@digitaldefiance/node-express-suite 3.6.14 → 3.6.16

package/src/services/mnemonic.js

@@ -0,0 +1,114 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MnemonicService = void 0;
+const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
+const crypto_1 = require("crypto");
+/**
+ * Encrypts and stores mnemonics securely, using an HMAC to check for
+ * uniqueness without exposing the mnemonic itself.
+ */
+class MnemonicService {
+    hmacSecret;
+    MnemonicModel;
+    constants;
+    constructor(mnemonicModel, hmacSecret, constants) {
+        this.MnemonicModel = mnemonicModel;
+        // Immediately wrap secrets in secure containers
+        this.hmacSecret = hmacSecret;
+        this.constants = constants;
+    }
+    /**
+     * Disposes of the secure secrets held by this service.
+     */
+    dispose() {
+        this.hmacSecret.dispose();
+    }
+    /**
+     * Creates a non-reversible HMAC of the mnemonic for fast, indexed lookups.
+     * @param mnemonic The mnemonic to hash, wrapped in a SecureString.
+     */
+    getMnemonicHmac(mnemonic) {
+        // Use the raw secret buffer for the HMAC
+        return (0, crypto_1.createHmac)('sha256', this.hmacSecret.value)
+            .update(mnemonic.valueAsUint8Array) // Use the raw buffer for consistency
+            .digest('hex');
+    }
+    /**
+     * Checks if a mnemonic already exists in the database using its HMAC.
+     * @param mnemonic The mnemonic to check, wrapped in a SecureString.
+     * @param session Optional Mongoose session for transaction support.
+     */
+    async mnemonicExists(mnemonic, session) {
+        const hmac = this.getMnemonicHmac(mnemonic);
+        const count = await this.MnemonicModel.countDocuments({ hmac }).session(session ?? null);
+        return count > 0;
+    }
+    /**
+     * Adds a new, unique mnemonic to the database with password-based key wrapping.
+     * @param mnemonic The mnemonic to add, wrapped in a SecureString.
+     * @param password User's password for key wrapping.
+     * @param session Optional Mongoose session for transaction support.
+     */
+    async addMnemonicWithPassword(mnemonic, _password, session) {
+        if (!mnemonic.value || !this.constants.MnemonicRegex.test(mnemonic.value)) {
+            throw new suite_core_lib_1.TranslatableSuiteError(suite_core_lib_1.SuiteCoreStringKey.Validation_MnemonicRegex);
+        }
+        if (await this.mnemonicExists(mnemonic, session)) {
+            return { document: null };
+        }
+        try {
+            const hmac = this.getMnemonicHmac(mnemonic);
+            const [newDoc] = await this.MnemonicModel.create([
+                {
+                    hmac: hmac,
+                },
+            ], { session });
+            return { document: newDoc };
+        }
+        finally {
+            // nothing to dispose
+        }
+    }
+    /**
+     * Adds a new, unique mnemonic to the database.
+     * @param mnemonic The mnemonic to add, wrapped in a SecureString.
+     * @param session Optional Mongoose session for transaction support.
+     */
+    async addMnemonic(mnemonic, session) {
+        if (!mnemonic.value || !this.constants.MnemonicRegex.test(mnemonic.value)) {
+            throw new suite_core_lib_1.TranslatableSuiteError(suite_core_lib_1.SuiteCoreStringKey.Validation_MnemonicRegex);
+        }
+        if (await this.mnemonicExists(mnemonic, session)) {
+            return null;
+        }
+        const hmac = this.getMnemonicHmac(mnemonic);
+        const [newDoc] = await this.MnemonicModel.create([
+            {
+                hmac: hmac,
+            },
+        ], { session });
+        return newDoc;
+    }
+    /**
+     * Retrieves a mnemonic document by ID.
+     * @param mnemonicId The ID of the mnemonic document.
+     * @param session Optional Mongoose session for transaction support.
+     */
+    async getMnemonicDocument(mnemonicId, session) {
+        return await this.MnemonicModel.findById(mnemonicId).session(session ?? null);
+    }
+    /**
+     * Decrypts a mnemonic from a document using the service's master encryption key.
+     * @param doc The mnemonic document.
+     */
+    /**
+     * Deletes a mnemonic document by ID.
+     * @param mnemonicId The ID of the mnemonic document.
+     * @param session Optional Mongoose session for transaction support.
+     */
+    async deleteMnemonicDocument(mnemonicId, session) {
+        await this.MnemonicModel.findByIdAndDelete(mnemonicId).session(session ?? null);
+    }
+}
+exports.MnemonicService = MnemonicService;
+//# sourceMappingURL=mnemonic.js.map

package/src/services/mnemonic.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mnemonic.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/mnemonic.ts"],"names":[],"mappings":";;;AACA,oEAGyC;AACzC,mCAAoC;AAKpC;;;GAGG;AACH,MAAa,eAAe;IACT,UAAU,CAAe;IACzB,aAAa,CAA8B;IAC3C,SAAS,CAAa;IAEvC,YACE,aAA0C,EAC1C,UAAwB,EACxB,SAAqB;QAErB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,gDAAgD;QAChD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACI,eAAe,CAAC,QAAsB;QAC3C,yCAAyC;QACzC,OAAO,IAAA,mBAAU,EAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;aAC/C,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,qCAAqC;aACxE,MAAM,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,cAAc,CACzB,QAAsB,EACtB,OAAuB;QAEvB,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,OAAO,CACrE,OAAO,IAAI,IAAI,CAChB,CAAC;QACF,OAAO,KAAK,GAAG,CAAC,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,uBAAuB,CAClC,QAAsB,EACtB,SAAuB,EACvB,OAAuB;QAIvB,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1E,MAAM,IAAI,uCAAsB,CAC9B,mCAAkB,CAAC,wBAAwB,CAC5C,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,CAAC;YACjD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAC9C;gBACE;oBACE,IAAI,EAAE,IAAI;iBACX;aACF,EACD,EAAE,OAAO,EAAE,CACZ,CAAC;YACF,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;QAC9B,CAAC;gBAAS,CAAC;YACT,qBAAqB;QACvB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,WAAW,CACtB,QAAsB,EACtB,OAAuB;QAEvB,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1E,MAAM,IAAI,uCAAsB,CAC9B,mCAAkB,CAAC,wBAAwB,CAC5C,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAC9C;YACE;gBACE,IAAI,EAAE,IAAI;aACX;SACF,EACD,EAAE,OAAO,EAAE,CACZ,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,mBAAmB,CAC9B,UAAa,EACb,OAAuB;QAEvB,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,OAAO,CAC1D,OAAO,IAAI,IAAI,CAChB,CAAC;IACJ,CAAC;IAED;;;OAGG;IAEH;;;;OAIG;IACI,KAAK,CAAC,sBAAsB,CACjC,UAAa,EACb,OAAuB;QAEvB,MAAM,IAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,OAAO,CAC5D,OAAO,IAAI,IAAI,CAChB,CAAC;IACJ,CAAC;CACF;AAvJD,0CAuJC"}

package/src/services/request-user.d.ts

@@ -0,0 +1,23 @@
+import { IRequestUserDTO, ITokenRole } from '@digitaldefiance/suite-core-lib';
+import { Types } from '@digitaldefiance/mongoose-types';
+import { IUserDocument } from '../documents';
+import { IRequestUserBackendObject } from '../interfaces/backend-objects/request-user';
+export declare class RequestUserService<I extends string | Types.ObjectId, TTokenRole extends ITokenRole<I>> {
+    /**
+     * Given a user document and an array of role documents, create the IRequestUser
+     * @param userDoc
+     * @returns
+     */
+    static makeRequestUserDTO<I extends string | Types.ObjectId, S extends string, TTokenRole extends ITokenRole<I>, TRequestUserDTO extends IRequestUserDTO>(userDoc: IUserDocument<S, I> | (Pick<IUserDocument<S, I>, keyof IUserDocument<S, I>> & {
+        _id: any;
+    }), roles: TTokenRole[]): TRequestUserDTO;
+    /**
+     * Given a request user, reconstitute dates, objectids, and enums
+     * @param requestUser a RequestUser DTO
+     * @returns An IRequestUserBackendObject
+     */
+    static hydrateRequestUser<I extends string | Types.ObjectId, S extends string, TRequestUserDTO extends IRequestUserDTO & {
+        siteLanguage: S;
+    }>(requestUser: TRequestUserDTO, idConverter?: (id: string) => I): IRequestUserBackendObject<S, I>;
+}
+//# sourceMappingURL=request-user.d.ts.map

package/src/services/request-user.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-user.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/request-user.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EAEf,UAAU,EACX,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,KAAK,EAAE,MAAM,iCAAiC,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAIvF,qBAAa,kBAAkB,CAC7B,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,EACjC,UAAU,SAAS,UAAU,CAAC,CAAC,CAAC;IAEhC;;;;OAIG;WACW,kBAAkB,CAC9B,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,EACjC,CAAC,SAAS,MAAM,EAChB,UAAU,SAAS,UAAU,CAAC,CAAC,CAAC,EAChC,eAAe,SAAS,eAAe,EAEvC,OAAO,EACH,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,GACnB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG;QAAE,GAAG,EAAE,GAAG,CAAA;KAAE,CAAC,EACzE,KAAK,EAAE,UAAU,EAAE,GAClB,eAAe;IA6BlB;;;;OAIG;WACW,kBAAkB,CAC9B,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,EACjC,CAAC,SAAS,MAAM,EAChB,eAAe,SAAS,eAAe,GAAG;QAAE,YAAY,EAAE,CAAC,CAAA;KAAE,EAE7D,WAAW,EAAE,eAAe,EAC5B,WAAW,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,CAAC,GAC9B,yBAAyB,CAAC,CAAC,EAAE,CAAC,CAAC;CA2BnC"}

package/src/services/request-user.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestUserService = void 0;
+const id_converters_1 = require("../types/id-converters");
+const role_1 = require("./role");
+class RequestUserService {
+    /**
+     * Given a user document and an array of role documents, create the IRequestUser
+     * @param userDoc
+     * @returns
+     */
+    static makeRequestUserDTO(userDoc, roles) {
+        if (!userDoc._id) {
+            throw new Error('User document is missing _id');
+        }
+        // Calculate combined role privileges across all roles
+        const rolePrivileges = {
+            admin: roles.some((r) => r.admin),
+            member: roles.some((r) => r.member),
+            child: roles.some((r) => r.child),
+            system: roles.some((r) => r.system),
+        };
+        return {
+            id: userDoc._id.toString(),
+            email: userDoc.email,
+            roles: roles.map((r) => role_1.RoleService.roleToRoleDTO(r)),
+            rolePrivileges,
+            username: userDoc.username,
+            timezone: userDoc.timezone,
+            currency: userDoc.currency,
+            directChallenge: userDoc.directChallenge,
+            emailVerified: userDoc.emailVerified,
+            darkMode: userDoc.darkMode,
+            siteLanguage: userDoc.siteLanguage,
+            ...(userDoc.lastLogin && { lastLogin: userDoc.lastLogin.toString() }),
+        };
+    }
+    /**
+     * Given a request user, reconstitute dates, objectids, and enums
+     * @param requestUser a RequestUser DTO
+     * @returns An IRequestUserBackendObject
+     */
+    static hydrateRequestUser(requestUser, idConverter) {
+        const convert = idConverter ?? ((id) => (0, id_converters_1.convertStringToGenericId)(id));
+        const hydratedRoles = requestUser.roles.map((role) => role_1.RoleService.hydrateRoleDTOToBackend(role, convert));
+        const hydratedUser = {
+            id: convert(requestUser.id),
+            email: requestUser.email,
+            roles: hydratedRoles,
+            rolePrivileges: requestUser.rolePrivileges,
+            username: requestUser.username,
+            timezone: requestUser.timezone,
+            currency: requestUser.currency,
+            directChallenge: requestUser.directChallenge,
+            emailVerified: requestUser.emailVerified,
+            darkMode: requestUser.darkMode,
+            siteLanguage: requestUser.siteLanguage,
+        };
+        if (requestUser.lastLogin) {
+            hydratedUser.lastLogin = new Date(requestUser.lastLogin);
+        }
+        return hydratedUser;
+    }
+}
+exports.RequestUserService = RequestUserService;
+//# sourceMappingURL=request-user.js.map

package/src/services/request-user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-user.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/request-user.ts"],"names":[],"mappings":";;;AAQA,0DAAkE;AAClE,iCAAqC;AAErC,MAAa,kBAAkB;IAI7B;;;;OAIG;IACI,MAAM,CAAC,kBAAkB,CAM9B,OAEyE,EACzE,KAAmB;QAEnB,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QAED,sDAAsD;QACtD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;YACjC,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;YACnC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;YACjC,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;SACpC,CAAC;QAEF,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,kBAAW,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;YACrD,cAAc;YACd,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,eAAe,EAAE,OAAO,CAAC,eAAe;YACxC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAsB;YAC5C,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,CAAC;SACnD,CAAC;IACvB,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,kBAAkB,CAK9B,WAA4B,EAC5B,WAA+B;QAE/B,MAAM,OAAO,GACX,WAAW,IAAI,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,wCAAwB,EAAI,EAAE,CAAC,CAAC,CAAC;QACnE,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAc,EAAE,EAAE,CAC7D,kBAAW,CAAC,uBAAuB,CAAI,IAAI,EAAE,OAAO,CAAC,CACtD,CAAC;QAEF,MAAM,YAAY,GAAoC;YACpD,EAAE,EAAE,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAC3B,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,KAAK,EAAE,aAAa;YACpB,cAAc,EAAE,WAAW,CAAC,cAAc;YAC1C,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,eAAe,EAAE,WAAW,CAAC,eAAe;YAC5C,aAAa,EAAE,WAAW,CAAC,aAAa;YACxC,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,YAAY,EAAE,WAAW,CAAC,YAAY;SACvC,CAAC;QAEF,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;YAC1B,YAAY,CAAC,SAAS,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AAvFD,gDAuFC"}

package/src/services/role.d.ts

@@ -0,0 +1,86 @@
+import { MemberType } from '@digitaldefiance/ecies-lib';
+import { IRoleBase, ITokenRole, ITokenRoleDTO, Role } from '@digitaldefiance/suite-core-lib';
+import { ClientSession, Types } from '@digitaldefiance/mongoose-types';
+import { IUserDocument } from '../documents';
+import { IRoleDocument } from '../documents/role';
+import { IUserRoleDocument } from '../documents/user-role';
+import { IApplication } from '../interfaces/application';
+import { IRoleBackendObject } from '../interfaces/backend-objects/role';
+import { BaseService } from './base';
+/**
+ * Service for managing roles
+ */
+export declare class RoleService<I extends string | Types.ObjectId = Types.ObjectId, D extends Date = Date, TTokenRole extends ITokenRole<I, D> = ITokenRole<I, D>> extends BaseService {
+    /**
+     * Constructor for the role service
+     * @param application The application object
+     */
+    constructor(application: IApplication);
+    static roleToRoleDTO<I extends string | Types.ObjectId = Types.ObjectId, D extends Date = Date>(role: ITokenRole<I, D> | IRoleDocument<I> | Partial<IRoleBase<I>>): ITokenRoleDTO;
+    /**
+     * Given a Role DTO, reconstitute ids and dates
+     * @param role The Role DTO
+     * @returns An IRoleBackendObject
+     */
+    static hydrateRoleDTOToBackend<I extends string | Types.ObjectId = Types.ObjectId>(role: ITokenRoleDTO, idConverter?: (id: string) => I): IRoleBackendObject<I>;
+    /**
+     * Gets the role ID by name
+     * @param roleName The name of the role
+     * @returns The role ID or null if not found
+     */
+    getRoleIdByName(roleName: Role, session?: ClientSession): Promise<I | null>;
+    /**
+     * Creates a new role
+     * @param roleData The role data
+     * @param session Optional mongoose session
+     * @returns The created role document
+     */
+    createRole(roleData: IRoleBase<I, D, Role>, session?: ClientSession | null): Promise<IRoleDocument<I>>;
+    /**
+     * Adds a user to a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param createdBy - The user creating the relationship
+     * @param session Optional mongoose session
+     */
+    addUserToRole(roleId: I, userId: I, createdBy: I, session?: ClientSession, overrideId?: I): Promise<IUserRoleDocument<I>>;
+    /**
+     * Removes a user from a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param deletedBy - The user removing the relationship
+     * @param session Optional mongoose session
+     * @throws LastAdminError if attempting to remove the last admin
+     */
+    removeUserFromRole(roleId: I, userId: I, deletedBy: I, session?: ClientSession): Promise<void>;
+    /**
+     * Deletes a role by ID
+     * @param roleId The role ID
+     * @param deleter The ID of the user deleting the role
+     * @param hardDelete Whether to hard delete the role
+     * @param session Optional mongoose session
+     */
+    deleteRole(roleId: I, deleter: I, hardDelete: boolean, session?: ClientSession): Promise<void>;
+    /**
+     * Gets all roles for a user
+     * @param userId The user ID
+     * @param session Optional mongoose session
+     * @returns The roles the user is a member of
+     */
+    getUserRoles(userId: I, session?: ClientSession): Promise<IRoleDocument<I>[]>;
+    /**
+     * Gets all users for a role
+     * @param roleId The role ID
+     * @param session Optional mongoose session
+     * @returns The user IDs that are members of the role
+     */
+    getRoleUsers(roleId: I, session?: ClientSession): Promise<I[]>;
+    /** Convert roles to translated TokenRoles */
+    rolesToTokenRoles(roles: Array<IRoleBackendObject<I>>, overrideLanguage?: string): Array<TTokenRole>;
+    isUserAdmin(userDoc: IUserDocument<string, I>, session?: ClientSession, providedRoles?: Array<IRoleDocument<I>>): Promise<boolean>;
+    isUserMember(userDoc: IUserDocument<string, I>, session?: ClientSession, providedRoles?: Array<IRoleDocument<I>>): Promise<boolean>;
+    isUserChild(userDoc: IUserDocument<string, I>, session?: ClientSession, providedRoles?: Array<IRoleDocument<I>>): Promise<boolean>;
+    isSystemUser(userDoc: IUserDocument<string, I>, session?: ClientSession, providedRoles?: Array<IRoleDocument<I>>): Promise<boolean>;
+    getMemberType(userDoc: IUserDocument<string, I>, session?: ClientSession, providedRoles?: Array<IRoleDocument<I>>): Promise<MemberType>;
+}
+//# sourceMappingURL=role.d.ts.map

package/src/services/role.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"role.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/role.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAMxD,OAAO,EACL,SAAS,EAET,UAAU,EACV,aAAa,EAEb,IAAI,EACL,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAY,KAAK,EAAE,MAAM,iCAAiC,CAAC;AACjF,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAIxE,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AAErC;;GAEG;AACH,qBAAa,WAAW,CACtB,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAClD,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CACtD,SAAQ,WAAW;IACnB;;;OAGG;gBACS,WAAW,EAAE,YAAY;WAIvB,aAAa,CACzB,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAClD,CAAC,SAAS,IAAI,GAAG,IAAI,EAErB,IAAI,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAChE,aAAa;IA0ChB;;;;OAIG;WACW,uBAAuB,CACnC,CAAC,SAAS,MAAM,GAAG,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAElD,IAAI,EAAE,aAAa,EACnB,WAAW,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,CAAC,GAC9B,kBAAkB,CAAC,CAAC,CAAC;IAsBxB;;;;OAIG;IACU,eAAe,CAC1B,QAAQ,EAAE,IAAI,EACd,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAapB;;;;;OAKG;IACU,UAAU,CACrB,QAAQ,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAC/B,OAAO,CAAC,EAAE,aAAa,GAAG,IAAI,GAC7B,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAS5B;;;;;;OAMG;IACU,aAAa,CACxB,MAAM,EAAE,CAAC,EACT,MAAM,EAAE,CAAC,EACT,SAAS,EAAE,CAAC,EACZ,OAAO,CAAC,EAAE,aAAa,EACvB,UAAU,CAAC,EAAE,CAAC,GACb,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;IA4BhC;;;;;;;OAOG;IACU,kBAAkB,CAC7B,MAAM,EAAE,CAAC,EACT,MAAM,EAAE,CAAC,EACT,SAAS,EAAE,CAAC,EACZ,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,IAAI,CAAC;IA0BhB;;;;;;OAMG;IACU,UAAU,CACrB,MAAM,EAAE,CAAC,EACT,OAAO,EAAE,CAAC,EACV,UAAU,EAAE,OAAO,EACnB,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,IAAI,CAAC;IAchB;;;;;OAKG;IACU,YAAY,CACvB,MAAM,EAAE,CAAC,EACT,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;IAwB9B;;;;;OAKG;IACU,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;IAgB3E,6CAA6C;IACtC,iBAAiB,CACtB,KAAK,EAAE,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,EACnC,gBAAgB,CAAC,EAAE,MAAM,GACxB,KAAK,CAAC,UAAU,CAAC;IAkBP,WAAW,CACtB,OAAO,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GACtC,OAAO,CAAC,OAAO,CAAC;IASN,YAAY,CACvB,OAAO,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GACtC,OAAO,CAAC,OAAO,CAAC;IASN,WAAW,CACtB,OAAO,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GACtC,OAAO,CAAC,OAAO,CAAC;IASN,YAAY,CACvB,OAAO,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GACtC,OAAO,CAAC,OAAO,CAAC;IAMN,aAAa,CACxB,OAAO,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GACtC,OAAO,CAAC,UAAU,CAAC;CAavB"}

package/src/services/role.js

@@ -0,0 +1,285 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RoleService = void 0;
+const ecies_lib_1 = require("@digitaldefiance/ecies-lib");
+const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
+const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
+const mongoose_types_1 = require("@digitaldefiance/mongoose-types");
+const base_model_name_1 = require("../enumerations/base-model-name");
+const model_registry_1 = require("../model-registry");
+const id_converters_1 = require("../types/id-converters");
+const utils_1 = require("../utils");
+const base_1 = require("./base");
+/**
+ * Service for managing roles
+ */
+class RoleService extends base_1.BaseService {
+    /**
+     * Constructor for the role service
+     * @param application The application object
+     */
+    constructor(application) {
+        super(application);
+    }
+    static roleToRoleDTO(role) {
+        const roleObj = role instanceof mongoose_types_1.Document ? role.toObject() : role;
+        return {
+            _id: (role._id instanceof mongoose_types_1.Types.ObjectId
+                ? role._id.toString()
+                : role._id),
+            name: roleObj.name,
+            admin: roleObj.admin ?? false,
+            member: roleObj.member ?? false,
+            child: roleObj.child ?? false,
+            system: roleObj.system ?? false,
+            translatedName: 'translatedName' in role ? role.translatedName : role.name,
+            createdAt: (roleObj.createdAt instanceof Date
+                ? roleObj.createdAt.toISOString()
+                : roleObj.createdAt),
+            createdBy: (role.createdBy instanceof mongoose_types_1.Types.ObjectId
+                ? role.createdBy.toString()
+                : role.createdBy),
+            updatedAt: (roleObj.updatedAt instanceof Date
+                ? roleObj.updatedAt.toISOString()
+                : roleObj.updatedAt),
+            updatedBy: (role.updatedBy instanceof mongoose_types_1.Types.ObjectId
+                ? role.updatedBy.toString()
+                : role.updatedBy),
+            ...(roleObj.deletedAt
+                ? {
+                    deletedAt: (roleObj.deletedAt instanceof Date
+                        ? roleObj.deletedAt.toISOString()
+                        : roleObj.deletedAt),
+                }
+                : {}),
+            ...(role.deletedBy
+                ? {
+                    deletedBy: (role.deletedBy instanceof mongoose_types_1.Types.ObjectId
+                        ? role.deletedBy.toString()
+                        : role.deletedBy),
+                }
+                : {}),
+        };
+    }
+    /**
+     * Given a Role DTO, reconstitute ids and dates
+     * @param role The Role DTO
+     * @returns An IRoleBackendObject
+     */
+    static hydrateRoleDTOToBackend(role, idConverter) {
+        const convert = idConverter ?? ((id) => (0, id_converters_1.convertStringToGenericId)(id));
+        return {
+            ...(0, utils_1.omit)(role, [
+                'translatedName',
+            ]),
+            _id: convert(role._id),
+            name: role.name,
+            createdAt: new Date(role.createdAt),
+            createdBy: convert(role.createdBy),
+            updatedAt: new Date(role.updatedAt),
+            updatedBy: convert(role.updatedBy),
+            ...(role.deletedAt ? { deletedAt: new Date(role.deletedAt) } : {}),
+            ...(role.deletedBy
+                ? {
+                    deletedBy: convert(role.deletedBy),
+                }
+                : {}),
+        };
+    }
+    /**
+     * Gets the role ID by name
+     * @param roleName The name of the role
+     * @returns The role ID or null if not found
+     */
+    async getRoleIdByName(roleName, session) {
+        const RoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.Role).model;
+        const role = await RoleModel.findOne({ name: roleName }, undefined, {
+            session,
+        }).select('_id');
+        if (!role) {
+            return null;
+        }
+        return role._id;
+    }
+    /**
+     * Creates a new role
+     * @param roleData The role data
+     * @param session Optional mongoose session
+     * @returns The created role document
+     */
+    async createRole(roleData, session) {
+        const RoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.Role).model;
+        const role = new RoleModel(roleData);
+        const savedRole = await role.save(session ? { session } : {});
+        return savedRole;
+    }
+    /**
+     * Adds a user to a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param createdBy - The user creating the relationship
+     * @param session Optional mongoose session
+     */
+    async addUserToRole(roleId, userId, createdBy, session, overrideId) {
+        const UserRoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.UserRole).model;
+        // Check if the user-role relationship already exists (and is not deleted)
+        const existingUserRole = await UserRoleModel.findOne({
+            userId,
+            roleId,
+            deletedAt: { $exists: false },
+        }).session(session ?? null);
+        if (existingUserRole) {
+            // Relationship already exists, no need to create it again
+            return existingUserRole;
+        }
+        const userRole = new UserRoleModel({
+            ...(overrideId ? { _id: overrideId } : {}),
+            userId,
+            roleId,
+            createdBy,
+            updatedBy: createdBy,
+        });
+        const result = await userRole.save({ session });
+        return result;
+    }
+    /**
+     * Removes a user from a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param deletedBy - The user removing the relationship
+     * @param session Optional mongoose session
+     * @throws LastAdminError if attempting to remove the last admin
+     */
+    async removeUserFromRole(roleId, userId, deletedBy, session) {
+        const RoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.Role).model;
+        const UserRoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.UserRole).model;
+        const role = await RoleModel.findById(roleId).session(session ?? null);
+        if (role?.admin) {
+            const adminCount = await UserRoleModel.countDocuments({
+                roleId,
+                deletedAt: { $exists: false },
+            }).session(session ?? null);
+            if (adminCount <= 1) {
+                throw new suite_core_lib_1.LastAdminError();
+            }
+        }
+        await UserRoleModel.findOneAndUpdate({ userId, roleId, deletedAt: { $exists: false } }, { deletedAt: new Date(), deletedBy }, { session });
+    }
+    /**
+     * Deletes a role by ID
+     * @param roleId The role ID
+     * @param deleter The ID of the user deleting the role
+     * @param hardDelete Whether to hard delete the role
+     * @param session Optional mongoose session
+     */
+    async deleteRole(roleId, deleter, hardDelete, session) {
+        const RoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.Role).model;
+        if (hardDelete) {
+            await RoleModel.findByIdAndDelete(roleId).session(session ?? null);
+        }
+        else {
+            await RoleModel.findByIdAndUpdate(roleId, {
+                deletedAt: new Date(),
+                deletedBy: deleter,
+            }).session(session ?? null);
+        }
+    }
+    /**
+     * Gets all roles for a user
+     * @param userId The user ID
+     * @param session Optional mongoose session
+     * @returns The roles the user is a member of
+     */
+    async getUserRoles(userId, session) {
+        const UserRoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.UserRole).model;
+        const RoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.Role).model;
+        if (!UserRoleModel || !RoleModel)
+            throw new Error('Model not registered');
+        // Return full documents
+        const userRoles = await UserRoleModel.find({
+            userId,
+            deletedAt: { $exists: false },
+        })
+            .select('roleId')
+            .session(session ?? null);
+        const roleIds = userRoles.map((ur) => ur.roleId);
+        return (await RoleModel.find({
+            _id: { $in: roleIds },
+            deletedAt: { $exists: false },
+        }).session(session ?? null));
+    }
+    /**
+     * Gets all users for a role
+     * @param roleId The role ID
+     * @param session Optional mongoose session
+     * @returns The user IDs that are members of the role
+     */
+    async getRoleUsers(roleId, session) {
+        const UserRoleModel = model_registry_1.ModelRegistry.instance.get(base_model_name_1.BaseModelName.UserRole).model;
+        // Return full documents
+        const userRoles = await UserRoleModel.find({
+            roleId,
+            deletedAt: { $exists: false },
+        })
+            .select('userId')
+            .session(session ?? null);
+        return userRoles.map((ur) => ur.userId);
+    }
+    /** Convert roles to translated TokenRoles */
+    rolesToTokenRoles(roles, overrideLanguage) {
+        return roles.map((role) => {
+            const engine = i18n_lib_1.I18nEngine.getInstance('default');
+            const userLang = i18n_lib_1.GlobalActiveContext.getInstance().userLanguage;
+            const lang = (overrideLanguage || userLang || 'en-US');
+            const roleTranslation = engine.translateEnum(suite_core_lib_1.Role, role.name, lang);
+            // Convert Mongoose document to plain object if needed
+            const roleObj = role instanceof mongoose_types_1.Document ? role.toObject() : role;
+            return {
+                ...roleObj,
+                translatedName: roleTranslation,
+            };
+        });
+    }
+    async isUserAdmin(userDoc, session, providedRoles) {
+        const roles = providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+        if (roles.filter((r) => r.admin).length > 0) {
+            return true;
+        }
+        return false;
+    }
+    async isUserMember(userDoc, session, providedRoles) {
+        const roles = providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+        if (roles.filter((r) => r.member).length > 0) {
+            return true;
+        }
+        return false;
+    }
+    async isUserChild(userDoc, session, providedRoles) {
+        const roles = providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+        if (roles.filter((r) => r.child).length > 0) {
+            return true;
+        }
+        return false;
+    }
+    async isSystemUser(userDoc, session, providedRoles) {
+        const roles = providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+        return roles.some((r) => r.system);
+    }
+    async getMemberType(userDoc, session, providedRoles) {
+        const roles = providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+        if (await this.isSystemUser(userDoc, session, roles)) {
+            return ecies_lib_1.MemberType.System;
+        }
+        else if (await this.isUserAdmin(userDoc, session, roles)) {
+            return ecies_lib_1.MemberType.Admin;
+        }
+        else if (await this.isUserMember(userDoc, session, roles)) {
+            return ecies_lib_1.MemberType.User;
+        }
+        else {
+            return ecies_lib_1.MemberType.Anonymous;
+        }
+    }
+}
+exports.RoleService = RoleService;
+//# sourceMappingURL=role.js.map

package/src/services/role.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"role.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/role.ts"],"names":[],"mappings":";;;AAAA,0DAAwD;AACxD,wDAImC;AACnC,oEAOyC;AACzC,oEAAiF;AAIjF,qEAAgE;AAGhE,sDAAkD;AAClD,0DAAkE;AAClE,oCAAgC;AAChC,iCAAqC;AAErC;;GAEG;AACH,MAAa,WAIX,SAAQ,kBAAW;IACnB;;;OAGG;IACH,YAAY,WAAyB;QACnC,KAAK,CAAC,WAAW,CAAC,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,aAAa,CAIzB,IAAiE;QAEjE,MAAM,OAAO,GAAG,IAAI,YAAY,yBAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAClE,OAAO;YACL,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,YAAY,sBAAK,CAAC,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE;gBACrB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAW;YACvB,IAAI,EAAE,OAAO,CAAC,IAAc;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,KAAK;YAC7B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;YAC/B,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,KAAK;YAC7B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;YAC/B,cAAc,EACZ,gBAAgB,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI;YAC5D,SAAS,EAAE,CAAC,OAAO,CAAC,SAAS,YAAY,IAAI;gBAC3C,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE;gBACjC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAW;YAChC,SAAS,EAAE,CAAC,IAAI,CAAC,SAAS,YAAY,sBAAK,CAAC,QAAQ;gBAClD,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE;gBAC3B,CAAC,CAAC,IAAI,CAAC,SAAS,CAAW;YAC7B,SAAS,EAAE,CAAC,OAAO,CAAC,SAAS,YAAY,IAAI;gBAC3C,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE;gBACjC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAW;YAChC,SAAS,EAAE,CAAC,IAAI,CAAC,SAAS,YAAY,sBAAK,CAAC,QAAQ;gBAClD,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE;gBAC3B,CAAC,CAAC,IAAI,CAAC,SAAS,CAAW;YAC7B,GAAG,CAAC,OAAO,CAAC,SAAS;gBACnB,CAAC,CAAC;oBACE,SAAS,EAAE,CAAC,OAAO,CAAC,SAAS,YAAY,IAAI;wBAC3C,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE;wBACjC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAW;iBACjC;gBACH,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,IAAI,CAAC,SAAS;gBAChB,CAAC,CAAC;oBACE,SAAS,EAAE,CAAC,IAAI,CAAC,SAAS,YAAY,sBAAK,CAAC,QAAQ;wBAClD,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE;wBAC3B,CAAC,CAAC,IAAI,CAAC,SAAS,CAAW;iBAC9B;gBACH,CAAC,CAAC,EAAE,CAAC;SACS,CAAC;IACrB,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,uBAAuB,CAGnC,IAAmB,EACnB,WAA+B;QAE/B,MAAM,OAAO,GACX,WAAW,IAAI,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,wCAAwB,EAAI,EAAE,CAAC,CAAC,CAAC;QACnE,OAAO;YACL,GAAI,IAAA,YAAI,EAAkC,IAAI,EAAE;gBAC9C,gBAAgB;aACjB,CAAc;YACf,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YACtB,IAAI,EAAE,IAAI,CAAC,IAAY;YACvB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACnC,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAClC,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACnC,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAClC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClE,GAAG,CAAC,IAAI,CAAC,SAAS;gBAChB,CAAC,CAAC;oBACE,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;iBACnC;gBACH,CAAC,CAAC,EAAE,CAAC;SACiB,CAAC;IAC7B,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,eAAe,CAC1B,QAAc,EACd,OAAuB;QAEvB,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC1C,+BAAa,CAAC,IAAI,CACnB,CAAC,KAAK,CAAC;QACR,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,SAAS,EAAE;YAClE,OAAO;SACR,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACjB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,GAAQ,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,UAAU,CACrB,QAA+B,EAC/B,OAA8B;QAE9B,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC1C,+BAAa,CAAC,IAAI,CACnB,CAAC,KAAK,CAAC;QACR,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC9D,OAAO,SAA6B,CAAC;IACvC,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,aAAa,CACxB,MAAS,EACT,MAAS,EACT,SAAY,EACZ,OAAuB,EACvB,UAAc;QAEd,MAAM,aAAa,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC9C,+BAAa,CAAC,QAAQ,CACvB,CAAC,KAAK,CAAC;QAER,0EAA0E;QAC1E,MAAM,gBAAgB,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC;YACnD,MAAM;YACN,MAAM;YACN,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;SAC9B,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QAE5B,IAAI,gBAAgB,EAAE,CAAC;YACrB,0DAA0D;YAC1D,OAAO,gBAAgB,CAAC;QAC1B,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,aAAa,CAAC;YACjC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1C,MAAM;YACN,MAAM;YACN,SAAS;YACT,SAAS,EAAE,SAAS;SACrB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QAChD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,kBAAkB,CAC7B,MAAS,EACT,MAAS,EACT,SAAY,EACZ,OAAuB;QAEvB,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC1C,+BAAa,CAAC,IAAI,CACnB,CAAC,KAAK,CAAC;QACR,MAAM,aAAa,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC9C,+BAAa,CAAC,QAAQ,CACvB,CAAC,KAAK,CAAC;QAER,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QACvE,IAAI,IAAI,EAAE,KAAK,EAAE,CAAC;YAChB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC;gBACpD,MAAM;gBACN,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;aAC9B,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;YAC5B,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;gBACpB,MAAM,IAAI,+BAAc,EAAE,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,MAAM,aAAa,CAAC,gBAAgB,CAClC,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EACjD,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,SAAS,EAAE,EACpC,EAAE,OAAO,EAAE,CACZ,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,UAAU,CACrB,MAAS,EACT,OAAU,EACV,UAAmB,EACnB,OAAuB;QAEvB,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC1C,+BAAa,CAAC,IAAI,CACnB,CAAC,KAAK,CAAC;QACR,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,SAAS,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QACrE,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,CAAC,iBAAiB,CAAC,MAAM,EAAE;gBACxC,SAAS,EAAE,IAAI,IAAI,EAAE;gBACrB,SAAS,EAAE,OAAO;aACnB,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,YAAY,CACvB,MAAS,EACT,OAAuB;QAEvB,MAAM,aAAa,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC9C,+BAAa,CAAC,QAAQ,CACvB,CAAC,KAAK,CAAC;QACR,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC1C,+BAAa,CAAC,IAAI,CACnB,CAAC,KAAK,CAAC;QACR,IAAI,CAAC,aAAa,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAE1E,wBAAwB;QACxB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC;YACzC,MAAM;YACN,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;SAC9B,CAAC;aACC,MAAM,CAAC,QAAQ,CAAC;aAChB,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QAE5B,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;QACjD,OAAO,CAAC,MAAM,SAAS,CAAC,IAAI,CAAC;YAC3B,GAAG,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;YACrB,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;SAC9B,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAuB,CAAC;IACrD,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,YAAY,CAAC,MAAS,EAAE,OAAuB;QAC1D,MAAM,aAAa,GAAG,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAC9C,+BAAa,CAAC,QAAQ,CACvB,CAAC,KAAK,CAAC;QAER,wBAAwB;QACxB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC;YACzC,MAAM;YACN,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;SAC9B,CAAC;aACC,MAAM,CAAC,QAAQ,CAAC;aAChB,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;QAE5B,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED,6CAA6C;IACtC,iBAAiB,CACtB,KAAmC,EACnC,gBAAyB;QAEzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACxB,MAAM,MAAM,GAAG,qBAAU,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YACjD,MAAM,QAAQ,GAAG,8BAAmB,CAAC,WAAW,EAG7C,CAAC,YAAY,CAAC;YACjB,MAAM,IAAI,GAAG,CAAC,gBAAgB,IAAI,QAAQ,IAAI,OAAO,CAAW,CAAC;YACjE,MAAM,eAAe,GAAG,MAAM,CAAC,aAAa,CAAC,qBAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACpE,sDAAsD;YACtD,MAAM,OAAO,GAAG,IAAI,YAAY,yBAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YAClE,OAAO;gBACL,GAAG,OAAO;gBACV,cAAc,EAAE,eAAe;aAClB,CAAC;QAClB,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,WAAW,CACtB,OAAiC,EACjC,OAAuB,EACvB,aAAuC;QAEvC,MAAM,KAAK,GACT,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,YAAY,CACvB,OAAiC,EACjC,OAAuB,EACvB,aAAuC;QAEvC,MAAM,KAAK,GACT,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,WAAW,CACtB,OAAiC,EACjC,OAAuB,EACvB,aAAuC;QAEvC,MAAM,KAAK,GACT,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,YAAY,CACvB,OAAiC,EACjC,OAAuB,EACvB,aAAuC;QAEvC,MAAM,KAAK,GACT,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;QACnE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAEM,KAAK,CAAC,aAAa,CACxB,OAAiC,EACjC,OAAuB,EACvB,aAAuC;QAEvC,MAAM,KAAK,GACT,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;YACrD,OAAO,sBAAU,CAAC,MAAM,CAAC;QAC3B,CAAC;aAAM,IAAI,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;YAC3D,OAAO,sBAAU,CAAC,KAAK,CAAC;QAC1B,CAAC;aAAM,IAAI,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;YAC5D,OAAO,sBAAU,CAAC,IAAI,CAAC;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,sBAAU,CAAC,SAAS,CAAC;QAC9B,CAAC;IACH,CAAC;CACF;AA5XD,kCA4XC"}

package/src/services/symmetric.d.ts

@@ -0,0 +1,42 @@
+import { IECIESConstants } from '@digitaldefiance/ecies-lib';
+import { ISymmetricEncryptionResults } from '../interfaces/symmetric-encryption-results';
+/**
+ * Service for handling symmetric encryption operations.
+ * This service provides functionality for:
+ * - AES encryption/decryption of buffers and JSON data
+ * - Key and IV generation
+ * - Secure cryptographic operations
+ */
+export declare class SymmetricService {
+    static symmetricKeyBits(eciesConstants?: IECIESConstants): number;
+    static symmetricKeyBytes(eciesConstants?: IECIESConstants): number;
+    /**
+     * Encrypt data with AES
+     * @param data The data to encrypt
+     * @param encryptionKey Optional encryption key (will be randomly generated if not provided)
+     * @returns Object containing encrypted data and key
+     */
+    static encryptBuffer(data: Buffer, encryptionKey?: Buffer, eciesConstants?: IECIESConstants): ISymmetricEncryptionResults;
+    /**
+     * Decrypt the given buffer with AES
+     * @param encryptedData The encrypted data to decrypt
+     * @param key The key to use for decryption
+     * @returns Decrypted data as a Buffer
+     */
+    static decryptBuffer(encryptedData: Buffer, key: Buffer, eciesConstants?: IECIESConstants): Buffer;
+    /**
+     * Encrypt JSON data with AES
+     * @param data The data to encrypt
+     * @param encryptionKey Optional encryption key (will be randomly generated if not provided)
+     * @returns Object containing encrypted data and key
+     */
+    static encryptJson<T>(data: T, encryptionKey?: Buffer): ISymmetricEncryptionResults;
+    /**
+     * Decrypt the given buffer with AES and parse as JSON
+     * @param encryptedData The encrypted data to decrypt
+     * @param key The key to use for decryption
+     * @returns Decrypted data parsed as type T
+     */
+    static decryptJson<T>(encryptedData: Buffer, key: Buffer): T;
+}
+//# sourceMappingURL=symmetric.d.ts.map