@cloud-copilot/iam-simulate 0.1.49 → 0.1.50
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/StatementAnalysis.d.ts +12 -1
- package/dist/cjs/StatementAnalysis.d.ts.map +1 -1
- package/dist/cjs/StatementAnalysis.js.map +1 -1
- package/dist/cjs/condition/condition.d.ts +4 -2
- package/dist/cjs/condition/condition.d.ts.map +1 -1
- package/dist/cjs/condition/condition.js +46 -7
- package/dist/cjs/condition/condition.js.map +1 -1
- package/dist/cjs/condition/ipaddress/ip.d.ts +1 -0
- package/dist/cjs/condition/ipaddress/ip.d.ts.map +1 -1
- package/dist/cjs/condition/ipaddress/ip.js +13 -0
- package/dist/cjs/condition/ipaddress/ip.js.map +1 -1
- package/dist/cjs/core_engine/CoreSimulatorEngine.d.ts +29 -4
- package/dist/cjs/core_engine/CoreSimulatorEngine.d.ts.map +1 -1
- package/dist/cjs/core_engine/CoreSimulatorEngine.js +92 -16
- package/dist/cjs/core_engine/CoreSimulatorEngine.js.map +1 -1
- package/dist/cjs/evaluate.d.ts +34 -0
- package/dist/cjs/evaluate.d.ts.map +1 -1
- package/dist/cjs/explain/statementExplain.d.ts +2 -7
- package/dist/cjs/explain/statementExplain.d.ts.map +1 -1
- package/dist/cjs/explain/statementExplain.js.map +1 -1
- package/dist/cjs/principal/principal.d.ts +12 -4
- package/dist/cjs/principal/principal.d.ts.map +1 -1
- package/dist/cjs/principal/principal.js +115 -56
- package/dist/cjs/principal/principal.js.map +1 -1
- package/dist/cjs/services/DefaultServiceAuthorizer.d.ts.map +1 -1
- package/dist/cjs/services/DefaultServiceAuthorizer.js +9 -0
- package/dist/cjs/services/DefaultServiceAuthorizer.js.map +1 -1
- package/dist/cjs/services/ServiceAuthorizer.d.ts +2 -0
- package/dist/cjs/services/ServiceAuthorizer.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.js +11 -1
- package/dist/cjs/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/cjs/simulation_engine/simulationOptions.d.ts +3 -1
- package/dist/cjs/simulation_engine/simulationOptions.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.js +5 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.js.map +1 -1
- package/dist/esm/StatementAnalysis.d.ts +12 -1
- package/dist/esm/StatementAnalysis.d.ts.map +1 -1
- package/dist/esm/StatementAnalysis.js.map +1 -1
- package/dist/esm/condition/condition.d.ts +4 -2
- package/dist/esm/condition/condition.d.ts.map +1 -1
- package/dist/esm/condition/condition.js +46 -7
- package/dist/esm/condition/condition.js.map +1 -1
- package/dist/esm/condition/ipaddress/ip.d.ts +1 -0
- package/dist/esm/condition/ipaddress/ip.d.ts.map +1 -1
- package/dist/esm/condition/ipaddress/ip.js +13 -0
- package/dist/esm/condition/ipaddress/ip.js.map +1 -1
- package/dist/esm/core_engine/CoreSimulatorEngine.d.ts +29 -4
- package/dist/esm/core_engine/CoreSimulatorEngine.d.ts.map +1 -1
- package/dist/esm/core_engine/CoreSimulatorEngine.js +91 -16
- package/dist/esm/core_engine/CoreSimulatorEngine.js.map +1 -1
- package/dist/esm/evaluate.d.ts +34 -0
- package/dist/esm/evaluate.d.ts.map +1 -1
- package/dist/esm/explain/statementExplain.d.ts +2 -7
- package/dist/esm/explain/statementExplain.d.ts.map +1 -1
- package/dist/esm/explain/statementExplain.js.map +1 -1
- package/dist/esm/principal/principal.d.ts +12 -4
- package/dist/esm/principal/principal.d.ts.map +1 -1
- package/dist/esm/principal/principal.js +115 -56
- package/dist/esm/principal/principal.js.map +1 -1
- package/dist/esm/services/DefaultServiceAuthorizer.d.ts.map +1 -1
- package/dist/esm/services/DefaultServiceAuthorizer.js +10 -1
- package/dist/esm/services/DefaultServiceAuthorizer.js.map +1 -1
- package/dist/esm/services/ServiceAuthorizer.d.ts +2 -0
- package/dist/esm/services/ServiceAuthorizer.d.ts.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.js +12 -2
- package/dist/esm/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/esm/simulation_engine/simulationOptions.d.ts +3 -1
- package/dist/esm/simulation_engine/simulationOptions.d.ts.map +1 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.d.ts.map +1 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.js +5 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CoreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAAwB,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AAW1F,OAAO,EAAwB,iCAAiC,EAAE,MAAM,2BAA2B,CAAA;AAEnG,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAA;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAE1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EACL,uBAAuB,EACvB,6BAA6B,EAE7B,gBAAgB,EACjB,MAAM,yBAAyB,CAAA;AAsDhC,MAAM,cAAc,GAAgD;IAClE,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;CAC1B,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,8BAA8B,GAClC,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAA;IAC3E,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,OAAO,CAAC,gBAAgB,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;IAC3F,MAAM,0BAA0B,GAAG,iCAAiC,CAClE,OAAO,CAAC,oBAAoB,EAC5B,OAAO,CAAC,OAAO,CAChB,CAAA;IACD,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,sBAAsB,EAC9B,OAAO,CAAC,OAAO,CACD,CAAA;IAChB,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,uBAAuB,EAC/B,OAAO,CAAC,OAAO,CACD,CAAA;IAChB,MAAM,gBAAgB,GAAG,qBAAqB,CAC5C,OAAO,CAAC,cAAc,EACtB,OAAO,CAAC,OAAO,EACf,8BAA8B,CAC/B,CAAA;IAED,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAA;IACvD,OAAO,iBAAiB,CAAC,SAAS,CAAC;QACjC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,gBAAgB;QAChB,WAAW;QACX,WAAW;QACX,gBAAgB;QAChB,0BAA0B;KAC3B,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAA;IAClE,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAA;IAC1C,CAAC;IACD,OAAO,IAAI,wBAAwB,EAAE,CAAA;AACvC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,gBAA0B,EAC1B,OAAmB;IAEnB,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,kBAAkB;QAC1B,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACtC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,wBAAwB,CACrF,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,CACvB,CAAA;YACD,MAAM,cAAc,GAAyB,OAAO,CAAA;YACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;gBACpC,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YACF,MAAM,iBAAiB,GAAsB;gBAC3C,SAAS;gBACT,aAAa;gBACb,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;aACF,CAAA;YAED,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACrD,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACtD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,gBAAgB,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IAAI,gBAAgB,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,eAAkC,EAClC,OAAmB;IAEnB,MAAM,QAAQ,GAAoB,EAAE,CAAA;IACpC,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;QAC5C,MAAM,UAAU,GAAkB;YAChC,aAAa,EAAE,aAAa,CAAC,aAAa;YAC1C,MAAM,EAAE,kBAAkB;YAC1B,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,mBAAmB,EAAE,EAAE;SACxB,CAAA;QACD,KAAK,MAAM,MAAM,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5C,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GACxD,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;gBACtD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;gBACD,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,wBAAwB,CACrF,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,CACvB,CAAA;gBACD,MAAM,cAAc,GAAyB,OAAO,CAAA;gBACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;oBACpC,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBACF,MAAM,iBAAiB,GAAsB;oBAC3C,SAAS;oBACT,aAAa;oBACb,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;iBACF,CAAA;gBAED,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC/C,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACpD,CAAC;qBAAM,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC5D,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACnD,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzC,UAAU,CAAC,MAAM,GAAG,kBAAkB,CAAA;QACxC,CAAC;aAAM,IAAI,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,UAAU,CAAC,MAAM,GAAG,SAAS,CAAA;QAC/B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED,IAAI,aAAa,GAAqB,kBAAkB,CAAA;IACxD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC5D,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QAClE,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE,CAAC;QAC3D,aAAa,GAAG,SAAS,CAAA;IAC3B,CAAC;IAED,OAAO;QACL,MAAM,EAAE,aAAa;QACrB,UAAU,EAAE,QAAQ;KACrB,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,cAAkC,EAClC,OAAmB,EACnB,8BAAuC;IAEvC,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,eAAe;QACvB,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,MAAM,qBAAqB,GAA2B;QACpD,OAAO;QACP,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;IAED,KAAK,MAAM,SAAS,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QACpD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;QACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;QACD,IAAI,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,iCAAiC,CAC5F,OAAO,EACP,SAAS,CACV,CAAA;QAED,MAAM,yBAAyB,GAAqD,EAAE,CAAA;QAEtF;;;;;;;;;;;WAWG;QACH,IACE,8BAA8B;YAC9B,SAAS,CAAC,uBAAuB,EAAE;YACnC,SAAS,CAAC,MAAM,EAAE,KAAK,MAAM,EAC7B,CAAC;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,yBAAyB,CAAC,sBAAsB,GAAG,IAAI,CAAA;QACzD,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,wBAAwB,CACrF,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,CACvB,CAAA;QACD,MAAM,YAAY,GAAG,gBAAgB,CAAC;YACpC,WAAW;YACX,cAAc;YACd,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QACF,MAAM,QAAQ,GAAsB;YAClC,SAAS;YACT,aAAa,EAAE,aAAa;YAC5B,WAAW;YACX,cAAc;YACd,cAAc;YACd,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,GAAG,gBAAgB,EAAE,CACnF;SACF,CAAA;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACrF,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAChD,CAAC;aAAM,IAAI,uBAAuB,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACtF,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,IACE,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC7F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACrF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC9F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACtF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,mBAAmB,CAAA;IAC/C,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,MAAM,GAAG,iBAAiB,CAAA;IAC7C,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,oBAA0C,EAC1C,OAAmB;IAEnB,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,uBAAuB,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAA;AAC/D,CAAC;AAED,SAAS,oBAAoB,CAC3B,SAAoB,EACpB,YAAqB,EACrB,WAAoB,EACpB,cAAqC,EACrC,aAAsB,EACtB,cAAoC,EACpC,OAAkC;IAElC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE;QAC1B,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC3D,OAAO,EAAE,YAAY;QACrB,WAAW;QACX,cAAc;QACd,aAAa;QACb,cAAc,EAAE,cAAc,KAAK,OAAO;QAC1C,GAAG,OAAO;KACX,CAAA;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"CoreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/CoreSimulatorEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAAwB,wBAAwB,EAAE,MAAM,2BAA2B,CAAA;AAY1F,OAAO,EAAwB,iCAAiC,EAAE,MAAM,2BAA2B,CAAA;AAEnG,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAA;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAE1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EACL,uBAAuB,EACvB,6BAA6B,EAE7B,gBAAgB,EACjB,MAAM,yBAAyB,CAAA;AAEhC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAU,CAAA;AAkFpE,MAAM,cAAc,GAAgD;IAClE,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;IACzB,GAAG,EAAE,oBAAoB;CAC1B,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,8BAA8B,GAClC,CAAC,CAAC,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAA;IAC3E,MAAM,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAA;IAEzD,MAAM,gBAAgB,GAAG,uBAAuB,CAC9C,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,0BAA0B,GAAG,iCAAiC,CAClE,OAAO,CAAC,oBAAoB,EAC5B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACrB,CAAA;IAED,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,sBAAsB,EAC9B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACN,CAAA;IAEhB,MAAM,WAAW,GAAG,sBAAsB,CACxC,OAAO,CAAC,uBAAuB,EAC/B,OAAO,CAAC,OAAO,EACf,oBAAoB,CACN,CAAA;IAEhB,MAAM,gBAAgB,GAAG,qBAAqB,CAC5C,OAAO,CAAC,cAAc,EACtB,OAAO,CAAC,OAAO,EACf,8BAA8B,EAC9B,oBAAoB,CACrB,CAAA;IAED,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAA;IACvD,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC;QACzC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,gBAAgB;QAChB,WAAW;QACX,WAAW;QACX,gBAAgB;QAChB,0BAA0B;QAC1B,oBAAoB;KACrB,CAAC,CAAA;IAEF,IAAI,oBAAoB,CAAC,cAAc,KAAK,WAAW,EAAE,CAAC;QACxD,MAAM,CAAC,iBAAiB,GAAG,yBAAyB,CAClD,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,CAC3B,CAAA;QACD,MAAM,CAAC,sBAAsB,GAAG,sBAAsB,CACpD,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,0BAA0B,CAC3B,CAAA;IACH,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAA;IAClE,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAA;IAC1C,CAAC;IACD,OAAO,IAAI,wBAAwB,EAAE,CAAA;AACvC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,gBAA0B,EAC1B,OAAmB,EACnB,oBAA0C;IAE1C,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,kBAAkB;QAC1B,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACtC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;YACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;YAED,MAAM,cAAc,GAAyB,OAAO,CAAA;YACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;gBACpC,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,aAAa;aACd,CAAC,CAAA;YACF,MAAM,iBAAiB,GAAsB;gBAC3C,SAAS;gBACT,aAAa;gBACb,WAAW;gBACX,cAAc;gBACd,cAAc;gBACd,iBAAiB;gBACjB,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;aACF,CAAA;YAED,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACrD,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACtD,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,gBAAgB,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IAAI,gBAAgB,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,eAAkC,EAClC,OAAmB,EACnB,oBAA0C;IAE1C,MAAM,QAAQ,GAAoB,EAAE,CAAA;IACpC,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;QAC5C,MAAM,UAAU,GAAkB;YAChC,aAAa,EAAE,aAAa,CAAC,aAAa;YAC1C,MAAM,EAAE,kBAAkB;YAC1B,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,mBAAmB,EAAE,EAAE;SACxB,CAAA;QACD,KAAK,MAAM,MAAM,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5C,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC5C,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GACxD,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;gBACtD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;gBACD,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;gBAED,MAAM,cAAc,GAAyB,OAAO,CAAA;gBACpD,MAAM,YAAY,GAAG,gBAAgB,CAAC;oBACpC,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,aAAa;iBACd,CAAC,CAAA;gBAEF,MAAM,iBAAiB,GAAsB;oBAC3C,SAAS;oBACT,aAAa;oBACb,WAAW;oBACX,cAAc;oBACd,cAAc;oBACd,iBAAiB;oBACjB,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,CAC9D;iBACF,CAAA;gBAED,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC/C,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACpD,CAAC;qBAAM,IAAI,6BAA6B,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC5D,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACnD,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzC,UAAU,CAAC,MAAM,GAAG,kBAAkB,CAAA;QACxC,CAAC;aAAM,IAAI,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,UAAU,CAAC,MAAM,GAAG,SAAS,CAAA;QAC/B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED,IAAI,aAAa,GAAqB,kBAAkB,CAAA;IACxD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC5D,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QAClE,aAAa,GAAG,kBAAkB,CAAA;IACpC,CAAC;SAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE,CAAC;QAC3D,aAAa,GAAG,SAAS,CAAA;IAC3B,CAAC;IAED,OAAO;QACL,MAAM,EAAE,aAAa;QACrB,UAAU,EAAE,QAAQ;KACrB,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,cAAkC,EAClC,OAAmB,EACnB,8BAAuC,EACvC,oBAA0C;IAE1C,MAAM,gBAAgB,GAAqB;QACzC,MAAM,EAAE,eAAe;QACvB,eAAe,EAAE,EAAE;QACnB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,EAAE;KACxB,CAAA;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,gBAAgB,CAAA;IACzB,CAAC;IAED,MAAM,qBAAqB,GAA2B;QACpD,OAAO;QACP,kBAAkB;QAClB,kBAAkB;KACnB,CAAA;IAED,KAAK,MAAM,SAAS,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QACpD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,eAAe,EAAE,GAAG,gCAAgC,CAC3F,OAAO,EACP,SAAS,CACV,CAAA;QACD,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,8BAA8B,CACrF,OAAO,EACP,SAAS,CACV,CAAA;QACD,IAAI,EACF,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,sBAAsB,EACvB,GAAG,iCAAiC,CAAC,OAAO,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAA;QAE/E,MAAM,yBAAyB,GAAqD,EAAE,CAAA;QAEtF;;;;;;;;;;;WAWG;QACH,IACE,8BAA8B;YAC9B,SAAS,CAAC,uBAAuB,EAAE;YACnC,SAAS,CAAC,MAAM,EAAE,KAAK,MAAM,EAC7B,CAAC;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,yBAAyB,CAAC,sBAAsB,GAAG,IAAI,CAAA;QACzD,CAAC;QAED,MAAM,EACJ,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,gBAAgB,EACzB,iBAAiB,EAClB,GAAG,wBAAwB,CAC1B,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,SAAS,CAAC,MAAM,EAAsB,EACtC,oBAAoB,CACrB,CAAA;QAED,MAAM,YAAY,GAAG,gBAAgB,CAAC;YACpC,WAAW;YACX,cAAc;YACd,cAAc;YACd,aAAa;SACd,CAAC,CAAA;QACF,MAAM,QAAQ,GAAsB;YAClC,SAAS;YACT,aAAa,EAAE,aAAa;YAC5B,WAAW;YACX,cAAc;YACd,cAAc;YACd,iBAAiB;YACjB,sBAAsB;YACtB,OAAO,EAAE,oBAAoB,CAC3B,SAAS,EACT,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,EACb,cAAc,EACd,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,GAAG,gBAAgB,EAAE,GAAG,gBAAgB,EAAE,CACnF;SACF,CAAA;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACrF,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAChD,CAAC;aAAM,IAAI,uBAAuB,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;YACtF,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,IACE,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC7F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACrF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,kBAAkB,CAAA;IAC9C,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,EAC9F,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACrC,CAAC;SAAM,IACL,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,mBAAmB,CAAC,EACtF,CAAC;QACD,gBAAgB,CAAC,MAAM,GAAG,mBAAmB,CAAA;IAC/C,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,MAAM,GAAG,iBAAiB,CAAA;IAC7C,CAAC;IAED,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,oBAA0C,EAC1C,OAAmB,EACnB,oBAA0C;IAE1C,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,uBAAuB,CAAC,oBAAoB,EAAE,OAAO,EAAE,oBAAoB,CAAC,CAAA;AACrF,CAAC;AAED,SAAS,oBAAoB,CAC3B,SAAoB,EACpB,YAAqB,EACrB,WAAoB,EACpB,cAAqC,EACrC,aAAsB,EACtB,cAAoC,EACpC,OAAkC;IAElC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE;QAC1B,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC3D,OAAO,EAAE,YAAY;QACrB,WAAW;QACX,cAAc;QACd,aAAa;QACb,cAAc,EAAE,cAAc,KAAK,OAAO;QAC1C,GAAG,OAAO;KACX,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,yBAAyB,CAChC,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C;IAE7C,OAAO;QACL,GAAG,EAAE,oBAAoB,CAAC,WAAW,CAAC,UAAU,CAAC;QACjD,GAAG,EAAE,oBAAoB,CAAC,WAAW,CAAC,UAAU,CAAC;QACjD,QAAQ,EAAE,oBAAoB,CAAC,CAAC,gBAAgB,CAAC,CAAC;QAClD,QAAQ,EAAE,oBAAoB,CAAC,CAAC,gBAAgB,CAAC,CAAC;QAClD,kBAAkB,EAAE,oBAAoB,CACtC,0BAA0B,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,CAAC,EAAE,CAC/D;KACF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAC3B,QAIG;IAEH,MAAM,KAAK,GAAgB,EAAE,CAAA;IAC7B,MAAM,IAAI,GAAgB,EAAE,CAAA;IAC5B,MAAM,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC;QACnD,GAAG,QAAQ,CAAC,eAAe;QAC3B,GAAG,QAAQ,CAAC,cAAc;QAC1B,GAAG,QAAQ,CAAC,mBAAmB;KAChC,CAAC,CAAA;IAEF,KAAK,MAAM,SAAS,IAAI,aAAa,EAAE,CAAC;QACtC,IAAI,SAAS,CAAC,iBAAiB,IAAI,SAAS,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1E,IAAI,SAAS,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;gBAClC,KAAK,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,iBAAiB,CAAC,CAAA;YAC5C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,iBAAiB,CAAC,CAAA;YAC3C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;AACxB,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAC7B,WAAwB,EACxB,WAAwB,EACxB,gBAAkC,EAClC,gBAAkC,EAClC,0BAA6C;IAE7C,OAAO,CACL,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;QAC7F,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACtE,0BAA0B,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC;QACjF,KAAK,CACN,CAAA;AACH,CAAC"}
|
package/dist/esm/evaluate.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { Condition } from '@cloud-copilot/iam-policy';
|
|
1
2
|
import { StatementAnalysis } from './StatementAnalysis.js';
|
|
2
3
|
export type EvaluationResult = 'Allowed' | 'ExplicitlyDenied' | 'ImplicitlyDenied';
|
|
3
4
|
export type ResourceEvaluationResult = 'NotApplicable' | 'Allowed' | 'ExplicitlyDenied' | 'AllowedForAccount' | 'DeniedForAccount' | 'ImplicityDenied';
|
|
@@ -41,6 +42,31 @@ export interface RcpAnalysis {
|
|
|
41
42
|
result: EvaluationResult;
|
|
42
43
|
ouAnalysis: OuRcpAnalysis[];
|
|
43
44
|
}
|
|
45
|
+
/**
|
|
46
|
+
* Conditions that were ignored during discovery mode.
|
|
47
|
+
*/
|
|
48
|
+
export interface IgnoredConditions {
|
|
49
|
+
scp: {
|
|
50
|
+
allow: Condition[];
|
|
51
|
+
deny: Condition[];
|
|
52
|
+
};
|
|
53
|
+
rcp: {
|
|
54
|
+
allow: Condition[];
|
|
55
|
+
deny: Condition[];
|
|
56
|
+
};
|
|
57
|
+
identity: {
|
|
58
|
+
allow: Condition[];
|
|
59
|
+
deny: Condition[];
|
|
60
|
+
};
|
|
61
|
+
resource: {
|
|
62
|
+
allow: Condition[];
|
|
63
|
+
deny: Condition[];
|
|
64
|
+
};
|
|
65
|
+
permissionBoundary: {
|
|
66
|
+
allow: Condition[];
|
|
67
|
+
deny: Condition[];
|
|
68
|
+
};
|
|
69
|
+
}
|
|
44
70
|
/**
|
|
45
71
|
* The analysis of a request.
|
|
46
72
|
*/
|
|
@@ -73,5 +99,13 @@ export interface RequestAnalysis {
|
|
|
73
99
|
* The result of the evaluation of the permission boundary.
|
|
74
100
|
*/
|
|
75
101
|
permissionBoundaryAnalysis?: IdentityAnalysis | undefined;
|
|
102
|
+
/**
|
|
103
|
+
* Any conditions that were ignored during discovery mode.
|
|
104
|
+
*/
|
|
105
|
+
ignoredConditions?: IgnoredConditions;
|
|
106
|
+
/**
|
|
107
|
+
* If the role session name was ignored during discovery mode.
|
|
108
|
+
*/
|
|
109
|
+
ignoredRoleSessionName?: boolean;
|
|
76
110
|
}
|
|
77
111
|
//# sourceMappingURL=evaluate.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"evaluate.d.ts","sourceRoot":"","sources":["../../src/evaluate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAE1D,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,kBAAkB,GAAG,kBAAkB,CAAA;AAClF,MAAM,MAAM,wBAAwB,GAChC,eAAe,GACf,SAAS,GACT,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,iBAAiB,CAAA;AAErB,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,wBAAwB,CAAA;IAChC,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAA;IACrB,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IACxB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAA;IACrB,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IACxB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IAExB;;OAEG;IACH,WAAW,EAAE,OAAO,CAAA;IAEpB;;OAEG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IAEnC;;OAEG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IAEnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAA;IAEzB;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAA;IAEzB;;OAEG;IACH,0BAA0B,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"evaluate.d.ts","sourceRoot":"","sources":["../../src/evaluate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAE1D,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,kBAAkB,GAAG,kBAAkB,CAAA;AAClF,MAAM,MAAM,wBAAwB,GAChC,eAAe,GACf,SAAS,GACT,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,iBAAiB,CAAA;AAErB,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,wBAAwB,CAAA;IAChC,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAA;IACrB,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IACxB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAA;IACrB,MAAM,EAAE,gBAAgB,CAAA;IACxB,cAAc,EAAE,iBAAiB,EAAE,CAAA;IACnC,eAAe,EAAE,iBAAiB,EAAE,CAAA;IACpC,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;CACzC;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IACxB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE;QACH,KAAK,EAAE,SAAS,EAAE,CAAA;QAClB,IAAI,EAAE,SAAS,EAAE,CAAA;KAClB,CAAA;IACD,GAAG,EAAE;QACH,KAAK,EAAE,SAAS,EAAE,CAAA;QAClB,IAAI,EAAE,SAAS,EAAE,CAAA;KAClB,CAAA;IACD,QAAQ,EAAE;QACR,KAAK,EAAE,SAAS,EAAE,CAAA;QAClB,IAAI,EAAE,SAAS,EAAE,CAAA;KAClB,CAAA;IACD,QAAQ,EAAE;QACR,KAAK,EAAE,SAAS,EAAE,CAAA;QAClB,IAAI,EAAE,SAAS,EAAE,CAAA;KAClB,CAAA;IACD,kBAAkB,EAAE;QAClB,KAAK,EAAE,SAAS,EAAE,CAAA;QAClB,IAAI,EAAE,SAAS,EAAE,CAAA;KAClB,CAAA;CACF;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,MAAM,EAAE,gBAAgB,CAAA;IAExB;;OAEG;IACH,WAAW,EAAE,OAAO,CAAA;IAEpB;;OAEG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IAEnC;;OAEG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IAEnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAA;IAEzB;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAA;IAEzB;;OAEG;IACH,0BAA0B,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAAA;IAEzD;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAA;IAErC;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC"}
|
|
@@ -34,7 +34,7 @@ export interface ConditionExplain {
|
|
|
34
34
|
*/
|
|
35
35
|
conditionKeyValue: string;
|
|
36
36
|
/**
|
|
37
|
-
* The resolved
|
|
37
|
+
* The resolved value of the condition key
|
|
38
38
|
*/
|
|
39
39
|
resolvedConditionKeyValue?: string;
|
|
40
40
|
values: ConditionValueExplain | ConditionValueExplain[];
|
|
@@ -61,12 +61,7 @@ export interface ConditionExplain {
|
|
|
61
61
|
*/
|
|
62
62
|
failedBecauseArray?: boolean;
|
|
63
63
|
/**
|
|
64
|
-
*
|
|
65
|
-
* Caused by a set operation being used on a context key that was not an array.
|
|
66
|
-
*/
|
|
67
|
-
failedBecauseNotArray?: boolean;
|
|
68
|
-
/**
|
|
69
|
-
* Was the base operator in the condition statment not found
|
|
64
|
+
* Was the base operator in the condition statement not found
|
|
70
65
|
*/
|
|
71
66
|
missingOperator?: boolean;
|
|
72
67
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"statementExplain.d.ts","sourceRoot":"","sources":["../../../src/explain/statementExplain.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,qBAAqB,GAC7B,OAAO,GACP,SAAS,GACT,mBAAmB,GACnB,kBAAkB,GAClB,kBAAkB,CAAA;AAEtB,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,qBAAqB,CAAA;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAA;IACb,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,EAAE,OAAO,CAAA;IAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,sBAAsB,CAAC,EAAE,MAAM,EAAE,CAAA;IACjC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAA;IAEhB;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAA;IAEzB;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAA;IAClC,MAAM,EAAE,qBAAqB,GAAG,qBAAqB,EAAE,CAAA;IAEvD;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAE1B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAE/B;;OAEG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAE5B
|
|
1
|
+
{"version":3,"file":"statementExplain.d.ts","sourceRoot":"","sources":["../../../src/explain/statementExplain.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,qBAAqB,GAC7B,OAAO,GACP,SAAS,GACT,mBAAmB,GACnB,kBAAkB,GAClB,kBAAkB,CAAA;AAEtB,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,qBAAqB,CAAA;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAA;IACb,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,EAAE,OAAO,CAAA;IAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,sBAAsB,CAAC,EAAE,MAAM,EAAE,CAAA;IACjC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAA;IAEhB;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAA;IAEzB;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAA;IAClC,MAAM,EAAE,qBAAqB,GAAG,qBAAqB,EAAE,CAAA;IAEvD;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAE1B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAE/B;;OAEG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAE5B;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,OAAO,CAAA;IACpB,aAAa,EAAE,OAAO,CAAA;IACtB,cAAc,EAAE,qBAAqB,CAAA;IACrC,cAAc,EAAE,OAAO,CAAA;IAEvB,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,CAAC,EAAE,aAAa,GAAG,aAAa,EAAE,CAAA;IACzC,UAAU,CAAC,EAAE,aAAa,GAAG,aAAa,EAAE,CAAA;IAC5C,SAAS,CAAC,EAAE,eAAe,GAAG,eAAe,EAAE,CAAA;IAC/C,YAAY,CAAC,EAAE,eAAe,GAAG,eAAe,EAAE,CAAA;IAClD,UAAU,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAA;IAClD,aAAa,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,EAAE,CAAA;IACrD,UAAU,CAAC,EAAE,gBAAgB,EAAE,CAAA;IAE/B;;;;;;;OAOG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"statementExplain.js","sourceRoot":"","sources":["../../../src/explain/statementExplain.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"statementExplain.js","sourceRoot":"","sources":["../../../src/explain/statementExplain.ts"],"names":[],"mappings":";AAkHA;;;EAGE"}
|
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
import { Principal, Statement } from '@cloud-copilot/iam-policy';
|
|
2
|
+
import { SimulationParameters } from '../core_engine/CoreSimulatorEngine.js';
|
|
2
3
|
import { PrincipalExplain, StatementExplain } from '../explain/statementExplain.js';
|
|
3
4
|
import { AwsRequest } from '../request/request.js';
|
|
5
|
+
interface PrincipalAnalysis {
|
|
6
|
+
explain: PrincipalExplain;
|
|
7
|
+
ignoredRoleSessionName?: boolean;
|
|
8
|
+
}
|
|
4
9
|
export type PrincipalMatchResult = 'Match' | 'NoMatch' | 'AccountLevelMatch' | 'SessionRoleMatch' | 'SessionUserMatch';
|
|
5
10
|
/**
|
|
6
11
|
* Check to see if a request matches a Principal element in an IAM policy statement
|
|
@@ -9,9 +14,10 @@ export type PrincipalMatchResult = 'Match' | 'NoMatch' | 'AccountLevelMatch' | '
|
|
|
9
14
|
* @param principal the list of principals in the Principal element of the Statement
|
|
10
15
|
* @returns if the request matches the Principal element, and if so, how it matches
|
|
11
16
|
*/
|
|
12
|
-
export declare function requestMatchesPrincipal(request: AwsRequest, principal: Principal[]): {
|
|
17
|
+
export declare function requestMatchesPrincipal(request: AwsRequest, principal: Principal[], simulationParameters: SimulationParameters): {
|
|
13
18
|
matches: PrincipalMatchResult;
|
|
14
19
|
explains: PrincipalExplain[];
|
|
20
|
+
ignoredRoleSessionName?: boolean;
|
|
15
21
|
};
|
|
16
22
|
/**
|
|
17
23
|
* Check to see if a request matches a NotPrincipal element in an IAM policy statement
|
|
@@ -20,7 +26,7 @@ export declare function requestMatchesPrincipal(request: AwsRequest, principal:
|
|
|
20
26
|
* @param notPrincipal the list of principals in the NotPrincipal element of the Statement
|
|
21
27
|
* @returns
|
|
22
28
|
*/
|
|
23
|
-
export declare function requestMatchesNotPrincipal(request: AwsRequest, notPrincipal: Principal[]): {
|
|
29
|
+
export declare function requestMatchesNotPrincipal(request: AwsRequest, notPrincipal: Principal[], simulationParameters: SimulationParameters): {
|
|
24
30
|
matches: PrincipalMatchResult;
|
|
25
31
|
explains: PrincipalExplain[];
|
|
26
32
|
};
|
|
@@ -31,7 +37,7 @@ export declare function requestMatchesNotPrincipal(request: AwsRequest, notPrinc
|
|
|
31
37
|
* @param principalStatement the principal statement to check the request against
|
|
32
38
|
* @returns if the request matches the principal statement, and if so, how it matches
|
|
33
39
|
*/
|
|
34
|
-
export declare function requestMatchesPrincipalStatement(request: AwsRequest, principalStatement: Principal):
|
|
40
|
+
export declare function requestMatchesPrincipalStatement(request: AwsRequest, principalStatement: Principal, simulationParameters: SimulationParameters): PrincipalAnalysis;
|
|
35
41
|
/**
|
|
36
42
|
* Get a user ARN from a federated user ARN
|
|
37
43
|
*
|
|
@@ -46,8 +52,10 @@ export declare function userArnFromFederatedUserArn(federatedUserArn: string): s
|
|
|
46
52
|
* @param statement the statement to check against
|
|
47
53
|
* @returns true if the request matches the resources in the statement, false otherwise
|
|
48
54
|
*/
|
|
49
|
-
export declare function requestMatchesStatementPrincipals(request: AwsRequest, statement: Statement): {
|
|
55
|
+
export declare function requestMatchesStatementPrincipals(request: AwsRequest, statement: Statement, simulationParameters: SimulationParameters): {
|
|
50
56
|
matches: PrincipalMatchResult;
|
|
51
57
|
details: Pick<StatementExplain, 'principals' | 'notPrincipals'>;
|
|
58
|
+
ignoredRoleSessionName?: boolean;
|
|
52
59
|
};
|
|
60
|
+
export {};
|
|
53
61
|
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAMhE,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AACnF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAMhE,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAA;AAC5E,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAA;AACnF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAElD,UAAU,iBAAiB;IACzB,OAAO,EAAE,gBAAgB,CAAA;IACzB,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC;AAgBD,MAAM,MAAM,oBAAoB,GAC5B,OAAO,GACP,SAAS,GACT,mBAAmB,GACnB,kBAAkB,GAClB,kBAAkB,CAAA;AAEtB;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,SAAS,EAAE,EACtB,oBAAoB,EAAE,oBAAoB,GACzC;IACD,OAAO,EAAE,oBAAoB,CAAA;IAC7B,QAAQ,EAAE,gBAAgB,EAAE,CAAA;IAC5B,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC,CAoDA;AAED;;;;;;GAMG;AACH,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,UAAU,EACnB,YAAY,EAAE,SAAS,EAAE,EACzB,oBAAoB,EAAE,oBAAoB,GACzC;IAAE,OAAO,EAAE,oBAAoB,CAAC;IAAC,QAAQ,EAAE,gBAAgB,EAAE,CAAA;CAAE,CAwCjE;AAED;;;;;;GAMG;AACH,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,UAAU,EACnB,kBAAkB,EAAE,SAAS,EAC7B,oBAAoB,EAAE,oBAAoB,GACzC,iBAAiB,CAyJnB;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAK5E;AAED;;;;;;GAMG;AACH,wBAAgB,iCAAiC,CAC/C,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,SAAS,EACpB,oBAAoB,EAAE,oBAAoB,GACzC;IACD,OAAO,EAAE,oBAAoB,CAAA;IAC7B,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE,YAAY,GAAG,eAAe,CAAC,CAAA;IAC/D,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC,CAiBA"}
|
|
@@ -6,9 +6,11 @@ import { convertAssumedRoleArnToRoleArn, isAssumedRoleArn, isFederatedUserArn }
|
|
|
6
6
|
* @param principal the list of principals in the Principal element of the Statement
|
|
7
7
|
* @returns if the request matches the Principal element, and if so, how it matches
|
|
8
8
|
*/
|
|
9
|
-
export function requestMatchesPrincipal(request, principal) {
|
|
10
|
-
const
|
|
11
|
-
|
|
9
|
+
export function requestMatchesPrincipal(request, principal, simulationParameters) {
|
|
10
|
+
const analyses = principal.map((principalStatement) => requestMatchesPrincipalStatement(request, principalStatement, simulationParameters));
|
|
11
|
+
const explains = analyses.map((a) => a.explain);
|
|
12
|
+
// First check if any principal match without ignoring the role session name
|
|
13
|
+
if (analyses.some((anys) => anys.explain.matches === 'Match' && !anys.ignoredRoleSessionName)) {
|
|
12
14
|
return {
|
|
13
15
|
matches: 'Match',
|
|
14
16
|
explains
|
|
@@ -26,6 +28,15 @@ export function requestMatchesPrincipal(request, principal) {
|
|
|
26
28
|
explains
|
|
27
29
|
};
|
|
28
30
|
}
|
|
31
|
+
// If there was a match, ignoring the role session name, and the simulation mode is Discovery,
|
|
32
|
+
if (simulationParameters.simulationMode === 'Discovery' &&
|
|
33
|
+
analyses.some((any) => any.explain.matches === 'Match' && any.ignoredRoleSessionName)) {
|
|
34
|
+
return {
|
|
35
|
+
matches: 'Match',
|
|
36
|
+
explains,
|
|
37
|
+
ignoredRoleSessionName: true // This matched one role session, but it was ignored
|
|
38
|
+
};
|
|
39
|
+
}
|
|
29
40
|
if (explains.some((exp) => exp.matches === 'AccountLevelMatch')) {
|
|
30
41
|
return {
|
|
31
42
|
matches: 'AccountLevelMatch',
|
|
@@ -44,44 +55,38 @@ export function requestMatchesPrincipal(request, principal) {
|
|
|
44
55
|
* @param notPrincipal the list of principals in the NotPrincipal element of the Statement
|
|
45
56
|
* @returns
|
|
46
57
|
*/
|
|
47
|
-
export function requestMatchesNotPrincipal(request, notPrincipal) {
|
|
58
|
+
export function requestMatchesNotPrincipal(request, notPrincipal, simulationParameters) {
|
|
48
59
|
// const matches = notPrincipal.map(principalStatement => requestMatchesPrincipalStatement(request, principalStatement))
|
|
49
|
-
const
|
|
50
|
-
const
|
|
60
|
+
const analyses = notPrincipal.map((principalStatement) => {
|
|
61
|
+
const analysis = requestMatchesPrincipalStatement(request, principalStatement, simulationParameters);
|
|
51
62
|
/**
|
|
52
63
|
* Need to do research on this. If there is an account level match on a NotPrincipal, does that
|
|
53
64
|
* mean it tentatively matches the NotPrincipal, or does it mean it does not match the NotPrincipal?
|
|
54
65
|
*
|
|
55
66
|
* We need to test this.
|
|
56
67
|
*/
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
explain.matches === '
|
|
60
|
-
explain.matches === '
|
|
61
|
-
explain.matches
|
|
68
|
+
// Invert the match result for NotPrincipal
|
|
69
|
+
if (analysis.explain.matches === 'Match' ||
|
|
70
|
+
analysis.explain.matches === 'AccountLevelMatch' ||
|
|
71
|
+
analysis.explain.matches === 'SessionRoleMatch' ||
|
|
72
|
+
analysis.explain.matches === 'SessionUserMatch') {
|
|
73
|
+
analysis.explain.matches = 'NoMatch';
|
|
62
74
|
}
|
|
63
75
|
else {
|
|
64
|
-
explain.matches = 'Match';
|
|
76
|
+
analysis.explain.matches = 'Match';
|
|
65
77
|
}
|
|
66
|
-
return
|
|
78
|
+
return analysis;
|
|
67
79
|
});
|
|
68
|
-
if (
|
|
80
|
+
if (analyses.some((exp) => exp.explain.matches === 'NoMatch')) {
|
|
69
81
|
return {
|
|
70
82
|
matches: 'NoMatch',
|
|
71
|
-
explains
|
|
83
|
+
explains: analyses.map((a) => a.explain)
|
|
72
84
|
};
|
|
73
85
|
}
|
|
74
86
|
return {
|
|
75
87
|
matches: 'Match',
|
|
76
|
-
explains
|
|
88
|
+
explains: analyses.map((a) => a.explain)
|
|
77
89
|
};
|
|
78
|
-
// if(matches.includes('Match')) {
|
|
79
|
-
// return 'NoMatch'
|
|
80
|
-
// }
|
|
81
|
-
// if(matches.includes('AccountLevelMatch')) {
|
|
82
|
-
// return 'NoMatch'
|
|
83
|
-
// }
|
|
84
|
-
// return 'Match'
|
|
85
90
|
}
|
|
86
91
|
/**
|
|
87
92
|
* Check to see if a request matches a principal statement
|
|
@@ -90,59 +95,77 @@ export function requestMatchesNotPrincipal(request, notPrincipal) {
|
|
|
90
95
|
* @param principalStatement the principal statement to check the request against
|
|
91
96
|
* @returns if the request matches the principal statement, and if so, how it matches
|
|
92
97
|
*/
|
|
93
|
-
export function requestMatchesPrincipalStatement(request, principalStatement) {
|
|
98
|
+
export function requestMatchesPrincipalStatement(request, principalStatement, simulationParameters) {
|
|
94
99
|
if (principalStatement.isServicePrincipal()) {
|
|
95
100
|
if (principalStatement.service() === request.principal.value()) {
|
|
96
101
|
return {
|
|
97
|
-
|
|
98
|
-
|
|
102
|
+
explain: {
|
|
103
|
+
matches: 'Match',
|
|
104
|
+
principal: principalStatement.value()
|
|
105
|
+
}
|
|
99
106
|
};
|
|
100
107
|
}
|
|
101
108
|
return {
|
|
102
|
-
|
|
103
|
-
|
|
109
|
+
explain: {
|
|
110
|
+
matches: 'NoMatch',
|
|
111
|
+
principal: principalStatement.value()
|
|
112
|
+
}
|
|
104
113
|
};
|
|
105
114
|
}
|
|
106
115
|
if (principalStatement.isCanonicalUserPrincipal()) {
|
|
107
116
|
if (principalStatement.canonicalUser() === request.principal.value()) {
|
|
108
117
|
return {
|
|
109
|
-
|
|
110
|
-
|
|
118
|
+
explain: {
|
|
119
|
+
matches: 'Match',
|
|
120
|
+
principal: principalStatement.value()
|
|
121
|
+
}
|
|
111
122
|
};
|
|
112
123
|
}
|
|
113
124
|
return {
|
|
114
|
-
|
|
115
|
-
|
|
125
|
+
explain: {
|
|
126
|
+
matches: 'NoMatch',
|
|
127
|
+
principal: principalStatement.value()
|
|
128
|
+
}
|
|
116
129
|
};
|
|
117
130
|
}
|
|
118
131
|
if (principalStatement.isFederatedPrincipal()) {
|
|
119
132
|
if (principalStatement.federated() === request.principal.value()) {
|
|
120
133
|
return {
|
|
121
|
-
|
|
122
|
-
|
|
134
|
+
explain: {
|
|
135
|
+
matches: 'Match',
|
|
136
|
+
principal: principalStatement.value()
|
|
137
|
+
}
|
|
123
138
|
};
|
|
124
139
|
}
|
|
125
140
|
return {
|
|
126
|
-
|
|
127
|
-
|
|
141
|
+
explain: {
|
|
142
|
+
matches: 'NoMatch',
|
|
143
|
+
principal: principalStatement.value()
|
|
144
|
+
}
|
|
128
145
|
};
|
|
129
146
|
}
|
|
130
147
|
if (principalStatement.isWildcardPrincipal()) {
|
|
131
148
|
return {
|
|
132
|
-
|
|
133
|
-
|
|
149
|
+
explain: {
|
|
150
|
+
matches: 'Match',
|
|
151
|
+
principal: principalStatement.value()
|
|
152
|
+
}
|
|
134
153
|
};
|
|
135
154
|
}
|
|
136
155
|
if (principalStatement.isAccountPrincipal()) {
|
|
137
156
|
if (principalStatement.accountId() === request.principal.accountId()) {
|
|
138
157
|
return {
|
|
139
|
-
|
|
140
|
-
|
|
158
|
+
explain: {
|
|
159
|
+
matches: 'AccountLevelMatch',
|
|
160
|
+
principal: principalStatement.value()
|
|
161
|
+
}
|
|
141
162
|
};
|
|
142
163
|
}
|
|
143
164
|
return {
|
|
144
|
-
|
|
145
|
-
|
|
165
|
+
explain: {
|
|
166
|
+
matches: 'NoMatch',
|
|
167
|
+
principal: principalStatement.value()
|
|
168
|
+
}
|
|
146
169
|
};
|
|
147
170
|
}
|
|
148
171
|
if (principalStatement.isAwsPrincipal()) {
|
|
@@ -151,33 +174,69 @@ export function requestMatchesPrincipalStatement(request, principalStatement) {
|
|
|
151
174
|
const roleArn = convertAssumedRoleArnToRoleArn(sessionArn);
|
|
152
175
|
if (principalStatement.arn() === roleArn) {
|
|
153
176
|
return {
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
177
|
+
explain: {
|
|
178
|
+
matches: 'SessionRoleMatch',
|
|
179
|
+
principal: principalStatement.value(),
|
|
180
|
+
roleForSessionArn: roleArn
|
|
181
|
+
}
|
|
157
182
|
};
|
|
158
183
|
}
|
|
159
184
|
}
|
|
160
185
|
else if (isFederatedUserArn(request.principal.value())) {
|
|
186
|
+
// TODO: This is wrong, have to receive the User ARN from the request
|
|
161
187
|
const sessionArn = request.principal.value();
|
|
162
188
|
const userArn = userArnFromFederatedUserArn(sessionArn);
|
|
163
189
|
if (principalStatement.arn() === userArn) {
|
|
164
190
|
return {
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
191
|
+
explain: {
|
|
192
|
+
matches: 'SessionUserMatch',
|
|
193
|
+
principal: principalStatement.value(),
|
|
194
|
+
userForSessionArn: userArn
|
|
195
|
+
}
|
|
168
196
|
};
|
|
169
197
|
}
|
|
170
198
|
}
|
|
171
199
|
if (principalStatement.arn() === request.principal.value()) {
|
|
172
200
|
return {
|
|
173
|
-
|
|
174
|
-
|
|
201
|
+
explain: {
|
|
202
|
+
matches: 'Match',
|
|
203
|
+
principal: principalStatement.value()
|
|
204
|
+
}
|
|
175
205
|
};
|
|
176
206
|
}
|
|
207
|
+
/*
|
|
208
|
+
If:
|
|
209
|
+
- The simulation mode is Discovery
|
|
210
|
+
- The principal in the statement is an assumed role ARN
|
|
211
|
+
- The principal in the request is a Role or assumed role ARN
|
|
212
|
+
- The base role ARN of the principal in the request matches the base role ARN in the statement
|
|
213
|
+
Then:
|
|
214
|
+
- Return a Match for the principal
|
|
215
|
+
- Indicate that the role session name was ignored for evaluation purposes
|
|
216
|
+
*/
|
|
217
|
+
if (simulationParameters.simulationMode === 'Discovery' &&
|
|
218
|
+
isAssumedRoleArn(principalStatement.arn())) {
|
|
219
|
+
const principalRoleArn = convertAssumedRoleArnToRoleArn(principalStatement.arn());
|
|
220
|
+
let requestRoleArn = request.principal.value();
|
|
221
|
+
if (isAssumedRoleArn(requestRoleArn)) {
|
|
222
|
+
requestRoleArn = convertAssumedRoleArnToRoleArn(requestRoleArn);
|
|
223
|
+
}
|
|
224
|
+
if (principalRoleArn === requestRoleArn) {
|
|
225
|
+
return {
|
|
226
|
+
explain: {
|
|
227
|
+
matches: 'Match',
|
|
228
|
+
principal: principalStatement.value()
|
|
229
|
+
},
|
|
230
|
+
ignoredRoleSessionName: true // This is a role session math with the session name ignored
|
|
231
|
+
};
|
|
232
|
+
}
|
|
233
|
+
}
|
|
177
234
|
}
|
|
178
235
|
return {
|
|
179
|
-
|
|
180
|
-
|
|
236
|
+
explain: {
|
|
237
|
+
matches: 'NoMatch',
|
|
238
|
+
principal: principalStatement.value()
|
|
239
|
+
}
|
|
181
240
|
};
|
|
182
241
|
}
|
|
183
242
|
/**
|
|
@@ -199,13 +258,13 @@ export function userArnFromFederatedUserArn(federatedUserArn) {
|
|
|
199
258
|
* @param statement the statement to check against
|
|
200
259
|
* @returns true if the request matches the resources in the statement, false otherwise
|
|
201
260
|
*/
|
|
202
|
-
export function requestMatchesStatementPrincipals(request, statement) {
|
|
261
|
+
export function requestMatchesStatementPrincipals(request, statement, simulationParameters) {
|
|
203
262
|
if (statement.isPrincipalStatement()) {
|
|
204
|
-
const { matches, explains } = requestMatchesPrincipal(request, statement.principals());
|
|
205
|
-
return { matches, details: { principals: explains } };
|
|
263
|
+
const { matches, explains, ignoredRoleSessionName } = requestMatchesPrincipal(request, statement.principals(), simulationParameters);
|
|
264
|
+
return { matches, details: { principals: explains }, ignoredRoleSessionName };
|
|
206
265
|
}
|
|
207
266
|
else if (statement.isNotPrincipalStatement()) {
|
|
208
|
-
const { matches, explains } = requestMatchesNotPrincipal(request, statement.notPrincipals());
|
|
267
|
+
const { matches, explains } = requestMatchesNotPrincipal(request, statement.notPrincipals(), simulationParameters);
|
|
209
268
|
return { matches, details: { notPrincipals: explains } };
|
|
210
269
|
}
|
|
211
270
|
throw new Error('Statement should have Principal or NotPrincipal');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principal/principal.ts"],"names":[],"mappings":"AACA,OAAO,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,kBAAkB,EACnB,MAAM,0BAA0B,CAAA;
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../../src/principal/principal.ts"],"names":[],"mappings":"AACA,OAAO,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,kBAAkB,EACnB,MAAM,0BAA0B,CAAA;AA+BjC;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,OAAmB,EACnB,SAAsB,EACtB,oBAA0C;IAM1C,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE,CACpD,gCAAgC,CAAC,OAAO,EAAE,kBAAkB,EAAE,oBAAoB,CAAC,CACpF,CAAA;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;IAE/C,4EAA4E;IAC5E,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,KAAK,OAAO,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,EAAE,CAAC;QAC9F,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,QAAQ;SACT,CAAA;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC/D,OAAO;YACL,OAAO,EAAE,kBAAkB;YAC3B,QAAQ;SACT,CAAA;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,KAAK,kBAAkB,CAAC,EAAE,CAAC;QAC/D,OAAO;YACL,OAAO,EAAE,kBAAkB;YAC3B,QAAQ;SACT,CAAA;IACH,CAAC;IAED,8FAA8F;IAC9F,IACE,oBAAoB,CAAC,cAAc,KAAK,WAAW;QACnD,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,KAAK,OAAO,IAAI,GAAG,CAAC,sBAAsB,CAAC,EACrF,CAAC;QACD,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,QAAQ;YACR,sBAAsB,EAAE,IAAI,CAAC,oDAAoD;SAClF,CAAA;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,KAAK,mBAAmB,CAAC,EAAE,CAAC;QAChE,OAAO;YACL,OAAO,EAAE,mBAAmB;YAC5B,QAAQ;SACT,CAAA;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,SAAS;QAClB,QAAQ;KACT,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,0BAA0B,CACxC,OAAmB,EACnB,YAAyB,EACzB,oBAA0C;IAE1C,wHAAwH;IACxH,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;QACvD,MAAM,QAAQ,GAAG,gCAAgC,CAC/C,OAAO,EACP,kBAAkB,EAClB,oBAAoB,CACrB,CAAA;QACD;;;;;WAKG;QAEH,2CAA2C;QAC3C,IACE,QAAQ,CAAC,OAAO,CAAC,OAAO,KAAK,OAAO;YACpC,QAAQ,CAAC,OAAO,CAAC,OAAO,KAAK,mBAAmB;YAChD,QAAQ,CAAC,OAAO,CAAC,OAAO,KAAK,kBAAkB;YAC/C,QAAQ,CAAC,OAAO,CAAC,OAAO,KAAK,kBAAkB,EAC/C,CAAC;YACD,QAAQ,CAAC,OAAO,CAAC,OAAO,GAAG,SAAS,CAAA;QACtC,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAA;QACpC,CAAC;QACD,OAAO,QAAQ,CAAA;IACjB,CAAC,CAAC,CAAA;IAEF,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,KAAK,SAAS,CAAC,EAAE,CAAC;QAC9D,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;SACzC,CAAA;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,OAAO;QAChB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;KACzC,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gCAAgC,CAC9C,OAAmB,EACnB,kBAA6B,EAC7B,oBAA0C;IAE1C,IAAI,kBAAkB,CAAC,kBAAkB,EAAE,EAAE,CAAC;QAC5C,IAAI,kBAAkB,CAAC,OAAO,EAAE,KAAK,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC;YAC/D,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO,EAAE,OAAO;oBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;iBACtC;aACF,CAAA;QACH,CAAC;QACD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO,EAAE,SAAS;gBAClB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;aACtC;SACF,CAAA;IACH,CAAC;IAED,IAAI,kBAAkB,CAAC,wBAAwB,EAAE,EAAE,CAAC;QAClD,IAAI,kBAAkB,CAAC,aAAa,EAAE,KAAK,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC;YACrE,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO,EAAE,OAAO;oBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;iBACtC;aACF,CAAA;QACH,CAAC;QACD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO,EAAE,SAAS;gBAClB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;aACtC;SACF,CAAA;IACH,CAAC;IAED,IAAI,kBAAkB,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC9C,IAAI,kBAAkB,CAAC,SAAS,EAAE,KAAK,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC;YACjE,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO,EAAE,OAAO;oBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;iBACtC;aACF,CAAA;QACH,CAAC;QACD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO,EAAE,SAAS;gBAClB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;aACtC;SACF,CAAA;IACH,CAAC;IAED,IAAI,kBAAkB,CAAC,mBAAmB,EAAE,EAAE,CAAC;QAC7C,OAAO;YACL,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO;gBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;aACtC;SACF,CAAA;IACH,CAAC;IAED,IAAI,kBAAkB,CAAC,kBAAkB,EAAE,EAAE,CAAC;QAC5C,IAAI,kBAAkB,CAAC,SAAS,EAAE,KAAK,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,CAAC;YACrE,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO,EAAE,mBAAmB;oBAC5B,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;iBACtC;aACF,CAAA;QACH,CAAC;QACD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO,EAAE,SAAS;gBAClB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;aACtC;SACF,CAAA;IACH,CAAC;IAED,IAAI,kBAAkB,CAAC,cAAc,EAAE,EAAE,CAAC;QACxC,IAAI,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;YAChD,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC5C,MAAM,OAAO,GAAG,8BAA8B,CAAC,UAAU,CAAC,CAAA;YAC1D,IAAI,kBAAkB,CAAC,GAAG,EAAE,KAAK,OAAO,EAAE,CAAC;gBACzC,OAAO;oBACL,OAAO,EAAE;wBACP,OAAO,EAAE,kBAAkB;wBAC3B,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;wBACrC,iBAAiB,EAAE,OAAO;qBAC3B;iBACF,CAAA;YACH,CAAC;QACH,CAAC;aAAM,IAAI,kBAAkB,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;YACzD,qEAAqE;YACrE,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC5C,MAAM,OAAO,GAAG,2BAA2B,CAAC,UAAU,CAAC,CAAA;YACvD,IAAI,kBAAkB,CAAC,GAAG,EAAE,KAAK,OAAO,EAAE,CAAC;gBACzC,OAAO;oBACL,OAAO,EAAE;wBACP,OAAO,EAAE,kBAAkB;wBAC3B,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;wBACrC,iBAAiB,EAAE,OAAO;qBAC3B;iBACF,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,kBAAkB,CAAC,GAAG,EAAE,KAAK,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC;YAC3D,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO,EAAE,OAAO;oBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;iBACtC;aACF,CAAA;QACH,CAAC;QAED;;;;;;;;;UASE;QACF,IACE,oBAAoB,CAAC,cAAc,KAAK,WAAW;YACnD,gBAAgB,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,EAC1C,CAAC;YACD,MAAM,gBAAgB,GAAG,8BAA8B,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,CAAA;YACjF,IAAI,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC9C,IAAI,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;gBACrC,cAAc,GAAG,8BAA8B,CAAC,cAAc,CAAC,CAAA;YACjE,CAAC;YAED,IAAI,gBAAgB,KAAK,cAAc,EAAE,CAAC;gBACxC,OAAO;oBACL,OAAO,EAAE;wBACP,OAAO,EAAE,OAAO;wBAChB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;qBACtC;oBACD,sBAAsB,EAAE,IAAI,CAAC,4DAA4D;iBAC1F,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE;YACP,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE;SACtC;KACF,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B,CAAC,gBAAwB;IAClE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5C,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;IACjC,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;IAC1D,OAAO,gBAAgB,QAAQ,CAAC,CAAC,CAAC,SAAS,QAAQ,EAAE,CAAA;AACvD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iCAAiC,CAC/C,OAAmB,EACnB,SAAoB,EACpB,oBAA0C;IAM1C,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;QACrC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,sBAAsB,EAAE,GAAG,uBAAuB,CAC3E,OAAO,EACP,SAAS,CAAC,UAAU,EAAE,EACtB,oBAAoB,CACrB,CAAA;QACD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,sBAAsB,EAAE,CAAA;IAC/E,CAAC;SAAM,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;QAC/C,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,0BAA0B,CACtD,OAAO,EACP,SAAS,CAAC,aAAa,EAAE,EACzB,oBAAoB,CACrB,CAAA;QACD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,QAAQ,EAAE,EAAE,CAAA;IAC1D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;AACpE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DefaultServiceAuthorizer.d.ts","sourceRoot":"","sources":["../../../src/services/DefaultServiceAuthorizer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"DefaultServiceAuthorizer.d.ts","sourceRoot":"","sources":["../../../src/services/DefaultServiceAuthorizer.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAA;AAClE,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAC/D,OAAO,EAAE,2BAA2B,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAEvF;;GAEG;AACH,qBAAa,wBAAyB,YAAW,iBAAiB;IAChE;;;;;OAKG;IACI,SAAS,CAAC,OAAO,EAAE,2BAA2B,GAAG,eAAe;IAwMvE;;;;;;OAMG;IACH,6BAA6B,CAC3B,WAAW,EAAE,OAAO,EACpB,gBAAgB,EAAE,gBAAgB,EAClC,QAAQ,EAAE,eAAe,GACxB,OAAO;CASX"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { isAssumedRoleArn, isFederatedUserArn, isIamUserArn, isServicePrincipal } from '@cloud-copilot/iam-utils';
|
|
1
|
+
import { isAssumedRoleArn, isFederatedUserArn, isIamRoleArn, isIamUserArn, isServicePrincipal } from '@cloud-copilot/iam-utils';
|
|
2
2
|
/**
|
|
3
3
|
* The default authorizer for services.
|
|
4
4
|
*/
|
|
@@ -84,6 +84,15 @@ export class DefaultServiceAuthorizer {
|
|
|
84
84
|
*/
|
|
85
85
|
if (resourcePolicyResult === 'Allowed') {
|
|
86
86
|
const principal = request.request.principal.value();
|
|
87
|
+
if (isIamRoleArn(principal) &&
|
|
88
|
+
request.simulationParameters.simulationMode === 'Discovery') {
|
|
89
|
+
if (request.resourceAnalysis.allowStatements.some((statement) => statement.principalMatch === 'Match' && statement.ignoredRoleSessionName)) {
|
|
90
|
+
return {
|
|
91
|
+
result: 'Allowed',
|
|
92
|
+
...baseResult
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
}
|
|
87
96
|
if (isAssumedRoleArn(principal) ||
|
|
88
97
|
isIamUserArn(principal) ||
|
|
89
98
|
isFederatedUserArn(principal)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DefaultServiceAuthorizer.js","sourceRoot":"","sources":["../../../src/services/DefaultServiceAuthorizer.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,kBAAkB,EACnB,MAAM,0BAA0B,CAAA;AAKjC;;GAEG;AACH,MAAM,OAAO,wBAAwB;IACnC;;;;;OAKG;IACI,SAAS,CAAC,OAAoC;QACnD,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAA;QAC5C,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAA;QAC5C,MAAM,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAA;QAC/D,MAAM,oBAAoB,GAAG,OAAO,CAAC,gBAAgB,EAAE,MAAM,CAAA;QAC7D,MAAM,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAA;QAE3E,MAAM,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,CAAA;QAC9D,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAA;QAC7D,MAAM,WAAW,GAAG,gBAAgB,KAAK,eAAe,CAAA;QAExD,MAAM,UAAU,GAQZ;YACF,WAAW;YACX,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;YAC1C,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;YAC1C,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;SAC/D,CAAA;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IACE,oBAAoB,KAAK,kBAAkB;YAC3C,oBAAoB,KAAK,kBAAkB,EAC3C,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,uBAAuB,KAAK,kBAAkB,EAAE,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;YACpD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,qBAAqB;QACrB,IAAI,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;YAC1D,oEAAoE;YACpE,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACvC,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,cAAc;QACd,IAAI,gBAAgB,KAAK,eAAe,EAAE,CAAC;YACzC,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;gBACpD;;;;;;;mBAOG;gBACH,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;oBACvC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;oBACnD,IACE,gBAAgB,CAAC,SAAS,CAAC;wBAC3B,YAAY,CAAC,SAAS,CAAC;wBACvB,kBAAkB,CAAC,SAAS,CAAC,EAC7B,CAAC;wBACD,IACE,OAAO,CAAC,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAC3C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,cAAc,KAAK,OAAO,CACpD,EACD,CAAC;4BACD,OAAO;gCACL,MAAM,EAAE,SAAS;gCACjB,GAAG,UAAU;6BACd,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO;oBACL,MAAM,EAAE,kBAAkB;oBAC1B,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YAED;;;;;;;;cAQE;YAEF,MAAM,cAAc,GAAG,IAAI,CAAC,6BAA6B,CACvD,WAAW,EACX,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,OAAO,CAAC,QAAQ,CACzB,CAAA;YACD,IACE,oBAAoB,KAAK,SAAS;gBAClC,CAAC,cAAc,IAAI,uBAAuB,KAAK,SAAS,CAAC,EACzD,CAAC;gBACD,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,eAAe;QACf,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;YACpD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,oBAAoB,KAAK,SAAS,IAAI,oBAAoB,KAAK,mBAAmB,EAAE,CAAC;YACvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;gBAC1C,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,OAAO;YACL,MAAM,EAAE,kBAAkB;YAC1B,GAAG,UAAU;SACd,CAAA;QAED;;;;;;;WAOG;IACL,CAAC;IAED;;;;;;OAMG;IACH,6BAA6B,CAC3B,WAAoB,EACpB,gBAAkC,EAClC,QAAyB;QAEzB,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAC1C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,cAAc,KAAK,mBAAmB,CAChE,CAAA;IACH,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"DefaultServiceAuthorizer.js","sourceRoot":"","sources":["../../../src/services/DefaultServiceAuthorizer.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,kBAAkB,EACnB,MAAM,0BAA0B,CAAA;AAKjC;;GAEG;AACH,MAAM,OAAO,wBAAwB;IACnC;;;;;OAKG;IACI,SAAS,CAAC,OAAoC;QACnD,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAA;QAC5C,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAA;QAC5C,MAAM,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAA;QAC/D,MAAM,oBAAoB,GAAG,OAAO,CAAC,gBAAgB,EAAE,MAAM,CAAA;QAC7D,MAAM,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAA;QAE3E,MAAM,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,CAAA;QAC9D,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAA;QAC7D,MAAM,WAAW,GAAG,gBAAgB,KAAK,eAAe,CAAA;QAExD,MAAM,UAAU,GAQZ;YACF,WAAW;YACX,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;YAC1C,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;YAC1C,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;SAC/D,CAAA;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IACE,oBAAoB,KAAK,kBAAkB;YAC3C,oBAAoB,KAAK,kBAAkB,EAC3C,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,uBAAuB,KAAK,kBAAkB,EAAE,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;YACpD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,qBAAqB;QACrB,IAAI,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;YAC1D,oEAAoE;YACpE,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACvC,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,cAAc;QACd,IAAI,gBAAgB,KAAK,eAAe,EAAE,CAAC;YACzC,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;gBACpD;;;;;;;mBAOG;gBACH,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;oBACvC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;oBACnD,IACE,YAAY,CAAC,SAAS,CAAC;wBACvB,OAAO,CAAC,oBAAoB,CAAC,cAAc,KAAK,WAAW,EAC3D,CAAC;wBACD,IACE,OAAO,CAAC,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAC3C,CAAC,SAAS,EAAE,EAAE,CACZ,SAAS,CAAC,cAAc,KAAK,OAAO,IAAI,SAAS,CAAC,sBAAsB,CAC3E,EACD,CAAC;4BACD,OAAO;gCACL,MAAM,EAAE,SAAS;gCACjB,GAAG,UAAU;6BACd,CAAA;wBACH,CAAC;oBACH,CAAC;oBAED,IACE,gBAAgB,CAAC,SAAS,CAAC;wBAC3B,YAAY,CAAC,SAAS,CAAC;wBACvB,kBAAkB,CAAC,SAAS,CAAC,EAC7B,CAAC;wBACD,IACE,OAAO,CAAC,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAC3C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,cAAc,KAAK,OAAO,CACpD,EACD,CAAC;4BACD,OAAO;gCACL,MAAM,EAAE,SAAS;gCACjB,GAAG,UAAU;6BACd,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO;oBACL,MAAM,EAAE,kBAAkB;oBAC1B,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YAED;;;;;;;;cAQE;YAEF,MAAM,cAAc,GAAG,IAAI,CAAC,6BAA6B,CACvD,WAAW,EACX,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,OAAO,CAAC,QAAQ,CACzB,CAAA;YACD,IACE,oBAAoB,KAAK,SAAS;gBAClC,CAAC,cAAc,IAAI,uBAAuB,KAAK,SAAS,CAAC,EACzD,CAAC;gBACD,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,eAAe;QACf,IAAI,wBAAwB,KAAK,kBAAkB,EAAE,CAAC;YACpD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,IAAI,oBAAoB,KAAK,SAAS,IAAI,oBAAoB,KAAK,mBAAmB,EAAE,CAAC;YACvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;gBAC1C,OAAO;oBACL,MAAM,EAAE,SAAS;oBACjB,GAAG,UAAU;iBACd,CAAA;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,UAAU;aACd,CAAA;QACH,CAAC;QAED,OAAO;YACL,MAAM,EAAE,kBAAkB;YAC1B,GAAG,UAAU;SACd,CAAA;QAED;;;;;;;WAOG;IACL,CAAC;IAED;;;;;;OAMG;IACH,6BAA6B,CAC3B,WAAoB,EACpB,gBAAkC,EAClC,QAAyB;QAEzB,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,gBAAgB,CAAC,eAAe,CAAC,IAAI,CAC1C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,cAAc,KAAK,mBAAmB,CAChE,CAAA;IACH,CAAC;CACF"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { SimulationParameters } from '../core_engine/CoreSimulatorEngine.js';
|
|
1
2
|
import { IdentityAnalysis, RcpAnalysis, RequestAnalysis, ResourceAnalysis, ScpAnalysis } from '../evaluate.js';
|
|
2
3
|
import { AwsRequest } from '../request/request.js';
|
|
3
4
|
export interface ServiceAuthorizationRequest {
|
|
@@ -7,6 +8,7 @@ export interface ServiceAuthorizationRequest {
|
|
|
7
8
|
resourceAnalysis: ResourceAnalysis;
|
|
8
9
|
rcpAnalysis: RcpAnalysis;
|
|
9
10
|
permissionBoundaryAnalysis: IdentityAnalysis | undefined;
|
|
11
|
+
simulationParameters: SimulationParameters;
|
|
10
12
|
}
|
|
11
13
|
export interface ServiceAuthorizer {
|
|
12
14
|
authorize(request: ServiceAuthorizationRequest): RequestAnalysis;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ServiceAuthorizer.d.ts","sourceRoot":"","sources":["../../../src/services/ServiceAuthorizer.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,WAAW,EACX,eAAe,EACf,gBAAgB,EAChB,WAAW,EACZ,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAElD,MAAM,WAAW,2BAA2B;IAC1C,OAAO,EAAE,UAAU,CAAA;IACnB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,WAAW,EAAE,WAAW,CAAA;IACxB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,WAAW,EAAE,WAAW,CAAA;IACxB,0BAA0B,EAAE,gBAAgB,GAAG,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"ServiceAuthorizer.d.ts","sourceRoot":"","sources":["../../../src/services/ServiceAuthorizer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAA;AAC5E,OAAO,EACL,gBAAgB,EAChB,WAAW,EACX,eAAe,EACf,gBAAgB,EAChB,WAAW,EACZ,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAElD,MAAM,WAAW,2BAA2B;IAC1C,OAAO,EAAE,UAAU,CAAA;IACnB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,WAAW,EAAE,WAAW,CAAA;IACxB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,WAAW,EAAE,WAAW,CAAA;IACxB,0BAA0B,EAAE,gBAAgB,GAAG,SAAS,CAAA;IACxD,oBAAoB,EAAE,oBAAoB,CAAA;CAC3C;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,CAAC,OAAO,EAAE,2BAA2B,GAAG,eAAe,CAAA;CACjE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"simulationEngine.d.ts","sourceRoot":"","sources":["../../../src/simulation_engine/simulationEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAOL,eAAe,EAChB,MAAM,2BAA2B,CAAA;
|
|
1
|
+
{"version":3,"file":"simulationEngine.d.ts","sourceRoot":"","sources":["../../../src/simulation_engine/simulationEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAOL,eAAe,EAChB,MAAM,2BAA2B,CAAA;AASlC,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAKhD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAiB1D,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,EAAE,CAAC,CAAA;IACxD,0BAA0B,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,EAAE,CAAC,CAAA;IAC9D,2BAA2B,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,EAAE,CAAC,CAAA;IAC/D,wBAAwB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,EAAE,CAAC,CAAA;IAC5D,oBAAoB,CAAC,EAAE,eAAe,EAAE,CAAA;IACxC,OAAO,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,CAAC,EAAE,gBAAgB,CAAA;IACzB,QAAQ,CAAC,EAAE,eAAe,CAAA;IAE1B;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB;;;;;;;;OAQG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC9B;AAED;;;;;;GAMG;AACH,wBAAsB,aAAa,CACjC,UAAU,EAAE,UAAU,EACtB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,CAAC,GAC5C,OAAO,CAAC,gBAAgB,CAAC,CAkM3B;AAED,wBAAsB,6BAA6B,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC;IACnF,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,CAAA;IACrD,kBAAkB,EAAE,MAAM,EAAE,CAAA;CAC7B,CAAC,CAoCD"}
|