@commercetools-frontend/application-config 21.16.0 → 21.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commercetools-frontend-application-config.cjs.dev.js +30 -18
- package/dist/commercetools-frontend-application-config.cjs.prod.js +30 -18
- package/dist/commercetools-frontend-application-config.esm.js +30 -19
- package/dist/declarations/src/formatters.d.ts +5 -4
- package/dist/declarations/src/index.d.ts +1 -0
- package/dist/declarations/src/types.d.ts +8 -0
- package/dist/{formatters-9d35d68e.esm.js → formatters-0d13ed2a.esm.js} +27 -13
- package/dist/{formatters-5f8a358d.cjs.prod.js → formatters-3cfe4466.cjs.dev.js} +27 -13
- package/dist/{formatters-7e163a9c.cjs.dev.js → formatters-80d55e3e.cjs.prod.js} +27 -13
- package/package.json +2 -2
- package/ssr/dist/commercetools-frontend-application-config-ssr.cjs.dev.js +1 -1
- package/ssr/dist/commercetools-frontend-application-config-ssr.cjs.prod.js +1 -1
- package/ssr/dist/commercetools-frontend-application-config-ssr.esm.js +1 -1
|
@@ -37,7 +37,7 @@ var _Object$values = require('@babel/runtime-corejs3/core-js-stable/object/value
|
|
|
37
37
|
var _includesInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/includes');
|
|
38
38
|
var uniq = require('lodash/uniq');
|
|
39
39
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
40
|
-
var formatters = require('./formatters-
|
|
40
|
+
var formatters = require('./formatters-3cfe4466.cjs.dev.js');
|
|
41
41
|
var createDOMPurify = require('dompurify');
|
|
42
42
|
var jsdom$1 = require('jsdom');
|
|
43
43
|
require('@babel/runtime-corejs3/core-js-stable/instance/reduce');
|
|
@@ -722,19 +722,6 @@ var getOrThrow = function getOrThrow(fn, errorMessage) {
|
|
|
722
722
|
}
|
|
723
723
|
};
|
|
724
724
|
|
|
725
|
-
var jsdom = new jsdom$1.JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
726
|
-
|
|
727
|
-
var DOMPurify = createDOMPurify__default["default"](jsdom.window);
|
|
728
|
-
function sanitizeSvg(data) {
|
|
729
|
-
return DOMPurify.sanitize(data, {
|
|
730
|
-
USE_PROFILES: {
|
|
731
|
-
svg: true
|
|
732
|
-
},
|
|
733
|
-
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
734
|
-
'style']
|
|
735
|
-
});
|
|
736
|
-
}
|
|
737
|
-
|
|
738
725
|
function ownKeys$1(object, enumerableOnly) { var keys = _Object$keys__default["default"](object); if (_Object$getOwnPropertySymbols__default["default"]) { var symbols = _Object$getOwnPropertySymbols__default["default"](object); enumerableOnly && (symbols = _filterInstanceProperty__default["default"](symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor__default["default"](object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
739
726
|
|
|
740
727
|
function _objectSpread$1(target) { for (var i = 1; i < arguments.length; i++) { var _context3, _context4; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty__default["default"](_context3 = ownKeys$1(Object(source), !0)).call(_context3, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](target, _Object$getOwnPropertyDescriptors__default["default"](source)) : _forEachInstanceProperty__default["default"](_context4 = ownKeys$1(Object(source))).call(_context4, function (key) { _Object$defineProperty__default["default"](target, key, _Object$getOwnPropertyDescriptor__default["default"](source, key)); }); } return target; }
|
|
@@ -774,7 +761,7 @@ function transformCustomApplicationConfigToData(appConfig) {
|
|
|
774
761
|
name: permissionKeys.manage,
|
|
775
762
|
oAuthScopes: appConfig.oAuthScopes.manage
|
|
776
763
|
}],
|
|
777
|
-
icon:
|
|
764
|
+
icon: appConfig.icon,
|
|
778
765
|
mainMenuLink: appConfig.mainMenuLink,
|
|
779
766
|
submenuLinks: _mapInstanceProperty__default["default"](_context2 = appConfig.submenuLinks).call(_context2, function (submenuLink) {
|
|
780
767
|
return _objectSpread$1(_objectSpread$1({}, submenuLink), {}, {
|
|
@@ -791,6 +778,10 @@ function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { va
|
|
|
791
778
|
var developmentPort = 3001;
|
|
792
779
|
var developmentAppUrl = "http://localhost:".concat(developmentPort);
|
|
793
780
|
|
|
781
|
+
var trimTrailingSlash = function trimTrailingSlash(value) {
|
|
782
|
+
return value.replace(/\/$/, '');
|
|
783
|
+
};
|
|
784
|
+
|
|
794
785
|
var omitDevConfigIfEmpty = function omitDevConfigIfEmpty(devConfig) {
|
|
795
786
|
if ( // @ts-expect-error: the `accountLinks` is not explicitly typed as it's only used by the account app.
|
|
796
787
|
devConfig !== null && devConfig !== void 0 && devConfig.accountLinks || devConfig !== null && devConfig !== void 0 && devConfig.menuLinks || devConfig !== null && devConfig !== void 0 && devConfig.oidc) return devConfig;
|
|
@@ -880,18 +871,39 @@ var processConfig = function processConfig() {
|
|
|
880
871
|
}),
|
|
881
872
|
headers: _objectSpread(_objectSpread({}, appConfig.headers), {}, {
|
|
882
873
|
csp: _objectSpread(_objectSpread({}, (_appConfig$headers = appConfig.headers) === null || _appConfig$headers === void 0 ? void 0 : _appConfig$headers.csp), {}, {
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
|
|
874
|
+
// We need to make sure the URL we use in these CSP headers have a slash in the end,
|
|
875
|
+
// otherwise it might create an invalid value when application/CDN URL points to a
|
|
876
|
+
// non-root directory (ex: https://www.my-domain.com/app). This is a valid URL but from
|
|
877
|
+
// the CSP point of view, it will say only the file `app` can be used as a source, so
|
|
878
|
+
// any other file from that domain will be forbidden. Using the slash (ex: https://www.my-domain.com/app/)
|
|
879
|
+
// at the end it's like using a wildcard so anything 'below' `app` will be allowed.
|
|
880
|
+
'connect-src': getUniqueValues((_appConfig$headers2 = appConfig.headers) === null || _appConfig$headers2 === void 0 ? void 0 : (_appConfig$headers2$c = _appConfig$headers2.csp) === null || _appConfig$headers2$c === void 0 ? void 0 : _appConfig$headers2$c['connect-src'], _concatInstanceProperty__default["default"](_context2 = [mcApiUrl.origin]).call(_context2, isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/")] : [])),
|
|
881
|
+
'script-src': getUniqueValues((_appConfig$headers3 = appConfig.headers) === null || _appConfig$headers3 === void 0 ? void 0 : (_appConfig$headers3$c = _appConfig$headers3.csp) === null || _appConfig$headers3$c === void 0 ? void 0 : _appConfig$headers3$c['script-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : []),
|
|
882
|
+
'style-src': getUniqueValues((_appConfig$headers4 = appConfig.headers) === null || _appConfig$headers4 === void 0 ? void 0 : (_appConfig$headers4$c = _appConfig$headers4.csp) === null || _appConfig$headers4$c === void 0 ? void 0 : _appConfig$headers4$c['style-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : [])
|
|
886
883
|
})
|
|
887
884
|
})
|
|
888
885
|
};
|
|
889
886
|
return cachedConfig;
|
|
890
887
|
};
|
|
891
888
|
|
|
889
|
+
var jsdom = new jsdom$1.JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
890
|
+
|
|
891
|
+
var DOMPurify = createDOMPurify__default["default"](jsdom.window);
|
|
892
|
+
function sanitizeSvg(data) {
|
|
893
|
+
return DOMPurify.sanitize(data, {
|
|
894
|
+
USE_PROFILES: {
|
|
895
|
+
svg: true
|
|
896
|
+
},
|
|
897
|
+
RETURN_DOM: true,
|
|
898
|
+
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
899
|
+
'style']
|
|
900
|
+
}).innerHTML;
|
|
901
|
+
}
|
|
902
|
+
|
|
892
903
|
exports.CLOUD_IDENTIFIERS = CLOUD_IDENTIFIERS;
|
|
893
904
|
exports.ENTRY_POINT_URI_PATH_REGEX = ENTRY_POINT_URI_PATH_REGEX;
|
|
894
905
|
exports.MC_API_URLS = MC_API_URLS;
|
|
895
906
|
exports.MissingOrInvalidConfigError = MissingOrInvalidConfigError;
|
|
896
907
|
exports.getConfigPath = getConfigPath;
|
|
897
908
|
exports.processConfig = processConfig;
|
|
909
|
+
exports.sanitizeSvg = sanitizeSvg;
|
|
@@ -37,7 +37,7 @@ var _Object$values = require('@babel/runtime-corejs3/core-js-stable/object/value
|
|
|
37
37
|
var _includesInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/includes');
|
|
38
38
|
var uniq = require('lodash/uniq');
|
|
39
39
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
40
|
-
var formatters = require('./formatters-
|
|
40
|
+
var formatters = require('./formatters-80d55e3e.cjs.prod.js');
|
|
41
41
|
var createDOMPurify = require('dompurify');
|
|
42
42
|
var jsdom$1 = require('jsdom');
|
|
43
43
|
require('@babel/runtime-corejs3/core-js-stable/instance/reduce');
|
|
@@ -722,19 +722,6 @@ var getOrThrow = function getOrThrow(fn, errorMessage) {
|
|
|
722
722
|
}
|
|
723
723
|
};
|
|
724
724
|
|
|
725
|
-
var jsdom = new jsdom$1.JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
726
|
-
|
|
727
|
-
var DOMPurify = createDOMPurify__default["default"](jsdom.window);
|
|
728
|
-
function sanitizeSvg(data) {
|
|
729
|
-
return DOMPurify.sanitize(data, {
|
|
730
|
-
USE_PROFILES: {
|
|
731
|
-
svg: true
|
|
732
|
-
},
|
|
733
|
-
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
734
|
-
'style']
|
|
735
|
-
});
|
|
736
|
-
}
|
|
737
|
-
|
|
738
725
|
function ownKeys$1(object, enumerableOnly) { var keys = _Object$keys__default["default"](object); if (_Object$getOwnPropertySymbols__default["default"]) { var symbols = _Object$getOwnPropertySymbols__default["default"](object); enumerableOnly && (symbols = _filterInstanceProperty__default["default"](symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor__default["default"](object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
739
726
|
|
|
740
727
|
function _objectSpread$1(target) { for (var i = 1; i < arguments.length; i++) { var _context3, _context4; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty__default["default"](_context3 = ownKeys$1(Object(source), !0)).call(_context3, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](target, _Object$getOwnPropertyDescriptors__default["default"](source)) : _forEachInstanceProperty__default["default"](_context4 = ownKeys$1(Object(source))).call(_context4, function (key) { _Object$defineProperty__default["default"](target, key, _Object$getOwnPropertyDescriptor__default["default"](source, key)); }); } return target; }
|
|
@@ -774,7 +761,7 @@ function transformCustomApplicationConfigToData(appConfig) {
|
|
|
774
761
|
name: permissionKeys.manage,
|
|
775
762
|
oAuthScopes: appConfig.oAuthScopes.manage
|
|
776
763
|
}],
|
|
777
|
-
icon:
|
|
764
|
+
icon: appConfig.icon,
|
|
778
765
|
mainMenuLink: appConfig.mainMenuLink,
|
|
779
766
|
submenuLinks: _mapInstanceProperty__default["default"](_context2 = appConfig.submenuLinks).call(_context2, function (submenuLink) {
|
|
780
767
|
return _objectSpread$1(_objectSpread$1({}, submenuLink), {}, {
|
|
@@ -791,6 +778,10 @@ function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { va
|
|
|
791
778
|
var developmentPort = 3001;
|
|
792
779
|
var developmentAppUrl = "http://localhost:".concat(developmentPort);
|
|
793
780
|
|
|
781
|
+
var trimTrailingSlash = function trimTrailingSlash(value) {
|
|
782
|
+
return value.replace(/\/$/, '');
|
|
783
|
+
};
|
|
784
|
+
|
|
794
785
|
var omitDevConfigIfEmpty = function omitDevConfigIfEmpty(devConfig) {
|
|
795
786
|
if ( // @ts-expect-error: the `accountLinks` is not explicitly typed as it's only used by the account app.
|
|
796
787
|
devConfig !== null && devConfig !== void 0 && devConfig.accountLinks || devConfig !== null && devConfig !== void 0 && devConfig.menuLinks || devConfig !== null && devConfig !== void 0 && devConfig.oidc) return devConfig;
|
|
@@ -880,18 +871,39 @@ var processConfig = function processConfig() {
|
|
|
880
871
|
}),
|
|
881
872
|
headers: _objectSpread(_objectSpread({}, appConfig.headers), {}, {
|
|
882
873
|
csp: _objectSpread(_objectSpread({}, (_appConfig$headers = appConfig.headers) === null || _appConfig$headers === void 0 ? void 0 : _appConfig$headers.csp), {}, {
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
|
|
874
|
+
// We need to make sure the URL we use in these CSP headers have a slash in the end,
|
|
875
|
+
// otherwise it might create an invalid value when application/CDN URL points to a
|
|
876
|
+
// non-root directory (ex: https://www.my-domain.com/app). This is a valid URL but from
|
|
877
|
+
// the CSP point of view, it will say only the file `app` can be used as a source, so
|
|
878
|
+
// any other file from that domain will be forbidden. Using the slash (ex: https://www.my-domain.com/app/)
|
|
879
|
+
// at the end it's like using a wildcard so anything 'below' `app` will be allowed.
|
|
880
|
+
'connect-src': getUniqueValues((_appConfig$headers2 = appConfig.headers) === null || _appConfig$headers2 === void 0 ? void 0 : (_appConfig$headers2$c = _appConfig$headers2.csp) === null || _appConfig$headers2$c === void 0 ? void 0 : _appConfig$headers2$c['connect-src'], _concatInstanceProperty__default["default"](_context2 = [mcApiUrl.origin]).call(_context2, isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/")] : [])),
|
|
881
|
+
'script-src': getUniqueValues((_appConfig$headers3 = appConfig.headers) === null || _appConfig$headers3 === void 0 ? void 0 : (_appConfig$headers3$c = _appConfig$headers3.csp) === null || _appConfig$headers3$c === void 0 ? void 0 : _appConfig$headers3$c['script-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : []),
|
|
882
|
+
'style-src': getUniqueValues((_appConfig$headers4 = appConfig.headers) === null || _appConfig$headers4 === void 0 ? void 0 : (_appConfig$headers4$c = _appConfig$headers4.csp) === null || _appConfig$headers4$c === void 0 ? void 0 : _appConfig$headers4$c['style-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : [])
|
|
886
883
|
})
|
|
887
884
|
})
|
|
888
885
|
};
|
|
889
886
|
return cachedConfig;
|
|
890
887
|
};
|
|
891
888
|
|
|
889
|
+
var jsdom = new jsdom$1.JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
890
|
+
|
|
891
|
+
var DOMPurify = createDOMPurify__default["default"](jsdom.window);
|
|
892
|
+
function sanitizeSvg(data) {
|
|
893
|
+
return DOMPurify.sanitize(data, {
|
|
894
|
+
USE_PROFILES: {
|
|
895
|
+
svg: true
|
|
896
|
+
},
|
|
897
|
+
RETURN_DOM: true,
|
|
898
|
+
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
899
|
+
'style']
|
|
900
|
+
}).innerHTML;
|
|
901
|
+
}
|
|
902
|
+
|
|
892
903
|
exports.CLOUD_IDENTIFIERS = CLOUD_IDENTIFIERS;
|
|
893
904
|
exports.ENTRY_POINT_URI_PATH_REGEX = ENTRY_POINT_URI_PATH_REGEX;
|
|
894
905
|
exports.MC_API_URLS = MC_API_URLS;
|
|
895
906
|
exports.MissingOrInvalidConfigError = MissingOrInvalidConfigError;
|
|
896
907
|
exports.getConfigPath = getConfigPath;
|
|
897
908
|
exports.processConfig = processConfig;
|
|
909
|
+
exports.sanitizeSvg = sanitizeSvg;
|
|
@@ -33,7 +33,7 @@ import _Object$values from '@babel/runtime-corejs3/core-js-stable/object/values'
|
|
|
33
33
|
import _includesInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/includes';
|
|
34
34
|
import uniq from 'lodash/uniq';
|
|
35
35
|
import _startsWithInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/starts-with';
|
|
36
|
-
import { e as entryPointUriPathToResourceAccesses } from './formatters-
|
|
36
|
+
import { e as entryPointUriPathToResourceAccesses } from './formatters-0d13ed2a.esm.js';
|
|
37
37
|
import createDOMPurify from 'dompurify';
|
|
38
38
|
import { JSDOM } from 'jsdom';
|
|
39
39
|
import '@babel/runtime-corejs3/core-js-stable/instance/reduce';
|
|
@@ -691,19 +691,6 @@ var getOrThrow = function getOrThrow(fn, errorMessage) {
|
|
|
691
691
|
}
|
|
692
692
|
};
|
|
693
693
|
|
|
694
|
-
var jsdom = new JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
695
|
-
|
|
696
|
-
var DOMPurify = createDOMPurify(jsdom.window);
|
|
697
|
-
function sanitizeSvg(data) {
|
|
698
|
-
return DOMPurify.sanitize(data, {
|
|
699
|
-
USE_PROFILES: {
|
|
700
|
-
svg: true
|
|
701
|
-
},
|
|
702
|
-
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
703
|
-
'style']
|
|
704
|
-
});
|
|
705
|
-
}
|
|
706
|
-
|
|
707
694
|
function ownKeys$1(object, enumerableOnly) { var keys = _Object$keys(object); if (_Object$getOwnPropertySymbols) { var symbols = _Object$getOwnPropertySymbols(object); enumerableOnly && (symbols = _filterInstanceProperty(symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
708
695
|
|
|
709
696
|
function _objectSpread$1(target) { for (var i = 1; i < arguments.length; i++) { var _context3, _context4; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty(_context3 = ownKeys$1(Object(source), !0)).call(_context3, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(target, _Object$getOwnPropertyDescriptors(source)) : _forEachInstanceProperty(_context4 = ownKeys$1(Object(source))).call(_context4, function (key) { _Object$defineProperty(target, key, _Object$getOwnPropertyDescriptor(source, key)); }); } return target; }
|
|
@@ -743,7 +730,7 @@ function transformCustomApplicationConfigToData(appConfig) {
|
|
|
743
730
|
name: permissionKeys.manage,
|
|
744
731
|
oAuthScopes: appConfig.oAuthScopes.manage
|
|
745
732
|
}],
|
|
746
|
-
icon:
|
|
733
|
+
icon: appConfig.icon,
|
|
747
734
|
mainMenuLink: appConfig.mainMenuLink,
|
|
748
735
|
submenuLinks: _mapInstanceProperty(_context2 = appConfig.submenuLinks).call(_context2, function (submenuLink) {
|
|
749
736
|
return _objectSpread$1(_objectSpread$1({}, submenuLink), {}, {
|
|
@@ -760,6 +747,10 @@ function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { va
|
|
|
760
747
|
var developmentPort = 3001;
|
|
761
748
|
var developmentAppUrl = "http://localhost:".concat(developmentPort);
|
|
762
749
|
|
|
750
|
+
var trimTrailingSlash = function trimTrailingSlash(value) {
|
|
751
|
+
return value.replace(/\/$/, '');
|
|
752
|
+
};
|
|
753
|
+
|
|
763
754
|
var omitDevConfigIfEmpty = function omitDevConfigIfEmpty(devConfig) {
|
|
764
755
|
if ( // @ts-expect-error: the `accountLinks` is not explicitly typed as it's only used by the account app.
|
|
765
756
|
devConfig !== null && devConfig !== void 0 && devConfig.accountLinks || devConfig !== null && devConfig !== void 0 && devConfig.menuLinks || devConfig !== null && devConfig !== void 0 && devConfig.oidc) return devConfig;
|
|
@@ -849,13 +840,33 @@ var processConfig = function processConfig() {
|
|
|
849
840
|
}),
|
|
850
841
|
headers: _objectSpread(_objectSpread({}, appConfig.headers), {}, {
|
|
851
842
|
csp: _objectSpread(_objectSpread({}, (_appConfig$headers = appConfig.headers) === null || _appConfig$headers === void 0 ? void 0 : _appConfig$headers.csp), {}, {
|
|
852
|
-
|
|
853
|
-
|
|
854
|
-
|
|
843
|
+
// We need to make sure the URL we use in these CSP headers have a slash in the end,
|
|
844
|
+
// otherwise it might create an invalid value when application/CDN URL points to a
|
|
845
|
+
// non-root directory (ex: https://www.my-domain.com/app). This is a valid URL but from
|
|
846
|
+
// the CSP point of view, it will say only the file `app` can be used as a source, so
|
|
847
|
+
// any other file from that domain will be forbidden. Using the slash (ex: https://www.my-domain.com/app/)
|
|
848
|
+
// at the end it's like using a wildcard so anything 'below' `app` will be allowed.
|
|
849
|
+
'connect-src': getUniqueValues((_appConfig$headers2 = appConfig.headers) === null || _appConfig$headers2 === void 0 ? void 0 : (_appConfig$headers2$c = _appConfig$headers2.csp) === null || _appConfig$headers2$c === void 0 ? void 0 : _appConfig$headers2$c['connect-src'], _concatInstanceProperty(_context2 = [mcApiUrl.origin]).call(_context2, isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/")] : [])),
|
|
850
|
+
'script-src': getUniqueValues((_appConfig$headers3 = appConfig.headers) === null || _appConfig$headers3 === void 0 ? void 0 : (_appConfig$headers3$c = _appConfig$headers3.csp) === null || _appConfig$headers3$c === void 0 ? void 0 : _appConfig$headers3$c['script-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : []),
|
|
851
|
+
'style-src': getUniqueValues((_appConfig$headers4 = appConfig.headers) === null || _appConfig$headers4 === void 0 ? void 0 : (_appConfig$headers4$c = _appConfig$headers4.csp) === null || _appConfig$headers4$c === void 0 ? void 0 : _appConfig$headers4$c['style-src'], isProd ? ["".concat(trimTrailingSlash(appUrl.href), "/"), "".concat(trimTrailingSlash(cdnUrl.href), "/")] : [])
|
|
855
852
|
})
|
|
856
853
|
})
|
|
857
854
|
};
|
|
858
855
|
return cachedConfig;
|
|
859
856
|
};
|
|
860
857
|
|
|
861
|
-
|
|
858
|
+
var jsdom = new JSDOM(''); // @ts-expect-error: jsdom returns DOMWindow, which doesn't match Window dompurify expects
|
|
859
|
+
|
|
860
|
+
var DOMPurify = createDOMPurify(jsdom.window);
|
|
861
|
+
function sanitizeSvg(data) {
|
|
862
|
+
return DOMPurify.sanitize(data, {
|
|
863
|
+
USE_PROFILES: {
|
|
864
|
+
svg: true
|
|
865
|
+
},
|
|
866
|
+
RETURN_DOM: true,
|
|
867
|
+
FORBID_ATTR: [// To avoid injection by using `style="filter:url(\"data:image/svg+xml,<svg`
|
|
868
|
+
'style']
|
|
869
|
+
}).innerHTML;
|
|
870
|
+
}
|
|
871
|
+
|
|
872
|
+
export { CLOUD_IDENTIFIERS, ENTRY_POINT_URI_PATH_REGEX, MC_API_URLS, MissingOrInvalidConfigError, getConfigPath, processConfig, sanitizeSvg };
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
declare type
|
|
1
|
+
import type { CamelCase } from './types';
|
|
2
|
+
declare type TImplicitCustomApplicationResourceAccesses<PermissionGroupName extends string = ''> = Record<`view` | `manage` | `view${Capitalize<CamelCase<PermissionGroupName>>}` | `manage${Capitalize<CamelCase<PermissionGroupName>>}`, string>;
|
|
3
|
+
declare type TImplicitCustomApplicationPermissionKeys<PermissionGroupName extends string = ''> = Record<`View` | `Manage` | `View${Capitalize<CamelCase<PermissionGroupName>>}` | `Manage${Capitalize<CamelCase<PermissionGroupName>>}`, string>;
|
|
3
4
|
declare function entryPointUriPathToResourceAccesses(entryPointUriPath: string): TImplicitCustomApplicationResourceAccesses<''>;
|
|
4
|
-
declare function entryPointUriPathToResourceAccesses<
|
|
5
|
+
declare function entryPointUriPathToResourceAccesses<PermissionGroupName extends string>(entryPointUriPath: string, permissionGroupNames: PermissionGroupName[]): TImplicitCustomApplicationResourceAccesses<PermissionGroupName>;
|
|
5
6
|
declare function entryPointUriPathToPermissionKeys(entryPointUriPath: string): TImplicitCustomApplicationPermissionKeys<''>;
|
|
6
|
-
declare function entryPointUriPathToPermissionKeys<
|
|
7
|
+
declare function entryPointUriPathToPermissionKeys<PermissionGroupName extends string>(entryPointUriPath: string, permissionGroupNames: PermissionGroupName[]): TImplicitCustomApplicationPermissionKeys<PermissionGroupName>;
|
|
7
8
|
export { entryPointUriPathToResourceAccesses, entryPointUriPathToPermissionKeys, };
|
|
@@ -43,4 +43,12 @@ export declare type LoadingConfigOptions = {
|
|
|
43
43
|
processEnv: NodeJS.ProcessEnv;
|
|
44
44
|
applicationPath: string;
|
|
45
45
|
};
|
|
46
|
+
export declare type WordSeparators = '-';
|
|
47
|
+
export declare type Split<S extends string, Delimiter extends string> = S extends `${infer Head}${Delimiter}${infer Tail}` ? [Head, ...Split<Tail, Delimiter>] : S extends Delimiter ? [] : [S];
|
|
48
|
+
declare type InnerCamelCaseStringArray<Parts extends readonly unknown[], PreviousPart> = Parts extends [`${infer FirstPart}`, ...infer RemainingParts] ? FirstPart extends undefined ? '' : FirstPart extends '' ? InnerCamelCaseStringArray<RemainingParts, PreviousPart> : `${PreviousPart extends '' ? FirstPart : Capitalize<FirstPart>}${InnerCamelCaseStringArray<RemainingParts, FirstPart>}` : '';
|
|
49
|
+
declare type CamelCaseStringArray<Parts extends readonly string[]> = Parts extends [
|
|
50
|
+
`${infer FirstPart}`,
|
|
51
|
+
...infer RemainingParts
|
|
52
|
+
] ? Uncapitalize<`${FirstPart}${InnerCamelCaseStringArray<RemainingParts, FirstPart>}`> : never;
|
|
53
|
+
export declare type CamelCase<K> = K extends string ? CamelCaseStringArray<Split<K extends Uppercase<K> ? Uppercase<K> : K, WordSeparators>> : K;
|
|
46
54
|
export {};
|
|
@@ -16,7 +16,7 @@ import upperFirst from 'lodash/upperFirst';
|
|
|
16
16
|
|
|
17
17
|
function ownKeys(object, enumerableOnly) { var keys = _Object$keys(object); if (_Object$getOwnPropertySymbols) { var symbols = _Object$getOwnPropertySymbols(object); enumerableOnly && (symbols = _filterInstanceProperty(symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
18
18
|
|
|
19
|
-
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var
|
|
19
|
+
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var _context8, _context9; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty(_context8 = ownKeys(Object(source), !0)).call(_context8, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(target, _Object$getOwnPropertyDescriptors(source)) : _forEachInstanceProperty(_context9 = ownKeys(Object(source))).call(_context9, function (key) { _Object$defineProperty(target, key, _Object$getOwnPropertyDescriptor(source, key)); }); } return target; }
|
|
20
20
|
|
|
21
21
|
/**
|
|
22
22
|
* The function formats the `entryPointUriPath` to a resource access key.
|
|
@@ -35,9 +35,7 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
35
35
|
|
|
36
36
|
return _mapInstanceProperty(_context = _mapInstanceProperty(_context2 = entryPointUriPath // Splits the string by underscore.
|
|
37
37
|
.split('_') // Uppercase the first character of each word split.
|
|
38
|
-
).call(_context2,
|
|
39
|
-
return upperFirst(word);
|
|
40
|
-
}) // Join the words by an underscore.
|
|
38
|
+
).call(_context2, upperFirst) // Join the words by an underscore.
|
|
41
39
|
.join('_') // Each word is split by a hyphen.
|
|
42
40
|
.split('-')).call(_context, function (word, i) {
|
|
43
41
|
// Regex below checking if the character is numeric.
|
|
@@ -50,31 +48,47 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
50
48
|
return upperFirst(word);
|
|
51
49
|
}).join('');
|
|
52
50
|
};
|
|
51
|
+
/**
|
|
52
|
+
* The function formats the permission group name to a resource access key.
|
|
53
|
+
* It makes the first character of the string and the next character after a special character (`-`) an uppercase.
|
|
54
|
+
*
|
|
55
|
+
* @example
|
|
56
|
+
* - books --> Books
|
|
57
|
+
* - the-books --> TheBooks
|
|
58
|
+
*/
|
|
53
59
|
|
|
54
|
-
|
|
60
|
+
|
|
61
|
+
var formatPermissionGroupNameToResourceAccessKey = function formatPermissionGroupNameToResourceAccessKey(permissionGroupName) {
|
|
55
62
|
var _context3;
|
|
56
63
|
|
|
64
|
+
return _mapInstanceProperty(_context3 = permissionGroupName // Each word is split by a hyphen.
|
|
65
|
+
.split('-')).call(_context3, upperFirst).join('');
|
|
66
|
+
};
|
|
67
|
+
|
|
68
|
+
function entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames) {
|
|
69
|
+
var _context4;
|
|
70
|
+
|
|
57
71
|
var resourceAccessKey = formatEntryPointUriPathToResourceAccessKey(entryPointUriPath);
|
|
58
72
|
var defaultResourceAccesses = {
|
|
59
73
|
view: "view".concat(resourceAccessKey),
|
|
60
74
|
manage: "manage".concat(resourceAccessKey)
|
|
61
75
|
};
|
|
62
76
|
|
|
63
|
-
var additionalResourceAccesses = _reduceInstanceProperty(
|
|
64
|
-
var
|
|
77
|
+
var additionalResourceAccesses = _reduceInstanceProperty(_context4 = permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []).call(_context4, function (resourceAccesses, permissionGroupName) {
|
|
78
|
+
var _context5, _context6, _objectSpread2;
|
|
65
79
|
|
|
66
|
-
var additionalResourceAccessKey =
|
|
67
|
-
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty(
|
|
80
|
+
var additionalResourceAccessKey = formatPermissionGroupNameToResourceAccessKey(permissionGroupName);
|
|
81
|
+
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty(_context5 = "".concat(defaultResourceAccesses.view)).call(_context5, additionalResourceAccessKey)), _defineProperty(_objectSpread2, "manage".concat(additionalResourceAccessKey), _concatInstanceProperty(_context6 = "".concat(defaultResourceAccesses.manage)).call(_context6, additionalResourceAccessKey)), _objectSpread2));
|
|
68
82
|
}, {});
|
|
69
83
|
|
|
70
84
|
return _objectSpread(_objectSpread({}, defaultResourceAccesses), additionalResourceAccesses);
|
|
71
85
|
}
|
|
72
86
|
|
|
73
|
-
function entryPointUriPathToPermissionKeys(entryPointUriPath,
|
|
74
|
-
var
|
|
87
|
+
function entryPointUriPathToPermissionKeys(entryPointUriPath, permissionGroupNames) {
|
|
88
|
+
var _context7;
|
|
75
89
|
|
|
76
|
-
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath,
|
|
77
|
-
return _reduceInstanceProperty(
|
|
90
|
+
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []);
|
|
91
|
+
return _reduceInstanceProperty(_context7 = _Object$entries(resourceAccesses)).call(_context7, function (permissionKeys, _ref) {
|
|
78
92
|
var _ref2 = _slicedToArray(_ref, 2),
|
|
79
93
|
resourceAccessKey = _ref2[0],
|
|
80
94
|
resourceAccessValue = _ref2[1];
|
|
@@ -34,7 +34,7 @@ var upperFirst__default = /*#__PURE__*/_interopDefault(upperFirst);
|
|
|
34
34
|
|
|
35
35
|
function ownKeys(object, enumerableOnly) { var keys = _Object$keys__default["default"](object); if (_Object$getOwnPropertySymbols__default["default"]) { var symbols = _Object$getOwnPropertySymbols__default["default"](object); enumerableOnly && (symbols = _filterInstanceProperty__default["default"](symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor__default["default"](object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
36
36
|
|
|
37
|
-
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var
|
|
37
|
+
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var _context8, _context9; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty__default["default"](_context8 = ownKeys(Object(source), !0)).call(_context8, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](target, _Object$getOwnPropertyDescriptors__default["default"](source)) : _forEachInstanceProperty__default["default"](_context9 = ownKeys(Object(source))).call(_context9, function (key) { _Object$defineProperty__default["default"](target, key, _Object$getOwnPropertyDescriptor__default["default"](source, key)); }); } return target; }
|
|
38
38
|
|
|
39
39
|
/**
|
|
40
40
|
* The function formats the `entryPointUriPath` to a resource access key.
|
|
@@ -53,9 +53,7 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
53
53
|
|
|
54
54
|
return _mapInstanceProperty__default["default"](_context = _mapInstanceProperty__default["default"](_context2 = entryPointUriPath // Splits the string by underscore.
|
|
55
55
|
.split('_') // Uppercase the first character of each word split.
|
|
56
|
-
).call(_context2,
|
|
57
|
-
return upperFirst__default["default"](word);
|
|
58
|
-
}) // Join the words by an underscore.
|
|
56
|
+
).call(_context2, upperFirst__default["default"]) // Join the words by an underscore.
|
|
59
57
|
.join('_') // Each word is split by a hyphen.
|
|
60
58
|
.split('-')).call(_context, function (word, i) {
|
|
61
59
|
// Regex below checking if the character is numeric.
|
|
@@ -68,31 +66,47 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
68
66
|
return upperFirst__default["default"](word);
|
|
69
67
|
}).join('');
|
|
70
68
|
};
|
|
69
|
+
/**
|
|
70
|
+
* The function formats the permission group name to a resource access key.
|
|
71
|
+
* It makes the first character of the string and the next character after a special character (`-`) an uppercase.
|
|
72
|
+
*
|
|
73
|
+
* @example
|
|
74
|
+
* - books --> Books
|
|
75
|
+
* - the-books --> TheBooks
|
|
76
|
+
*/
|
|
71
77
|
|
|
72
|
-
|
|
78
|
+
|
|
79
|
+
var formatPermissionGroupNameToResourceAccessKey = function formatPermissionGroupNameToResourceAccessKey(permissionGroupName) {
|
|
73
80
|
var _context3;
|
|
74
81
|
|
|
82
|
+
return _mapInstanceProperty__default["default"](_context3 = permissionGroupName // Each word is split by a hyphen.
|
|
83
|
+
.split('-')).call(_context3, upperFirst__default["default"]).join('');
|
|
84
|
+
};
|
|
85
|
+
|
|
86
|
+
function entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames) {
|
|
87
|
+
var _context4;
|
|
88
|
+
|
|
75
89
|
var resourceAccessKey = formatEntryPointUriPathToResourceAccessKey(entryPointUriPath);
|
|
76
90
|
var defaultResourceAccesses = {
|
|
77
91
|
view: "view".concat(resourceAccessKey),
|
|
78
92
|
manage: "manage".concat(resourceAccessKey)
|
|
79
93
|
};
|
|
80
94
|
|
|
81
|
-
var additionalResourceAccesses = _reduceInstanceProperty__default["default"](
|
|
82
|
-
var
|
|
95
|
+
var additionalResourceAccesses = _reduceInstanceProperty__default["default"](_context4 = permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []).call(_context4, function (resourceAccesses, permissionGroupName) {
|
|
96
|
+
var _context5, _context6, _objectSpread2;
|
|
83
97
|
|
|
84
|
-
var additionalResourceAccessKey =
|
|
85
|
-
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](
|
|
98
|
+
var additionalResourceAccessKey = formatPermissionGroupNameToResourceAccessKey(permissionGroupName);
|
|
99
|
+
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](_context5 = "".concat(defaultResourceAccesses.view)).call(_context5, additionalResourceAccessKey)), _defineProperty(_objectSpread2, "manage".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](_context6 = "".concat(defaultResourceAccesses.manage)).call(_context6, additionalResourceAccessKey)), _objectSpread2));
|
|
86
100
|
}, {});
|
|
87
101
|
|
|
88
102
|
return _objectSpread(_objectSpread({}, defaultResourceAccesses), additionalResourceAccesses);
|
|
89
103
|
}
|
|
90
104
|
|
|
91
|
-
function entryPointUriPathToPermissionKeys(entryPointUriPath,
|
|
92
|
-
var
|
|
105
|
+
function entryPointUriPathToPermissionKeys(entryPointUriPath, permissionGroupNames) {
|
|
106
|
+
var _context7;
|
|
93
107
|
|
|
94
|
-
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath,
|
|
95
|
-
return _reduceInstanceProperty__default["default"](
|
|
108
|
+
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []);
|
|
109
|
+
return _reduceInstanceProperty__default["default"](_context7 = _Object$entries__default["default"](resourceAccesses)).call(_context7, function (permissionKeys, _ref) {
|
|
96
110
|
var _ref2 = _slicedToArray(_ref, 2),
|
|
97
111
|
resourceAccessKey = _ref2[0],
|
|
98
112
|
resourceAccessValue = _ref2[1];
|
|
@@ -34,7 +34,7 @@ var upperFirst__default = /*#__PURE__*/_interopDefault(upperFirst);
|
|
|
34
34
|
|
|
35
35
|
function ownKeys(object, enumerableOnly) { var keys = _Object$keys__default["default"](object); if (_Object$getOwnPropertySymbols__default["default"]) { var symbols = _Object$getOwnPropertySymbols__default["default"](object); enumerableOnly && (symbols = _filterInstanceProperty__default["default"](symbols).call(symbols, function (sym) { return _Object$getOwnPropertyDescriptor__default["default"](object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
36
36
|
|
|
37
|
-
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var
|
|
37
|
+
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var _context8, _context9; var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? _forEachInstanceProperty__default["default"](_context8 = ownKeys(Object(source), !0)).call(_context8, function (key) { _defineProperty(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](target, _Object$getOwnPropertyDescriptors__default["default"](source)) : _forEachInstanceProperty__default["default"](_context9 = ownKeys(Object(source))).call(_context9, function (key) { _Object$defineProperty__default["default"](target, key, _Object$getOwnPropertyDescriptor__default["default"](source, key)); }); } return target; }
|
|
38
38
|
|
|
39
39
|
/**
|
|
40
40
|
* The function formats the `entryPointUriPath` to a resource access key.
|
|
@@ -53,9 +53,7 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
53
53
|
|
|
54
54
|
return _mapInstanceProperty__default["default"](_context = _mapInstanceProperty__default["default"](_context2 = entryPointUriPath // Splits the string by underscore.
|
|
55
55
|
.split('_') // Uppercase the first character of each word split.
|
|
56
|
-
).call(_context2,
|
|
57
|
-
return upperFirst__default["default"](word);
|
|
58
|
-
}) // Join the words by an underscore.
|
|
56
|
+
).call(_context2, upperFirst__default["default"]) // Join the words by an underscore.
|
|
59
57
|
.join('_') // Each word is split by a hyphen.
|
|
60
58
|
.split('-')).call(_context, function (word, i) {
|
|
61
59
|
// Regex below checking if the character is numeric.
|
|
@@ -68,31 +66,47 @@ var formatEntryPointUriPathToResourceAccessKey = function formatEntryPointUriPat
|
|
|
68
66
|
return upperFirst__default["default"](word);
|
|
69
67
|
}).join('');
|
|
70
68
|
};
|
|
69
|
+
/**
|
|
70
|
+
* The function formats the permission group name to a resource access key.
|
|
71
|
+
* It makes the first character of the string and the next character after a special character (`-`) an uppercase.
|
|
72
|
+
*
|
|
73
|
+
* @example
|
|
74
|
+
* - books --> Books
|
|
75
|
+
* - the-books --> TheBooks
|
|
76
|
+
*/
|
|
71
77
|
|
|
72
|
-
|
|
78
|
+
|
|
79
|
+
var formatPermissionGroupNameToResourceAccessKey = function formatPermissionGroupNameToResourceAccessKey(permissionGroupName) {
|
|
73
80
|
var _context3;
|
|
74
81
|
|
|
82
|
+
return _mapInstanceProperty__default["default"](_context3 = permissionGroupName // Each word is split by a hyphen.
|
|
83
|
+
.split('-')).call(_context3, upperFirst__default["default"]).join('');
|
|
84
|
+
};
|
|
85
|
+
|
|
86
|
+
function entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames) {
|
|
87
|
+
var _context4;
|
|
88
|
+
|
|
75
89
|
var resourceAccessKey = formatEntryPointUriPathToResourceAccessKey(entryPointUriPath);
|
|
76
90
|
var defaultResourceAccesses = {
|
|
77
91
|
view: "view".concat(resourceAccessKey),
|
|
78
92
|
manage: "manage".concat(resourceAccessKey)
|
|
79
93
|
};
|
|
80
94
|
|
|
81
|
-
var additionalResourceAccesses = _reduceInstanceProperty__default["default"](
|
|
82
|
-
var
|
|
95
|
+
var additionalResourceAccesses = _reduceInstanceProperty__default["default"](_context4 = permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []).call(_context4, function (resourceAccesses, permissionGroupName) {
|
|
96
|
+
var _context5, _context6, _objectSpread2;
|
|
83
97
|
|
|
84
|
-
var additionalResourceAccessKey =
|
|
85
|
-
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](
|
|
98
|
+
var additionalResourceAccessKey = formatPermissionGroupNameToResourceAccessKey(permissionGroupName);
|
|
99
|
+
return _objectSpread(_objectSpread({}, resourceAccesses), {}, (_objectSpread2 = {}, _defineProperty(_objectSpread2, "view".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](_context5 = "".concat(defaultResourceAccesses.view)).call(_context5, additionalResourceAccessKey)), _defineProperty(_objectSpread2, "manage".concat(additionalResourceAccessKey), _concatInstanceProperty__default["default"](_context6 = "".concat(defaultResourceAccesses.manage)).call(_context6, additionalResourceAccessKey)), _objectSpread2));
|
|
86
100
|
}, {});
|
|
87
101
|
|
|
88
102
|
return _objectSpread(_objectSpread({}, defaultResourceAccesses), additionalResourceAccesses);
|
|
89
103
|
}
|
|
90
104
|
|
|
91
|
-
function entryPointUriPathToPermissionKeys(entryPointUriPath,
|
|
92
|
-
var
|
|
105
|
+
function entryPointUriPathToPermissionKeys(entryPointUriPath, permissionGroupNames) {
|
|
106
|
+
var _context7;
|
|
93
107
|
|
|
94
|
-
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath,
|
|
95
|
-
return _reduceInstanceProperty__default["default"](
|
|
108
|
+
var resourceAccesses = entryPointUriPathToResourceAccesses(entryPointUriPath, permissionGroupNames !== null && permissionGroupNames !== void 0 ? permissionGroupNames : []);
|
|
109
|
+
return _reduceInstanceProperty__default["default"](_context7 = _Object$entries__default["default"](resourceAccesses)).call(_context7, function (permissionKeys, _ref) {
|
|
96
110
|
var _ref2 = _slicedToArray(_ref, 2),
|
|
97
111
|
resourceAccessKey = _ref2[0],
|
|
98
112
|
resourceAccessValue = _ref2[1];
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@commercetools-frontend/application-config",
|
|
3
|
-
"version": "21.
|
|
3
|
+
"version": "21.18.0",
|
|
4
4
|
"description": "Configuration utilities for building Custom Applications",
|
|
5
5
|
"bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
|
|
6
6
|
"repository": {
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
"@babel/register": "^7.18.9",
|
|
38
38
|
"@babel/runtime": "^7.19.0",
|
|
39
39
|
"@babel/runtime-corejs3": "^7.19.0",
|
|
40
|
-
"@commercetools-frontend/babel-preset-mc-app": "21.
|
|
40
|
+
"@commercetools-frontend/babel-preset-mc-app": "21.18.0",
|
|
41
41
|
"ajv": "8.11.0",
|
|
42
42
|
"core-js": "^3.25.1",
|
|
43
43
|
"cosmiconfig": "7.0.1",
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
|
-
var formatters = require('../../dist/formatters-
|
|
5
|
+
var formatters = require('../../dist/formatters-3cfe4466.cjs.dev.js');
|
|
6
6
|
require('@babel/runtime-corejs3/core-js-stable/object/keys');
|
|
7
7
|
require('@babel/runtime-corejs3/core-js-stable/object/get-own-property-symbols');
|
|
8
8
|
require('@babel/runtime-corejs3/core-js-stable/instance/filter');
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
|
-
var formatters = require('../../dist/formatters-
|
|
5
|
+
var formatters = require('../../dist/formatters-80d55e3e.cjs.prod.js');
|
|
6
6
|
require('@babel/runtime-corejs3/core-js-stable/object/keys');
|
|
7
7
|
require('@babel/runtime-corejs3/core-js-stable/object/get-own-property-symbols');
|
|
8
8
|
require('@babel/runtime-corejs3/core-js-stable/instance/filter');
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { a as entryPointUriPathToPermissionKeys, e as entryPointUriPathToResourceAccesses } from '../../dist/formatters-
|
|
1
|
+
export { a as entryPointUriPathToPermissionKeys, e as entryPointUriPathToResourceAccesses } from '../../dist/formatters-0d13ed2a.esm.js';
|
|
2
2
|
import '@babel/runtime-corejs3/core-js-stable/object/keys';
|
|
3
3
|
import '@babel/runtime-corejs3/core-js-stable/object/get-own-property-symbols';
|
|
4
4
|
import '@babel/runtime-corejs3/core-js-stable/instance/filter';
|