,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CACP,GAAG,SAAS,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACzC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE;oBACzB,GAAG,EAAE,CAAC,CAAC,YAAY,EAAE;oBACrB,MAAM,EAAE,CAAC,CAAC,eAAe,EAAE;iBAC5B,CAAC,CAAC,CACJ,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAM;IACR,CAAC;IACD,MAAM,QAAQ,GAA+C,EAAE,CAAA;IAC/D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAA;IACxB,CAAC;IACD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAA;IACtB,CAAC;IACD,iBAAiB,CAAC,GAAG,CAAC,GAAG,QAAsD,CAAA;AACjF,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAC7B,eAA6C,EAC7C,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C;IAE7C,OAAO,CACL,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,eAAe,EAAE,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CACjC,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAC7D;QACD,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CACjC,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAC7D;QACD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,0BAA0B,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACjF,0BAA0B,EAAE,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACrF,KAAK,CACN,CAAA;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"CoreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAA+B,MAAM,2BAA2B,CAAA;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAA6B,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AAC/F,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAUN,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAqD,MAAM,gCAAgC,CAAA;AAClG,OAAO,EAEL,iCAAiC,EAClC,MAAM,2BAA2B,CAAA;AAClC,OAAO,EAAmB,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAmB,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAA;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAA0B,MAAM,kCAAkC,CAAA;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EACL,uBAAuB,EACvB,6BAA6B,EAC7B,uBAAuB,EAEvB,gBAAgB,EACjB,MAAM,yBAAyB,CAAA;AAEhC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAU,CAAA;AA8FpE,MAAM,cAAc,GAAgD;IAClE,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;CAC1B,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,8BAA8B,GAClC,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAA;IAC3E,MAAM,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAA;IAEzD,MAAM,eAAe,GAAG,OAAO,CAAC,aAAa;QAC3C,CAAC,CAAC,uBAAuB,CACrB,CAAC,OAAO,CAAC,aAAa,CAAC,EACvB,OAAO,CAAC,OAAO,EACf,oBAAoB,EACpB,SAAS,CACV;QACH,CAAC,CAAC,SAAS,CAAA;IAEb,MAAM,gBAAgB,GAAG,uBAAuB,CAC9C,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,OAAO,EACf,oBAAoB,EACpB,UAAU,CACX,CAAA;IAED,MAAM,0BAA0B,GAAG,iCAAiC,CAClE,OAAO,CAAC,oBAAoB,EAC5B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,sBAAsB,EAC9B,OAAO,CAAC,OAAO,EACf,oBAAoB,EACpB,KAAK,CACS,CAAA;IAEhB,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,uBAAuB,EAC/B,OAAO,CAAC,OAAO,EACf,oBAAoB,EACpB,KAAK,CACS,CAAA;IAEhB,MAAM,gBAAgB,GAAG,qBAAqB,CAC5C,OAAO,CAAC,cAAc,EACtB,OAAO,CAAC,OAAO,EACf,8BAA8B,EAC9B,oBAAoB,CACrB,CAAA;IAED,MAAM,gBAAgB,GAAG,0BAA0B,CACjD,OAAO,CAAC,mBAAmB,EAC3B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAA;IACvD,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC;QACzC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,eAAe;QACf,gBAAgB;QAChB,WAAW;QACX,WAAW;QACX,gBAAgB;QAChB,0BAA0B;QAC1B,gBAAgB;QAChB,oBAAoB;KACrB,CAAC,CAAA;IAEF,IAAI,oBAAoB,CAAC,cAAc,KAAK,WAAW,EAAE,CAAC;QACxD,MAAM,CAAC,iBAAiB,GAAG,yBAAyB,CAClD,eAAe,EACf,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,EAC1B,gBAAgB,CACjB,CAAA;QACD,MAAM,CAAC,sBAAsB,GAAG,sBAAsB,CACpD,eAAe,EACf,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,CAC3B,CAAA;IACH,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAA;IAClE,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAA;IAC1C,CAAC;IACD,OAAO,IAAI,wBAAwB,EAAE,CAAA;AACvC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,gBAAkC,EAClC,OAAmB,EACnB,oBAA0C,EAC1C,UAAsB;IAEtB,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,kBAAkB;QAC1B,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACtC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,EACT,UAAU,CACX,CAAA;YACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;YAED,MAAM,cAAc,GAAyB,OAAO,CAAA;YACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;gBACpC,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;gBAC5D,WAAW;gBACX,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YAEF,MAAM,iBAAiB,GAAsB;gBAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,IAAI;gBAChC,SAAS;gBACT,aAAa;gBACb,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;gBAChF,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;aACF,CAAA;YAED,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACrD,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACtD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,gBAAgB,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IAAI,gBAAgB,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,eAAkC,EAClC,OAAmB,EACnB,oBAA0C,EAC1C,UAAsB;IAEtB,MAAM,QAAQ,GAAoB,EAAE,CAAA;IACpC,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;QAC5C,MAAM,UAAU,GAAkB;YAChC,aAAa,EAAE,aAAa,CAAC,aAAa;YAC1C,MAAM,EAAE,kBAAkB;YAC1B,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,mBAAmB,EAAE,EAAE;SACxB,CAAA;QACD,KAAK,MAAM,MAAM,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5C,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GACxD,gCAAgC,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;gBAClE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;gBACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;gBAED,MAAM,cAAc,GAAyB,OAAO,CAAA;gBACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;oBACpC,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;oBAC5D,WAAW;oBACX,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBAEF,MAAM,iBAAiB,GAAsB;oBAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,IAAI;oBAChC,SAAS;oBACT,aAAa;oBACb,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE;oBACzE,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;iBACF,CAAA;gBAED,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC/C,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACpD,CAAC;qBAAM,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC5D,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACnD,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzC,UAAU,CAAC,MAAM,GAAG,kBAAkB,CAAA;QACxC,CAAC;aAAM,IAAI,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,UAAU,CAAC,MAAM,GAAG,SAAS,CAAA;QAC/B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED,IAAI,aAAa,GAAqB,kBAAkB,CAAA;IACxD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC5D,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QAClE,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE,CAAC;QAC3D,aAAa,GAAG,SAAS,CAAA;IAC3B,CAAC;IAED,OAAO;QACL,MAAM,EAAE,aAAa;QACrB,UAAU,EAAE,QAAQ;KACrB,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,cAA0C,EAC1C,OAAmB,EACnB,8BAAuC,EACvC,oBAA0C;IAE1C,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,eAAe;QACvB,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,MAAM,qBAAqB,GAA2B;QACpD,OAAO;QACP,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;IAED,KAAK,MAAM,SAAS,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QACpD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,EACT,UAAU,CACX,CAAA;QACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;QACD,IAAI,EACF,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,sBAAsB,EACvB,GAAG,iCAAiC,CAAC,OAAO,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAA;QAE/E,MAAM,yBAAyB,GAAqD,EAAE,CAAA;QAEtF;;;;;;;;;;;WAWG;QACH,IACE,8BAA8B;YAC9B,SAAS,CAAC,uBAAuB,EAAE;YACnC,SAAS,CAAC,MAAM,EAAE,KAAK,MAAM,EAC7B,CAAC;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,yBAAyB,CAAC,sBAAsB,GAAG,IAAI,CAAA;QACzD,CAAC;QAED,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;QAED,MAAM,YAAY,GAAG,gBAAgB,CAAC;YACpC,WAAW;YACX,cAAc;YACd,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QAEF,MAAM,6BAA6B,GAAG,uBAAuB,CAAC;YAC5D,WAAW;YACX,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAsB;YAClC,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC,IAAI;YACxC,SAAS;YACT,aAAa,EAAE,aAAa;YAC5B,WAAW;YACX,cAAc;YACd,cAAc;YACd,iBAAiB,EAAE,6BAA6B,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;YAChF,sBAAsB;YACtB,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,GAAG,gBAAgB,EAAE,CACnF;SACF,CAAA;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACrF,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAChD,CAAC;aAAM,IAAI,uBAAuB,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACtF,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,IACE,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC7F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACrF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC9F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACtF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,mBAAmB,CAAA;IAC/C,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,oBAAkD,EAClD,OAAmB,EACnB,oBAA0C;IAE1C,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,uBAAuB,CAAC,oBAAoB,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAA;AAC3F,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,mBAAiD,EACjD,OAAmB,EACnB,oBAA0C;IAE1C,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,OAAO,uBAAuB,CAAC,mBAAmB,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,CAAC,CAAA;AAC5F,CAAC;AAED,SAAS,oBAAoB,CAC3B,SAAoB,EACpB,YAAqB,EACrB,WAAoB,EACpB,cAAqC,EACrC,aAAsB,EACtB,cAAoC,EACpC,OAAkC;IAElC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE;QAC1B,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC3D,OAAO,EAAE,YAAY;QACrB,WAAW;QACX,cAAc;QACd,aAAa;QACb,cAAc,EAAE,cAAc,KAAK,OAAO;QAC1C,GAAG,OAAO;KACX,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,yBAAyB,CAChC,eAA6C,EAC7C,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C,EAC7C,gBAAmC;IAEnC,MAAM,iBAAiB,GAAsB,EAAE,CAAA;IAC/C,IAAI,eAAe,EAAE,CAAC;QACpB,8BAA8B,CAAC,iBAAiB,EAAE,SAAS,EAAE,CAAC,eAAe,CAAC,CAAC,CAAA;IACjF,CAAC;IACD,8BAA8B,CAAC,iBAAiB,EAAE,KAAK,EAAE,WAAW,CAAC,UAAU,CAAC,CAAA;IAChF,8BAA8B,CAAC,iBAAiB,EAAE,KAAK,EAAE,WAAW,CAAC,UAAU,CAAC,CAAA;IAChF,8BAA8B,CAAC,iBAAiB,EAAE,UAAU,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACjF,8BAA8B,CAAC,iBAAiB,EAAE,UAAU,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACjF,8BAA8B,CAC5B,iBAAiB,EACjB,oBAAoB,EACpB,0BAA0B,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,CAAC,EAAE,CAC/D,CAAA;IACD,8BAA8B,CAC5B,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,CAC3C,CAAA;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;GAKG;AACH,SAAS,8BAA8B,CACrC,iBAA6C,EAC7C,GAA4B,EAC5B,QAIG;IAEH,MAAM,KAAK,GAAuB,EAAE,CAAA;IACpC,MAAM,IAAI,GAAuB,EAAE,CAAA;IACnC,MAAM,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC;QACnD,GAAG,QAAQ,CAAC,eAAe;QAC3B,GAAG,QAAQ,CAAC,cAAc;QAC1B,GAAG,QAAQ,CAAC,mBAAmB;KAChC,CAAC,CAAA;IAEF,KAAK,MAAM,SAAS,IAAI,aAAa,EAAE,CAAC;QACtC,IAAI,SAAS,CAAC,iBAAiB,IAAI,SAAS,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1E,IAAI,SAAS,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;gBAClC,KAAK,CAAC,IAAI,CACR,GAAG,SAAS,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACzC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE;oBACzB,GAAG,EAAE,CAAC,CAAC,YAAY,EAAE;oBACrB,MAAM,EAAE,CAAC,CAAC,eAAe,EAAE;iBAC5B,CAAC,CAAC,CACJ,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CACP,GAAG,SAAS,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACzC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE;oBACzB,GAAG,EAAE,CAAC,CAAC,YAAY,EAAE;oBACrB,MAAM,EAAE,CAAC,CAAC,eAAe,EAAE;iBAC5B,CAAC,CAAC,CACJ,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAM;IACR,CAAC;IACD,MAAM,QAAQ,GAA+C,EAAE,CAAA;IAC/D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAA;IACxB,CAAC;IACD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAA;IACtB,CAAC;IACD,iBAAiB,CAAC,GAAG,CAAC,GAAG,QAAsD,CAAA;AACjF,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAC7B,eAA6C,EAC7C,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C;IAE7C,OAAO,CACL,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,eAAe,EAAE,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CACjC,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAC7D;QACD,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CACjC,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAC7D;QACD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC1E,0BAA0B,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACjF,0BAA0B,EAAE,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACrF,KAAK,CACN,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* The type of IAM policy being evaluated during authorization.
|
|
3
|
+
*
|
|
4
|
+
* - `'identity'` — identity-based policies attached to the principal
|
|
5
|
+
* - `'resource'` — resource-based policies attached to the target resource
|
|
6
|
+
* - `'scp'` — service control policies from AWS Organizations
|
|
7
|
+
* - `'rcp'` — resource control policies from AWS Organizations
|
|
8
|
+
* - `'pb'` — permission boundary policies
|
|
9
|
+
* - `'vpce'` — VPC endpoint policies
|
|
10
|
+
* - `'session'` — session policies for assumed role or federated sessions
|
|
11
|
+
*/
|
|
12
|
+
export type PolicyType = 'scp' | 'rcp' | 'vpce' | 'identity' | 'resource' | 'pb' | 'session';
|
|
13
|
+
//# sourceMappingURL=policyType.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policyType.d.ts","sourceRoot":"","sources":["../../src/policyType.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG,KAAK,GAAG,MAAM,GAAG,UAAU,GAAG,UAAU,GAAG,IAAI,GAAG,SAAS,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policyType.js","sourceRoot":"","sources":["../../src/policyType.ts"],"names":[],"mappings":""}
|
|
@@ -1,14 +1,16 @@
|
|
|
1
1
|
import { type Resource, type Statement } from '@cloud-copilot/iam-policy';
|
|
2
2
|
import { type ResourceExplain, type StatementExplain } from '../explain/statementExplain.js';
|
|
3
|
+
import { type PolicyType } from '../policyType.js';
|
|
3
4
|
import { type AwsRequest } from '../request/request.js';
|
|
4
5
|
/**
|
|
5
6
|
* Check if a request matches the Resource or NotResource elements of a statement.
|
|
6
7
|
*
|
|
7
8
|
* @param request the request to check
|
|
8
9
|
* @param statement the statement to check against
|
|
10
|
+
* @param policyType the type of policy being evaluated
|
|
9
11
|
* @returns true if the request matches the resources in the statement, false otherwise
|
|
10
12
|
*/
|
|
11
|
-
export declare function requestMatchesStatementResources(request: AwsRequest, statement: Statement): {
|
|
13
|
+
export declare function requestMatchesStatementResources(request: AwsRequest, statement: Statement, policyType: PolicyType): {
|
|
12
14
|
matches: boolean;
|
|
13
15
|
details: Pick<StatementExplain, 'resources' | 'notResources'>;
|
|
14
16
|
};
|
|
@@ -17,9 +19,12 @@ export declare function requestMatchesStatementResources(request: AwsRequest, st
|
|
|
17
19
|
*
|
|
18
20
|
* @param request the request to check
|
|
19
21
|
* @param policyResources the resources to check against
|
|
22
|
+
* @param resourceType whether this is a Resource or NotResource element
|
|
23
|
+
* @param effect the effect of the statement
|
|
24
|
+
* @param policyType the type of policy being evaluated
|
|
20
25
|
* @returns true if the request matches any of the resources, false otherwise
|
|
21
26
|
*/
|
|
22
|
-
export declare function requestMatchesResources(request: AwsRequest, policyResources: Resource[], resourceType: 'Resource' | 'NotResource', effect: 'Allow' | 'Deny'): {
|
|
27
|
+
export declare function requestMatchesResources(request: AwsRequest, policyResources: Resource[], resourceType: 'Resource' | 'NotResource', effect: 'Allow' | 'Deny', policyType: PolicyType): {
|
|
23
28
|
matches: boolean;
|
|
24
29
|
explains: ResourceExplain[];
|
|
25
30
|
};
|
|
@@ -28,9 +33,12 @@ export declare function requestMatchesResources(request: AwsRequest, policyResou
|
|
|
28
33
|
*
|
|
29
34
|
* @param request the request to check
|
|
30
35
|
* @param policyResources the resources to check against
|
|
36
|
+
* @param resourceType whether this is a Resource or NotResource element
|
|
37
|
+
* @param effect the effect of the statement
|
|
38
|
+
* @param policyType the type of policy being evaluated
|
|
31
39
|
* @returns true if the request does not match any of the resources, false otherwise
|
|
32
40
|
*/
|
|
33
|
-
export declare function requestMatchesNotResources(request: AwsRequest, policyResources: Resource[], resourceType: 'Resource' | 'NotResource', effect: 'Allow' | 'Deny'): {
|
|
41
|
+
export declare function requestMatchesNotResources(request: AwsRequest, policyResources: Resource[], resourceType: 'Resource' | 'NotResource', effect: 'Allow' | 'Deny', policyType: PolicyType): {
|
|
34
42
|
matches: boolean;
|
|
35
43
|
explains: ResourceExplain[];
|
|
36
44
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resource.d.ts","sourceRoot":"","sources":["../../../src/resource/resource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,QAAQ,EAAE,KAAK,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACzE,OAAO,EAAE,KAAK,eAAe,EAAE,KAAK,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AAC5F,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,uBAAuB,CAAA;
|
|
1
|
+
{"version":3,"file":"resource.d.ts","sourceRoot":"","sources":["../../../src/resource/resource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,QAAQ,EAAE,KAAK,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACzE,OAAO,EAAE,KAAK,eAAe,EAAE,KAAK,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AAC5F,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAqEvD;;;;;;;GAOG;AACH,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,SAAS,EACpB,UAAU,EAAE,UAAU,GACrB;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE,WAAW,GAAG,cAAc,CAAC,CAAA;CAAE,CA2BrF;AAED;;;;;;;;;GASG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,UAAU,EACnB,eAAe,EAAE,QAAQ,EAAE,EAC3B,YAAY,EAAE,UAAU,GAAG,aAAa,EACxC,MAAM,EAAE,OAAO,GAAG,MAAM,EACxB,UAAU,EAAE,UAAU,GACrB;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,eAAe,EAAE,CAAA;CAAE,CAMnD;AAED;;;;;;;;;GASG;AACH,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,UAAU,EACnB,eAAe,EAAE,QAAQ,EAAE,EAC3B,YAAY,EAAE,UAAU,GAAG,aAAa,EACxC,MAAM,EAAE,OAAO,GAAG,MAAM,EACxB,UAAU,EAAE,UAAU,GACrB;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,eAAe,EAAE,CAAA;CAAE,CAgBnD;AAuSD;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,GACpB,OAAO,GAAG,kBAAkB,GAAG,oBAAoB,GAAG,MAAM,CAe9D"}
|
|
@@ -1,7 +1,45 @@
|
|
|
1
1
|
import {} from '@cloud-copilot/iam-policy';
|
|
2
2
|
import {} from '../explain/statementExplain.js';
|
|
3
|
+
import {} from '../policyType.js';
|
|
3
4
|
import {} from '../request/request.js';
|
|
4
5
|
import { convertIamString, getResourceSegments } from '../util.js';
|
|
6
|
+
/**
|
|
7
|
+
* Map of resource matching settings per policy type. Controls how short ARNs are treated:
|
|
8
|
+
* - `'expand'` — treat missing trailing segments as `*`, then match normally
|
|
9
|
+
* - `'reject'` — return an error (ARN is not valid for this policy type)
|
|
10
|
+
* - `'noMatch'` — silently does not match
|
|
11
|
+
*/
|
|
12
|
+
const policyTypeResourceSettings = {
|
|
13
|
+
identity: { shortArnWithoutWildcard: 'expand', shortArnWithWildcard: 'expand' },
|
|
14
|
+
session: { shortArnWithoutWildcard: 'expand', shortArnWithWildcard: 'expand' },
|
|
15
|
+
pb: { shortArnWithoutWildcard: 'expand', shortArnWithWildcard: 'expand' },
|
|
16
|
+
resource: { shortArnWithoutWildcard: 'noMatch', shortArnWithWildcard: 'expand' },
|
|
17
|
+
vpce: { shortArnWithoutWildcard: 'noMatch', shortArnWithWildcard: 'expand' },
|
|
18
|
+
scp: { shortArnWithoutWildcard: 'reject', shortArnWithWildcard: 'expand' },
|
|
19
|
+
rcp: { shortArnWithoutWildcard: 'reject', shortArnWithWildcard: 'reject' }
|
|
20
|
+
};
|
|
21
|
+
/**
|
|
22
|
+
* Create a lightweight Resource object from an expanded ARN string.
|
|
23
|
+
* Used when a short ARN is padded with `*` segments to form a full 6-segment ARN.
|
|
24
|
+
*
|
|
25
|
+
* @param expandedValue the full 6-segment ARN string
|
|
26
|
+
* @returns a Resource object that can be used in the existing matching logic
|
|
27
|
+
*/
|
|
28
|
+
function createExpandedResource(expandedValue) {
|
|
29
|
+
const parts = expandedValue.split(':');
|
|
30
|
+
const resource = {
|
|
31
|
+
value: () => expandedValue,
|
|
32
|
+
isAllResources: () => false,
|
|
33
|
+
isArnResource: () => true,
|
|
34
|
+
path: () => '',
|
|
35
|
+
partition: () => parts[1],
|
|
36
|
+
service: () => parts[2],
|
|
37
|
+
region: () => parts[3],
|
|
38
|
+
account: () => parts[4],
|
|
39
|
+
resource: () => parts.slice(5).join(':')
|
|
40
|
+
};
|
|
41
|
+
return resource;
|
|
42
|
+
}
|
|
5
43
|
/**
|
|
6
44
|
* Convert a resource segment to a regular expression. This is without variables.
|
|
7
45
|
*
|
|
@@ -20,18 +58,19 @@ function convertResourceSegmentToRegex(segment) {
|
|
|
20
58
|
*
|
|
21
59
|
* @param request the request to check
|
|
22
60
|
* @param statement the statement to check against
|
|
61
|
+
* @param policyType the type of policy being evaluated
|
|
23
62
|
* @returns true if the request matches the resources in the statement, false otherwise
|
|
24
63
|
*/
|
|
25
|
-
export function requestMatchesStatementResources(request, statement) {
|
|
64
|
+
export function requestMatchesStatementResources(request, statement, policyType) {
|
|
26
65
|
if (statement.isResourceStatement()) {
|
|
27
|
-
const { matches, explains } = requestMatchesResources(request, statement.resources(), 'Resource', statement.effect());
|
|
66
|
+
const { matches, explains } = requestMatchesResources(request, statement.resources(), 'Resource', statement.effect(), policyType);
|
|
28
67
|
if (!statement.resourceIsArray()) {
|
|
29
68
|
return { matches, details: { resources: explains[0] } };
|
|
30
69
|
}
|
|
31
70
|
return { matches, details: { resources: explains } };
|
|
32
71
|
}
|
|
33
72
|
else if (statement.isNotResourceStatement()) {
|
|
34
|
-
const { matches, explains } = requestMatchesNotResources(request, statement.notResources(), 'NotResource', statement.effect());
|
|
73
|
+
const { matches, explains } = requestMatchesNotResources(request, statement.notResources(), 'NotResource', statement.effect(), policyType);
|
|
35
74
|
if (!statement.notResourceIsArray()) {
|
|
36
75
|
return { matches, details: { notResources: explains[0] } };
|
|
37
76
|
}
|
|
@@ -44,10 +83,13 @@ export function requestMatchesStatementResources(request, statement) {
|
|
|
44
83
|
*
|
|
45
84
|
* @param request the request to check
|
|
46
85
|
* @param policyResources the resources to check against
|
|
86
|
+
* @param resourceType whether this is a Resource or NotResource element
|
|
87
|
+
* @param effect the effect of the statement
|
|
88
|
+
* @param policyType the type of policy being evaluated
|
|
47
89
|
* @returns true if the request matches any of the resources, false otherwise
|
|
48
90
|
*/
|
|
49
|
-
export function requestMatchesResources(request, policyResources, resourceType, effect) {
|
|
50
|
-
const explains = policyResources.map((policyResource) => singleResourceMatchesRequest(request, policyResource, resourceType, effect));
|
|
91
|
+
export function requestMatchesResources(request, policyResources, resourceType, effect, policyType) {
|
|
92
|
+
const explains = policyResources.map((policyResource) => singleResourceMatchesRequest(request, policyResource, resourceType, effect, policyType));
|
|
51
93
|
const matches = explains.some((explain) => explain.matches);
|
|
52
94
|
return { matches, explains };
|
|
53
95
|
}
|
|
@@ -56,11 +98,14 @@ export function requestMatchesResources(request, policyResources, resourceType,
|
|
|
56
98
|
*
|
|
57
99
|
* @param request the request to check
|
|
58
100
|
* @param policyResources the resources to check against
|
|
101
|
+
* @param resourceType whether this is a Resource or NotResource element
|
|
102
|
+
* @param effect the effect of the statement
|
|
103
|
+
* @param policyType the type of policy being evaluated
|
|
59
104
|
* @returns true if the request does not match any of the resources, false otherwise
|
|
60
105
|
*/
|
|
61
|
-
export function requestMatchesNotResources(request, policyResources, resourceType, effect) {
|
|
106
|
+
export function requestMatchesNotResources(request, policyResources, resourceType, effect, policyType) {
|
|
62
107
|
const explains = policyResources.map((policyResource) => {
|
|
63
|
-
const explain = singleResourceMatchesRequest(request, policyResource, resourceType, effect);
|
|
108
|
+
const explain = singleResourceMatchesRequest(request, policyResource, resourceType, effect, policyType);
|
|
64
109
|
if (!explain.errors) {
|
|
65
110
|
explain.matches = !explain.matches;
|
|
66
111
|
}
|
|
@@ -108,9 +153,12 @@ For a Deny/NotResource Statement:
|
|
|
108
153
|
*
|
|
109
154
|
* @param request the request to check against
|
|
110
155
|
* @param policyResource the resource to check against
|
|
156
|
+
* @param resourceType whether this is a Resource or NotResource element
|
|
157
|
+
* @param effect the effect of the statement
|
|
158
|
+
* @param policyType the type of policy being evaluated
|
|
111
159
|
* @returns true if the request matches the resource, false otherwise
|
|
112
160
|
*/
|
|
113
|
-
function singleResourceMatchesRequest(request, policyResource, resourceType, effect) {
|
|
161
|
+
function singleResourceMatchesRequest(request, policyResource, resourceType, effect, policyType) {
|
|
114
162
|
// Policy is all resources
|
|
115
163
|
if (policyResource.isAllResources()) {
|
|
116
164
|
return {
|
|
@@ -118,6 +166,39 @@ function singleResourceMatchesRequest(request, policyResource, resourceType, eff
|
|
|
118
166
|
matches: true
|
|
119
167
|
};
|
|
120
168
|
}
|
|
169
|
+
// Short ARN handling — fewer than 6 colon-separated segments
|
|
170
|
+
if (policyResource.isArnResource() && policyResource.value().split(':').length < 6) {
|
|
171
|
+
const settings = policyTypeResourceSettings[policyType];
|
|
172
|
+
// For policy types that reject short ARNs without wildcards, only a wildcard
|
|
173
|
+
// in the last segment counts — a wildcard in the middle doesn't make it valid.
|
|
174
|
+
const lastSegment = policyResource.value().split(':').at(-1) ?? '';
|
|
175
|
+
const hasTrailingWildcard = lastSegment.endsWith('*');
|
|
176
|
+
const hasAnyWildcard = policyResource.value().includes('*');
|
|
177
|
+
const hasWildcard = settings.shortArnWithoutWildcard === 'reject' ? hasTrailingWildcard : hasAnyWildcard;
|
|
178
|
+
const behavior = hasWildcard ? settings.shortArnWithWildcard : settings.shortArnWithoutWildcard;
|
|
179
|
+
if (behavior === 'reject') {
|
|
180
|
+
return {
|
|
181
|
+
resource: policyResource.value(),
|
|
182
|
+
matches: false,
|
|
183
|
+
errors: ['Policy resource ARN is not valid for this policy type']
|
|
184
|
+
};
|
|
185
|
+
}
|
|
186
|
+
if (behavior === 'noMatch') {
|
|
187
|
+
return {
|
|
188
|
+
resource: policyResource.value(),
|
|
189
|
+
matches: false
|
|
190
|
+
};
|
|
191
|
+
}
|
|
192
|
+
// behavior === 'expand': pad missing segments with '*' and recurse with expanded resource
|
|
193
|
+
const segments = policyResource.value().split(':');
|
|
194
|
+
while (segments.length < 6) {
|
|
195
|
+
segments.push('*');
|
|
196
|
+
}
|
|
197
|
+
const result = singleResourceMatchesRequest(request, createExpandedResource(segments.join(':')), resourceType, effect, policyType);
|
|
198
|
+
// Preserve the original (unexpanded) resource value in the explain
|
|
199
|
+
result.resource = policyResource.value();
|
|
200
|
+
return result;
|
|
201
|
+
}
|
|
121
202
|
// Request is all resources
|
|
122
203
|
if (request.resource?.isAllResources()) {
|
|
123
204
|
// For wildcard-only actions, only a literal "*" policy resource (handled above) grants access.
|