@cullet/erp-core 1.3.0 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/KIT_CONTEXT.md +11 -3
- package/README.md +160 -0
- package/dist/abac/index.cjs +7 -0
- package/dist/abac/index.d.cts +2 -0
- package/dist/abac/index.d.ts +2 -0
- package/dist/abac/index.js +2 -0
- package/dist/app-error.cjs +201 -0
- package/dist/app-error.cjs.map +1 -0
- package/dist/app-error.js +178 -0
- package/dist/app-error.js.map +1 -0
- package/dist/application/index.cjs +2 -1
- package/dist/application/index.d.cts +2 -1
- package/dist/application/index.d.ts +2 -1
- package/dist/application/index.js +2 -1
- package/dist/authorization-error.cjs +157 -0
- package/dist/authorization-error.cjs.map +1 -0
- package/dist/authorization-error.d.cts +113 -0
- package/dist/authorization-error.d.ts +113 -0
- package/dist/authorization-error.js +152 -0
- package/dist/authorization-error.js.map +1 -0
- package/dist/authorizer.port.d.cts +130 -0
- package/dist/authorizer.port.d.ts +130 -0
- package/dist/composite-authorizer.d.cts +216 -0
- package/dist/composite-authorizer.d.ts +216 -0
- package/dist/condition-evaluator.cjs +579 -0
- package/dist/condition-evaluator.cjs.map +1 -0
- package/dist/condition-evaluator.js +550 -0
- package/dist/condition-evaluator.js.map +1 -0
- package/dist/{gate-types.d.ts → core-config.d.cts} +78 -77
- package/dist/{gate-types.d.cts → core-config.d.ts} +78 -77
- package/dist/domain/index.cjs +2 -1
- package/dist/domain/index.d.cts +2 -1
- package/dist/domain/index.d.ts +2 -1
- package/dist/domain/index.js +2 -1
- package/dist/domain-event-contracts.cjs +3 -2
- package/dist/domain-event-contracts.cjs.map +1 -1
- package/dist/domain-event-contracts.js +2 -1
- package/dist/domain-event-contracts.js.map +1 -1
- package/dist/entity.cjs +122 -0
- package/dist/entity.cjs.map +1 -0
- package/dist/entity.js +111 -0
- package/dist/entity.js.map +1 -0
- package/dist/errors/index.cjs +10 -7
- package/dist/errors/index.d.cts +2 -1
- package/dist/errors/index.d.ts +2 -1
- package/dist/errors/index.js +6 -3
- package/dist/gate-engine-registry.cjs +5 -4
- package/dist/gate-engine-registry.cjs.map +1 -1
- package/dist/gate-engine-registry.d.cts +3 -2
- package/dist/gate-engine-registry.d.ts +3 -2
- package/dist/gate-engine-registry.js +2 -1
- package/dist/gate-engine-registry.js.map +1 -1
- package/dist/gate-v1-payload.schema.cjs +0 -562
- package/dist/gate-v1-payload.schema.cjs.map +1 -1
- package/dist/gate-v1-payload.schema.js +1 -533
- package/dist/gate-v1-payload.schema.js.map +1 -1
- package/dist/hashing.cjs +2 -44
- package/dist/hashing.cjs.map +1 -1
- package/dist/hashing.js +2 -38
- package/dist/hashing.js.map +1 -1
- package/dist/index.cjs +36 -17
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +19 -12
- package/dist/index.d.ts +19 -12
- package/dist/index.js +17 -10
- package/dist/index.js.map +1 -1
- package/dist/not-found-error.cjs +5 -5
- package/dist/not-found-error.cjs.map +1 -1
- package/dist/not-found-error.js +1 -1
- package/dist/outcome.d.cts +1 -83
- package/dist/outcome.d.ts +1 -83
- package/dist/parse-gate-payload.d.cts +2 -2
- package/dist/parse-gate-payload.d.ts +2 -2
- package/dist/path.d.cts +2 -2
- package/dist/path.d.ts +2 -2
- package/dist/policies/engines/index.d.cts +1 -1
- package/dist/policies/engines/index.d.ts +1 -1
- package/dist/policies/engines/v1/gate/index.cjs +5 -4
- package/dist/policies/engines/v1/gate/index.cjs.map +1 -1
- package/dist/policies/engines/v1/gate/index.d.cts +4 -2
- package/dist/policies/engines/v1/gate/index.d.ts +4 -2
- package/dist/policies/engines/v1/gate/index.js +2 -1
- package/dist/policies/engines/v1/gate/index.js.map +1 -1
- package/dist/policies/index.cjs +5 -5
- package/dist/policies/index.d.cts +3 -2
- package/dist/policies/index.d.ts +3 -2
- package/dist/policies/index.js +2 -2
- package/dist/policy-bridge.cjs +437 -0
- package/dist/policy-bridge.cjs.map +1 -0
- package/dist/policy-bridge.d.cts +185 -0
- package/dist/policy-bridge.d.ts +185 -0
- package/dist/policy-bridge.js +396 -0
- package/dist/policy-bridge.js.map +1 -0
- package/dist/policy-service.cjs +241 -240
- package/dist/policy-service.cjs.map +1 -1
- package/dist/policy-service.d.cts +2 -2
- package/dist/policy-service.d.ts +2 -2
- package/dist/policy-service.js +240 -239
- package/dist/policy-service.js.map +1 -1
- package/dist/rbac/index.cjs +9 -0
- package/dist/rbac/index.d.cts +3 -0
- package/dist/rbac/index.d.ts +3 -0
- package/dist/rbac/index.js +2 -0
- package/dist/requested-by.cjs +54 -0
- package/dist/requested-by.cjs.map +1 -0
- package/dist/requested-by.d.cts +25 -0
- package/dist/requested-by.d.ts +25 -0
- package/dist/requested-by.js +49 -0
- package/dist/requested-by.js.map +1 -0
- package/dist/result/index.d.cts +2 -1
- package/dist/result/index.d.ts +2 -1
- package/dist/result.d.cts +84 -0
- package/dist/result.d.ts +84 -0
- package/dist/rule.cjs +327 -0
- package/dist/rule.cjs.map +1 -0
- package/dist/rule.js +298 -0
- package/dist/rule.js.map +1 -0
- package/dist/stable-stringify.cjs +47 -0
- package/dist/stable-stringify.cjs.map +1 -0
- package/dist/stable-stringify.js +42 -0
- package/dist/stable-stringify.js.map +1 -0
- package/dist/temporal-use-case.cjs +6 -53
- package/dist/temporal-use-case.cjs.map +1 -1
- package/dist/temporal-use-case.d.cts +11 -28
- package/dist/temporal-use-case.d.ts +11 -28
- package/dist/temporal-use-case.js +7 -48
- package/dist/temporal-use-case.js.map +1 -1
- package/dist/unexpected-error.cjs +3 -192
- package/dist/unexpected-error.cjs.map +1 -1
- package/dist/unexpected-error.js +2 -167
- package/dist/unexpected-error.js.map +1 -1
- package/dist/use-case.cjs +2 -6
- package/dist/use-case.cjs.map +1 -1
- package/dist/use-case.js +2 -6
- package/dist/use-case.js.map +1 -1
- package/dist/uuid-identifier.cjs +2 -7
- package/dist/uuid-identifier.cjs.map +1 -1
- package/dist/uuid-identifier.d.cts +2 -85
- package/dist/uuid-identifier.d.ts +2 -85
- package/dist/uuid-identifier.js +1 -6
- package/dist/uuid-identifier.js.map +1 -1
- package/dist/uuid.cjs +18 -0
- package/dist/uuid.cjs.map +1 -0
- package/dist/uuid.js +13 -0
- package/dist/uuid.js.map +1 -0
- package/dist/validation-error.cjs +33 -166
- package/dist/validation-error.cjs.map +1 -1
- package/dist/validation-error.d.cts +12 -103
- package/dist/validation-error.d.ts +12 -103
- package/dist/validation-error.js +7 -134
- package/dist/validation-error.js.map +1 -1
- package/dist/value-object.cjs +12 -126
- package/dist/value-object.cjs.map +1 -1
- package/dist/value-object.d.cts +97 -0
- package/dist/value-object.d.ts +97 -0
- package/dist/value-object.js +13 -115
- package/dist/value-object.js.map +1 -1
- package/meta.json +20 -4
- package/package.json +27 -1
- package/src/abac/index.ts +1 -0
- package/src/core/abac/abac-request.ts +29 -0
- package/src/core/abac/attributes.ts +39 -0
- package/src/core/abac/authorizer.ts +108 -0
- package/src/core/abac/combining.ts +63 -0
- package/src/core/abac/composite-authorizer.ts +45 -0
- package/src/core/abac/domain/policy-set.ts +52 -0
- package/src/core/abac/domain/rule.ts +197 -0
- package/src/core/abac/index.ts +21 -0
- package/src/core/application/commands/requested-by.ts +3 -4
- package/src/core/application/ports/abac-authorizer.port.ts +20 -0
- package/src/core/application/ports/authorizer.port.ts +22 -0
- package/src/core/application/queries/query.ts +6 -1
- package/src/core/application/use-case.ts +1 -1
- package/src/core/domain/entity.ts +1 -1
- package/src/core/domain/uuid-identifier.ts +1 -8
- package/src/core/domain/value-object.ts +12 -3
- package/src/core/errors/authorization-error.ts +26 -0
- package/src/core/errors/error-codes.ts +1 -0
- package/src/core/errors/utils/json-safe.ts +20 -11
- package/src/core/index.ts +7 -0
- package/src/core/policies/engines/v1/condition-evaluator.ts +56 -1
- package/src/core/rbac/access-request.ts +32 -0
- package/src/core/rbac/authorizer.ts +91 -0
- package/src/core/rbac/domain/grant.ts +96 -0
- package/src/core/rbac/domain/permission-set.ts +67 -0
- package/src/core/rbac/domain/permission.ts +119 -0
- package/src/core/rbac/domain/role.ts +101 -0
- package/src/core/rbac/domain/scope.ts +84 -0
- package/src/core/rbac/index.ts +15 -0
- package/src/core/rbac/policy-bridge.ts +44 -0
- package/src/core/shared/hashing.ts +1 -55
- package/src/core/shared/stable-stringify.ts +57 -0
- package/src/core/shared/uuid.ts +11 -0
- package/src/examples/application/authorize-cancel-order-abac.example.ts +107 -0
- package/src/examples/application/authorize-cancel-order.example.ts +101 -0
- package/src/rbac/index.ts +1 -0
- package/src/version.ts +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gate-v1-payload.schema.js","names":["#initialReporter","#currentReporter","#bridgeToConditionReporter"],"sources":["../src/core/config/silent-policy-reporter.ts","../src/core/config/core-config.ts","../src/core/config/core-config.instance.ts","../src/core/policies/utils/date.ts","../src/core/policies/context/path.ts","../src/core/policies/engines/v1/condition-schema.ts","../src/core/policies/engines/v1/condition-evaluator.ts","../src/core/policies/engines/v1/gate/gate-v1-payload.schema.ts"],"sourcesContent":["import type { PolicyReporter } from \"./policy-reporter.js\";\n\nexport class SilentPolicyReporter implements PolicyReporter {\n report(_event: Parameters<PolicyReporter[\"report\"]>[0]): void {}\n}\n","import type {\n ConditionEvaluationOptions,\n ConditionEvaluatorReporter,\n} from \"../policies/engines/condition-evaluator-reporter.js\";\nimport type { PolicyEvent, PolicyReporter } from \"./policy-reporter.js\";\nimport { SilentPolicyReporter } from \"./silent-policy-reporter.js\";\n\nexport interface CoreObservabilityConfig {\n readonly reporter?: PolicyReporter;\n}\n\nexport interface CoreConfigOptions {\n readonly observability?: CoreObservabilityConfig;\n}\n\nfunction reportSafely(\n policyReporter: PolicyReporter,\n event: PolicyEvent,\n): void {\n try {\n policyReporter.report(event);\n } catch {\n // Falhas de telemetria nao podem interromper o fluxo de dominio.\n }\n}\n\n/**\n * Centraliza a configuracao pura do core sem depender de implementacoes\n * concretas de logging, tracing ou report.\n */\nexport class CoreConfig {\n readonly #initialReporter: PolicyReporter;\n #currentReporter: PolicyReporter;\n\n constructor(options: CoreConfigOptions = {}) {\n const reporter =\n options.observability?.reporter ?? new SilentPolicyReporter();\n this.#initialReporter = reporter;\n this.#currentReporter = reporter;\n }\n\n configure(options: CoreConfigOptions): this {\n const reporter = options.observability?.reporter;\n if (reporter) {\n this.#currentReporter = reporter;\n }\n return this;\n }\n\n // Restores the reporter captured at construction time.\n reset(): this {\n this.#currentReporter = this.#initialReporter;\n return this;\n }\n\n getPolicyReporter(): PolicyReporter {\n return this.#currentReporter;\n }\n\n getConditionEvaluationOptions(\n engineVersion: number,\n ): ConditionEvaluationOptions {\n return {\n reporter: this.#bridgeToConditionReporter(this.#currentReporter),\n engineVersion,\n };\n }\n\n #bridgeToConditionReporter(\n policyReporter: PolicyReporter,\n ): ConditionEvaluatorReporter {\n return {\n warn(report) {\n reportSafely(policyReporter, {\n kind: \"condition-eval\",\n ...report,\n } satisfies PolicyEvent);\n },\n error(report) {\n reportSafely(policyReporter, {\n kind: \"condition-eval\",\n ...report,\n } satisfies PolicyEvent);\n },\n };\n }\n}\n","import { CoreConfig } from \"./core-config.js\";\nimport { SilentPolicyReporter } from \"./silent-policy-reporter.js\";\n\n/**\n * Shared instance for the application composition root.\n * Use `new CoreConfig()` for isolated runtimes, tests, or multi-tenant hosts.\n *\n * The default reporter is silent so the core has no runtime logging dependency.\n * Hosts can swap in their own `PolicyReporter` via\n * `coreConfig.configure({ observability: { reporter } })`.\n */\nexport const coreConfig = new CoreConfig({\n observability: { reporter: new SilentPolicyReporter() },\n});\n","import { isValidDate } from \"../../shared/temporal-guards.js\";\n\nexport class PolicyDateUtils {\n static isValid(value: Date): boolean {\n return isValidDate(value);\n }\n}\n","/**\n * Utilities for reading/writing values at dot-separated paths\n * in plain objects, e.g. \"installment.dueDate\".\n */\n\nimport { Result } from \"../../result/result.js\";\n\nexport class PolicyContextPath {\n private static readonly FORBIDDEN_SEGMENTS = new Set([\n \"__proto__\",\n \"prototype\",\n \"constructor\",\n ]);\n\n private static resolve(\n obj: Record<string, unknown>,\n path: string,\n ): Result<\n {\n readonly found: boolean;\n readonly value: unknown;\n },\n string\n > {\n const segmentsResult = PolicyContextPath.parseSegments(path);\n if (segmentsResult.isErr()) {\n return Result.err(segmentsResult.errorOrNull()!);\n }\n\n const segments = segmentsResult.getOrNull()!;\n let current: unknown = obj;\n\n for (const segment of segments) {\n if (\n current === null ||\n current === undefined ||\n typeof current !== \"object\"\n ) {\n return Result.ok({ found: false, value: undefined });\n }\n\n const record = current as Record<string, unknown>;\n if (!Object.prototype.hasOwnProperty.call(record, segment)) {\n return Result.ok({ found: false, value: undefined });\n }\n\n current = record[segment];\n }\n\n return Result.ok({ found: true, value: current });\n }\n\n private static parseSegments(\n path: string,\n ): Result<readonly string[], string> {\n if (path.trim().length === 0) {\n return Result.err(\"Path cannot be empty\");\n }\n\n const segments = path.split(\".\");\n if (segments.some((segment) => segment.length === 0)) {\n return Result.err(`Path \"${path}\" contains an empty segment`);\n }\n\n const forbiddenSegment = segments.find((segment) =>\n PolicyContextPath.FORBIDDEN_SEGMENTS.has(segment),\n );\n if (forbiddenSegment !== undefined) {\n return Result.err(\n `Path \"${path}\" contains forbidden segment \"${forbiddenSegment}\"`,\n );\n }\n\n return Result.ok(segments);\n }\n\n private static isPlainRecord(\n value: unknown,\n ): value is Record<string, unknown> {\n if (\n typeof value !== \"object\" ||\n value === null ||\n Array.isArray(value)\n ) {\n return false;\n }\n\n const prototype = Object.getPrototypeOf(value);\n return prototype === Object.prototype || prototype === null;\n }\n\n static getOrAbsent(\n obj: Record<string, unknown>,\n path: string,\n ): Result<unknown, \"absent\"> {\n const resolvedPath = PolicyContextPath.resolve(obj, path);\n if (resolvedPath.isErr()) {\n return Result.err(\"absent\");\n }\n\n const { found, value } = resolvedPath.getOrNull()!;\n if (!found) {\n return Result.err(\"absent\");\n }\n\n return Result.ok(value);\n }\n\n static has(obj: Record<string, unknown>, path: string): boolean {\n const resolvedPath = PolicyContextPath.resolve(obj, path);\n if (resolvedPath.isErr()) {\n return false;\n }\n\n return resolvedPath.getOrNull()!.found;\n }\n\n static set(\n obj: Record<string, unknown>,\n path: string,\n value: unknown,\n ): Result<void, string> {\n const segmentsResult = PolicyContextPath.parseSegments(path);\n if (segmentsResult.isErr()) {\n return Result.err(segmentsResult.errorOrNull()!);\n }\n\n const segments = segmentsResult.getOrNull()!;\n let current: Record<string, unknown> = obj;\n\n for (let i = 0; i < segments.length - 1; i++) {\n const seg = segments[i];\n const next = current[seg];\n\n if (next === undefined) {\n const container = Object.create(null) as Record<\n string,\n unknown\n >;\n current[seg] = container;\n current = container;\n continue;\n }\n\n if (!PolicyContextPath.isPlainRecord(next)) {\n return Result.err(\n `Cannot create nested path \"${path}\" because \"${segments\n .slice(0, i + 1)\n .join(\".\")}\" already contains a non-plain object`,\n );\n }\n\n current = next;\n }\n\n current[segments[segments.length - 1]] = value;\n return Result.ok(undefined);\n }\n}\n","import { z } from \"zod\";\n\nimport type { ConditionLeafNode, ConditionNode } from \"./condition-types.js\";\n\n// ─── Shared v1 condition Zod schemas ─────────────────────────────────────────\n// Extracted from gate/v1 so both gate/v1 and compute/v1 can validate\n// condition nodes without either engine depending on the other.\n\nconst conditionOpSchema = z.enum([\n \"eq\",\n \"neq\",\n \"gt\",\n \"gte\",\n \"lt\",\n \"lte\",\n \"in\",\n \"notIn\",\n \"isNull\",\n \"isNotNull\",\n]);\n\nexport const conditionLeafNodeSchema: z.ZodType<ConditionLeafNode> = z\n .object({\n field: z.string().min(1),\n op: conditionOpSchema,\n value: z.unknown(),\n allowNull: z.literal(true).optional(),\n })\n .strict() as z.ZodType<ConditionLeafNode>;\n\nexport const conditionNodeSchema: z.ZodType<ConditionNode> = z.lazy(() =>\n z.union([\n conditionLeafNodeSchema,\n z\n .object({\n and: z.array(conditionNodeSchema).min(1),\n })\n .strict(),\n z\n .object({\n or: z.array(conditionNodeSchema).min(1),\n })\n .strict(),\n z\n .object({\n not: conditionNodeSchema,\n })\n .strict(),\n ]),\n);\n","import { PolicyContextPath } from \"../../context/index.js\";\nimport { PolicyDateUtils } from \"../../utils/index.js\";\nimport { Result } from \"../../../result/result.js\";\n\nimport type {\n ConditionAndNode,\n ConditionLeafNode,\n ConditionNode,\n ConditionNotNode,\n ConditionOp,\n ConditionOrNode,\n} from \"./condition-types.js\";\nimport type {\n ConditionEvaluationOptions,\n ConditionEvaluationReport,\n} from \"../condition-evaluator-reporter.js\";\nimport type { PolicyContext } from \"../gate-types.js\";\n\nconst CONDITION_EVAL_THROWN_TAG = \"CONDITION_EVAL_THREW\";\nconst NULLISH_NUMERIC_OPERAND_NOT_ALLOWED_TAG =\n \"NULLISH_NUMERIC_OPERAND_NOT_ALLOWED\";\nconst NULLISH_DATE_OPERAND_NOT_ALLOWED_TAG = \"NULLISH_DATE_OPERAND_NOT_ALLOWED\";\nconst INVALID_DATE_OPERAND_TAG = \"INVALID_DATE_OPERAND\";\nconst INVALID_NUMERIC_OPERAND_TAG = \"INVALID_NUMERIC_OPERAND\";\nconst INVALID_SET_OPERAND_TAG = \"INVALID_SET_OPERAND\";\nconst EMPTY_OR_CONDITION_TAG = \"EMPTY_OR_CONDITION\";\nconst EMPTY_AND_CONDITION_TAG = \"EMPTY_AND_CONDITION\";\nconst ISO_8601_UTC_DATE_PATTERN =\n /^\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d{3}Z$/;\n\nexport interface ConditionEvaluationTrace {\n readonly conditionPath: string;\n readonly decisiveNode: ConditionNode;\n readonly lastEvaluatedLeaf: ConditionLeafNode;\n readonly lastEvaluatedLeafPath: string;\n readonly lastEvaluatedLeafResult: boolean;\n}\n\nexport interface TracedConditionEvaluation {\n readonly matched: boolean;\n readonly trace: ConditionEvaluationTrace;\n}\n\ntype RelationalOperator = Extract<ConditionOp, \"gt\" | \"gte\" | \"lt\" | \"lte\">;\n\nexport class ConditionEvaluatorV1 {\n constructor(\n private readonly context: PolicyContext,\n private readonly options: ConditionEvaluationOptions,\n ) {}\n\n private static isLeafNode(node: ConditionNode): node is ConditionLeafNode {\n return \"field\" in node && \"op\" in node;\n }\n\n private static isAndNode(node: ConditionNode): node is ConditionAndNode {\n return \"and\" in node;\n }\n\n private static isOrNode(node: ConditionNode): node is ConditionOrNode {\n return \"or\" in node;\n }\n\n private static isNotNode(node: ConditionNode): node is ConditionNotNode {\n return \"not\" in node;\n }\n\n private static isRelationalOperator(\n op: ConditionOp,\n ): op is RelationalOperator {\n return op === \"gt\" || op === \"gte\" || op === \"lt\" || op === \"lte\";\n }\n\n private static describeError(error: unknown): {\n name: string;\n message: string;\n } {\n if (error instanceof Error) {\n return {\n name: error.name,\n message: error.message,\n };\n }\n\n return {\n name: \"NonErrorThrown\",\n message: String(error),\n };\n }\n\n private static buildNullishNumericOperandMessage(\n node: ConditionLeafNode,\n actual: null | undefined,\n ): string {\n const resolvedValue = actual === null ? \"null\" : \"undefined\";\n\n return `${NULLISH_NUMERIC_OPERAND_NOT_ALLOWED_TAG}: \"${node.field}\" resolved to ${resolvedValue} for numeric operator \"${node.op}\"`;\n }\n\n private static buildNullishDateOperandMessage(\n node: ConditionLeafNode,\n actual: null | undefined,\n ): string {\n const resolvedValue = actual === null ? \"null\" : \"undefined\";\n\n return `${NULLISH_DATE_OPERAND_NOT_ALLOWED_TAG}: \"${node.field}\" resolved to ${resolvedValue} for date comparison operator \"${node.op}\"`;\n }\n\n private static buildInvalidDateOperandMessage(\n node: ConditionLeafNode,\n ): string {\n return `${INVALID_DATE_OPERAND_TAG}: \"${node.field}\" with operator \"${node.op}\" requires Date or ISO 8601 UTC string operands`;\n }\n\n private static buildInvalidNumericOperandMessage(\n node: ConditionLeafNode,\n ): string {\n return `${INVALID_NUMERIC_OPERAND_TAG}: \"${node.field}\" with operator \"${node.op}\" requires numeric operands`;\n }\n\n private static buildInvalidSetOperandMessage(\n node: ConditionLeafNode,\n ): string {\n return `${INVALID_SET_OPERAND_TAG}: \"${node.field}\" with operator \"${node.op}\" requires an array operand`;\n }\n\n private static buildEmptyOrConditionMessage(): string {\n return `${EMPTY_OR_CONDITION_TAG}: OR nodes must contain at least one child condition`;\n }\n\n private static buildEmptyAndConditionMessage(): string {\n return `${EMPTY_AND_CONDITION_TAG}: AND nodes must contain at least one child condition`;\n }\n\n private static parseComparableDate(\n value: unknown,\n ): Result<Date, string> | null {\n if (value instanceof Date) {\n if (!PolicyDateUtils.isValid(value)) {\n return Result.err(\"Invalid Date instance\");\n }\n\n return Result.ok(value);\n }\n\n if (\n typeof value !== \"string\" ||\n !ISO_8601_UTC_DATE_PATTERN.test(value)\n ) {\n return null;\n }\n\n const parsed = new Date(value);\n if (\n !PolicyDateUtils.isValid(parsed) ||\n parsed.toISOString() !== value\n ) {\n return Result.err(\"Invalid ISO 8601 UTC date string\");\n }\n\n return Result.ok(parsed);\n }\n\n private static evaluateRelationalNumbers(\n actual: number,\n op: RelationalOperator,\n expected: number,\n ): boolean {\n switch (op) {\n case \"gt\":\n return actual > expected;\n case \"gte\":\n return actual >= expected;\n case \"lt\":\n return actual < expected;\n case \"lte\":\n return actual <= expected;\n }\n }\n\n private buildReport(params: {\n readonly level: ConditionEvaluationReport[\"level\"];\n readonly tag: ConditionEvaluationReport[\"tag\"];\n readonly message: string;\n readonly details: Readonly<Record<string, unknown>>;\n }): ConditionEvaluationReport {\n return {\n occurredAt: new Date(),\n level: params.level,\n tag: params.tag,\n message: params.message,\n engineVersion: this.options.engineVersion,\n details: params.details,\n };\n }\n\n private conditionEvalErr<TValue>(\n node: ConditionNode,\n error: unknown,\n ): Result<TValue, string> {\n const cause = ConditionEvaluatorV1.describeError(error);\n const message = `${CONDITION_EVAL_THROWN_TAG}: ${cause.name}: ${cause.message}`;\n\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: CONDITION_EVAL_THROWN_TAG,\n message,\n details: { node, cause },\n }),\n );\n\n return Result.err(message);\n }\n\n private reportDateOperandError(\n node: ConditionLeafNode,\n actual: unknown,\n ): Result<boolean, string> {\n const message =\n ConditionEvaluatorV1.buildInvalidDateOperandMessage(node);\n\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: INVALID_DATE_OPERAND_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n private reportInvalidNumericOperand(\n node: ConditionLeafNode,\n actual: unknown,\n ): Result<boolean, string> {\n const message =\n ConditionEvaluatorV1.buildInvalidNumericOperandMessage(node);\n\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: INVALID_NUMERIC_OPERAND_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n private reportInvalidSetOperand(\n node: ConditionLeafNode,\n actual: unknown,\n ): Result<boolean, string> {\n const message =\n ConditionEvaluatorV1.buildInvalidSetOperandMessage(node);\n\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: INVALID_SET_OPERAND_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n private evaluateDateRelationalNode(\n node: ConditionLeafNode,\n actual: unknown,\n ): Result<boolean, string> | null {\n if (!ConditionEvaluatorV1.isRelationalOperator(node.op)) {\n return null;\n }\n\n const actualDateResult =\n ConditionEvaluatorV1.parseComparableDate(actual);\n const expectedDateResult = ConditionEvaluatorV1.parseComparableDate(\n node.value,\n );\n\n if (actualDateResult === null && expectedDateResult === null) {\n return null;\n }\n\n const allowsNull = node.allowNull === true;\n\n if (actual === null) {\n if (allowsNull) {\n return Result.ok(false);\n }\n\n const message = ConditionEvaluatorV1.buildNullishDateOperandMessage(\n node,\n actual,\n );\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: NULLISH_DATE_OPERAND_NOT_ALLOWED_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n allowNull: allowsNull,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n if (actual === undefined) {\n const message = ConditionEvaluatorV1.buildNullishDateOperandMessage(\n node,\n actual,\n );\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: NULLISH_DATE_OPERAND_NOT_ALLOWED_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n allowNull: allowsNull,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n if (\n actualDateResult === null ||\n actualDateResult.isErr() ||\n expectedDateResult === null ||\n expectedDateResult.isErr()\n ) {\n return this.reportDateOperandError(node, actual);\n }\n\n return Result.ok(\n ConditionEvaluatorV1.evaluateRelationalNumbers(\n actualDateResult.getOrNull()!.getTime(),\n node.op,\n expectedDateResult.getOrNull()!.getTime(),\n ),\n );\n }\n\n private evaluateOperator(\n actual: unknown,\n op: ConditionOp,\n expected: unknown,\n ): boolean {\n switch (op) {\n case \"eq\":\n return actual === expected;\n case \"neq\":\n return actual !== expected;\n case \"gt\":\n return (\n typeof actual === \"number\" &&\n typeof expected === \"number\" &&\n ConditionEvaluatorV1.evaluateRelationalNumbers(\n actual,\n op,\n expected,\n )\n );\n case \"gte\":\n return (\n typeof actual === \"number\" &&\n typeof expected === \"number\" &&\n ConditionEvaluatorV1.evaluateRelationalNumbers(\n actual,\n op,\n expected,\n )\n );\n case \"lt\":\n return (\n typeof actual === \"number\" &&\n typeof expected === \"number\" &&\n ConditionEvaluatorV1.evaluateRelationalNumbers(\n actual,\n op,\n expected,\n )\n );\n case \"lte\":\n return (\n typeof actual === \"number\" &&\n typeof expected === \"number\" &&\n ConditionEvaluatorV1.evaluateRelationalNumbers(\n actual,\n op,\n expected,\n )\n );\n case \"in\":\n return Array.isArray(expected) && expected.includes(actual);\n case \"notIn\":\n return Array.isArray(expected) && !expected.includes(actual);\n case \"isNull\":\n return actual === null;\n case \"isNotNull\":\n return actual !== null && actual !== undefined;\n }\n }\n\n private evaluateNumericRelationalNode(\n node: ConditionLeafNode,\n actual: unknown,\n ): Result<boolean, string> {\n const allowsNull = node.allowNull === true;\n if (actual === undefined || (actual === null && !allowsNull)) {\n const message =\n ConditionEvaluatorV1.buildNullishNumericOperandMessage(\n node,\n actual as null | undefined,\n );\n\n this.options.reporter.error(\n this.buildReport({\n level: \"error\",\n tag: NULLISH_NUMERIC_OPERAND_NOT_ALLOWED_TAG,\n message,\n details: {\n field: node.field,\n op: node.op,\n actual,\n expected: node.value,\n allowNull: allowsNull,\n node,\n },\n }),\n );\n\n return Result.err(message);\n }\n\n // null + allowNull: a relational comparison against a missing value\n // never matches.\n if (actual === null) {\n return Result.ok(false);\n }\n\n // Both operands must be numbers. A present but wrong-typed operand is a\n // context/configuration error, surfaced like the date path instead of\n // silently collapsing to \"no match\".\n if (typeof actual !== \"number\" || typeof node.value !== \"number\") {\n return this.reportInvalidNumericOperand(node, actual);\n }\n\n return Result.ok(this.evaluateOperator(actual, node.op, node.value));\n }\n\n private evaluateLeafNode(node: ConditionLeafNode): Result<boolean, string> {\n const actualResult = PolicyContextPath.getOrAbsent(\n this.context,\n node.field,\n );\n if (actualResult.isErr()) {\n this.options.reporter.warn(\n this.buildReport({\n level: \"warn\",\n tag: \"MISSING_CONTEXT_FIELD\",\n message: `MISSING_CONTEXT_FIELD: \"${node.field}\" not found in context`,\n details: { field: node.field, node },\n }),\n );\n\n return Result.err(\n `MISSING_CONTEXT_FIELD: \"${node.field}\" not found in context`,\n );\n }\n\n try {\n const actual = actualResult.getOrThrow();\n if (ConditionEvaluatorV1.isRelationalOperator(node.op)) {\n const dateResult = this.evaluateDateRelationalNode(\n node,\n actual,\n );\n if (dateResult !== null) {\n return dateResult;\n }\n\n return this.evaluateNumericRelationalNode(node, actual);\n }\n\n if (\n (node.op === \"in\" || node.op === \"notIn\") &&\n !Array.isArray(node.value)\n ) {\n return this.reportInvalidSetOperand(node, actual);\n }\n\n return Result.ok(\n this.evaluateOperator(actual, node.op, node.value),\n );\n } catch (error) {\n return this.conditionEvalErr(node, error);\n }\n }\n\n private buildTrace(params: {\n readonly conditionPath: string;\n readonly decisiveNode: ConditionNode;\n readonly lastEvaluatedLeaf: ConditionLeafNode;\n readonly lastEvaluatedLeafPath: string;\n readonly lastEvaluatedLeafResult: boolean;\n }): ConditionEvaluationTrace {\n return {\n conditionPath: params.conditionPath,\n decisiveNode: params.decisiveNode,\n lastEvaluatedLeaf: params.lastEvaluatedLeaf,\n lastEvaluatedLeafPath: params.lastEvaluatedLeafPath,\n lastEvaluatedLeafResult: params.lastEvaluatedLeafResult,\n };\n }\n\n private evaluateWithTraceInternal(\n node: ConditionNode,\n path: string,\n ): Result<TracedConditionEvaluation, string> {\n if (ConditionEvaluatorV1.isLeafNode(node)) {\n const leafResult = this.evaluateLeafNode(node);\n if (leafResult.isErr()) {\n return Result.err(leafResult.errorOrNull()!);\n }\n\n const matched = leafResult.getOrNull()!;\n return Result.ok({\n matched,\n trace: this.buildTrace({\n conditionPath: path,\n decisiveNode: node,\n lastEvaluatedLeaf: node,\n lastEvaluatedLeafPath: path,\n lastEvaluatedLeafResult: matched,\n }),\n });\n }\n\n if (ConditionEvaluatorV1.isAndNode(node)) {\n if (node.and.length === 0) {\n return Result.err(\n ConditionEvaluatorV1.buildEmptyAndConditionMessage(),\n );\n }\n\n let lastTracedChild: TracedConditionEvaluation | null = null;\n\n for (const [index, child] of node.and.entries()) {\n const childPath = `${path}.and[${index}]`;\n const childResult = this.evaluateWithTraceInternal(\n child,\n childPath,\n );\n if (childResult.isErr()) {\n return Result.err(childResult.errorOrNull()!);\n }\n\n const tracedChild = childResult.getOrNull()!;\n lastTracedChild = tracedChild;\n if (!tracedChild.matched) {\n return Result.ok({\n matched: false,\n trace: this.buildTrace({\n conditionPath: childPath,\n decisiveNode: child,\n lastEvaluatedLeaf:\n tracedChild.trace.lastEvaluatedLeaf,\n lastEvaluatedLeafPath:\n tracedChild.trace.lastEvaluatedLeafPath,\n lastEvaluatedLeafResult:\n tracedChild.trace.lastEvaluatedLeafResult,\n }),\n });\n }\n }\n\n return Result.ok({\n matched: true,\n trace: lastTracedChild!.trace,\n });\n }\n\n if (ConditionEvaluatorV1.isOrNode(node)) {\n let lastTrace: ConditionEvaluationTrace | null = null;\n\n for (const [index, child] of node.or.entries()) {\n const childResult = this.evaluateWithTraceInternal(\n child,\n `${path}.or[${index}]`,\n );\n if (childResult.isErr()) {\n return Result.err(childResult.errorOrNull()!);\n }\n\n const tracedChild = childResult.getOrNull()!;\n lastTrace = tracedChild.trace;\n if (tracedChild.matched) {\n return Result.ok({\n matched: true,\n trace: tracedChild.trace,\n });\n }\n }\n\n if (lastTrace === null) {\n return Result.err(\n ConditionEvaluatorV1.buildEmptyOrConditionMessage(),\n );\n }\n\n return Result.ok({ matched: false, trace: lastTrace! });\n }\n\n if (ConditionEvaluatorV1.isNotNode(node)) {\n const childPath = `${path}.not`;\n const childResult = this.evaluateWithTraceInternal(\n node.not,\n childPath,\n );\n if (childResult.isErr()) {\n return Result.err(childResult.errorOrNull()!);\n }\n\n const tracedChild = childResult.getOrNull()!;\n return Result.ok({\n matched: !tracedChild.matched,\n trace: this.buildTrace({\n conditionPath: path,\n decisiveNode: node,\n lastEvaluatedLeaf: tracedChild.trace.lastEvaluatedLeaf,\n lastEvaluatedLeafPath:\n tracedChild.trace.lastEvaluatedLeafPath,\n lastEvaluatedLeafResult:\n tracedChild.trace.lastEvaluatedLeafResult,\n }),\n });\n }\n\n return this.conditionEvalErr(\n node,\n new TypeError(\"Invalid condition node shape\"),\n );\n }\n\n evaluate(node: ConditionNode): Result<boolean, string> {\n try {\n const result = this.evaluateWithTraceInternal(node, \"$\");\n if (result.isErr()) {\n return Result.err(result.errorOrNull()!);\n }\n\n return Result.ok(result.getOrNull()!.matched);\n } catch (error) {\n return this.conditionEvalErr(node, error);\n }\n }\n\n evaluateWithTrace(\n node: ConditionNode,\n ): Result<TracedConditionEvaluation, string> {\n try {\n return this.evaluateWithTraceInternal(node, \"$\");\n } catch (error) {\n return this.conditionEvalErr(node, error);\n }\n }\n\n static extractFields(node: ConditionNode): string[] {\n if (ConditionEvaluatorV1.isLeafNode(node)) {\n return [node.field];\n }\n\n if (ConditionEvaluatorV1.isAndNode(node)) {\n return node.and.flatMap((child) =>\n ConditionEvaluatorV1.extractFields(child),\n );\n }\n\n if (ConditionEvaluatorV1.isOrNode(node)) {\n return node.or.flatMap((child) =>\n ConditionEvaluatorV1.extractFields(child),\n );\n }\n\n if (ConditionEvaluatorV1.isNotNode(node)) {\n return ConditionEvaluatorV1.extractFields(node.not);\n }\n\n return [];\n }\n}\n","import { z } from \"zod\";\n\nimport { Result } from \"../../../../result/result.js\";\n\nimport type { GatePayloadV1 } from \"./gate-types-v1.js\";\nimport {\n conditionLeafNodeSchema,\n conditionNodeSchema,\n} from \"../condition-schema.js\";\n\n// Re-export so gate/v1 public API remains unchanged.\nexport { conditionLeafNodeSchema, conditionNodeSchema };\n\nexport class GatePayloadSchemaV1 {\n static readonly schema = z.union([\n z\n .object({\n condition: conditionNodeSchema,\n })\n .strict(),\n z\n .object({\n allowIf: conditionNodeSchema,\n defaultOutcome: z.enum([\"ALLOW\", \"DENY\"]),\n })\n .strict(),\n ]);\n\n static parse(payload: unknown): Result<GatePayloadV1, string> {\n const parsed = GatePayloadSchemaV1.schema.safeParse(payload);\n if (!parsed.success) {\n const details = parsed.error.issues\n .map((issue) => {\n const path = issue.path.join(\".\");\n return path.length > 0\n ? `${path}: ${issue.message}`\n : issue.message;\n })\n .join(\"; \");\n\n return Result.err(`Invalid gate payload: ${details}`);\n }\n\n return Result.ok(parsed.data as GatePayloadV1);\n }\n}\n\nexport const gatePayloadSchema = GatePayloadSchemaV1.schema;\n"],"mappings":";;;;AAEA,IAAa,uBAAb,MAA4D;CACxD,OAAO,QAAuD,CAAC;AACnE;;;ACWA,SAAS,aACL,gBACA,OACI;CACJ,IAAI;EACA,eAAe,OAAO,KAAK;CAC/B,QAAQ,CAER;AACJ;;;;;AAMA,IAAa,aAAb,MAAwB;CACpB;CACA;CAEA,YAAY,UAA6B,CAAC,GAAG;EACzC,MAAM,WACF,QAAQ,eAAe,YAAY,IAAI,qBAAqB;EAChE,KAAKA,mBAAmB;EACxB,KAAKC,mBAAmB;CAC5B;CAEA,UAAU,SAAkC;EACxC,MAAM,WAAW,QAAQ,eAAe;EACxC,IAAI,UACA,KAAKA,mBAAmB;EAE5B,OAAO;CACX;CAGA,QAAc;EACV,KAAKA,mBAAmB,KAAKD;EAC7B,OAAO;CACX;CAEA,oBAAoC;EAChC,OAAO,KAAKC;CAChB;CAEA,8BACI,eAC0B;EAC1B,OAAO;GACH,UAAU,KAAKC,2BAA2B,KAAKD,gBAAgB;GAC/D;EACJ;CACJ;CAEA,2BACI,gBAC0B;EAC1B,OAAO;GACH,KAAK,QAAQ;IACT,aAAa,gBAAgB;KACzB,MAAM;KACN,GAAG;IACP,CAAuB;GAC3B;GACA,MAAM,QAAQ;IACV,aAAa,gBAAgB;KACzB,MAAM;KACN,GAAG;IACP,CAAuB;GAC3B;EACJ;CACJ;AACJ;;;;;;;;;;;AC3EA,MAAa,aAAa,IAAI,WAAW,EACrC,eAAe,EAAE,UAAU,IAAI,qBAAqB,EAAE,EAC1D,CAAC;;;ACXD,IAAa,kBAAb,MAA6B;CACzB,OAAO,QAAQ,OAAsB;EACjC,OAAO,YAAY,KAAK;CAC5B;AACJ;;;;;;;ACCA,IAAa,oBAAb,MAAa,kBAAkB;;4BACkB,IAAI,IAAI;GACjD;GACA;GACA;EACJ,CAAC;;CAED,OAAe,QACX,KACA,MAOF;EACE,MAAM,iBAAiB,kBAAkB,cAAc,IAAI;EAC3D,IAAI,eAAe,MAAM,GACrB,OAAO,OAAO,IAAI,eAAe,YAAY,CAAE;EAGnD,MAAM,WAAW,eAAe,UAAU;EAC1C,IAAI,UAAmB;EAEvB,KAAK,MAAM,WAAW,UAAU;GAC5B,IACI,YAAY,QACZ,YAAY,KAAA,KACZ,OAAO,YAAY,UAEnB,OAAO,OAAO,GAAG;IAAE,OAAO;IAAO,OAAO,KAAA;GAAU,CAAC;GAGvD,MAAM,SAAS;GACf,IAAI,CAAC,OAAO,UAAU,eAAe,KAAK,QAAQ,OAAO,GACrD,OAAO,OAAO,GAAG;IAAE,OAAO;IAAO,OAAO,KAAA;GAAU,CAAC;GAGvD,UAAU,OAAO;EACrB;EAEA,OAAO,OAAO,GAAG;GAAE,OAAO;GAAM,OAAO;EAAQ,CAAC;CACpD;CAEA,OAAe,cACX,MACiC;EACjC,IAAI,KAAK,KAAK,EAAE,WAAW,GACvB,OAAO,OAAO,IAAI,sBAAsB;EAG5C,MAAM,WAAW,KAAK,MAAM,GAAG;EAC/B,IAAI,SAAS,MAAM,YAAY,QAAQ,WAAW,CAAC,GAC/C,OAAO,OAAO,IAAI,SAAS,KAAK,4BAA4B;EAGhE,MAAM,mBAAmB,SAAS,MAAM,YACpC,kBAAkB,mBAAmB,IAAI,OAAO,CACpD;EACA,IAAI,qBAAqB,KAAA,GACrB,OAAO,OAAO,IACV,SAAS,KAAK,gCAAgC,iBAAiB,EACnE;EAGJ,OAAO,OAAO,GAAG,QAAQ;CAC7B;CAEA,OAAe,cACX,OACgC;EAChC,IACI,OAAO,UAAU,YACjB,UAAU,QACV,MAAM,QAAQ,KAAK,GAEnB,OAAO;EAGX,MAAM,YAAY,OAAO,eAAe,KAAK;EAC7C,OAAO,cAAc,OAAO,aAAa,cAAc;CAC3D;CAEA,OAAO,YACH,KACA,MACyB;EACzB,MAAM,eAAe,kBAAkB,QAAQ,KAAK,IAAI;EACxD,IAAI,aAAa,MAAM,GACnB,OAAO,OAAO,IAAI,QAAQ;EAG9B,MAAM,EAAE,OAAO,UAAU,aAAa,UAAU;EAChD,IAAI,CAAC,OACD,OAAO,OAAO,IAAI,QAAQ;EAG9B,OAAO,OAAO,GAAG,KAAK;CAC1B;CAEA,OAAO,IAAI,KAA8B,MAAuB;EAC5D,MAAM,eAAe,kBAAkB,QAAQ,KAAK,IAAI;EACxD,IAAI,aAAa,MAAM,GACnB,OAAO;EAGX,OAAO,aAAa,UAAU,EAAG;CACrC;CAEA,OAAO,IACH,KACA,MACA,OACoB;EACpB,MAAM,iBAAiB,kBAAkB,cAAc,IAAI;EAC3D,IAAI,eAAe,MAAM,GACrB,OAAO,OAAO,IAAI,eAAe,YAAY,CAAE;EAGnD,MAAM,WAAW,eAAe,UAAU;EAC1C,IAAI,UAAmC;EAEvC,KAAK,IAAI,IAAI,GAAG,IAAI,SAAS,SAAS,GAAG,KAAK;GAC1C,MAAM,MAAM,SAAS;GACrB,MAAM,OAAO,QAAQ;GAErB,IAAI,SAAS,KAAA,GAAW;IACpB,MAAM,YAAY,OAAO,OAAO,IAAI;IAIpC,QAAQ,OAAO;IACf,UAAU;IACV;GACJ;GAEA,IAAI,CAAC,kBAAkB,cAAc,IAAI,GACrC,OAAO,OAAO,IACV,8BAA8B,KAAK,aAAa,SAC3C,MAAM,GAAG,IAAI,CAAC,EACd,KAAK,GAAG,EAAE,sCACnB;GAGJ,UAAU;EACd;EAEA,QAAQ,SAAS,SAAS,SAAS,MAAM;EACzC,OAAO,OAAO,GAAG,KAAA,CAAS;CAC9B;AACJ;;;ACtJA,MAAM,oBAAoB,EAAE,KAAK;CAC7B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;AACJ,CAAC;AAED,MAAa,0BAAwD,EAChE,OAAO;CACJ,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC;CACvB,IAAI;CACJ,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ,IAAI,EAAE,SAAS;AACxC,CAAC,EACA,OAAO;AAEZ,MAAa,sBAAgD,EAAE,WAC3D,EAAE,MAAM;CACJ;CACA,EACK,OAAO,EACJ,KAAK,EAAE,MAAM,mBAAmB,EAAE,IAAI,CAAC,EAC3C,CAAC,EACA,OAAO;CACZ,EACK,OAAO,EACJ,IAAI,EAAE,MAAM,mBAAmB,EAAE,IAAI,CAAC,EAC1C,CAAC,EACA,OAAO;CACZ,EACK,OAAO,EACJ,KAAK,oBACT,CAAC,EACA,OAAO;AAChB,CAAC,CACL;;;AC/BA,MAAM,4BAA4B;AAClC,MAAM,0CACF;AACJ,MAAM,uCAAuC;AAC7C,MAAM,2BAA2B;AACjC,MAAM,8BAA8B;AACpC,MAAM,0BAA0B;AAChC,MAAM,yBAAyB;AAC/B,MAAM,0BAA0B;AAChC,MAAM,4BACF;AAiBJ,IAAa,uBAAb,MAAa,qBAAqB;CAC9B,YACI,SACA,SACF;EAFmB,KAAA,UAAA;EACA,KAAA,UAAA;CAClB;CAEH,OAAe,WAAW,MAAgD;EACtE,OAAO,WAAW,QAAQ,QAAQ;CACtC;CAEA,OAAe,UAAU,MAA+C;EACpE,OAAO,SAAS;CACpB;CAEA,OAAe,SAAS,MAA8C;EAClE,OAAO,QAAQ;CACnB;CAEA,OAAe,UAAU,MAA+C;EACpE,OAAO,SAAS;CACpB;CAEA,OAAe,qBACX,IACwB;EACxB,OAAO,OAAO,QAAQ,OAAO,SAAS,OAAO,QAAQ,OAAO;CAChE;CAEA,OAAe,cAAc,OAG3B;EACE,IAAI,iBAAiB,OACjB,OAAO;GACH,MAAM,MAAM;GACZ,SAAS,MAAM;EACnB;EAGJ,OAAO;GACH,MAAM;GACN,SAAS,OAAO,KAAK;EACzB;CACJ;CAEA,OAAe,kCACX,MACA,QACM;EACN,MAAM,gBAAgB,WAAW,OAAO,SAAS;EAEjD,OAAO,GAAG,wCAAwC,KAAK,KAAK,MAAM,gBAAgB,cAAc,yBAAyB,KAAK,GAAG;CACrI;CAEA,OAAe,+BACX,MACA,QACM;EACN,MAAM,gBAAgB,WAAW,OAAO,SAAS;EAEjD,OAAO,GAAG,qCAAqC,KAAK,KAAK,MAAM,gBAAgB,cAAc,iCAAiC,KAAK,GAAG;CAC1I;CAEA,OAAe,+BACX,MACM;EACN,OAAO,GAAG,yBAAyB,KAAK,KAAK,MAAM,mBAAmB,KAAK,GAAG;CAClF;CAEA,OAAe,kCACX,MACM;EACN,OAAO,GAAG,4BAA4B,KAAK,KAAK,MAAM,mBAAmB,KAAK,GAAG;CACrF;CAEA,OAAe,8BACX,MACM;EACN,OAAO,GAAG,wBAAwB,KAAK,KAAK,MAAM,mBAAmB,KAAK,GAAG;CACjF;CAEA,OAAe,+BAAuC;EAClD,OAAO,GAAG,uBAAuB;CACrC;CAEA,OAAe,gCAAwC;EACnD,OAAO,GAAG,wBAAwB;CACtC;CAEA,OAAe,oBACX,OAC2B;EAC3B,IAAI,iBAAiB,MAAM;GACvB,IAAI,CAAC,gBAAgB,QAAQ,KAAK,GAC9B,OAAO,OAAO,IAAI,uBAAuB;GAG7C,OAAO,OAAO,GAAG,KAAK;EAC1B;EAEA,IACI,OAAO,UAAU,YACjB,CAAC,0BAA0B,KAAK,KAAK,GAErC,OAAO;EAGX,MAAM,SAAS,IAAI,KAAK,KAAK;EAC7B,IACI,CAAC,gBAAgB,QAAQ,MAAM,KAC/B,OAAO,YAAY,MAAM,OAEzB,OAAO,OAAO,IAAI,kCAAkC;EAGxD,OAAO,OAAO,GAAG,MAAM;CAC3B;CAEA,OAAe,0BACX,QACA,IACA,UACO;EACP,QAAQ,IAAR;GACI,KAAK,MACD,OAAO,SAAS;GACpB,KAAK,OACD,OAAO,UAAU;GACrB,KAAK,MACD,OAAO,SAAS;GACpB,KAAK,OACD,OAAO,UAAU;EACzB;CACJ;CAEA,YAAoB,QAKU;EAC1B,OAAO;GACH,4BAAY,IAAI,KAAK;GACrB,OAAO,OAAO;GACd,KAAK,OAAO;GACZ,SAAS,OAAO;GAChB,eAAe,KAAK,QAAQ;GAC5B,SAAS,OAAO;EACpB;CACJ;CAEA,iBACI,MACA,OACsB;EACtB,MAAM,QAAQ,qBAAqB,cAAc,KAAK;EACtD,MAAM,UAAU,GAAG,0BAA0B,IAAI,MAAM,KAAK,IAAI,MAAM;EAEtE,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;GACb,OAAO;GACP,KAAK;GACL;GACA,SAAS;IAAE;IAAM;GAAM;EAC3B,CAAC,CACL;EAEA,OAAO,OAAO,IAAI,OAAO;CAC7B;CAEA,uBACI,MACA,QACuB;EACvB,MAAM,UACF,qBAAqB,+BAA+B,IAAI;EAE5D,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;GACb,OAAO;GACP,KAAK;GACL;GACA,SAAS;IACL,OAAO,KAAK;IACZ,IAAI,KAAK;IACT;IACA,UAAU,KAAK;IACf;GACJ;EACJ,CAAC,CACL;EAEA,OAAO,OAAO,IAAI,OAAO;CAC7B;CAEA,4BACI,MACA,QACuB;EACvB,MAAM,UACF,qBAAqB,kCAAkC,IAAI;EAE/D,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;GACb,OAAO;GACP,KAAK;GACL;GACA,SAAS;IACL,OAAO,KAAK;IACZ,IAAI,KAAK;IACT;IACA,UAAU,KAAK;IACf;GACJ;EACJ,CAAC,CACL;EAEA,OAAO,OAAO,IAAI,OAAO;CAC7B;CAEA,wBACI,MACA,QACuB;EACvB,MAAM,UACF,qBAAqB,8BAA8B,IAAI;EAE3D,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;GACb,OAAO;GACP,KAAK;GACL;GACA,SAAS;IACL,OAAO,KAAK;IACZ,IAAI,KAAK;IACT;IACA,UAAU,KAAK;IACf;GACJ;EACJ,CAAC,CACL;EAEA,OAAO,OAAO,IAAI,OAAO;CAC7B;CAEA,2BACI,MACA,QAC8B;EAC9B,IAAI,CAAC,qBAAqB,qBAAqB,KAAK,EAAE,GAClD,OAAO;EAGX,MAAM,mBACF,qBAAqB,oBAAoB,MAAM;EACnD,MAAM,qBAAqB,qBAAqB,oBAC5C,KAAK,KACT;EAEA,IAAI,qBAAqB,QAAQ,uBAAuB,MACpD,OAAO;EAGX,MAAM,aAAa,KAAK,cAAc;EAEtC,IAAI,WAAW,MAAM;GACjB,IAAI,YACA,OAAO,OAAO,GAAG,KAAK;GAG1B,MAAM,UAAU,qBAAqB,+BACjC,MACA,MACJ;GACA,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;IACb,OAAO;IACP,KAAK;IACL;IACA,SAAS;KACL,OAAO,KAAK;KACZ,IAAI,KAAK;KACT;KACA,UAAU,KAAK;KACf,WAAW;KACX;IACJ;GACJ,CAAC,CACL;GAEA,OAAO,OAAO,IAAI,OAAO;EAC7B;EAEA,IAAI,WAAW,KAAA,GAAW;GACtB,MAAM,UAAU,qBAAqB,+BACjC,MACA,MACJ;GACA,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;IACb,OAAO;IACP,KAAK;IACL;IACA,SAAS;KACL,OAAO,KAAK;KACZ,IAAI,KAAK;KACT;KACA,UAAU,KAAK;KACf,WAAW;KACX;IACJ;GACJ,CAAC,CACL;GAEA,OAAO,OAAO,IAAI,OAAO;EAC7B;EAEA,IACI,qBAAqB,QACrB,iBAAiB,MAAM,KACvB,uBAAuB,QACvB,mBAAmB,MAAM,GAEzB,OAAO,KAAK,uBAAuB,MAAM,MAAM;EAGnD,OAAO,OAAO,GACV,qBAAqB,0BACjB,iBAAiB,UAAU,EAAG,QAAQ,GACtC,KAAK,IACL,mBAAmB,UAAU,EAAG,QAAQ,CAC5C,CACJ;CACJ;CAEA,iBACI,QACA,IACA,UACO;EACP,QAAQ,IAAR;GACI,KAAK,MACD,OAAO,WAAW;GACtB,KAAK,OACD,OAAO,WAAW;GACtB,KAAK,MACD,OACI,OAAO,WAAW,YAClB,OAAO,aAAa,YACpB,qBAAqB,0BACjB,QACA,IACA,QACJ;GAER,KAAK,OACD,OACI,OAAO,WAAW,YAClB,OAAO,aAAa,YACpB,qBAAqB,0BACjB,QACA,IACA,QACJ;GAER,KAAK,MACD,OACI,OAAO,WAAW,YAClB,OAAO,aAAa,YACpB,qBAAqB,0BACjB,QACA,IACA,QACJ;GAER,KAAK,OACD,OACI,OAAO,WAAW,YAClB,OAAO,aAAa,YACpB,qBAAqB,0BACjB,QACA,IACA,QACJ;GAER,KAAK,MACD,OAAO,MAAM,QAAQ,QAAQ,KAAK,SAAS,SAAS,MAAM;GAC9D,KAAK,SACD,OAAO,MAAM,QAAQ,QAAQ,KAAK,CAAC,SAAS,SAAS,MAAM;GAC/D,KAAK,UACD,OAAO,WAAW;GACtB,KAAK,aACD,OAAO,WAAW,QAAQ,WAAW,KAAA;EAC7C;CACJ;CAEA,8BACI,MACA,QACuB;EACvB,MAAM,aAAa,KAAK,cAAc;EACtC,IAAI,WAAW,KAAA,KAAc,WAAW,QAAQ,CAAC,YAAa;GAC1D,MAAM,UACF,qBAAqB,kCACjB,MACA,MACJ;GAEJ,KAAK,QAAQ,SAAS,MAClB,KAAK,YAAY;IACb,OAAO;IACP,KAAK;IACL;IACA,SAAS;KACL,OAAO,KAAK;KACZ,IAAI,KAAK;KACT;KACA,UAAU,KAAK;KACf,WAAW;KACX;IACJ;GACJ,CAAC,CACL;GAEA,OAAO,OAAO,IAAI,OAAO;EAC7B;EAIA,IAAI,WAAW,MACX,OAAO,OAAO,GAAG,KAAK;EAM1B,IAAI,OAAO,WAAW,YAAY,OAAO,KAAK,UAAU,UACpD,OAAO,KAAK,4BAA4B,MAAM,MAAM;EAGxD,OAAO,OAAO,GAAG,KAAK,iBAAiB,QAAQ,KAAK,IAAI,KAAK,KAAK,CAAC;CACvE;CAEA,iBAAyB,MAAkD;EACvE,MAAM,eAAe,kBAAkB,YACnC,KAAK,SACL,KAAK,KACT;EACA,IAAI,aAAa,MAAM,GAAG;GACtB,KAAK,QAAQ,SAAS,KAClB,KAAK,YAAY;IACb,OAAO;IACP,KAAK;IACL,SAAS,2BAA2B,KAAK,MAAM;IAC/C,SAAS;KAAE,OAAO,KAAK;KAAO;IAAK;GACvC,CAAC,CACL;GAEA,OAAO,OAAO,IACV,2BAA2B,KAAK,MAAM,uBAC1C;EACJ;EAEA,IAAI;GACA,MAAM,SAAS,aAAa,WAAW;GACvC,IAAI,qBAAqB,qBAAqB,KAAK,EAAE,GAAG;IACpD,MAAM,aAAa,KAAK,2BACpB,MACA,MACJ;IACA,IAAI,eAAe,MACf,OAAO;IAGX,OAAO,KAAK,8BAA8B,MAAM,MAAM;GAC1D;GAEA,KACK,KAAK,OAAO,QAAQ,KAAK,OAAO,YACjC,CAAC,MAAM,QAAQ,KAAK,KAAK,GAEzB,OAAO,KAAK,wBAAwB,MAAM,MAAM;GAGpD,OAAO,OAAO,GACV,KAAK,iBAAiB,QAAQ,KAAK,IAAI,KAAK,KAAK,CACrD;EACJ,SAAS,OAAO;GACZ,OAAO,KAAK,iBAAiB,MAAM,KAAK;EAC5C;CACJ;CAEA,WAAmB,QAMU;EACzB,OAAO;GACH,eAAe,OAAO;GACtB,cAAc,OAAO;GACrB,mBAAmB,OAAO;GAC1B,uBAAuB,OAAO;GAC9B,yBAAyB,OAAO;EACpC;CACJ;CAEA,0BACI,MACA,MACyC;EACzC,IAAI,qBAAqB,WAAW,IAAI,GAAG;GACvC,MAAM,aAAa,KAAK,iBAAiB,IAAI;GAC7C,IAAI,WAAW,MAAM,GACjB,OAAO,OAAO,IAAI,WAAW,YAAY,CAAE;GAG/C,MAAM,UAAU,WAAW,UAAU;GACrC,OAAO,OAAO,GAAG;IACb;IACA,OAAO,KAAK,WAAW;KACnB,eAAe;KACf,cAAc;KACd,mBAAmB;KACnB,uBAAuB;KACvB,yBAAyB;IAC7B,CAAC;GACL,CAAC;EACL;EAEA,IAAI,qBAAqB,UAAU,IAAI,GAAG;GACtC,IAAI,KAAK,IAAI,WAAW,GACpB,OAAO,OAAO,IACV,qBAAqB,8BAA8B,CACvD;GAGJ,IAAI,kBAAoD;GAExD,KAAK,MAAM,CAAC,OAAO,UAAU,KAAK,IAAI,QAAQ,GAAG;IAC7C,MAAM,YAAY,GAAG,KAAK,OAAO,MAAM;IACvC,MAAM,cAAc,KAAK,0BACrB,OACA,SACJ;IACA,IAAI,YAAY,MAAM,GAClB,OAAO,OAAO,IAAI,YAAY,YAAY,CAAE;IAGhD,MAAM,cAAc,YAAY,UAAU;IAC1C,kBAAkB;IAClB,IAAI,CAAC,YAAY,SACb,OAAO,OAAO,GAAG;KACb,SAAS;KACT,OAAO,KAAK,WAAW;MACnB,eAAe;MACf,cAAc;MACd,mBACI,YAAY,MAAM;MACtB,uBACI,YAAY,MAAM;MACtB,yBACI,YAAY,MAAM;KAC1B,CAAC;IACL,CAAC;GAET;GAEA,OAAO,OAAO,GAAG;IACb,SAAS;IACT,OAAO,gBAAiB;GAC5B,CAAC;EACL;EAEA,IAAI,qBAAqB,SAAS,IAAI,GAAG;GACrC,IAAI,YAA6C;GAEjD,KAAK,MAAM,CAAC,OAAO,UAAU,KAAK,GAAG,QAAQ,GAAG;IAC5C,MAAM,cAAc,KAAK,0BACrB,OACA,GAAG,KAAK,MAAM,MAAM,EACxB;IACA,IAAI,YAAY,MAAM,GAClB,OAAO,OAAO,IAAI,YAAY,YAAY,CAAE;IAGhD,MAAM,cAAc,YAAY,UAAU;IAC1C,YAAY,YAAY;IACxB,IAAI,YAAY,SACZ,OAAO,OAAO,GAAG;KACb,SAAS;KACT,OAAO,YAAY;IACvB,CAAC;GAET;GAEA,IAAI,cAAc,MACd,OAAO,OAAO,IACV,qBAAqB,6BAA6B,CACtD;GAGJ,OAAO,OAAO,GAAG;IAAE,SAAS;IAAO,OAAO;GAAW,CAAC;EAC1D;EAEA,IAAI,qBAAqB,UAAU,IAAI,GAAG;GACtC,MAAM,YAAY,GAAG,KAAK;GAC1B,MAAM,cAAc,KAAK,0BACrB,KAAK,KACL,SACJ;GACA,IAAI,YAAY,MAAM,GAClB,OAAO,OAAO,IAAI,YAAY,YAAY,CAAE;GAGhD,MAAM,cAAc,YAAY,UAAU;GAC1C,OAAO,OAAO,GAAG;IACb,SAAS,CAAC,YAAY;IACtB,OAAO,KAAK,WAAW;KACnB,eAAe;KACf,cAAc;KACd,mBAAmB,YAAY,MAAM;KACrC,uBACI,YAAY,MAAM;KACtB,yBACI,YAAY,MAAM;IAC1B,CAAC;GACL,CAAC;EACL;EAEA,OAAO,KAAK,iBACR,sBACA,IAAI,UAAU,8BAA8B,CAChD;CACJ;CAEA,SAAS,MAA8C;EACnD,IAAI;GACA,MAAM,SAAS,KAAK,0BAA0B,MAAM,GAAG;GACvD,IAAI,OAAO,MAAM,GACb,OAAO,OAAO,IAAI,OAAO,YAAY,CAAE;GAG3C,OAAO,OAAO,GAAG,OAAO,UAAU,EAAG,OAAO;EAChD,SAAS,OAAO;GACZ,OAAO,KAAK,iBAAiB,MAAM,KAAK;EAC5C;CACJ;CAEA,kBACI,MACyC;EACzC,IAAI;GACA,OAAO,KAAK,0BAA0B,MAAM,GAAG;EACnD,SAAS,OAAO;GACZ,OAAO,KAAK,iBAAiB,MAAM,KAAK;EAC5C;CACJ;CAEA,OAAO,cAAc,MAA+B;EAChD,IAAI,qBAAqB,WAAW,IAAI,GACpC,OAAO,CAAC,KAAK,KAAK;EAGtB,IAAI,qBAAqB,UAAU,IAAI,GACnC,OAAO,KAAK,IAAI,SAAS,UACrB,qBAAqB,cAAc,KAAK,CAC5C;EAGJ,IAAI,qBAAqB,SAAS,IAAI,GAClC,OAAO,KAAK,GAAG,SAAS,UACpB,qBAAqB,cAAc,KAAK,CAC5C;EAGJ,IAAI,qBAAqB,UAAU,IAAI,GACnC,OAAO,qBAAqB,cAAc,KAAK,GAAG;EAGtD,OAAO,CAAC;CACZ;AACJ;;;AC3sBA,IAAa,sBAAb,MAAa,oBAAoB;;gBACJ,EAAE,MAAM,CAC7B,EACK,OAAO,EACJ,WAAW,oBACf,CAAC,EACA,OAAO,GACZ,EACK,OAAO;GACJ,SAAS;GACT,gBAAgB,EAAE,KAAK,CAAC,SAAS,MAAM,CAAC;EAC5C,CAAC,EACA,OAAO,CAChB,CAAC;;CAED,OAAO,MAAM,SAAiD;EAC1D,MAAM,SAAS,oBAAoB,OAAO,UAAU,OAAO;EAC3D,IAAI,CAAC,OAAO,SAAS;GACjB,MAAM,UAAU,OAAO,MAAM,OACxB,KAAK,UAAU;IACZ,MAAM,OAAO,MAAM,KAAK,KAAK,GAAG;IAChC,OAAO,KAAK,SAAS,IACf,GAAG,KAAK,IAAI,MAAM,YAClB,MAAM;GAChB,CAAC,EACA,KAAK,IAAI;GAEd,OAAO,OAAO,IAAI,yBAAyB,SAAS;EACxD;EAEA,OAAO,OAAO,GAAG,OAAO,IAAqB;CACjD;AACJ;AAEA,MAAa,oBAAoB,oBAAoB"}
|
|
1
|
+
{"version":3,"file":"gate-v1-payload.schema.js","names":[],"sources":["../src/core/policies/engines/v1/condition-schema.ts","../src/core/policies/engines/v1/gate/gate-v1-payload.schema.ts"],"sourcesContent":["import { z } from \"zod\";\n\nimport type { ConditionLeafNode, ConditionNode } from \"./condition-types.js\";\n\n// ─── Shared v1 condition Zod schemas ─────────────────────────────────────────\n// Extracted from gate/v1 so both gate/v1 and compute/v1 can validate\n// condition nodes without either engine depending on the other.\n\nconst conditionOpSchema = z.enum([\n \"eq\",\n \"neq\",\n \"gt\",\n \"gte\",\n \"lt\",\n \"lte\",\n \"in\",\n \"notIn\",\n \"isNull\",\n \"isNotNull\",\n]);\n\nexport const conditionLeafNodeSchema: z.ZodType<ConditionLeafNode> = z\n .object({\n field: z.string().min(1),\n op: conditionOpSchema,\n value: z.unknown(),\n allowNull: z.literal(true).optional(),\n })\n .strict() as z.ZodType<ConditionLeafNode>;\n\nexport const conditionNodeSchema: z.ZodType<ConditionNode> = z.lazy(() =>\n z.union([\n conditionLeafNodeSchema,\n z\n .object({\n and: z.array(conditionNodeSchema).min(1),\n })\n .strict(),\n z\n .object({\n or: z.array(conditionNodeSchema).min(1),\n })\n .strict(),\n z\n .object({\n not: conditionNodeSchema,\n })\n .strict(),\n ]),\n);\n","import { z } from \"zod\";\n\nimport { Result } from \"../../../../result/result.js\";\n\nimport type { GatePayloadV1 } from \"./gate-types-v1.js\";\nimport {\n conditionLeafNodeSchema,\n conditionNodeSchema,\n} from \"../condition-schema.js\";\n\n// Re-export so gate/v1 public API remains unchanged.\nexport { conditionLeafNodeSchema, conditionNodeSchema };\n\nexport class GatePayloadSchemaV1 {\n static readonly schema = z.union([\n z\n .object({\n condition: conditionNodeSchema,\n })\n .strict(),\n z\n .object({\n allowIf: conditionNodeSchema,\n defaultOutcome: z.enum([\"ALLOW\", \"DENY\"]),\n })\n .strict(),\n ]);\n\n static parse(payload: unknown): Result<GatePayloadV1, string> {\n const parsed = GatePayloadSchemaV1.schema.safeParse(payload);\n if (!parsed.success) {\n const details = parsed.error.issues\n .map((issue) => {\n const path = issue.path.join(\".\");\n return path.length > 0\n ? `${path}: ${issue.message}`\n : issue.message;\n })\n .join(\"; \");\n\n return Result.err(`Invalid gate payload: ${details}`);\n }\n\n return Result.ok(parsed.data as GatePayloadV1);\n }\n}\n\nexport const gatePayloadSchema = GatePayloadSchemaV1.schema;\n"],"mappings":";;;AAQA,MAAM,oBAAoB,EAAE,KAAK;CAC7B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;AACJ,CAAC;AAED,MAAa,0BAAwD,EAChE,OAAO;CACJ,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC;CACvB,IAAI;CACJ,OAAO,EAAE,QAAQ;CACjB,WAAW,EAAE,QAAQ,IAAI,EAAE,SAAS;AACxC,CAAC,EACA,OAAO;AAEZ,MAAa,sBAAgD,EAAE,WAC3D,EAAE,MAAM;CACJ;CACA,EACK,OAAO,EACJ,KAAK,EAAE,MAAM,mBAAmB,EAAE,IAAI,CAAC,EAC3C,CAAC,EACA,OAAO;CACZ,EACK,OAAO,EACJ,IAAI,EAAE,MAAM,mBAAmB,EAAE,IAAI,CAAC,EAC1C,CAAC,EACA,OAAO;CACZ,EACK,OAAO,EACJ,KAAK,oBACT,CAAC,EACA,OAAO;AAChB,CAAC,CACL;;;ACpCA,IAAa,sBAAb,MAAa,oBAAoB;;gBACJ,EAAE,MAAM,CAC7B,EACK,OAAO,EACJ,WAAW,oBACf,CAAC,EACA,OAAO,GACZ,EACK,OAAO;GACJ,SAAS;GACT,gBAAgB,EAAE,KAAK,CAAC,SAAS,MAAM,CAAC;EAC5C,CAAC,EACA,OAAO,CAChB,CAAC;;CAED,OAAO,MAAM,SAAiD;EAC1D,MAAM,SAAS,oBAAoB,OAAO,UAAU,OAAO;EAC3D,IAAI,CAAC,OAAO,SAAS;GACjB,MAAM,UAAU,OAAO,MAAM,OACxB,KAAK,UAAU;IACZ,MAAM,OAAO,MAAM,KAAK,KAAK,GAAG;IAChC,OAAO,KAAK,SAAS,IACf,GAAG,KAAK,IAAI,MAAM,YAClB,MAAM;GAChB,CAAC,EACA,KAAK,IAAI;GAEd,OAAO,OAAO,IAAI,yBAAyB,SAAS;EACxD;EAEA,OAAO,OAAO,GAAG,OAAO,IAAqB;CACjD;AACJ;AAEA,MAAa,oBAAoB,oBAAoB"}
|
package/dist/hashing.cjs
CHANGED
|
@@ -1,47 +1,11 @@
|
|
|
1
|
+
const require_stable_stringify = require("./stable-stringify.cjs");
|
|
1
2
|
let node_crypto = require("node:crypto");
|
|
2
3
|
//#region src/core/shared/hashing.ts
|
|
3
|
-
const CIRCULAR_STRUCTURE_MESSAGE = "Cannot stably stringify a circular structure";
|
|
4
4
|
function sha256Hex(value) {
|
|
5
5
|
return (0, node_crypto.createHash)("sha256").update(value, "utf8").digest("hex");
|
|
6
6
|
}
|
|
7
|
-
function sortKeysDeep(value, seen) {
|
|
8
|
-
if (Array.isArray(value)) {
|
|
9
|
-
if (seen.has(value)) throw new TypeError(CIRCULAR_STRUCTURE_MESSAGE);
|
|
10
|
-
seen.add(value);
|
|
11
|
-
const mapped = value.map((item) => sortKeysDeep(item, seen));
|
|
12
|
-
seen.delete(value);
|
|
13
|
-
return mapped;
|
|
14
|
-
}
|
|
15
|
-
if (value instanceof Date) return value;
|
|
16
|
-
if (value && typeof value === "object") {
|
|
17
|
-
if (seen.has(value)) throw new TypeError(CIRCULAR_STRUCTURE_MESSAGE);
|
|
18
|
-
seen.add(value);
|
|
19
|
-
const record = value;
|
|
20
|
-
const ordered = Object.create(null);
|
|
21
|
-
for (const key of Object.keys(record).sort()) ordered[key] = sortKeysDeep(record[key], seen);
|
|
22
|
-
seen.delete(value);
|
|
23
|
-
return ordered;
|
|
24
|
-
}
|
|
25
|
-
return value;
|
|
26
|
-
}
|
|
27
|
-
/**
|
|
28
|
-
* Deterministic JSON string with object keys sorted recursively, so key order
|
|
29
|
-
* does not affect the output.
|
|
30
|
-
*
|
|
31
|
-
* Follows `JSON.stringify` semantics for the values it serializes: `undefined`,
|
|
32
|
-
* functions and symbols are dropped, non-finite numbers become `null`, `bigint`
|
|
33
|
-
* throws, and `Map`/`Set` serialize as `{}`. Distinct payloads can therefore
|
|
34
|
-
* collapse to the same string — for collision-resistant hashing use
|
|
35
|
-
* `PolicyHashing.canonicalJson` (policies/utils), which rejects those values
|
|
36
|
-
* up front.
|
|
37
|
-
*
|
|
38
|
-
* @throws {TypeError} On circular references (mirroring `JSON.stringify`).
|
|
39
|
-
*/
|
|
40
|
-
function stableStringify(value) {
|
|
41
|
-
return JSON.stringify(sortKeysDeep(value, /* @__PURE__ */ new WeakSet()));
|
|
42
|
-
}
|
|
43
7
|
function payloadHash(value) {
|
|
44
|
-
return sha256Hex(stableStringify(value));
|
|
8
|
+
return sha256Hex(require_stable_stringify.stableStringify(value));
|
|
45
9
|
}
|
|
46
10
|
//#endregion
|
|
47
11
|
Object.defineProperty(exports, "payloadHash", {
|
|
@@ -56,11 +20,5 @@ Object.defineProperty(exports, "sha256Hex", {
|
|
|
56
20
|
return sha256Hex;
|
|
57
21
|
}
|
|
58
22
|
});
|
|
59
|
-
Object.defineProperty(exports, "stableStringify", {
|
|
60
|
-
enumerable: true,
|
|
61
|
-
get: function() {
|
|
62
|
-
return stableStringify;
|
|
63
|
-
}
|
|
64
|
-
});
|
|
65
23
|
|
|
66
24
|
//# sourceMappingURL=hashing.cjs.map
|
package/dist/hashing.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hashing.cjs","names":[],"sources":["../src/core/shared/hashing.ts"],"sourcesContent":["import { createHash } from \"node:crypto\";\n\
|
|
1
|
+
{"version":3,"file":"hashing.cjs","names":["stableStringify"],"sources":["../src/core/shared/hashing.ts"],"sourcesContent":["import { createHash } from \"node:crypto\";\n\nimport { stableStringify } from \"./stable-stringify.js\";\n\nfunction sha256Hex(value: string): string {\n return createHash(\"sha256\").update(value, \"utf8\").digest(\"hex\");\n}\n\nfunction payloadHash(value: unknown): string {\n return sha256Hex(stableStringify(value));\n}\n\nexport { payloadHash, sha256Hex, stableStringify };\n"],"mappings":";;;AAIA,SAAS,UAAU,OAAuB;CACtC,QAAA,GAAA,YAAA,YAAkB,QAAQ,EAAE,OAAO,OAAO,MAAM,EAAE,OAAO,KAAK;AAClE;AAEA,SAAS,YAAY,OAAwB;CACzC,OAAO,UAAUA,yBAAAA,gBAAgB,KAAK,CAAC;AAC3C"}
|
package/dist/hashing.js
CHANGED
|
@@ -1,49 +1,13 @@
|
|
|
1
|
+
import { t as stableStringify } from "./stable-stringify.js";
|
|
1
2
|
import { createHash } from "node:crypto";
|
|
2
3
|
//#region src/core/shared/hashing.ts
|
|
3
|
-
const CIRCULAR_STRUCTURE_MESSAGE = "Cannot stably stringify a circular structure";
|
|
4
4
|
function sha256Hex(value) {
|
|
5
5
|
return createHash("sha256").update(value, "utf8").digest("hex");
|
|
6
6
|
}
|
|
7
|
-
function sortKeysDeep(value, seen) {
|
|
8
|
-
if (Array.isArray(value)) {
|
|
9
|
-
if (seen.has(value)) throw new TypeError(CIRCULAR_STRUCTURE_MESSAGE);
|
|
10
|
-
seen.add(value);
|
|
11
|
-
const mapped = value.map((item) => sortKeysDeep(item, seen));
|
|
12
|
-
seen.delete(value);
|
|
13
|
-
return mapped;
|
|
14
|
-
}
|
|
15
|
-
if (value instanceof Date) return value;
|
|
16
|
-
if (value && typeof value === "object") {
|
|
17
|
-
if (seen.has(value)) throw new TypeError(CIRCULAR_STRUCTURE_MESSAGE);
|
|
18
|
-
seen.add(value);
|
|
19
|
-
const record = value;
|
|
20
|
-
const ordered = Object.create(null);
|
|
21
|
-
for (const key of Object.keys(record).sort()) ordered[key] = sortKeysDeep(record[key], seen);
|
|
22
|
-
seen.delete(value);
|
|
23
|
-
return ordered;
|
|
24
|
-
}
|
|
25
|
-
return value;
|
|
26
|
-
}
|
|
27
|
-
/**
|
|
28
|
-
* Deterministic JSON string with object keys sorted recursively, so key order
|
|
29
|
-
* does not affect the output.
|
|
30
|
-
*
|
|
31
|
-
* Follows `JSON.stringify` semantics for the values it serializes: `undefined`,
|
|
32
|
-
* functions and symbols are dropped, non-finite numbers become `null`, `bigint`
|
|
33
|
-
* throws, and `Map`/`Set` serialize as `{}`. Distinct payloads can therefore
|
|
34
|
-
* collapse to the same string — for collision-resistant hashing use
|
|
35
|
-
* `PolicyHashing.canonicalJson` (policies/utils), which rejects those values
|
|
36
|
-
* up front.
|
|
37
|
-
*
|
|
38
|
-
* @throws {TypeError} On circular references (mirroring `JSON.stringify`).
|
|
39
|
-
*/
|
|
40
|
-
function stableStringify(value) {
|
|
41
|
-
return JSON.stringify(sortKeysDeep(value, /* @__PURE__ */ new WeakSet()));
|
|
42
|
-
}
|
|
43
7
|
function payloadHash(value) {
|
|
44
8
|
return sha256Hex(stableStringify(value));
|
|
45
9
|
}
|
|
46
10
|
//#endregion
|
|
47
|
-
export { sha256Hex as n,
|
|
11
|
+
export { sha256Hex as n, payloadHash as t };
|
|
48
12
|
|
|
49
13
|
//# sourceMappingURL=hashing.js.map
|
package/dist/hashing.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hashing.js","names":[],"sources":["../src/core/shared/hashing.ts"],"sourcesContent":["import { createHash } from \"node:crypto\";\n\
|
|
1
|
+
{"version":3,"file":"hashing.js","names":[],"sources":["../src/core/shared/hashing.ts"],"sourcesContent":["import { createHash } from \"node:crypto\";\n\nimport { stableStringify } from \"./stable-stringify.js\";\n\nfunction sha256Hex(value: string): string {\n return createHash(\"sha256\").update(value, \"utf8\").digest(\"hex\");\n}\n\nfunction payloadHash(value: unknown): string {\n return sha256Hex(stableStringify(value));\n}\n\nexport { payloadHash, sha256Hex, stableStringify };\n"],"mappings":";;;AAIA,SAAS,UAAU,OAAuB;CACtC,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,MAAM,EAAE,OAAO,KAAK;AAClE;AAEA,SAAS,YAAY,OAAwB;CACzC,OAAO,UAAU,gBAAgB,KAAK,CAAC;AAC3C"}
|
package/dist/index.cjs
CHANGED
|
@@ -1,8 +1,11 @@
|
|
|
1
1
|
Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
|
|
2
|
-
const
|
|
2
|
+
const require_app_error = require("./app-error.cjs");
|
|
3
3
|
const require_validation_error = require("./validation-error.cjs");
|
|
4
|
+
const require_authorization_error = require("./authorization-error.cjs");
|
|
4
5
|
const require_not_found_error = require("./not-found-error.cjs");
|
|
6
|
+
const require_stable_stringify = require("./stable-stringify.cjs");
|
|
5
7
|
const require_hashing = require("./hashing.cjs");
|
|
8
|
+
const require_unexpected_error = require("./unexpected-error.cjs");
|
|
6
9
|
const require_validation_code = require("./validation-code.cjs");
|
|
7
10
|
const require_validation_field = require("./validation-field.cjs");
|
|
8
11
|
const require_domain_exception = require("./domain-exception.cjs");
|
|
@@ -11,19 +14,23 @@ const require_invariant_violation_exception = require("./invariant-violation-exc
|
|
|
11
14
|
const require_validation_exception = require("./validation-exception.cjs");
|
|
12
15
|
const require_immutable = require("./immutable.cjs");
|
|
13
16
|
const require_use_case = require("./use-case.cjs");
|
|
17
|
+
const require_requested_by = require("./requested-by.cjs");
|
|
14
18
|
const require_temporal_use_case = require("./temporal-use-case.cjs");
|
|
15
|
-
const
|
|
19
|
+
const require_entity = require("./entity.cjs");
|
|
16
20
|
const require_plugin = require("./plugin.cjs");
|
|
21
|
+
const require_value_object = require("./value-object.cjs");
|
|
17
22
|
const require_uuid_identifier = require("./uuid-identifier.cjs");
|
|
18
23
|
const require_ruleset_registry = require("./ruleset-registry.cjs");
|
|
19
|
-
const require_domain_event_contracts = require("./domain-event-contracts.cjs");
|
|
20
|
-
const require_gate_v1_payload_schema = require("./gate-v1-payload.schema.cjs");
|
|
21
24
|
const require_result = require("./result.cjs");
|
|
22
|
-
const
|
|
25
|
+
const require_policy_bridge = require("./policy-bridge.cjs");
|
|
26
|
+
const require_rule = require("./rule.cjs");
|
|
27
|
+
const require_condition_evaluator = require("./condition-evaluator.cjs");
|
|
23
28
|
const require_policy_service = require("./policy-service.cjs");
|
|
29
|
+
const require_domain_event_contracts = require("./domain-event-contracts.cjs");
|
|
30
|
+
const require_outcome = require("./outcome.cjs");
|
|
24
31
|
const require_gate_engine_registry = require("./gate-engine-registry.cjs");
|
|
25
32
|
//#region src/version.ts
|
|
26
|
-
const version$1 = "1.
|
|
33
|
+
const version$1 = "1.5.0";
|
|
27
34
|
//#endregion
|
|
28
35
|
//#region src/index.ts
|
|
29
36
|
const ERP_CORE_NAME = "erp-core";
|
|
@@ -33,10 +40,13 @@ const erpCoreRelease = {
|
|
|
33
40
|
version: ERP_CORE_VERSION
|
|
34
41
|
};
|
|
35
42
|
//#endregion
|
|
43
|
+
exports.AbacAuthorizer = require_rule.AbacAuthorizer;
|
|
44
|
+
exports.AbacPolicySet = require_rule.AbacPolicySet;
|
|
45
|
+
exports.AbacRule = require_rule.AbacRule;
|
|
36
46
|
exports.AlreadyExistsError = require_validation_error.AlreadyExistsError;
|
|
37
|
-
exports.AppError =
|
|
47
|
+
exports.AppError = require_app_error.AppError;
|
|
38
48
|
exports.AuthenticationError = require_validation_error.AuthenticationError;
|
|
39
|
-
exports.AuthorizationError =
|
|
49
|
+
exports.AuthorizationError = require_authorization_error.AuthorizationError;
|
|
40
50
|
exports.BusinessRuleViolationError = require_not_found_error.BusinessRuleViolationError;
|
|
41
51
|
exports.BusinessRuleViolationException = require_invalid_state_transition_exception.BusinessRuleViolationException;
|
|
42
52
|
exports.CONTRACT_VERSION_PROPERTY = require_immutable.CONTRACT_VERSION_PROPERTY;
|
|
@@ -46,6 +56,7 @@ Object.defineProperty(exports, "Command", {
|
|
|
46
56
|
return require_temporal_use_case.Command;
|
|
47
57
|
}
|
|
48
58
|
});
|
|
59
|
+
exports.CompositeAuthorizer = require_rule.CompositeAuthorizer;
|
|
49
60
|
exports.ComputeEngineRegistry = require_gate_engine_registry.ComputeEngineRegistry;
|
|
50
61
|
exports.ComputeEvaluatorRegistry = require_gate_engine_registry.ComputeEvaluatorRegistry;
|
|
51
62
|
exports.ComputePayloadParserRegistry = require_gate_engine_registry.ComputePayloadParserRegistry;
|
|
@@ -54,7 +65,7 @@ exports.ComputeRegistry = require_gate_engine_registry.ComputeRegistry;
|
|
|
54
65
|
exports.ConflictError = require_validation_error.ConflictError;
|
|
55
66
|
exports.ContextResolverRegistry = require_policy_service.ContextResolverRegistry;
|
|
56
67
|
exports.ContextSeedValidator = require_policy_service.ContextSeedValidator;
|
|
57
|
-
exports.CoreConfig =
|
|
68
|
+
exports.CoreConfig = require_condition_evaluator.CoreConfig;
|
|
58
69
|
exports.DeserializationError = require_validation_error.SerializationInError;
|
|
59
70
|
exports.DomainException = require_domain_exception.DomainException;
|
|
60
71
|
exports.DuplicateError = require_validation_error.DuplicateError;
|
|
@@ -63,15 +74,16 @@ exports.ERP_CORE_VERSION = ERP_CORE_VERSION;
|
|
|
63
74
|
Object.defineProperty(exports, "Entity", {
|
|
64
75
|
enumerable: true,
|
|
65
76
|
get: function() {
|
|
66
|
-
return
|
|
77
|
+
return require_entity.Entity;
|
|
67
78
|
}
|
|
68
79
|
});
|
|
69
80
|
exports.EntityNotFoundException = require_invalid_state_transition_exception.EntityNotFoundException;
|
|
70
81
|
exports.Err = require_result.Err;
|
|
71
|
-
exports.ErrorCodes =
|
|
82
|
+
exports.ErrorCodes = require_app_error.ErrorCodes;
|
|
72
83
|
exports.ExpiredError = require_validation_error.ExpiredError;
|
|
73
84
|
exports.GateEngineRegistry = require_gate_engine_registry.GateEngineRegistry;
|
|
74
85
|
exports.GatePayloadParsers = require_gate_engine_registry.GatePayloadParsers;
|
|
86
|
+
exports.Grant = require_policy_bridge.Grant;
|
|
75
87
|
exports.IdempotencyError = require_validation_error.IdempotencyError;
|
|
76
88
|
exports.IdempotencyInProgressError = require_validation_error.IdempotencyInProgressError;
|
|
77
89
|
exports.IdempotencyKeyMissingError = require_validation_error.IdempotencyKeyMissingError;
|
|
@@ -88,12 +100,14 @@ exports.NotFoundError = require_not_found_error.NotFoundError;
|
|
|
88
100
|
exports.NotYetValidError = require_validation_error.NotYetValidError;
|
|
89
101
|
exports.Ok = require_result.Ok;
|
|
90
102
|
exports.Outcome = require_outcome.Outcome;
|
|
103
|
+
exports.Permission = require_policy_bridge.Permission;
|
|
104
|
+
exports.PermissionSet = require_policy_bridge.PermissionSet;
|
|
91
105
|
exports.PluginManager = require_plugin.PluginManager;
|
|
92
106
|
exports.PolicyAsOfResolver = require_policy_service.PolicyAsOfResolver;
|
|
93
107
|
exports.PolicyCatalog = require_policy_service.PolicyCatalog;
|
|
94
108
|
exports.PolicyCatalogFactory = require_policy_service.PolicyCatalogFactory;
|
|
95
109
|
exports.PolicyContextBuilder = require_policy_service.PolicyContextBuilder;
|
|
96
|
-
exports.PolicyContextPath =
|
|
110
|
+
exports.PolicyContextPath = require_condition_evaluator.PolicyContextPath;
|
|
97
111
|
exports.PolicyDefinition = require_policy_service.PolicyDefinition;
|
|
98
112
|
exports.PolicyEvaluationErrors = require_policy_service.PolicyEvaluationErrors;
|
|
99
113
|
exports.PolicyHashing = require_policy_service.PolicyHashing;
|
|
@@ -107,9 +121,12 @@ Object.defineProperty(exports, "Query", {
|
|
|
107
121
|
return require_temporal_use_case.Query;
|
|
108
122
|
}
|
|
109
123
|
});
|
|
110
|
-
exports.
|
|
124
|
+
exports.RbacAuthorizer = require_policy_bridge.RbacAuthorizer;
|
|
125
|
+
exports.RequestedBy = require_requested_by.RequestedBy;
|
|
111
126
|
exports.Result = require_result.Result;
|
|
127
|
+
exports.Role = require_policy_bridge.Role;
|
|
112
128
|
exports.RulesetRegistry = require_ruleset_registry.RulesetRegistry;
|
|
129
|
+
exports.Scope = require_policy_bridge.Scope;
|
|
113
130
|
exports.SerializationCodes = require_validation_error.SerializationCodes;
|
|
114
131
|
exports.SerializationError = require_validation_error.SerializationError;
|
|
115
132
|
exports.SerializationInError = require_validation_error.SerializationInError;
|
|
@@ -136,27 +153,29 @@ Object.defineProperty(exports, "ValueObject", {
|
|
|
136
153
|
return require_value_object.ValueObject;
|
|
137
154
|
}
|
|
138
155
|
});
|
|
156
|
+
exports.abacContext = require_rule.abacContext;
|
|
139
157
|
exports.asPolicyDecisionId = require_policy_service.asPolicyDecisionId;
|
|
140
158
|
exports.asPolicyDefinitionId = require_policy_service.asPolicyDefinitionId;
|
|
141
159
|
exports.asSchoolId = require_policy_service.asSchoolId;
|
|
142
160
|
exports.asTenantId = require_policy_service.asTenantId;
|
|
143
|
-
exports.assertJsonSafeMetadata =
|
|
161
|
+
exports.assertJsonSafeMetadata = require_app_error.assertJsonSafeMetadata;
|
|
144
162
|
exports.assertTemporalContext = require_temporal_use_case.assertTemporalContext;
|
|
145
163
|
exports.buildDomainEventContractVersions = require_domain_event_contracts.buildDomainEventContractVersions;
|
|
146
164
|
exports.contextResolverRegistry = require_policy_service.contextResolverRegistry;
|
|
147
|
-
exports.coreConfig =
|
|
165
|
+
exports.coreConfig = require_condition_evaluator.coreConfig;
|
|
148
166
|
exports.createDomainEventEnvelope = require_domain_event_contracts.createDomainEventEnvelope;
|
|
149
167
|
exports.createTemporalContext = require_temporal_use_case.createTemporalContext;
|
|
150
168
|
exports.erpCoreRelease = erpCoreRelease;
|
|
151
169
|
exports.evaluateTemporalWindow = require_validation_error.evaluateTemporalWindow;
|
|
152
170
|
exports.mapPolicyEvaluationError = require_temporal_use_case.mapPolicyEvaluationError;
|
|
153
171
|
exports.payloadHash = require_hashing.payloadHash;
|
|
172
|
+
exports.rbacContextFields = require_policy_bridge.rbacContextFields;
|
|
154
173
|
exports.registerNamespacedContextResolvers = require_policy_service.registerNamespacedContextResolvers;
|
|
155
174
|
exports.registerNamespacedContextResolversIn = require_policy_service.registerNamespacedContextResolversIn;
|
|
156
175
|
exports.safePreview = require_validation_error.safePreview;
|
|
157
|
-
exports.serializationErrorCode =
|
|
176
|
+
exports.serializationErrorCode = require_app_error.serializationErrorCode;
|
|
158
177
|
exports.sha256Hex = require_hashing.sha256Hex;
|
|
159
|
-
exports.stableStringify =
|
|
178
|
+
exports.stableStringify = require_stable_stringify.stableStringify;
|
|
160
179
|
exports.translateUniqueViolationToDuplicate = require_validation_error.translateUniqueViolationToDuplicate;
|
|
161
180
|
exports.version = require_immutable.version;
|
|
162
181
|
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.cjs","names":["version","version"],"sources":["../src/version.ts","../src/index.ts"],"sourcesContent":["// Versao do kit, sincronizada com package.json por scripts/sync-kit-version.mjs.\n// Nao edite a mao: rode `npm run sync-kit-version` (ou e regenerado no release).\n//\n// Mantemos a versao aqui, dentro de src/, para que a copia full-control seja\n// auto-contida: ao copiar so o conteudo de src/, o entry nao depende de um\n// `../package.json` que deixaria de existir no projeto consumidor.\nexport const version = \"1.
|
|
1
|
+
{"version":3,"file":"index.cjs","names":["version","version"],"sources":["../src/version.ts","../src/index.ts"],"sourcesContent":["// Versao do kit, sincronizada com package.json por scripts/sync-kit-version.mjs.\n// Nao edite a mao: rode `npm run sync-kit-version` (ou e regenerado no release).\n//\n// Mantemos a versao aqui, dentro de src/, para que a copia full-control seja\n// auto-contida: ao copiar so o conteudo de src/, o entry nao depende de um\n// `../package.json` que deixaria de existir no projeto consumidor.\nexport const version = \"1.5.0\";\n","import { version } from \"./version.js\";\n\nexport * from \"./core/index.js\";\n\nexport const ERP_CORE_NAME = \"erp-core\";\nexport const ERP_CORE_VERSION = version;\n\nexport const erpCoreRelease = {\n name: ERP_CORE_NAME,\n version: ERP_CORE_VERSION,\n} as const;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,MAAaA,YAAU;;;ACFvB,MAAa,gBAAgB;AAC7B,MAAa,mBAAmBC;AAEhC,MAAa,iBAAiB;CAC1B,MAAM;CACN,SAAS;AACb"}
|
package/dist/index.d.cts
CHANGED
|
@@ -1,30 +1,37 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { a as
|
|
3
|
-
import { A as MetricLabels, C as RequestedByKind, D as TraceAttributeValue, E as UseCaseObservability, M as LogPayload, N as LoggerPort, O as TraceSpan, S as RequestedBy, T as UseCase, _ as PolicyEvaluationOutput, a as TemporalContext, b as Command, c as CacheStrategy, d as mapPolicyEvaluationError, f as TemporalHistory, g as PolicyEvaluationInput, h as ResultRepository, i as CreateTemporalContextInput, j as MetricsPort, k as TracerPort, l as Page, m as Repository, n as TemporalUseCaseInput, o as assertTemporalContext, p as TemporalRepository, r as TemporalizedContextSeed, s as createTemporalContext, t as TemporalUseCase, u as Query, v as PolicyPort, w as MaybePromise, x as CommandInput, y as PolicyPortError } from "./temporal-use-case.cjs";
|
|
1
|
+
import { n as RequestedByKind, t as RequestedBy } from "./requested-by.cjs";
|
|
2
|
+
import { a as AbacPolicySet, c as AbacRuleProps, d as AbacAuthorizerPort, f as AbacAttributes, i as AbacDecision, l as RuleEffect, n as CompositeAuthorizer, o as CombiningAlgorithm, p as AbacRequest, r as AbacAuthorizer, s as AbacRule, t as CompositeAccessRequest, u as abacContext } from "./composite-authorizer.cjs";
|
|
4
3
|
import { a as JsonSafeRecord, i as JsonSafePrimitive, n as AppErrorOptions, o as JsonSafeValue, r as ErrorSeverity, t as AppError } from "./app-error.cjs";
|
|
5
|
-
import {
|
|
4
|
+
import { i as AuthorizationRequirement, n as AuthorizationErrorMetadata, r as AuthorizationErrorReason, t as AuthorizationError } from "./authorization-error.cjs";
|
|
5
|
+
import { n as Ok, r as Result, t as Err } from "./result.cjs";
|
|
6
|
+
import { n as Outcome, t as CommonOutcomeStatus } from "./outcome.cjs";
|
|
7
|
+
import { C as GateTraceNodeSnapshot, D as VersionedGateEngine, E as PolicyViolation, O as GatePayload, S as GateTraceLeafSnapshot, T as PolicyContext, _ as ConditionEvaluationReportTag, a as PolicyDecisionId, b as GateOutcomeData, c as TenantId, d as asSchoolId, f as asTenantId, g as ConditionEvaluationReportLevel, h as ConditionEvaluationReport, l as asPolicyDecisionId, m as ConditionEvaluationOptions, n as CoreConfigOptions, o as PolicyDefinitionId, p as ConditionEvaluationCause, r as CoreObservabilityConfig, s as SchoolId, t as CoreConfig, u as asPolicyDefinitionId, v as ConditionEvaluatorReporter, w as GateViolationTrace, x as GateStatus, y as GateOutcome } from "./core-config.cjs";
|
|
8
|
+
import { a as PolicyPackage, c as coreConfig, i as PolicyCatalogFactory, n as contextResolverRegistry, o as InMemoryPolicyDefinitionRepository, r as registerNamespacedContextResolvers, s as PolicyHashing, t as PolicyContextPath } from "./path.cjs";
|
|
9
|
+
import { a as PluginContract, i as PipelineReducer, n as BasePlugin, r as InvokeOptions, t as PluginManager } from "./plugin.cjs";
|
|
10
|
+
import { t as DeepReadonly } from "./immutable.cjs";
|
|
11
|
+
import { i as version, n as ContractVersion, r as VersionedTarget, t as CONTRACT_VERSION_PROPERTY } from "./version.cjs";
|
|
12
|
+
import { n as ValueObjectPluginContract, t as ValueObject } from "./value-object.cjs";
|
|
13
|
+
import { a as Permission, i as ScopeProps, n as AccessRequest, o as PermissionProps, r as Scope, t as AuthorizerPort } from "./authorizer.port.cjs";
|
|
14
|
+
import { A as LogPayload, C as UseCase, D as TracerPort, E as TraceSpan, O as MetricLabels, S as MaybePromise, T as TraceAttributeValue, _ as PolicyEvaluationOutput, a as TemporalContext, b as Command, c as CacheStrategy, d as mapPolicyEvaluationError, f as TemporalHistory, g as PolicyEvaluationInput, h as ResultRepository, i as CreateTemporalContextInput, j as LoggerPort, k as MetricsPort, l as Page, m as Repository, n as TemporalUseCaseInput, o as assertTemporalContext, p as TemporalRepository, r as TemporalizedContextSeed, s as createTemporalContext, t as TemporalUseCase, u as Query, v as PolicyPort, w as UseCaseObservability, x as CommandInput, y as PolicyPortError } from "./temporal-use-case.cjs";
|
|
15
|
+
import { A as IdempotencyPayloadMismatchError, B as UniqueConstraintViolation, C as IntegrationErrorMetadata, D as IdempotencyFailureKind, E as IdempotencyErrorMetadata, F as AlreadyExistsError, G as AuthenticationErrorMetadata, H as translateUniqueViolationToDuplicate, I as ConflictError, J as ErrorCodes, K as AuthenticationErrorReason, L as ConflictErrorMetadata, M as payloadHash, N as sha256Hex, O as IdempotencyInProgressError, P as stableStringify, R as ConflictKind, S as IntegrationError, T as IdempotencyError, U as BusinessRuleViolationError, V as UniqueConstraintViolationError, W as AuthenticationError, Y as serializationErrorCode, _ as SerializationMessages, a as TemporalError, b as NotFoundError, c as TemporalPrecision, d as SerializationCodes, f as SerializationDirection, g as SerializationInError, h as SerializationFailureCategory, i as NotYetValidError, j as IdempotencyReplayNotSupportedError, k as IdempotencyKeyMissingError, l as evaluateTemporalWindow, m as SerializationErrorMetadata, n as UnexpectedError, o as TemporalErrorMetadata, p as SerializationError, q as assertJsonSafeMetadata, r as ExpiredError, s as TemporalKind, t as ValidationError, u as SerializationBoundary, v as SerializationOutError, w as IntegrationErrorReason, x as LegacyIncompatibleError, y as safePreview, z as DuplicateError } from "./validation-error.cjs";
|
|
6
16
|
import { t as ValidationCode } from "./validation-code.cjs";
|
|
7
17
|
import { t as ValidationField } from "./validation-field.cjs";
|
|
8
|
-
import { A as ConditionEvaluationReportTag, C as asPolicyDefinitionId, D as ConditionEvaluationOptions, E as ConditionEvaluationCause, O as ConditionEvaluationReport, S as asPolicyDecisionId, T as asTenantId, a as GateTraceNodeSnapshot, b as SchoolId, c as PolicyViolation, g as CoreObservabilityConfig, h as CoreConfigOptions, i as GateTraceLeafSnapshot, j as ConditionEvaluatorReporter, k as ConditionEvaluationReportLevel, l as VersionedGateEngine, m as CoreConfig, n as GateOutcomeData, o as GateViolationTrace, r as GateStatus, s as PolicyContext, t as GateOutcome, u as GatePayload, v as PolicyDecisionId, w as asSchoolId, x as TenantId, y as PolicyDefinitionId } from "./gate-types.cjs";
|
|
9
|
-
import { a as PolicyPackage, c as coreConfig, i as PolicyCatalogFactory, n as contextResolverRegistry, o as InMemoryPolicyDefinitionRepository, r as registerNamespacedContextResolvers, s as PolicyHashing, t as PolicyContextPath } from "./path.cjs";
|
|
10
18
|
import { A as PolicyScope, C as BasePolicyDefinitionProps, D as PolicyDefinition, E as GatePolicyDefinitionProps, F as PolicyKey, I as AsOfSource, L as PolicyKind, M as ScopeChain, N as PolicyCatalog, O as PolicyDefinitionProps, P as PolicyCatalogEntryProps, R as PolicyOwner, T as FindCandidatesParams, _ as ContextResolverResilienceOptions, a as PolicyServiceOptions, b as ContextSeed, c as PolicyEvaluationErrors, d as PolicyAsOfResolver, f as PolicyContextBuilder, g as ContextResolverCircuitBreakerOptions, h as registerNamespacedContextResolversIn, i as PolicyService, j as PolicyScopeMatcher, k as PolicyDefinitionStatus, l as PolicyResolver, m as ContextResolverRegistry, n as PolicyDecision, o as PolicyServiceParams, p as PolicyContextBuilderOptions, r as PolicyEvaluationResult, s as PolicyEvaluationError, t as EvaluateInput, u as DeriveAsOfOptions, v as ContextResolverRetryOptions, w as ComputePolicyDefinitionProps, x as ContextSeedValidator, y as ContextValueResolver, z as PolicyScopeLevel } from "./policy-service.cjs";
|
|
11
19
|
import { a as ComputeOutcome, c as VersionedComputeEngine, i as ComputeEvaluatorRegistration, n as ComputeRegistry, o as ComputeOutcomeData, r as ComputeEvaluator, s as ComputeStatus, t as GateEngineRegistry } from "./gate-engine-registry.cjs";
|
|
12
20
|
import { a as ComputePayloadParserRegistry, c as ComputeEvaluatorRegistry, o as ComputePayloadParsers, r as GatePayloadParsers, s as ComputeEngineRegistry } from "./parse-gate-payload.cjs";
|
|
13
|
-
import { t as
|
|
14
|
-
import { a as EntityState, i as Entity, n as ValueObject, r as ValueObjectPluginContract, t as UuidIdentifier } from "./uuid-identifier.cjs";
|
|
15
|
-
import { a as PluginContract, i as PipelineReducer, n as BasePlugin, r as InvokeOptions, t as PluginManager } from "./plugin.cjs";
|
|
21
|
+
import { n as Entity, r as EntityState, t as UuidIdentifier } from "./uuid-identifier.cjs";
|
|
16
22
|
import { t as DomainException } from "./domain-exception.cjs";
|
|
17
23
|
import { a as InvariantViolationException, c as BusinessRuleViolationException, i as ValidationViolation, n as MultipleValidationException, o as InvalidStateTransitionException, r as ValidationException, s as EntityNotFoundException, t as InvalidValueException } from "./validation-exception.cjs";
|
|
18
24
|
import { a as Ruleset, i as InvariantRuleset, n as RulesetRegistry, o as RulesetId, r as CreationRuleset, t as ValueObjectRuleset } from "./value-object-ruleset.contracts.cjs";
|
|
25
|
+
import { a as GrantProps, i as Grant, n as PermissionSet, o as Role, r as RbacAuthorizer, s as RoleProps, t as rbacContextFields } from "./policy-bridge.cjs";
|
|
19
26
|
import { a as buildDomainEventContractVersions, i as DomainEventEnvelope, n as DomainEventContractSelection, o as createDomainEventEnvelope, r as DomainEventContractVersions, t as CreateDomainEventEnvelopeInput } from "./domain-event-contracts.cjs";
|
|
20
27
|
|
|
21
28
|
//#region src/index.d.ts
|
|
22
29
|
declare const ERP_CORE_NAME = "erp-core";
|
|
23
|
-
declare const ERP_CORE_VERSION = "1.
|
|
30
|
+
declare const ERP_CORE_VERSION = "1.5.0";
|
|
24
31
|
declare const erpCoreRelease: {
|
|
25
32
|
readonly name: "erp-core";
|
|
26
|
-
readonly version: "1.
|
|
33
|
+
readonly version: "1.5.0";
|
|
27
34
|
};
|
|
28
35
|
//#endregion
|
|
29
|
-
export { AlreadyExistsError, AppError, AppErrorOptions, AsOfSource, AuthenticationError, AuthenticationErrorMetadata, AuthenticationErrorReason, AuthorizationError, AuthorizationErrorMetadata, AuthorizationErrorReason, AuthorizationRequirement, BasePlugin, BasePolicyDefinitionProps, BusinessRuleViolationError, BusinessRuleViolationException, CONTRACT_VERSION_PROPERTY, CacheStrategy, Command, CommandInput, CommonOutcomeStatus, ComputeEngineRegistry, ComputeEvaluator, ComputeEvaluatorRegistration, ComputeEvaluatorRegistry, ComputeOutcome, ComputeOutcomeData, ComputePayloadParserRegistry, ComputePayloadParsers, ComputePolicyDefinitionProps, ComputeRegistry, ComputeStatus, ConditionEvaluationCause, ConditionEvaluationOptions, ConditionEvaluationReport, ConditionEvaluationReportLevel, ConditionEvaluationReportTag, ConditionEvaluatorReporter, ConflictError, ConflictErrorMetadata, ConflictKind, ContextResolverCircuitBreakerOptions, ContextResolverRegistry, ContextResolverResilienceOptions, ContextResolverRetryOptions, ContextSeed, ContextSeedValidator, ContextValueResolver, ContractVersion, CoreConfig, CoreConfigOptions, CoreObservabilityConfig, CreateDomainEventEnvelopeInput, CreateTemporalContextInput, CreationRuleset, DeepReadonly, DeriveAsOfOptions, SerializationInError as DeserializationError, SerializationInError, DomainEventContractSelection, DomainEventContractVersions, DomainEventEnvelope, DomainException, DuplicateError, ERP_CORE_NAME, ERP_CORE_VERSION, Entity, EntityNotFoundException, EntityState, Err, ErrorCodes, ErrorSeverity, EvaluateInput, ExpiredError, TemporalErrorMetadata as ExpiredErrorMetadata, TemporalErrorMetadata, TemporalPrecision as ExpiredErrorPrecision, TemporalPrecision, FindCandidatesParams, GateEngineRegistry, GateOutcome, GateOutcomeData, GatePayload, GatePayloadParsers, GatePolicyDefinitionProps, GateStatus, GateTraceLeafSnapshot, GateTraceNodeSnapshot, GateViolationTrace, IdempotencyError, IdempotencyErrorMetadata, IdempotencyFailureKind, IdempotencyInProgressError, IdempotencyKeyMissingError, IdempotencyPayloadMismatchError, IdempotencyReplayNotSupportedError, InMemoryPolicyDefinitionRepository, IntegrationError, IntegrationErrorMetadata, IntegrationErrorReason, InvalidStateTransitionException, InvalidValueException, InvariantRuleset, InvariantViolationException, InvokeOptions, JsonSafePrimitive, JsonSafeRecord, JsonSafeValue, LegacyIncompatibleError, LogPayload, LoggerPort, MaybePromise, MetricLabels, MetricsPort, MultipleValidationException, NotFoundError, NotYetValidError, Ok, Outcome, Page, PipelineReducer, PluginContract, PluginManager, PolicyAsOfResolver, PolicyCatalog, PolicyCatalogEntryProps, PolicyCatalogFactory, PolicyContext, PolicyContextBuilder, PolicyContextBuilderOptions, PolicyContextPath, PolicyDecision, PolicyDecisionId, PolicyDefinition, PolicyDefinitionId, PolicyDefinitionProps, PolicyDefinitionStatus, PolicyEvaluationError, PolicyEvaluationErrors, PolicyEvaluationInput, PolicyEvaluationOutput, PolicyEvaluationResult, PolicyHashing, PolicyKey, PolicyKind, PolicyOwner, PolicyPackage, PolicyPort, PolicyPortError, PolicyResolver, PolicyScope, PolicyScopeLevel, PolicyScopeMatcher, PolicyService, PolicyServiceOptions, PolicyServiceParams, PolicyViolation, Query, Repository, RequestedBy, RequestedByKind, Result, ResultRepository, Ruleset, RulesetId, RulesetRegistry, SchoolId, ScopeChain, SerializationBoundary, SerializationCodes, SerializationDirection, SerializationError, SerializationErrorMetadata, SerializationFailureCategory, SerializationMessages, SerializationOutError, TemporalContext, TemporalError, TemporalHistory, TemporalKind, TemporalRepository, TemporalUseCase, TemporalUseCaseInput, TemporalizedContextSeed, TenantId, TraceAttributeValue, TraceSpan, TracerPort, UnexpectedError, UniqueConstraintViolation, UniqueConstraintViolationError, UseCase, UseCaseObservability, UuidIdentifier, ValidationCode, ValidationError, ValidationException, ValidationField, ValidationViolation, ValueObject, ValueObjectPluginContract, ValueObjectRuleset, VersionedComputeEngine, VersionedGateEngine, VersionedTarget, asPolicyDecisionId, asPolicyDefinitionId, asSchoolId, asTenantId, assertJsonSafeMetadata, assertTemporalContext, buildDomainEventContractVersions, contextResolverRegistry, coreConfig, createDomainEventEnvelope, createTemporalContext, erpCoreRelease, evaluateTemporalWindow, mapPolicyEvaluationError, payloadHash, registerNamespacedContextResolvers, registerNamespacedContextResolversIn, safePreview, serializationErrorCode, sha256Hex, stableStringify, translateUniqueViolationToDuplicate, version };
|
|
36
|
+
export { AbacAttributes, AbacAuthorizer, AbacAuthorizerPort, AbacDecision, AbacPolicySet, AbacRequest, AbacRule, AbacRuleProps, AccessRequest, AlreadyExistsError, AppError, AppErrorOptions, AsOfSource, AuthenticationError, AuthenticationErrorMetadata, AuthenticationErrorReason, AuthorizationError, AuthorizationErrorMetadata, AuthorizationErrorReason, AuthorizationRequirement, AuthorizerPort, BasePlugin, BasePolicyDefinitionProps, BusinessRuleViolationError, BusinessRuleViolationException, CONTRACT_VERSION_PROPERTY, CacheStrategy, CombiningAlgorithm, Command, CommandInput, CommonOutcomeStatus, CompositeAccessRequest, CompositeAuthorizer, ComputeEngineRegistry, ComputeEvaluator, ComputeEvaluatorRegistration, ComputeEvaluatorRegistry, ComputeOutcome, ComputeOutcomeData, ComputePayloadParserRegistry, ComputePayloadParsers, ComputePolicyDefinitionProps, ComputeRegistry, ComputeStatus, ConditionEvaluationCause, ConditionEvaluationOptions, ConditionEvaluationReport, ConditionEvaluationReportLevel, ConditionEvaluationReportTag, ConditionEvaluatorReporter, ConflictError, ConflictErrorMetadata, ConflictKind, ContextResolverCircuitBreakerOptions, ContextResolverRegistry, ContextResolverResilienceOptions, ContextResolverRetryOptions, ContextSeed, ContextSeedValidator, ContextValueResolver, ContractVersion, CoreConfig, CoreConfigOptions, CoreObservabilityConfig, CreateDomainEventEnvelopeInput, CreateTemporalContextInput, CreationRuleset, DeepReadonly, DeriveAsOfOptions, SerializationInError as DeserializationError, SerializationInError, DomainEventContractSelection, DomainEventContractVersions, DomainEventEnvelope, DomainException, DuplicateError, ERP_CORE_NAME, ERP_CORE_VERSION, Entity, EntityNotFoundException, EntityState, Err, ErrorCodes, ErrorSeverity, EvaluateInput, ExpiredError, TemporalErrorMetadata as ExpiredErrorMetadata, TemporalErrorMetadata, TemporalPrecision as ExpiredErrorPrecision, TemporalPrecision, FindCandidatesParams, GateEngineRegistry, GateOutcome, GateOutcomeData, GatePayload, GatePayloadParsers, GatePolicyDefinitionProps, GateStatus, GateTraceLeafSnapshot, GateTraceNodeSnapshot, GateViolationTrace, Grant, GrantProps, IdempotencyError, IdempotencyErrorMetadata, IdempotencyFailureKind, IdempotencyInProgressError, IdempotencyKeyMissingError, IdempotencyPayloadMismatchError, IdempotencyReplayNotSupportedError, InMemoryPolicyDefinitionRepository, IntegrationError, IntegrationErrorMetadata, IntegrationErrorReason, InvalidStateTransitionException, InvalidValueException, InvariantRuleset, InvariantViolationException, InvokeOptions, JsonSafePrimitive, JsonSafeRecord, JsonSafeValue, LegacyIncompatibleError, LogPayload, LoggerPort, MaybePromise, MetricLabels, MetricsPort, MultipleValidationException, NotFoundError, NotYetValidError, Ok, Outcome, Page, Permission, PermissionProps, PermissionSet, PipelineReducer, PluginContract, PluginManager, PolicyAsOfResolver, PolicyCatalog, PolicyCatalogEntryProps, PolicyCatalogFactory, PolicyContext, PolicyContextBuilder, PolicyContextBuilderOptions, PolicyContextPath, PolicyDecision, PolicyDecisionId, PolicyDefinition, PolicyDefinitionId, PolicyDefinitionProps, PolicyDefinitionStatus, PolicyEvaluationError, PolicyEvaluationErrors, PolicyEvaluationInput, PolicyEvaluationOutput, PolicyEvaluationResult, PolicyHashing, PolicyKey, PolicyKind, PolicyOwner, PolicyPackage, PolicyPort, PolicyPortError, PolicyResolver, PolicyScope, PolicyScopeLevel, PolicyScopeMatcher, PolicyService, PolicyServiceOptions, PolicyServiceParams, PolicyViolation, Query, RbacAuthorizer, Repository, RequestedBy, RequestedByKind, Result, ResultRepository, Role, RoleProps, RuleEffect, Ruleset, RulesetId, RulesetRegistry, SchoolId, Scope, ScopeChain, ScopeProps, SerializationBoundary, SerializationCodes, SerializationDirection, SerializationError, SerializationErrorMetadata, SerializationFailureCategory, SerializationMessages, SerializationOutError, TemporalContext, TemporalError, TemporalHistory, TemporalKind, TemporalRepository, TemporalUseCase, TemporalUseCaseInput, TemporalizedContextSeed, TenantId, TraceAttributeValue, TraceSpan, TracerPort, UnexpectedError, UniqueConstraintViolation, UniqueConstraintViolationError, UseCase, UseCaseObservability, UuidIdentifier, ValidationCode, ValidationError, ValidationException, ValidationField, ValidationViolation, ValueObject, ValueObjectPluginContract, ValueObjectRuleset, VersionedComputeEngine, VersionedGateEngine, VersionedTarget, abacContext, asPolicyDecisionId, asPolicyDefinitionId, asSchoolId, asTenantId, assertJsonSafeMetadata, assertTemporalContext, buildDomainEventContractVersions, contextResolverRegistry, coreConfig, createDomainEventEnvelope, createTemporalContext, erpCoreRelease, evaluateTemporalWindow, mapPolicyEvaluationError, payloadHash, rbacContextFields, registerNamespacedContextResolvers, registerNamespacedContextResolversIn, safePreview, serializationErrorCode, sha256Hex, stableStringify, translateUniqueViolationToDuplicate, version };
|
|
30
37
|
//# sourceMappingURL=index.d.cts.map
|
package/dist/index.d.ts
CHANGED
|
@@ -1,30 +1,37 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { a as
|
|
3
|
-
import { A as MetricLabels, C as RequestedByKind, D as TraceAttributeValue, E as UseCaseObservability, M as LogPayload, N as LoggerPort, O as TraceSpan, S as RequestedBy, T as UseCase, _ as PolicyEvaluationOutput, a as TemporalContext, b as Command, c as CacheStrategy, d as mapPolicyEvaluationError, f as TemporalHistory, g as PolicyEvaluationInput, h as ResultRepository, i as CreateTemporalContextInput, j as MetricsPort, k as TracerPort, l as Page, m as Repository, n as TemporalUseCaseInput, o as assertTemporalContext, p as TemporalRepository, r as TemporalizedContextSeed, s as createTemporalContext, t as TemporalUseCase, u as Query, v as PolicyPort, w as MaybePromise, x as CommandInput, y as PolicyPortError } from "./temporal-use-case.js";
|
|
1
|
+
import { n as RequestedByKind, t as RequestedBy } from "./requested-by.js";
|
|
2
|
+
import { a as AbacPolicySet, c as AbacRuleProps, d as AbacAuthorizerPort, f as AbacAttributes, i as AbacDecision, l as RuleEffect, n as CompositeAuthorizer, o as CombiningAlgorithm, p as AbacRequest, r as AbacAuthorizer, s as AbacRule, t as CompositeAccessRequest, u as abacContext } from "./composite-authorizer.js";
|
|
4
3
|
import { a as JsonSafeRecord, i as JsonSafePrimitive, n as AppErrorOptions, o as JsonSafeValue, r as ErrorSeverity, t as AppError } from "./app-error.js";
|
|
5
|
-
import {
|
|
4
|
+
import { i as AuthorizationRequirement, n as AuthorizationErrorMetadata, r as AuthorizationErrorReason, t as AuthorizationError } from "./authorization-error.js";
|
|
5
|
+
import { n as Ok, r as Result, t as Err } from "./result.js";
|
|
6
|
+
import { n as Outcome, t as CommonOutcomeStatus } from "./outcome.js";
|
|
7
|
+
import { C as GateTraceNodeSnapshot, D as VersionedGateEngine, E as PolicyViolation, O as GatePayload, S as GateTraceLeafSnapshot, T as PolicyContext, _ as ConditionEvaluationReportTag, a as PolicyDecisionId, b as GateOutcomeData, c as TenantId, d as asSchoolId, f as asTenantId, g as ConditionEvaluationReportLevel, h as ConditionEvaluationReport, l as asPolicyDecisionId, m as ConditionEvaluationOptions, n as CoreConfigOptions, o as PolicyDefinitionId, p as ConditionEvaluationCause, r as CoreObservabilityConfig, s as SchoolId, t as CoreConfig, u as asPolicyDefinitionId, v as ConditionEvaluatorReporter, w as GateViolationTrace, x as GateStatus, y as GateOutcome } from "./core-config.js";
|
|
8
|
+
import { a as PolicyPackage, c as coreConfig, i as PolicyCatalogFactory, n as contextResolverRegistry, o as InMemoryPolicyDefinitionRepository, r as registerNamespacedContextResolvers, s as PolicyHashing, t as PolicyContextPath } from "./path.js";
|
|
9
|
+
import { a as PluginContract, i as PipelineReducer, n as BasePlugin, r as InvokeOptions, t as PluginManager } from "./plugin.js";
|
|
10
|
+
import { t as DeepReadonly } from "./immutable.js";
|
|
11
|
+
import { i as version, n as ContractVersion, r as VersionedTarget, t as CONTRACT_VERSION_PROPERTY } from "./version.js";
|
|
12
|
+
import { n as ValueObjectPluginContract, t as ValueObject } from "./value-object.js";
|
|
13
|
+
import { a as Permission, i as ScopeProps, n as AccessRequest, o as PermissionProps, r as Scope, t as AuthorizerPort } from "./authorizer.port.js";
|
|
14
|
+
import { A as LogPayload, C as UseCase, D as TracerPort, E as TraceSpan, O as MetricLabels, S as MaybePromise, T as TraceAttributeValue, _ as PolicyEvaluationOutput, a as TemporalContext, b as Command, c as CacheStrategy, d as mapPolicyEvaluationError, f as TemporalHistory, g as PolicyEvaluationInput, h as ResultRepository, i as CreateTemporalContextInput, j as LoggerPort, k as MetricsPort, l as Page, m as Repository, n as TemporalUseCaseInput, o as assertTemporalContext, p as TemporalRepository, r as TemporalizedContextSeed, s as createTemporalContext, t as TemporalUseCase, u as Query, v as PolicyPort, w as UseCaseObservability, x as CommandInput, y as PolicyPortError } from "./temporal-use-case.js";
|
|
15
|
+
import { A as IdempotencyPayloadMismatchError, B as UniqueConstraintViolation, C as IntegrationErrorMetadata, D as IdempotencyFailureKind, E as IdempotencyErrorMetadata, F as AlreadyExistsError, G as AuthenticationErrorMetadata, H as translateUniqueViolationToDuplicate, I as ConflictError, J as ErrorCodes, K as AuthenticationErrorReason, L as ConflictErrorMetadata, M as payloadHash, N as sha256Hex, O as IdempotencyInProgressError, P as stableStringify, R as ConflictKind, S as IntegrationError, T as IdempotencyError, U as BusinessRuleViolationError, V as UniqueConstraintViolationError, W as AuthenticationError, Y as serializationErrorCode, _ as SerializationMessages, a as TemporalError, b as NotFoundError, c as TemporalPrecision, d as SerializationCodes, f as SerializationDirection, g as SerializationInError, h as SerializationFailureCategory, i as NotYetValidError, j as IdempotencyReplayNotSupportedError, k as IdempotencyKeyMissingError, l as evaluateTemporalWindow, m as SerializationErrorMetadata, n as UnexpectedError, o as TemporalErrorMetadata, p as SerializationError, q as assertJsonSafeMetadata, r as ExpiredError, s as TemporalKind, t as ValidationError, u as SerializationBoundary, v as SerializationOutError, w as IntegrationErrorReason, x as LegacyIncompatibleError, y as safePreview, z as DuplicateError } from "./validation-error.js";
|
|
6
16
|
import { t as ValidationCode } from "./validation-code.js";
|
|
7
17
|
import { t as ValidationField } from "./validation-field.js";
|
|
8
|
-
import { A as ConditionEvaluationReportTag, C as asPolicyDefinitionId, D as ConditionEvaluationOptions, E as ConditionEvaluationCause, O as ConditionEvaluationReport, S as asPolicyDecisionId, T as asTenantId, a as GateTraceNodeSnapshot, b as SchoolId, c as PolicyViolation, g as CoreObservabilityConfig, h as CoreConfigOptions, i as GateTraceLeafSnapshot, j as ConditionEvaluatorReporter, k as ConditionEvaluationReportLevel, l as VersionedGateEngine, m as CoreConfig, n as GateOutcomeData, o as GateViolationTrace, r as GateStatus, s as PolicyContext, t as GateOutcome, u as GatePayload, v as PolicyDecisionId, w as asSchoolId, x as TenantId, y as PolicyDefinitionId } from "./gate-types.js";
|
|
9
|
-
import { a as PolicyPackage, c as coreConfig, i as PolicyCatalogFactory, n as contextResolverRegistry, o as InMemoryPolicyDefinitionRepository, r as registerNamespacedContextResolvers, s as PolicyHashing, t as PolicyContextPath } from "./path.js";
|
|
10
18
|
import { A as PolicyScope, C as BasePolicyDefinitionProps, D as PolicyDefinition, E as GatePolicyDefinitionProps, F as PolicyKey, I as AsOfSource, L as PolicyKind, M as ScopeChain, N as PolicyCatalog, O as PolicyDefinitionProps, P as PolicyCatalogEntryProps, R as PolicyOwner, T as FindCandidatesParams, _ as ContextResolverResilienceOptions, a as PolicyServiceOptions, b as ContextSeed, c as PolicyEvaluationErrors, d as PolicyAsOfResolver, f as PolicyContextBuilder, g as ContextResolverCircuitBreakerOptions, h as registerNamespacedContextResolversIn, i as PolicyService, j as PolicyScopeMatcher, k as PolicyDefinitionStatus, l as PolicyResolver, m as ContextResolverRegistry, n as PolicyDecision, o as PolicyServiceParams, p as PolicyContextBuilderOptions, r as PolicyEvaluationResult, s as PolicyEvaluationError, t as EvaluateInput, u as DeriveAsOfOptions, v as ContextResolverRetryOptions, w as ComputePolicyDefinitionProps, x as ContextSeedValidator, y as ContextValueResolver, z as PolicyScopeLevel } from "./policy-service.js";
|
|
11
19
|
import { a as ComputeOutcome, c as VersionedComputeEngine, i as ComputeEvaluatorRegistration, n as ComputeRegistry, o as ComputeOutcomeData, r as ComputeEvaluator, s as ComputeStatus, t as GateEngineRegistry } from "./gate-engine-registry.js";
|
|
12
20
|
import { a as ComputePayloadParserRegistry, c as ComputeEvaluatorRegistry, o as ComputePayloadParsers, r as GatePayloadParsers, s as ComputeEngineRegistry } from "./parse-gate-payload.js";
|
|
13
|
-
import { t as
|
|
14
|
-
import { a as EntityState, i as Entity, n as ValueObject, r as ValueObjectPluginContract, t as UuidIdentifier } from "./uuid-identifier.js";
|
|
15
|
-
import { a as PluginContract, i as PipelineReducer, n as BasePlugin, r as InvokeOptions, t as PluginManager } from "./plugin.js";
|
|
21
|
+
import { n as Entity, r as EntityState, t as UuidIdentifier } from "./uuid-identifier.js";
|
|
16
22
|
import { t as DomainException } from "./domain-exception.js";
|
|
17
23
|
import { a as InvariantViolationException, c as BusinessRuleViolationException, i as ValidationViolation, n as MultipleValidationException, o as InvalidStateTransitionException, r as ValidationException, s as EntityNotFoundException, t as InvalidValueException } from "./validation-exception.js";
|
|
18
24
|
import { a as Ruleset, i as InvariantRuleset, n as RulesetRegistry, o as RulesetId, r as CreationRuleset, t as ValueObjectRuleset } from "./value-object-ruleset.contracts.js";
|
|
25
|
+
import { a as GrantProps, i as Grant, n as PermissionSet, o as Role, r as RbacAuthorizer, s as RoleProps, t as rbacContextFields } from "./policy-bridge.js";
|
|
19
26
|
import { a as buildDomainEventContractVersions, i as DomainEventEnvelope, n as DomainEventContractSelection, o as createDomainEventEnvelope, r as DomainEventContractVersions, t as CreateDomainEventEnvelopeInput } from "./domain-event-contracts.js";
|
|
20
27
|
|
|
21
28
|
//#region src/index.d.ts
|
|
22
29
|
declare const ERP_CORE_NAME = "erp-core";
|
|
23
|
-
declare const ERP_CORE_VERSION = "1.
|
|
30
|
+
declare const ERP_CORE_VERSION = "1.5.0";
|
|
24
31
|
declare const erpCoreRelease: {
|
|
25
32
|
readonly name: "erp-core";
|
|
26
|
-
readonly version: "1.
|
|
33
|
+
readonly version: "1.5.0";
|
|
27
34
|
};
|
|
28
35
|
//#endregion
|
|
29
|
-
export { AlreadyExistsError, AppError, AppErrorOptions, AsOfSource, AuthenticationError, AuthenticationErrorMetadata, AuthenticationErrorReason, AuthorizationError, AuthorizationErrorMetadata, AuthorizationErrorReason, AuthorizationRequirement, BasePlugin, BasePolicyDefinitionProps, BusinessRuleViolationError, BusinessRuleViolationException, CONTRACT_VERSION_PROPERTY, CacheStrategy, Command, CommandInput, CommonOutcomeStatus, ComputeEngineRegistry, ComputeEvaluator, ComputeEvaluatorRegistration, ComputeEvaluatorRegistry, ComputeOutcome, ComputeOutcomeData, ComputePayloadParserRegistry, ComputePayloadParsers, ComputePolicyDefinitionProps, ComputeRegistry, ComputeStatus, ConditionEvaluationCause, ConditionEvaluationOptions, ConditionEvaluationReport, ConditionEvaluationReportLevel, ConditionEvaluationReportTag, ConditionEvaluatorReporter, ConflictError, ConflictErrorMetadata, ConflictKind, ContextResolverCircuitBreakerOptions, ContextResolverRegistry, ContextResolverResilienceOptions, ContextResolverRetryOptions, ContextSeed, ContextSeedValidator, ContextValueResolver, ContractVersion, CoreConfig, CoreConfigOptions, CoreObservabilityConfig, CreateDomainEventEnvelopeInput, CreateTemporalContextInput, CreationRuleset, DeepReadonly, DeriveAsOfOptions, SerializationInError as DeserializationError, SerializationInError, DomainEventContractSelection, DomainEventContractVersions, DomainEventEnvelope, DomainException, DuplicateError, ERP_CORE_NAME, ERP_CORE_VERSION, Entity, EntityNotFoundException, EntityState, Err, ErrorCodes, ErrorSeverity, EvaluateInput, ExpiredError, TemporalErrorMetadata as ExpiredErrorMetadata, TemporalErrorMetadata, TemporalPrecision as ExpiredErrorPrecision, TemporalPrecision, FindCandidatesParams, GateEngineRegistry, GateOutcome, GateOutcomeData, GatePayload, GatePayloadParsers, GatePolicyDefinitionProps, GateStatus, GateTraceLeafSnapshot, GateTraceNodeSnapshot, GateViolationTrace, IdempotencyError, IdempotencyErrorMetadata, IdempotencyFailureKind, IdempotencyInProgressError, IdempotencyKeyMissingError, IdempotencyPayloadMismatchError, IdempotencyReplayNotSupportedError, InMemoryPolicyDefinitionRepository, IntegrationError, IntegrationErrorMetadata, IntegrationErrorReason, InvalidStateTransitionException, InvalidValueException, InvariantRuleset, InvariantViolationException, InvokeOptions, JsonSafePrimitive, JsonSafeRecord, JsonSafeValue, LegacyIncompatibleError, LogPayload, LoggerPort, MaybePromise, MetricLabels, MetricsPort, MultipleValidationException, NotFoundError, NotYetValidError, Ok, Outcome, Page, PipelineReducer, PluginContract, PluginManager, PolicyAsOfResolver, PolicyCatalog, PolicyCatalogEntryProps, PolicyCatalogFactory, PolicyContext, PolicyContextBuilder, PolicyContextBuilderOptions, PolicyContextPath, PolicyDecision, PolicyDecisionId, PolicyDefinition, PolicyDefinitionId, PolicyDefinitionProps, PolicyDefinitionStatus, PolicyEvaluationError, PolicyEvaluationErrors, PolicyEvaluationInput, PolicyEvaluationOutput, PolicyEvaluationResult, PolicyHashing, PolicyKey, PolicyKind, PolicyOwner, PolicyPackage, PolicyPort, PolicyPortError, PolicyResolver, PolicyScope, PolicyScopeLevel, PolicyScopeMatcher, PolicyService, PolicyServiceOptions, PolicyServiceParams, PolicyViolation, Query, Repository, RequestedBy, RequestedByKind, Result, ResultRepository, Ruleset, RulesetId, RulesetRegistry, SchoolId, ScopeChain, SerializationBoundary, SerializationCodes, SerializationDirection, SerializationError, SerializationErrorMetadata, SerializationFailureCategory, SerializationMessages, SerializationOutError, TemporalContext, TemporalError, TemporalHistory, TemporalKind, TemporalRepository, TemporalUseCase, TemporalUseCaseInput, TemporalizedContextSeed, TenantId, TraceAttributeValue, TraceSpan, TracerPort, UnexpectedError, UniqueConstraintViolation, UniqueConstraintViolationError, UseCase, UseCaseObservability, UuidIdentifier, ValidationCode, ValidationError, ValidationException, ValidationField, ValidationViolation, ValueObject, ValueObjectPluginContract, ValueObjectRuleset, VersionedComputeEngine, VersionedGateEngine, VersionedTarget, asPolicyDecisionId, asPolicyDefinitionId, asSchoolId, asTenantId, assertJsonSafeMetadata, assertTemporalContext, buildDomainEventContractVersions, contextResolverRegistry, coreConfig, createDomainEventEnvelope, createTemporalContext, erpCoreRelease, evaluateTemporalWindow, mapPolicyEvaluationError, payloadHash, registerNamespacedContextResolvers, registerNamespacedContextResolversIn, safePreview, serializationErrorCode, sha256Hex, stableStringify, translateUniqueViolationToDuplicate, version };
|
|
36
|
+
export { AbacAttributes, AbacAuthorizer, AbacAuthorizerPort, AbacDecision, AbacPolicySet, AbacRequest, AbacRule, AbacRuleProps, AccessRequest, AlreadyExistsError, AppError, AppErrorOptions, AsOfSource, AuthenticationError, AuthenticationErrorMetadata, AuthenticationErrorReason, AuthorizationError, AuthorizationErrorMetadata, AuthorizationErrorReason, AuthorizationRequirement, AuthorizerPort, BasePlugin, BasePolicyDefinitionProps, BusinessRuleViolationError, BusinessRuleViolationException, CONTRACT_VERSION_PROPERTY, CacheStrategy, CombiningAlgorithm, Command, CommandInput, CommonOutcomeStatus, CompositeAccessRequest, CompositeAuthorizer, ComputeEngineRegistry, ComputeEvaluator, ComputeEvaluatorRegistration, ComputeEvaluatorRegistry, ComputeOutcome, ComputeOutcomeData, ComputePayloadParserRegistry, ComputePayloadParsers, ComputePolicyDefinitionProps, ComputeRegistry, ComputeStatus, ConditionEvaluationCause, ConditionEvaluationOptions, ConditionEvaluationReport, ConditionEvaluationReportLevel, ConditionEvaluationReportTag, ConditionEvaluatorReporter, ConflictError, ConflictErrorMetadata, ConflictKind, ContextResolverCircuitBreakerOptions, ContextResolverRegistry, ContextResolverResilienceOptions, ContextResolverRetryOptions, ContextSeed, ContextSeedValidator, ContextValueResolver, ContractVersion, CoreConfig, CoreConfigOptions, CoreObservabilityConfig, CreateDomainEventEnvelopeInput, CreateTemporalContextInput, CreationRuleset, DeepReadonly, DeriveAsOfOptions, SerializationInError as DeserializationError, SerializationInError, DomainEventContractSelection, DomainEventContractVersions, DomainEventEnvelope, DomainException, DuplicateError, ERP_CORE_NAME, ERP_CORE_VERSION, Entity, EntityNotFoundException, EntityState, Err, ErrorCodes, ErrorSeverity, EvaluateInput, ExpiredError, TemporalErrorMetadata as ExpiredErrorMetadata, TemporalErrorMetadata, TemporalPrecision as ExpiredErrorPrecision, TemporalPrecision, FindCandidatesParams, GateEngineRegistry, GateOutcome, GateOutcomeData, GatePayload, GatePayloadParsers, GatePolicyDefinitionProps, GateStatus, GateTraceLeafSnapshot, GateTraceNodeSnapshot, GateViolationTrace, Grant, GrantProps, IdempotencyError, IdempotencyErrorMetadata, IdempotencyFailureKind, IdempotencyInProgressError, IdempotencyKeyMissingError, IdempotencyPayloadMismatchError, IdempotencyReplayNotSupportedError, InMemoryPolicyDefinitionRepository, IntegrationError, IntegrationErrorMetadata, IntegrationErrorReason, InvalidStateTransitionException, InvalidValueException, InvariantRuleset, InvariantViolationException, InvokeOptions, JsonSafePrimitive, JsonSafeRecord, JsonSafeValue, LegacyIncompatibleError, LogPayload, LoggerPort, MaybePromise, MetricLabels, MetricsPort, MultipleValidationException, NotFoundError, NotYetValidError, Ok, Outcome, Page, Permission, PermissionProps, PermissionSet, PipelineReducer, PluginContract, PluginManager, PolicyAsOfResolver, PolicyCatalog, PolicyCatalogEntryProps, PolicyCatalogFactory, PolicyContext, PolicyContextBuilder, PolicyContextBuilderOptions, PolicyContextPath, PolicyDecision, PolicyDecisionId, PolicyDefinition, PolicyDefinitionId, PolicyDefinitionProps, PolicyDefinitionStatus, PolicyEvaluationError, PolicyEvaluationErrors, PolicyEvaluationInput, PolicyEvaluationOutput, PolicyEvaluationResult, PolicyHashing, PolicyKey, PolicyKind, PolicyOwner, PolicyPackage, PolicyPort, PolicyPortError, PolicyResolver, PolicyScope, PolicyScopeLevel, PolicyScopeMatcher, PolicyService, PolicyServiceOptions, PolicyServiceParams, PolicyViolation, Query, RbacAuthorizer, Repository, RequestedBy, RequestedByKind, Result, ResultRepository, Role, RoleProps, RuleEffect, Ruleset, RulesetId, RulesetRegistry, SchoolId, Scope, ScopeChain, ScopeProps, SerializationBoundary, SerializationCodes, SerializationDirection, SerializationError, SerializationErrorMetadata, SerializationFailureCategory, SerializationMessages, SerializationOutError, TemporalContext, TemporalError, TemporalHistory, TemporalKind, TemporalRepository, TemporalUseCase, TemporalUseCaseInput, TemporalizedContextSeed, TenantId, TraceAttributeValue, TraceSpan, TracerPort, UnexpectedError, UniqueConstraintViolation, UniqueConstraintViolationError, UseCase, UseCaseObservability, UuidIdentifier, ValidationCode, ValidationError, ValidationException, ValidationField, ValidationViolation, ValueObject, ValueObjectPluginContract, ValueObjectRuleset, VersionedComputeEngine, VersionedGateEngine, VersionedTarget, abacContext, asPolicyDecisionId, asPolicyDefinitionId, asSchoolId, asTenantId, assertJsonSafeMetadata, assertTemporalContext, buildDomainEventContractVersions, contextResolverRegistry, coreConfig, createDomainEventEnvelope, createTemporalContext, erpCoreRelease, evaluateTemporalWindow, mapPolicyEvaluationError, payloadHash, rbacContextFields, registerNamespacedContextResolvers, registerNamespacedContextResolversIn, safePreview, serializationErrorCode, sha256Hex, stableStringify, translateUniqueViolationToDuplicate, version };
|
|
30
37
|
//# sourceMappingURL=index.d.ts.map
|