@elsikora/nestjs-crud-automator 1.19.0-dev.1 → 1.20.0-dev.1

package/README.md

@@ -378,9 +378,11 @@ import { UserEntity } from "../user.entity";
 
 @ApiAuthorizationPolicy<UserEntity>({ entity: UserEntity, priority: 200 })
 export class UserAccessPolicy extends ApiAuthorizationPolicyBase<UserEntity> {
-	onBeforeGet() {
+	onBeforeGet(context) {
+		const { subject } = context.DATA;
+
 		return this.allow({
-			scope: ({ subject }) => ({ where: { id: subject.id } }),
+			scope: () => ({ where: { id: subject.id } }),
 		});
 	}
 
@@ -393,7 +395,7 @@ export class UserAccessPolicy extends ApiAuthorizationPolicyBase<UserEntity> {
 }
 ```
 
-Policies can return allow/deny rules, merge scope conditions into generated queries, and transform responses before they are sent back to the client.
+Policies can return allow/deny rules, merge scope conditions into generated queries, and transform responses before they are sent back to the client. `authorizationDecision.policyIds` lists all policy IDs contributing rules for the request. You can optionally enable policy caching globally via `ApiAuthorizationPolicyRegistry.configureCache()` or per policy via the `cache` option when policies are static.
 
 ### `CorrelationIDResponseBodyInterceptor`: Request Tracing
 

package/dist/cjs/class/api/authorization/engine.class.js

@@ -54,6 +54,7 @@ exports.ApiAuthorizationEngine = class ApiAuthorizationEngine {
             appliedRules: payload.appliedRules,
             effect: payload.effect,
             policyId: options.policy.policyId,
+            policyIds: options.policy.policyIds,
             resource: options.resource,
             resourceType: options.policy.entity.name ?? "UnknownResource",
             scope: payload.scope,

package/dist/cjs/class/api/authorization/engine.class.js.map

@@ -1 +1 @@
-{"version":3,"file":"engine.class.js","sources":["../../../../../../src/class/api/authorization/engine.class.ts"],"sourcesContent":[null],"names":["ApiAuthorizationEngine","EAuthorizationEffect","AuthorizationScopeMergeWhere","__decorate","Injectable"],"mappings":";;;;;;;AAWaA,8BAAsB,GAA5B,MAAM,sBAAsB,CAAA;IAC3B,MAAM,QAAQ,CAA8B,OAAqD,EAAA;AACvG,QAAA,MAAM,OAAO,GAAoC;YAChD,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;SACxB;QAED,MAAM,YAAY,GAAuC,EAAE;AAC3D,QAAA,IAAI,KAA4C;QAChD,MAAM,UAAU,GAAuE,EAAE;QAEzF,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE;YACxC,MAAM,iBAAiB,GAAY,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC;YAE9E,IAAI,CAAC,iBAAiB,EAAE;gBACvB;YACD;YAEA,IAAI,IAAI,CAAC,MAAM,KAAKC,gCAAoB,CAAC,IAAI,EAAE;AAC9C,gBAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;oBAClC,YAAY,EAAE,CAAC,IAAI,CAAC;oBACpB,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,oBAAA,KAAK,EAAE,SAAS;AAChB,oBAAA,UAAU,EAAE,EAAE;AACd,iBAAA,CAAC;YACH;AAEA,YAAA,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;AACvB,YAAA,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,CAAC;AAEnD,YAAA,IAAI,IAAI,CAAC,eAAe,EAAE;AACzB,gBAAA,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC;YACtC;QACD;AAEA,QAAA,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;AAC9B,YAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;AAClC,gBAAA,YAAY,EAAE,EAAE;gBAChB,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,gBAAA,KAAK,EAAE,SAAS;AAChB,gBAAA,UAAU,EAAE,EAAE;AACd,aAAA,CAAC;QACH;AAEA,QAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;AAClC,YAAA,YAAY,EAAE,YAAY;YAC1B,MAAM,EAAEA,gCAAoB,CAAC,KAAK;YAClC,KAAK;YACL,UAAU;AACV,SAAA,CAAC;IACH;IAEQ,aAAa,CACpB,OAAqD,EACrD,OAKC,EAAA;QAED,OAAO;YACN,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,MAAM,EAAE,OAAO,CAAC,MAAM;AACtB,YAAA,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ;YACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,IAAI,iBAAiB;YAC7D,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC9B;IACF;AAEQ,IAAA,MAAM,iBAAiB,CAA8B,IAAiC,EAAE,OAAwC,EAAA;AACvI,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;AACpB,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,MAAM,GAAY,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;QAErD,OAAO,MAAM,KAAK,IAAI;IACvB;AAEQ,IAAA,MAAM,UAAU,CAA8B,YAAmD,EAAE,IAAiC,EAAE,OAAwC,EAAA;AACrL,QAAA,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;AAChB,YAAA,OAAO,YAAY;QACpB;QAEA,MAAM,UAAU,GAA0C,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAEnF,IAAI,CAAC,UAAU,EAAE;AAChB,YAAA,OAAO,YAAY;QACpB;QAEA,IAAI,CAAC,YAAY,EAAE;AAClB,YAAA,OAAO,UAAU;QAClB;QAEA,OAAO;AACN,YAAA,GAAG,YAAY;AACf,YAAA,GAAG,UAAU;YACb,KAAK,EAAEC,0CAA4B,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC;SACzE;IACF;;AAxGYF,8BAAsB,GAAAG,oBAAA,CAAA;AADlC,IAAAC,iBAAU;AACE,CAAA,EAAAJ,8BAAsB,CAyGlC;;"}
+{"version":3,"file":"engine.class.js","sources":["../../../../../../src/class/api/authorization/engine.class.ts"],"sourcesContent":[null],"names":["ApiAuthorizationEngine","EAuthorizationEffect","AuthorizationScopeMergeWhere","__decorate","Injectable"],"mappings":";;;;;;;AAWaA,8BAAsB,GAA5B,MAAM,sBAAsB,CAAA;IAC3B,MAAM,QAAQ,CAA8B,OAAqD,EAAA;AACvG,QAAA,MAAM,OAAO,GAAoC;YAChD,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;SACxB;QAED,MAAM,YAAY,GAAuC,EAAE;AAC3D,QAAA,IAAI,KAA4C;QAChD,MAAM,UAAU,GAAuE,EAAE;QAEzF,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE;YACxC,MAAM,iBAAiB,GAAY,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC;YAE9E,IAAI,CAAC,iBAAiB,EAAE;gBACvB;YACD;YAEA,IAAI,IAAI,CAAC,MAAM,KAAKC,gCAAoB,CAAC,IAAI,EAAE;AAC9C,gBAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;oBAClC,YAAY,EAAE,CAAC,IAAI,CAAC;oBACpB,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,oBAAA,KAAK,EAAE,SAAS;AAChB,oBAAA,UAAU,EAAE,EAAE;AACd,iBAAA,CAAC;YACH;AAEA,YAAA,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;AACvB,YAAA,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,CAAC;AAEnD,YAAA,IAAI,IAAI,CAAC,eAAe,EAAE;AACzB,gBAAA,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC;YACtC;QACD;AAEA,QAAA,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;AAC9B,YAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;AAClC,gBAAA,YAAY,EAAE,EAAE;gBAChB,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,gBAAA,KAAK,EAAE,SAAS;AAChB,gBAAA,UAAU,EAAE,EAAE;AACd,aAAA,CAAC;QACH;AAEA,QAAA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;AAClC,YAAA,YAAY,EAAE,YAAY;YAC1B,MAAM,EAAEA,gCAAoB,CAAC,KAAK;YAClC,KAAK;YACL,UAAU;AACV,SAAA,CAAC;IACH;IAEQ,aAAa,CACpB,OAAqD,EACrD,OAKC,EAAA;QAED,OAAO;YACN,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,MAAM,EAAE,OAAO,CAAC,MAAM;AACtB,YAAA,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ;AACjC,YAAA,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS;YACnC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,IAAI,iBAAiB;YAC7D,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC9B;IACF;AAEQ,IAAA,MAAM,iBAAiB,CAA8B,IAAiC,EAAE,OAAwC,EAAA;AACvI,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;AACpB,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,MAAM,GAAY,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;QAErD,OAAO,MAAM,KAAK,IAAI;IACvB;AAEQ,IAAA,MAAM,UAAU,CAA8B,YAAmD,EAAE,IAAiC,EAAE,OAAwC,EAAA;AACrL,QAAA,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;AAChB,YAAA,OAAO,YAAY;QACpB;QAEA,MAAM,UAAU,GAA0C,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAEnF,IAAI,CAAC,UAAU,EAAE;AAChB,YAAA,OAAO,YAAY;QACpB;QAEA,IAAI,CAAC,YAAY,EAAE;AAClB,YAAA,OAAO,UAAU;QAClB;QAEA,OAAO;AACN,YAAA,GAAG,YAAY;AACf,YAAA,GAAG,UAAU;YACb,KAAK,EAAEC,0CAA4B,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC;SACzE;IACF;;AAzGYF,8BAAsB,GAAAG,oBAAA,CAAA;AADlC,IAAAC,iBAAU;AACE,CAAA,EAAAJ,8BAAsB,CA0GlC;;"}

package/dist/cjs/class/api/authorization/guard.class.js

@@ -30,14 +30,18 @@ exports.ApiAuthorizationGuard = class ApiAuthorizationGuard {
         }
         const action = this.resolveAction(context);
         authorizationGuardLogger.verbose(`Evaluating authorization for entity "${entityConstructor.name}" action "${action}"`);
-        const policy = await this.policyRegistry.buildAggregatedPolicy(entityConstructor, action);
+        const request = context.switchToHttp().getRequest();
+        const subject = resolveDefaultSubject_utility.AuthorizationResolveDefaultSubject(request.user);
+        const authenticationRequest = request;
+        const policy = await this.policyRegistry.buildAggregatedPolicy(entityConstructor, action, {
+            authenticationRequest,
+            subject,
+        });
         if (!policy) {
             authorizationGuardLogger.debug(`No policy found for entity "${entityConstructor.name}" action "${action}", allowing access`);
             return true;
         }
         authorizationGuardLogger.verbose(`Found policy "${policy.policyId}" with ${policy.rules.length} rules for entity "${entityConstructor.name}" action "${action}"`);
-        const request = context.switchToHttp().getRequest();
-        const subject = resolveDefaultSubject_utility.AuthorizationResolveDefaultSubject(request.user);
         const decision = await this.authorizationEngine.evaluate({
             action,
             policy,

package/dist/cjs/class/api/authorization/guard.class.js.map

@@ -1 +1 @@
-{"version":3,"file":"guard.class.js","sources":["../../../../../../src/class/api/authorization/guard.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","ApiAuthorizationGuard","AuthorizationResolveDefaultSubject","EAuthorizationEffect","ForbiddenException","AUTHORIZATION_DECISION_METADATA_CONSTANT","CONTROLLER_API_DECORATOR_CONSTANT","__decorate","Injectable","__param","Inject","AUTHORIZATION_POLICY_REGISTRY_TOKEN","ApiAuthorizationEngine"],"mappings":";;;;;;;;;;;;AAiBA,MAAM,wBAAwB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,uBAAuB,CAAC;AAGnFC,6BAAqB,GAA3B,MAAM,qBAAqB,CAAA;AAE8B,IAAA,cAAA;AAC7C,IAAA,mBAAA;IAFlB,WAAA,CAC+D,cAA+C,EAC5F,mBAA2C,EAAA;QADE,IAAA,CAAA,cAAc,GAAd,cAAc;QAC3D,IAAA,CAAA,mBAAmB,GAAnB,mBAAmB;IAClC;IAEI,MAAM,WAAW,CAAC,OAAyB,EAAA;QACjD,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE;AACzC,YAAA,wBAAwB,CAAC,KAAK,CAAC,6EAA6E,CAAC;AAE7G,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,iBAAiB,GAA2C,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC;QAExG,IAAI,CAAC,iBAAiB,EAAE;AACvB,YAAA,wBAAwB,CAAC,KAAK,CAAC,4EAA4E,CAAC;AAE5G,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,MAAM,GAAW,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;QAClD,wBAAwB,CAAC,OAAO,CAAC,CAAA,qCAAA,EAAwC,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,CAAA,CAAG,CAAC;AAEtH,QAAA,MAAM,MAAM,GAA+G,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,MAAM,CAAC;QAErM,IAAI,CAAC,MAAM,EAAE;YACZ,wBAAwB,CAAC,KAAK,CAAC,CAAA,4BAAA,EAA+B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,kBAAA,CAAoB,CAAC;AAE5H,YAAA,OAAO,IAAI;QACZ;QAEA,wBAAwB,CAAC,OAAO,CAAC,CAAA,cAAA,EAAiB,MAAM,CAAC,QAAQ,UAAU,MAAM,CAAC,KAAK,CAAC,MAAM,sBAAsB,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,CAAA,CAAG,CAAC;QAEjK,MAAM,OAAO,GAAkC,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAiC;QACjH,MAAM,OAAO,GAA6BC,gEAAkC,CAAC,OAAO,CAAC,IAAI,CAAC;QAE1F,MAAM,QAAQ,GAAqG,MAAM,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC;YAC1J,MAAM;YACN,MAAM;AACN,YAAA,QAAQ,EAAE,SAAS;YACnB,OAAO;AACP,SAAA,CAAC;AAEF,QAAA,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAE/C,IAAI,QAAQ,CAAC,MAAM,KAAKC,gCAAoB,CAAC,IAAI,EAAE;AAClD,YAAA,wBAAwB,CAAC,IAAI,CAAC,CAAA,0BAAA,EAA6B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,cAAc,OAAO,CAAC,EAAE,CAAA,CAAA,CAAG,CAAC;AAEhI,YAAA,MAAM,IAAIC,yBAAkB,CAAC,eAAe,CAAC;QAC9C;AAEA,QAAA,wBAAwB,CAAC,OAAO,CAAC,CAAA,2BAAA,EAA8B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,cAAc,OAAO,CAAC,EAAE,CAAA,CAAA,CAAG,CAAC;AAEpI,QAAA,OAAO,IAAI;IACZ;IAEQ,uBAAuB,CAAC,OAAsC,EAAE,QAA0G,EAAA;AACjL,QAAA,OAAO,CAAC,qBAAqB,GAAG,QAAQ;AACxC,QAAA,OAAO,CAACC,0DAAwC,CAAC,WAAW,CAAC,GAAG,QAAQ;IACzE;AAEQ,IAAA,qBAAqB,CAAC,OAAyB,EAAA;AACtD,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAACC,qDAAiC,CAAC,sBAAsB,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAClH;AAEQ,IAAA,aAAa,CAAC,OAAyB,EAAA;QAC9C,MAAM,WAAW,GAAW,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI;AACrD,QAAA,MAAM,MAAM,GAAWA,qDAAiC,CAAC,sBAAsB,IAAI,EAAE;AAErF,QAAA,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;YACnC,OAAO,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;QACxC;AAEA,QAAA,OAAO,WAAW;IACnB;AAEQ,IAAA,wBAAwB,CAAC,OAAyB,EAAA;AACzD,QAAA,OAAO,OAAO,CAAC,WAAW,CAACA,qDAAiC,CAAC,mBAAmB,EAAE,OAAO,CAAC,QAAQ,EAAE,CAA2C;IAChJ;;AA/EYL,6BAAqB,GAAAM,oBAAA,CAAA;AADjC,IAAAC,iBAAU,EAAE;AAGV,IAAAC,iBAAA,CAAA,CAAA,EAAAC,aAAM,CAACC,qDAAmC,CAAC,CAAA;uDACNC,mCAAsB,CAAA;AAHjD,CAAA,EAAAX,6BAAqB,CAgFjC;;"}
+{"version":3,"file":"guard.class.js","sources":["../../../../../../src/class/api/authorization/guard.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","ApiAuthorizationGuard","AuthorizationResolveDefaultSubject","EAuthorizationEffect","ForbiddenException","AUTHORIZATION_DECISION_METADATA_CONSTANT","CONTROLLER_API_DECORATOR_CONSTANT","__decorate","Injectable","__param","Inject","AUTHORIZATION_POLICY_REGISTRY_TOKEN","ApiAuthorizationEngine"],"mappings":";;;;;;;;;;;;AAkBA,MAAM,wBAAwB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,uBAAuB,CAAC;AAGnFC,6BAAqB,GAA3B,MAAM,qBAAqB,CAAA;AAE8B,IAAA,cAAA;AAC7C,IAAA,mBAAA;IAFlB,WAAA,CAC+D,cAA+C,EAC5F,mBAA2C,EAAA;QADE,IAAA,CAAA,cAAc,GAAd,cAAc;QAC3D,IAAA,CAAA,mBAAmB,GAAnB,mBAAmB;IAClC;IAEI,MAAM,WAAW,CAAC,OAAyB,EAAA;QACjD,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE;AACzC,YAAA,wBAAwB,CAAC,KAAK,CAAC,6EAA6E,CAAC;AAE7G,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,iBAAiB,GAA2C,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC;QAExG,IAAI,CAAC,iBAAiB,EAAE;AACvB,YAAA,wBAAwB,CAAC,KAAK,CAAC,4EAA4E,CAAC;AAE5G,YAAA,OAAO,IAAI;QACZ;QAEA,MAAM,MAAM,GAAW,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;QAClD,wBAAwB,CAAC,OAAO,CAAC,CAAA,qCAAA,EAAwC,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,CAAA,CAAG,CAAC;QAEtH,MAAM,OAAO,GAAkC,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAiC;QACjH,MAAM,OAAO,GAA6BC,gEAAkC,CAAC,OAAO,CAAC,IAAI,CAAC;QAC1F,MAAM,qBAAqB,GAA8B,OAA+C;AAExG,QAAA,MAAM,MAAM,GAA+G,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,MAAM,EAAE;YACrM,qBAAqB;YACrB,OAAO;AACP,SAAA,CAAC;QAEF,IAAI,CAAC,MAAM,EAAE;YACZ,wBAAwB,CAAC,KAAK,CAAC,CAAA,4BAAA,EAA+B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,kBAAA,CAAoB,CAAC;AAE5H,YAAA,OAAO,IAAI;QACZ;QAEA,wBAAwB,CAAC,OAAO,CAAC,CAAA,cAAA,EAAiB,MAAM,CAAC,QAAQ,UAAU,MAAM,CAAC,KAAK,CAAC,MAAM,sBAAsB,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,CAAA,CAAA,CAAG,CAAC;QAEjK,MAAM,QAAQ,GAAqG,MAAM,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC;YAC1J,MAAM;YACN,MAAM;AACN,YAAA,QAAQ,EAAE,SAAS;YACnB,OAAO;AACP,SAAA,CAAC;AAEF,QAAA,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAE/C,IAAI,QAAQ,CAAC,MAAM,KAAKC,gCAAoB,CAAC,IAAI,EAAE;AAClD,YAAA,wBAAwB,CAAC,IAAI,CAAC,CAAA,0BAAA,EAA6B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,cAAc,OAAO,CAAC,EAAE,CAAA,CAAA,CAAG,CAAC;AAEhI,YAAA,MAAM,IAAIC,yBAAkB,CAAC,eAAe,CAAC;QAC9C;AAEA,QAAA,wBAAwB,CAAC,OAAO,CAAC,CAAA,2BAAA,EAA8B,iBAAiB,CAAC,IAAI,CAAA,UAAA,EAAa,MAAM,cAAc,OAAO,CAAC,EAAE,CAAA,CAAA,CAAG,CAAC;AAEpI,QAAA,OAAO,IAAI;IACZ;IAEQ,uBAAuB,CAAC,OAAsC,EAAE,QAA0G,EAAA;AACjL,QAAA,OAAO,CAAC,qBAAqB,GAAG,QAAQ;AACxC,QAAA,OAAO,CAACC,0DAAwC,CAAC,WAAW,CAAC,GAAG,QAAQ;IACzE;AAEQ,IAAA,qBAAqB,CAAC,OAAyB,EAAA;AACtD,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAACC,qDAAiC,CAAC,sBAAsB,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAClH;AAEQ,IAAA,aAAa,CAAC,OAAyB,EAAA;QAC9C,MAAM,WAAW,GAAW,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI;AACrD,QAAA,MAAM,MAAM,GAAWA,qDAAiC,CAAC,sBAAsB,IAAI,EAAE;AAErF,QAAA,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;YACnC,OAAO,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;QACxC;AAEA,QAAA,OAAO,WAAW;IACnB;AAEQ,IAAA,wBAAwB,CAAC,OAAyB,EAAA;AACzD,QAAA,OAAO,OAAO,CAAC,WAAW,CAACA,qDAAiC,CAAC,mBAAmB,EAAE,OAAO,CAAC,QAAQ,EAAE,CAA2C;IAChJ;;AAnFYL,6BAAqB,GAAAM,oBAAA,CAAA;AADjC,IAAAC,iBAAU,EAAE;AAGV,IAAAC,iBAAA,CAAA,CAAA,EAAAC,aAAM,CAACC,qDAAmC,CAAC,CAAA;uDACNC,mCAAsB,CAAA;AAHjD,CAAA,EAAAX,6BAAqB,CAoFjC;;"}

package/dist/cjs/class/api/authorization/policy/base.class.d.ts

@@ -1,12 +1,19 @@
 import type { IApiBaseEntity } from '../../../../interface/api-base-entity.interface';
-import type { IApiAuthorizationPolicySubscriberRule } from '../../../../interface/class/api/authorization/policy/subscriber/index';
+import type { IApiAuthorizationPolicySubscriber, IApiAuthorizationPolicySubscriberRule } from '../../../../interface/class/api/authorization/policy/subscriber/index';
 import { ApiSubscriberBase } from '../../subscriber/base.class';
 /**
  * Base class for all authorization policies. It mirrors ApiFunctionSubscriberBase
  * and provides helper methods to create allow/deny rules that are later executed by the policy executor.
  * @template E - Entity type extending IApiBaseEntity
  */
-export declare abstract class ApiAuthorizationPolicyBase<E extends IApiBaseEntity> extends ApiSubscriberBase {
+export declare abstract class ApiAuthorizationPolicyBase<E extends IApiBaseEntity> extends ApiSubscriberBase implements IApiAuthorizationPolicySubscriber<E> {
+    getCustomActionRule?: IApiAuthorizationPolicySubscriber<E>["getCustomActionRule"];
+    onBeforeCreate?: IApiAuthorizationPolicySubscriber<E>["onBeforeCreate"];
+    onBeforeDelete?: IApiAuthorizationPolicySubscriber<E>["onBeforeDelete"];
+    onBeforeGet?: IApiAuthorizationPolicySubscriber<E>["onBeforeGet"];
+    onBeforeGetList?: IApiAuthorizationPolicySubscriber<E>["onBeforeGetList"];
+    onBeforePartialUpdate?: IApiAuthorizationPolicySubscriber<E>["onBeforePartialUpdate"];
+    onBeforeUpdate?: IApiAuthorizationPolicySubscriber<E>["onBeforeUpdate"];
     /**
      * Creates an ALLOW rule with optional overrides.
      * @param {Omit<IApiAuthorizationPolicySubscriberRule<E>, "effect">} [rule] - Rule fields to merge.
@@ -28,10 +35,14 @@ export declare abstract class ApiAuthorizationPolicyBase<E extends IApiBaseEntit
     protected deny<R>(rule?: Omit<IApiAuthorizationPolicySubscriberRule<E, R>, "effect">): IApiAuthorizationPolicySubscriberRule<E, R>;
     /**
      * Helper that scopes data access to the owner identified by a field.
-     * Automatically handles relations by using nested id structure.
+     * Automatically resolves relation vs scalar fields by default.
      * @param {keyof E} [ownerField] - Entity field used to match the subject id, defaults to ownerId.
      * @param {Omit<IApiAuthorizationPolicySubscriberRule<E>, "effect">} [rule] - Optional overrides.
+     * @param {{ isRelation?: boolean }} [options] - Override relation handling; defaults to auto.
+     * @param {boolean} [options.isRelation] - Whether the field is a relation (defaults to auto).
      * @returns {IApiAuthorizationPolicySubscriberRule<E>} Allow rule with owner scope.
      */
-    protected scopeToOwner<R>(ownerField?: keyof E, rule?: Omit<IApiAuthorizationPolicySubscriberRule<E, R>, "effect">): IApiAuthorizationPolicySubscriberRule<E, R>;
+    protected scopeToOwner<R>(ownerField?: keyof E, rule?: Omit<IApiAuthorizationPolicySubscriberRule<E, R>, "effect">, options?: {
+        isRelation?: boolean;
+    }): IApiAuthorizationPolicySubscriberRule<E, R>;
 }

package/dist/cjs/class/api/authorization/policy/base.class.js

@@ -45,17 +45,22 @@ class ApiAuthorizationPolicyBase extends base_class.ApiSubscriberBase {
     }
     /**
      * Helper that scopes data access to the owner identified by a field.
-     * Automatically handles relations by using nested id structure.
+     * Automatically resolves relation vs scalar fields by default.
      * @param {keyof E} [ownerField] - Entity field used to match the subject id, defaults to ownerId.
      * @param {Omit<IApiAuthorizationPolicySubscriberRule<E>, "effect">} [rule] - Optional overrides.
+     * @param {{ isRelation?: boolean }} [options] - Override relation handling; defaults to auto.
+     * @param {boolean} [options.isRelation] - Whether the field is a relation (defaults to auto).
      * @returns {IApiAuthorizationPolicySubscriberRule<E>} Allow rule with owner scope.
      */
-    scopeToOwner(ownerField = "ownerId", rule = {}) {
+    scopeToOwner(ownerField = "ownerId", rule = {}, options = {}) {
+        const ownerFieldName = String(ownerField);
+        const isRelation = options.isRelation ?? !ownerFieldName.endsWith("Id");
         return this.allow({
             scope: ({ subject }) => {
+                const ownerCondition = isRelation ? { id: subject.id } : subject.id;
                 return {
                     where: {
-                        [ownerField]: { id: subject.id },
+                        [ownerFieldName]: ownerCondition,
                     },
                 };
             },

package/dist/cjs/class/api/authorization/policy/base.class.js.map

@@ -1 +1 @@
-{"version":3,"file":"base.class.js","sources":["../../../../../../../src/class/api/authorization/policy/base.class.ts"],"sourcesContent":[null],"names":["ApiSubscriberBase","EAuthorizationEffect"],"mappings":";;;;;AAQA;;;;AAIG;AACG,MAAgB,0BAAqD,SAAQA,4BAAiB,CAAA;AACnG;;;;AAIG;IACO,KAAK,CAAI,OAAoE,EAAiE,EAAA;QACvJ,OAAO;YACN,MAAM,EAAEC,gCAAoB,CAAC,KAAK;AAClC,YAAA,GAAG,IAAI;SACP;IACF;AAEA;;;;;AAKG;AACO,IAAA,aAAa,CAAI,KAAoB,EAAE,IAAA,GAAoE,EAAiE,EAAA;QACrL,OAAO,IAAI,CAAC,KAAK,CAAC;YACjB,SAAS,EAAE,CAAC,EAAE,OAAO,EAAmC,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,IAAY,KAAK,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACvH,YAAA,GAAG,IAAI;AACP,SAAA,CAAC;IACH;AAEA;;;;AAIG;IACO,IAAI,CAAI,OAAoE,EAAiE,EAAA;QACtJ,OAAO;YACN,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,YAAA,GAAG,IAAI;SACP;IACF;AAEA;;;;;;AAMG;AACO,IAAA,YAAY,CAAI,UAAA,GAAsB,SAAoB,EAAE,OAAoE,EAAiE,EAAA;QAC1M,OAAO,IAAI,CAAC,KAAK,CAAC;AACjB,YAAA,KAAK,EAAE,CAAC,EAAE,OAAO,EAAmC,KAAI;gBACvD,OAAO;AACN,oBAAA,KAAK,EAAE;wBACN,CAAC,UAAoB,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE;AACnB,qBAAA;iBACxB;YACF,CAAC;AACD,YAAA,GAAG,IAAI;AACP,SAAA,CAAC;IACH;AACA;;;;"}
+{"version":3,"file":"base.class.js","sources":["../../../../../../../src/class/api/authorization/policy/base.class.ts"],"sourcesContent":[null],"names":["ApiSubscriberBase","EAuthorizationEffect"],"mappings":";;;;;AAQA;;;;AAIG;AACG,MAAgB,0BAAqD,SAAQA,4BAAiB,CAAA;AAenG;;;;AAIG;IACO,KAAK,CAAI,OAAoE,EAAiE,EAAA;QACvJ,OAAO;YACN,MAAM,EAAEC,gCAAoB,CAAC,KAAK;AAClC,YAAA,GAAG,IAAI;SACP;IACF;AAEA;;;;;AAKG;AACO,IAAA,aAAa,CAAI,KAAoB,EAAE,IAAA,GAAoE,EAAiE,EAAA;QACrL,OAAO,IAAI,CAAC,KAAK,CAAC;YACjB,SAAS,EAAE,CAAC,EAAE,OAAO,EAAmC,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,IAAY,KAAK,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACvH,YAAA,GAAG,IAAI;AACP,SAAA,CAAC;IACH;AAEA;;;;AAIG;IACO,IAAI,CAAI,OAAoE,EAAiE,EAAA;QACtJ,OAAO;YACN,MAAM,EAAEA,gCAAoB,CAAC,IAAI;AACjC,YAAA,GAAG,IAAI;SACP;IACF;AAEA;;;;;;;;AAQG;IACO,YAAY,CAAI,aAAsB,SAAoB,EAAE,OAAoE,EAAiE,EAAE,UAAoC,EAAE,EAAA;AAClP,QAAA,MAAM,cAAc,GAAW,MAAM,CAAC,UAAU,CAAC;AACjD,QAAA,MAAM,UAAU,GAAY,OAAO,CAAC,UAAU,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC;QAEhF,OAAO,IAAI,CAAC,KAAK,CAAC;AACjB,YAAA,KAAK,EAAE,CAAC,EAAE,OAAO,EAAmC,KAAI;AACvD,gBAAA,MAAM,cAAc,GAAY,UAAU,GAAG,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE;gBAE5E,OAAO;AACN,oBAAA,KAAK,EAAE;wBACN,CAAC,cAAc,GAAG,cAAc;AACT,qBAAA;iBACxB;YACF,CAAC;AACD,YAAA,GAAG,IAAI;AACP,SAAA,CAAC;IACH;AACA;;;;"}

package/dist/cjs/class/api/authorization/policy/discovery-service.class.js

@@ -31,6 +31,7 @@ exports.ApiAuthorizationPolicyDiscoveryService = class ApiAuthorizationPolicyDis
             }
             const policyId = properties.policyId ?? `${properties.entity.name?.toLowerCase() ?? "unknown"}${decorator_constant.AUTHORIZATION_POLICY_DECORATOR_CONSTANT.DEFAULT_POLICY_ID_SUFFIX}`;
             this.registry.registerSubscriber({
+                cache: properties.cache,
                 description: properties.description,
                 entity: properties.entity,
                 policyId,

package/dist/cjs/class/api/authorization/policy/discovery-service.class.js.map

@@ -1 +1 @@
-{"version":3,"file":"discovery-service.class.js","sources":["../../../../../../../src/class/api/authorization/policy/discovery-service.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","ApiAuthorizationPolicyDiscoveryService","AUTHORIZATION_POLICY_DECORATOR_CONSTANT","ApiAuthorizationPolicyBase","__decorate","Injectable","DiscoveryService","ApiAuthorizationPolicyRegistry"],"mappings":";;;;;;;;;;AAYA,MAAM,qBAAqB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,wCAAwC,CAAC;AAGjGC,8CAAsC,GAA5C,MAAM,sCAAsC,CAAA;AAEhC,IAAA,gBAAA;AACA,IAAA,QAAA;IAFlB,WAAA,CACkB,gBAAkC,EAClC,QAAwC,EAAA;QADxC,IAAA,CAAA,gBAAgB,GAAhB,gBAAgB;QAChB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IACvB;IAEI,YAAY,GAAA;AAClB,QAAA,qBAAqB,CAAC,OAAO,CAAC,4CAA4C,CAAC;QAC3E,MAAM,SAAS,GAA2B,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE;AAC9E,QAAA,MAAM,eAAe,GAA2B,SAAS,CAAC,MAAM,CAAC,CAAC,OAAwB,KAAK,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;AAE7H,QAAA,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE;AACtC,YAAA,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;gBACtB;YACD;AAEA,YAAA,MAAM,QAAQ,GAAY,OAAO,CAAC,WAAW,CAACC,0DAAuC,CAAC,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC;YACrH,MAAM,UAAU,GAA4E,QAAmF;YAE/K,IAAI,CAAC,UAAU,EAAE;gBAChB;YACD;YAEA,MAAM,QAAQ,GAAW,UAAU,CAAC,QAAQ,IAAI,CAAA,EAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,SAAS,GAAGA,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;AAE1K,YAAA,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBAChC,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,QAAQ;AACR,gBAAA,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,CAAC;gBAClC,UAAU,EAAE,OAAO,CAAC,QAA6D;AACjF,aAAA,CAAC;AAEF,YAAA,qBAAqB,CAAC,OAAO,CAAC,CAAA,gCAAA,EAAmC,OAAO,CAAC,IAAI,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,eAAe,CAAA,YAAA,EAAe,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,eAAe,CAAA,eAAA,EAAkB,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAA,CAAE,CAAC;QAChO;QAEA,qBAAqB,CAAC,OAAO,CAAC,CAAA,oDAAA,EAAuD,eAAe,CAAC,MAAM,CAAA,WAAA,CAAa,CAAC;IAC1H;AAEQ,IAAA,eAAe,CAAC,OAAwB,EAAA;AAC/C,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,YAAYC,qCAA0B,IAAI,OAAO,CAAC,WAAW,CAACD,0DAAuC,CAAC,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9M;;AAzCYD,8CAAsC,GAAAG,oBAAA,CAAA;AADlD,IAAAC,iBAAU,EAAE;+CAGwBC,qBAAgB;QACxBC,6CAA8B,CAAA;AAH9C,CAAA,EAAAN,8CAAsC,CA0ClD;;"}
+{"version":3,"file":"discovery-service.class.js","sources":["../../../../../../../src/class/api/authorization/policy/discovery-service.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","ApiAuthorizationPolicyDiscoveryService","AUTHORIZATION_POLICY_DECORATOR_CONSTANT","ApiAuthorizationPolicyBase","__decorate","Injectable","DiscoveryService","ApiAuthorizationPolicyRegistry"],"mappings":";;;;;;;;;;AAYA,MAAM,qBAAqB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,wCAAwC,CAAC;AAGjGC,8CAAsC,GAA5C,MAAM,sCAAsC,CAAA;AAEhC,IAAA,gBAAA;AACA,IAAA,QAAA;IAFlB,WAAA,CACkB,gBAAkC,EAClC,QAAwC,EAAA;QADxC,IAAA,CAAA,gBAAgB,GAAhB,gBAAgB;QAChB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IACvB;IAEI,YAAY,GAAA;AAClB,QAAA,qBAAqB,CAAC,OAAO,CAAC,4CAA4C,CAAC;QAC3E,MAAM,SAAS,GAA2B,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE;AAC9E,QAAA,MAAM,eAAe,GAA2B,SAAS,CAAC,MAAM,CAAC,CAAC,OAAwB,KAAK,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;AAE7H,QAAA,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE;AACtC,YAAA,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;gBACtB;YACD;AAEA,YAAA,MAAM,QAAQ,GAAY,OAAO,CAAC,WAAW,CAACC,0DAAuC,CAAC,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC;YACrH,MAAM,UAAU,GAA4E,QAAmF;YAE/K,IAAI,CAAC,UAAU,EAAE;gBAChB;YACD;YAEA,MAAM,QAAQ,GAAW,UAAU,CAAC,QAAQ,IAAI,CAAA,EAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,SAAS,GAAGA,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;AAE1K,YAAA,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBAChC,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,QAAQ;AACR,gBAAA,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,CAAC;gBAClC,UAAU,EAAE,OAAO,CAAC,QAA6D;AACjF,aAAA,CAAC;AAEF,YAAA,qBAAqB,CAAC,OAAO,CAAC,CAAA,gCAAA,EAAmC,OAAO,CAAC,IAAI,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,eAAe,CAAA,YAAA,EAAe,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,eAAe,CAAA,eAAA,EAAkB,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAA,CAAE,CAAC;QAChO;QAEA,qBAAqB,CAAC,OAAO,CAAC,CAAA,oDAAA,EAAuD,eAAe,CAAC,MAAM,CAAA,WAAA,CAAa,CAAC;IAC1H;AAEQ,IAAA,eAAe,CAAC,OAAwB,EAAA;AAC/C,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,YAAYC,qCAA0B,IAAI,OAAO,CAAC,WAAW,CAACD,0DAAuC,CAAC,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9M;;AA1CYD,8CAAsC,GAAAG,oBAAA,CAAA;AADlD,IAAAC,iBAAU,EAAE;+CAGwBC,qBAAgB;QACxBC,6CAA8B,CAAA;AAH9C,CAAA,EAAAN,8CAAsC,CA2ClD;;"}

package/dist/cjs/class/api/authorization/policy/registry.class.d.ts

@@ -1,22 +1,30 @@
 import type { IApiBaseEntity } from '../../../../interface/api-base-entity.interface';
 import type { IApiAuthorizationPolicy, IApiAuthorizationPolicyRegistry, IApiAuthorizationPolicySubscriberRegistration } from '../../../../interface/class/api/authorization/index';
+import type { IApiAuthorizationPolicyBuildOptions } from '../../../../interface/class/api/authorization/policy/build-options.interface';
+import type { IApiAuthorizationPolicyCacheOptions } from '../../../../interface/class/api/authorization/policy/cache-options.interface';
 import type { TApiAuthorizationPolicyHookResult } from '../../../../type/class/api/authorization/policy/hook/index';
 type TEntityConstructor<E extends IApiBaseEntity> = new () => E;
 export declare class ApiAuthorizationPolicyRegistry implements IApiAuthorizationPolicyRegistry {
-    private readonly POLICY_CACHE;
+    private cacheOptions;
     private readonly POLICY_REGISTRY;
+    private readonly POLICY_RULE_CACHE;
     constructor();
-    buildAggregatedPolicy<E extends IApiBaseEntity, TAction extends string>(entity: TEntityConstructor<E>, action: TAction): Promise<IApiAuthorizationPolicy<E, TApiAuthorizationPolicyHookResult<TAction, E>> | undefined>;
+    buildAggregatedPolicy<E extends IApiBaseEntity, TAction extends string>(entity: TEntityConstructor<E>, action: TAction, options?: IApiAuthorizationPolicyBuildOptions): Promise<IApiAuthorizationPolicy<E, TApiAuthorizationPolicyHookResult<TAction, E>> | undefined>;
     clear(): void;
+    configureCache(options?: IApiAuthorizationPolicyCacheOptions): void;
     registerSubscriber<E extends IApiBaseEntity>(registration: IApiAuthorizationPolicySubscriberRegistration<E>): void;
-    private cachePolicy;
-    private createCacheKey;
+    private cacheRules;
+    private createPolicyCacheKey;
+    private getCachedRules;
     private getEntityName;
+    private getSubscriberName;
     private invalidateCacheForEntity;
+    private isCacheExpired;
     private normalizeRule;
+    private resolveCacheOptions;
     private resolvePolicyId;
+    private resolvePolicyRules;
     private resolveRouteType;
-    private toBasePolicy;
 }
 export declare const apiAuthorizationPolicyRegistry: ApiAuthorizationPolicyRegistry;
 export {};

package/dist/cjs/class/api/authorization/policy/registry.class.js

@@ -5,27 +5,24 @@ require('../../../../external/@elsikora/cladi/dist/esm/domain/enum/logger-log-le
 require('../../../../external/@elsikora/cladi/dist/esm/infrastructure/constant/console-logger-default-options.constant.js');
 var registry_utility = require('../../../../external/@elsikora/cladi/dist/esm/presentation/utility/create/registry.utility.js');
 var routeType_enum = require('../../../../enum/decorator/api/route-type.enum.js');
+var resolveDefaultSubject_utility = require('../../../../utility/authorization/subject/resolve-default-subject.utility.js');
 var generateEntityInformation_utility = require('../../../../utility/generate-entity-information.utility.js');
 var logger_utility = require('../../../../utility/logger.utility.js');
 var executor_class = require('./executor.class.js');
 
 const policyRegistryLogger = logger_utility.LoggerUtility.getLogger("ApiAuthorizationPolicyRegistry");
 class ApiAuthorizationPolicyRegistry {
-    POLICY_CACHE;
+    cacheOptions;
     POLICY_REGISTRY;
+    POLICY_RULE_CACHE;
     constructor() {
-        this.POLICY_CACHE = new Map();
+        this.POLICY_RULE_CACHE = new Map();
         this.POLICY_REGISTRY = registry_utility.createRegistry({});
+        this.cacheOptions = { isEnabled: false };
     }
-    async buildAggregatedPolicy(entity, action) {
+    async buildAggregatedPolicy(entity, action, options = {}) {
         const entityName = this.getEntityName(entity);
-        const cacheKey = this.createCacheKey(entity, action);
-        policyRegistryLogger.debug(`Building aggregated policy for entity "${entityName}" action "${action}" (cache key: ${cacheKey})`);
-        const cachedPolicy = this.POLICY_CACHE.get(cacheKey);
-        if (cachedPolicy) {
-            policyRegistryLogger.debug(`Returning cached policy for "${cacheKey}"`);
-            return cachedPolicy;
-        }
+        policyRegistryLogger.debug(`Building aggregated policy for entity "${entityName}" action "${action}"`);
         const registrationWrapper = this.POLICY_REGISTRY.get(entityName);
         const registrations = registrationWrapper?.registrations ?? [];
         policyRegistryLogger.debug(`Found ${registrations.length} registration(s) for entity "${entityName}"`);
@@ -37,18 +34,28 @@ class ApiAuthorizationPolicyRegistry {
         }
         const entityMetadata = generateEntityInformation_utility.GenerateEntityInformation(entity);
         const routeType = this.resolveRouteType(action);
+        const { authenticationRequest, subject: subjectOverride } = options;
+        const subject = subjectOverride ?? resolveDefaultSubject_utility.AuthorizationResolveDefaultSubject(authenticationRequest?.user);
+        const contextData = {
+            action,
+            authenticationRequest,
+            entity,
+            entityMetadata,
+            routeType,
+            subject,
+        };
         const aggregatedRules = [];
+        const policyIds = new Set();
         for (const registration of registrations) {
             const context = {
-                action,
-                entity,
-                entityMetadata,
-                routeType,
+                ...contextData,
+                DATA: contextData,
             };
-            const rules = await executor_class.ApiAuthorizationPolicyExecutor.execute(registration.subscriber, action, context);
+            const rules = await this.resolvePolicyRules(registration, action, context, entityName);
             if (rules.length === 0) {
                 continue;
             }
+            policyIds.add(registration.policyId);
             const normalizedRules = rules.map((rule) => this.normalizeRule(registration.policyId, registration.priority ?? 0, rule, action));
             aggregatedRules.push(...normalizedRules);
         }
@@ -57,22 +64,30 @@ class ApiAuthorizationPolicyRegistry {
         }
         aggregatedRules.sort((a, b) => b.priority - a.priority);
         const policyDescription = registrations.find((registration) => Boolean(registration.description))?.description;
+        const policyIdList = [...policyIds];
         const policy = {
             action,
             description: policyDescription,
             entity,
             policyId: this.resolvePolicyId(entity),
+            policyIds: policyIdList,
             rules: aggregatedRules,
         };
-        this.cachePolicy(cacheKey, policy);
         return policy;
     }
     clear() {
-        this.POLICY_CACHE.clear();
+        this.POLICY_RULE_CACHE.clear();
         this.POLICY_REGISTRY.clear();
     }
+    configureCache(options = {}) {
+        this.cacheOptions = {
+            isEnabled: Boolean(options.isEnabled),
+            ttlMs: options.ttlMs,
+        };
+    }
     registerSubscriber(registration) {
         const normalizedRegistration = {
+            cache: registration.cache,
             description: registration.description,
             entity: registration.entity,
             policyId: registration.policyId,
@@ -90,22 +105,49 @@ class ApiAuthorizationPolicyRegistry {
         policyRegistryLogger.debug(`Total registrations for entity "${entityName}": ${wrapper.getRegistrationCount()}`);
         this.invalidateCacheForEntity(entityName);
     }
-    cachePolicy(cacheKey, policy) {
-        this.POLICY_CACHE.set(cacheKey, this.toBasePolicy(policy));
+    cacheRules(cacheKey, rules, cacheOptions) {
+        if (!cacheOptions.isEnabled) {
+            return;
+        }
+        this.POLICY_RULE_CACHE.set(cacheKey, { cachedAt: Date.now(), rules: rules });
+    }
+    createPolicyCacheKey(entityName, registration, action) {
+        const subscriberName = this.getSubscriberName(registration.subscriber);
+        return `${entityName}::${registration.policyId}::${subscriberName}::${action.toLowerCase()}`;
     }
-    createCacheKey(entity, action) {
-        return `${this.getEntityName(entity)}::${action.toLowerCase()}`;
+    getCachedRules(cacheKey, cacheOptions) {
+        if (!cacheOptions.isEnabled) {
+            return undefined;
+        }
+        const cachedEntry = this.POLICY_RULE_CACHE.get(cacheKey);
+        if (!cachedEntry) {
+            return undefined;
+        }
+        if (this.isCacheExpired(cachedEntry.cachedAt, cacheOptions.ttlMs)) {
+            this.POLICY_RULE_CACHE.delete(cacheKey);
+            return undefined;
+        }
+        return cachedEntry.rules;
     }
     getEntityName(entity) {
         return (entity.name ?? "UnknownResource").toLowerCase();
     }
+    getSubscriberName(subscriber) {
+        return subscriber.constructor?.name ?? "UnknownPolicySubscriber";
+    }
     invalidateCacheForEntity(entityName) {
-        for (const cacheKey of this.POLICY_CACHE.keys()) {
+        for (const cacheKey of this.POLICY_RULE_CACHE.keys()) {
             if (cacheKey.startsWith(`${entityName}::`)) {
-                this.POLICY_CACHE.delete(cacheKey);
+                this.POLICY_RULE_CACHE.delete(cacheKey);
             }
         }
     }
+    isCacheExpired(cachedAt, ttlMs) {
+        if (ttlMs === undefined) {
+            return false;
+        }
+        return Date.now() - cachedAt > ttlMs;
+    }
     normalizeRule(policyId, subscriberPriority, rule, action) {
         const rulePriority = rule.priority ?? 0;
         return {
@@ -119,16 +161,30 @@ class ApiAuthorizationPolicyRegistry {
             scope: rule.scope,
         };
     }
+    resolveCacheOptions(options) {
+        return {
+            isEnabled: options?.isEnabled ?? this.cacheOptions.isEnabled,
+            ttlMs: options?.ttlMs ?? this.cacheOptions.ttlMs,
+        };
+    }
     resolvePolicyId(entity) {
         return `${this.getEntityName(entity)}${decorator_constant.AUTHORIZATION_POLICY_DECORATOR_CONSTANT.DEFAULT_POLICY_ID_SUFFIX}`;
     }
+    async resolvePolicyRules(registration, action, context, entityName) {
+        const cacheOptions = this.resolveCacheOptions(registration.cache);
+        const cacheKey = this.createPolicyCacheKey(entityName, registration, action);
+        const cachedRules = this.getCachedRules(cacheKey, cacheOptions);
+        if (cachedRules) {
+            return cachedRules;
+        }
+        const rules = await executor_class.ApiAuthorizationPolicyExecutor.execute(registration.subscriber, action, context);
+        this.cacheRules(cacheKey, rules, cacheOptions);
+        return rules;
+    }
     resolveRouteType(action) {
         const routeTypes = Object.values(routeType_enum.EApiRouteType);
         return routeTypes.find((routeType) => routeType === action);
     }
-    toBasePolicy(policy) {
-        return policy;
-    }
 }
 const apiAuthorizationPolicyRegistry = new ApiAuthorizationPolicyRegistry();
 class PolicySubscriberWrapper {

package/dist/cjs/class/api/authorization/policy/registry.class.js.map

@@ -1 +1 @@
-{"version":3,"file":"registry.class.js","sources":["../../../../../../../src/class/api/authorization/policy/registry.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","createRegistry","GenerateEntityInformation","ApiAuthorizationPolicyExecutor","AUTHORIZATION_POLICY_DECORATOR_CONSTANT","EApiRouteType"],"mappings":";;;;;;;;;;;AAcA,MAAM,oBAAoB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,gCAAgC,CAAC;MAIxF,8BAA8B,CAAA;AACzB,IAAA,YAAY;AAEZ,IAAA,eAAe;AAEhC,IAAA,WAAA,GAAA;AACC,QAAA,IAAI,CAAC,YAAY,GAAG,IAAI,GAAG,EAAE;AAC7B,QAAA,IAAI,CAAC,eAAe,GAAGC,+BAAc,CAA0B,EAAE,CAAC;IACnE;AAEO,IAAA,MAAM,qBAAqB,CAAmD,MAA6B,EAAE,MAAe,EAAA;QAClI,MAAM,UAAU,GAAW,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;QACrD,MAAM,QAAQ,GAAW,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC;QAC5D,oBAAoB,CAAC,KAAK,CAAC,CAAA,uCAAA,EAA0C,UAAU,CAAA,UAAA,EAAa,MAAM,CAAA,cAAA,EAAiB,QAAQ,CAAA,CAAA,CAAG,CAAC;QAE/H,MAAM,YAAY,GAA0F,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAA0F;QAEpO,IAAI,YAAY,EAAE;AACjB,YAAA,oBAAoB,CAAC,KAAK,CAAC,gCAAgC,QAAQ,CAAA,CAAA,CAAG,CAAC;AAEvE,YAAA,OAAO,YAAY;QACpB;QAEA,MAAM,mBAAmB,GAAwC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC;AACrG,QAAA,MAAM,aAAa,GAAyE,mBAAmB,EAAE,aAAa,IAAI,EAAE;QAEpI,oBAAoB,CAAC,KAAK,CAAC,CAAA,MAAA,EAAS,aAAa,CAAC,MAAM,CAAA,6BAAA,EAAgC,UAAU,CAAA,CAAA,CAAG,CAAC;QACtG,oBAAoB,CAAC,KAAK,CACzB,CAAA,0BAAA,EAA6B,IAAI,CAAC,eAAe,CAAC,MAAM;aACtD,GAAG,CAAC,CAAC,OAAgC,KAAK,OAAO,CAAC,OAAO,EAAE;AAC3D,aAAA,IAAI,CAAC,IAAI,CAAC,CAAA,CAAA,CAAG,CACf;AAED,QAAA,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE;AAC/B,YAAA,OAAO,SAAS;QACjB;AAEA,QAAA,MAAM,cAAc,GAAkBC,2DAAyB,CAAI,MAAM,CAAC;QAC1E,MAAM,SAAS,GAA8B,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;QAC1E,MAAM,eAAe,GAAmF,EAAE;AAE1G,QAAA,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;AACzC,YAAA,MAAM,OAAO,GAAgD;gBAC5D,MAAM;gBACN,MAAM;gBACN,cAAc;gBACd,SAAS;aACT;AAED,YAAA,MAAM,KAAK,GAAmG,MAAMC,6CAA8B,CAAC,OAAO,CAAC,YAAY,CAAC,UAA6D,EAAE,MAAM,EAAE,OAAO,CAAC;AAEvP,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvB;YACD;AAEA,YAAA,MAAM,eAAe,GAAmF,KAAK,CAAC,GAAG,CAAC,CAAC,IAA6F,KAAK,IAAI,CAAC,aAAa,CAAa,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAErT,YAAA,eAAe,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC;QACzC;AAEA,QAAA,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;AACjC,YAAA,OAAO,SAAS;QACjB;AAEA,QAAA,eAAe,CAAC,IAAI,CAAC,CAAC,CAA0E,EAAE,CAA0E,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC;QAEzM,MAAM,iBAAiB,GAAuB,aAAa,CAAC,IAAI,CAAC,CAAC,YAA2E,KAAK,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,EAAE,WAAW;AAEjM,QAAA,MAAM,MAAM,GAA8E;YACzF,MAAM;AACN,YAAA,WAAW,EAAE,iBAAiB;YAC9B,MAAM;AACN,YAAA,QAAQ,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;AACtC,YAAA,KAAK,EAAE,eAAe;SACtB;AAED,QAAA,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC;AAElC,QAAA,OAAO,MAAM;IACd;IAEO,KAAK,GAAA;AACX,QAAA,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE;AACzB,QAAA,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE;IAC7B;AAEO,IAAA,kBAAkB,CAA2B,YAA8D,EAAA;AACjH,QAAA,MAAM,sBAAsB,GAAkE;YAC7F,WAAW,EAAE,YAAY,CAAC,WAAW;YACrC,MAAM,EAAE,YAAY,CAAC,MAA4C;YACjE,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,CAAC;YACpC,UAAU,EAAE,YAAY,CAAC,UAAmB;SAC5C;QAED,MAAM,UAAU,GAAW,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC;AAE5E,QAAA,oBAAoB,CAAC,OAAO,CAAC,CAAA,0CAAA,EAA6C,UAAU,CAAA,iBAAA,EAAoB,sBAAsB,CAAC,QAAQ,kBAAkB,sBAAsB,CAAC,QAAQ,CAAA,CAAE,CAAC;QAE3L,IAAI,OAAO,GAAwC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC;QAEvF,IAAI,CAAC,OAAO,EAAE;AACb,YAAA,OAAO,GAAG,IAAI,uBAAuB,CAAC,UAAU,CAAC;AACjD,YAAA,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC;QACvC;AAEA,QAAA,OAAO,CAAC,eAAe,CAAC,sBAAsB,CAAC;AAC/C,QAAA,oBAAoB,CAAC,KAAK,CAAC,CAAA,gCAAA,EAAmC,UAAU,CAAA,GAAA,EAAM,OAAO,CAAC,oBAAoB,EAAE,CAAA,CAAE,CAAC;AAE/G,QAAA,IAAI,CAAC,wBAAwB,CAAC,UAAU,CAAC;IAC1C;IAEQ,WAAW,CAA8B,QAAgB,EAAE,MAAqC,EAAA;AACvG,QAAA,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC3D;IAEQ,cAAc,CAA2B,MAA6B,EAAE,MAAc,EAAA;AAC7F,QAAA,OAAO,CAAA,EAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAA,EAAA,EAAK,MAAM,CAAC,WAAW,EAAE,EAAE;IAChE;AAEQ,IAAA,aAAa,CAA2B,MAA6B,EAAA;QAC5E,OAAO,CAAC,MAAM,CAAC,IAAI,IAAI,iBAAiB,EAAE,WAAW,EAAE;IACxD;AAEQ,IAAA,wBAAwB,CAAC,UAAkB,EAAA;QAClD,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE;YAChD,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,UAAU,CAAA,EAAA,CAAI,CAAC,EAAE;AAC3C,gBAAA,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC;YACnC;QACD;IACD;AAEQ,IAAA,aAAa,CAAmD,QAAgB,EAAE,kBAA0B,EAAE,IAA6F,EAAE,MAAe,EAAA;AACnO,QAAA,MAAM,YAAY,GAAW,IAAI,CAAC,QAAQ,IAAI,CAAC;QAE/C,OAAO;YACN,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ;YACR,QAAQ,EAAE,kBAAkB,GAAG,YAAY;YAC3C,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,KAAK,EAAE,IAAI,CAAC,KAAK;SACjB;IACF;AAEQ,IAAA,eAAe,CAA2B,MAA6B,EAAA;AAC9E,QAAA,OAAO,CAAA,EAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAA,EAAGC,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;IAC1G;AAEQ,IAAA,gBAAgB,CAAC,MAAc,EAAA;QACtC,MAAM,UAAU,GAAkB,MAAM,CAAC,MAAM,CAACC,4BAAa,CAAkB;AAE/E,QAAA,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,SAAiB,KAAK,SAAS,KAAK,MAAM,CAA8B;IACjG;AAEQ,IAAA,YAAY,CAA8B,MAAqC,EAAA;AACtF,QAAA,OAAO,MAAqE;IAC7E;AACA;AAEM,MAAM,8BAA8B,GAAmC,IAAI,8BAA8B;AAEhH,MAAM,uBAAuB,CAAA;AAIV,IAAA,IAAA;AAHX,IAAA,aAAa;IAEpB,WAAA,CACkB,IAAY,EAC7B,aAAA,GAAsF,EAAE,EAAA;QADvE,IAAA,CAAA,IAAI,GAAJ,IAAI;AAGrB,QAAA,IAAI,CAAC,aAAa,GAAG,aAAa;IACnC;AAEO,IAAA,eAAe,CAAC,YAA2E,EAAA;AACjG,QAAA,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC;AACrC,QAAA,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAgE,EAAE,CAAgE,KAAK,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC;IACvM;IAEO,OAAO,GAAA;AACb,QAAA,OAAO,IAAI,CAAC,iBAAiB,EAAE;IAChC;IAEO,oBAAoB,GAAA;AAC1B,QAAA,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM;IACjC;IAEQ,iBAAiB,GAAA;QACxB,OAAO,IAAI,CAAC,IAAI;IACjB;AACA;;;;;"}
+{"version":3,"file":"registry.class.js","sources":["../../../../../../../src/class/api/authorization/policy/registry.class.ts"],"sourcesContent":[null],"names":["LoggerUtility","createRegistry","GenerateEntityInformation","AuthorizationResolveDefaultSubject","AUTHORIZATION_POLICY_DECORATOR_CONSTANT","ApiAuthorizationPolicyExecutor","EApiRouteType"],"mappings":";;;;;;;;;;;;AAmBA,MAAM,oBAAoB,GAAkBA,4BAAa,CAAC,SAAS,CAAC,gCAAgC,CAAC;MAIxF,8BAA8B,CAAA;AAClC,IAAA,YAAY;AAEH,IAAA,eAAe;AAEf,IAAA,iBAAiB;AAElC,IAAA,WAAA,GAAA;AACC,QAAA,IAAI,CAAC,iBAAiB,GAAG,IAAI,GAAG,EAAE;AAClC,QAAA,IAAI,CAAC,eAAe,GAAGC,+BAAc,CAA0B,EAAE,CAAC;QAClE,IAAI,CAAC,YAAY,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE;IACzC;IAEO,MAAM,qBAAqB,CAAmD,MAA6B,EAAE,MAAe,EAAE,UAA+C,EAAE,EAAA;QACrL,MAAM,UAAU,GAAW,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;QACrD,oBAAoB,CAAC,KAAK,CAAC,CAAA,uCAAA,EAA0C,UAAU,CAAA,UAAA,EAAa,MAAM,CAAA,CAAA,CAAG,CAAC;QAEtG,MAAM,mBAAmB,GAAwC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC;AACrG,QAAA,MAAM,aAAa,GAAyE,mBAAmB,EAAE,aAAa,IAAI,EAAE;QAEpI,oBAAoB,CAAC,KAAK,CAAC,CAAA,MAAA,EAAS,aAAa,CAAC,MAAM,CAAA,6BAAA,EAAgC,UAAU,CAAA,CAAA,CAAG,CAAC;QACtG,oBAAoB,CAAC,KAAK,CACzB,CAAA,0BAAA,EAA6B,IAAI,CAAC,eAAe,CAAC,MAAM;aACtD,GAAG,CAAC,CAAC,OAAgC,KAAK,OAAO,CAAC,OAAO,EAAE;AAC3D,aAAA,IAAI,CAAC,IAAI,CAAC,CAAA,CAAA,CAAG,CACf;AAED,QAAA,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE;AAC/B,YAAA,OAAO,SAAS;QACjB;AAEA,QAAA,MAAM,cAAc,GAAkBC,2DAAyB,CAAI,MAAM,CAAC;QAC1E,MAAM,SAAS,GAA8B,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;QAC1E,MAAM,EAAE,qBAAqB,EAAE,OAAO,EAAE,eAAe,EAAE,GAAwC,OAAO;QACxG,MAAM,OAAO,GAA6B,eAAe,IAAIC,gEAAkC,CAAC,qBAAqB,EAAE,IAAI,CAAC;AAE5H,QAAA,MAAM,WAAW,GAAoD;YACpE,MAAM;YACN,qBAAqB;YACrB,MAAM;YACN,cAAc;YACd,SAAS;YACT,OAAO;SACP;QACD,MAAM,eAAe,GAAmF,EAAE;AAC1G,QAAA,MAAM,SAAS,GAAgB,IAAI,GAAG,EAAU;AAEhD,QAAA,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;AACzC,YAAA,MAAM,OAAO,GAAgD;AAC5D,gBAAA,GAAG,WAAW;AACd,gBAAA,IAAI,EAAE,WAAW;aACjB;AAED,YAAA,MAAM,KAAK,GAAmG,MAAM,IAAI,CAAC,kBAAkB,CAAa,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,CAAC;AAElM,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvB;YACD;AAEA,YAAA,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC;AAEpC,YAAA,MAAM,eAAe,GAAmF,KAAK,CAAC,GAAG,CAAC,CAAC,IAA6F,KAAK,IAAI,CAAC,aAAa,CAAa,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAErT,YAAA,eAAe,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC;QACzC;AAEA,QAAA,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;AACjC,YAAA,OAAO,SAAS;QACjB;AAEA,QAAA,eAAe,CAAC,IAAI,CAAC,CAAC,CAA0E,EAAE,CAA0E,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC;QAEzM,MAAM,iBAAiB,GAAuB,aAAa,CAAC,IAAI,CAAC,CAAC,YAA2E,KAAK,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,EAAE,WAAW;AACjM,QAAA,MAAM,YAAY,GAAkB,CAAC,GAAG,SAAS,CAAC;AAElD,QAAA,MAAM,MAAM,GAA8E;YACzF,MAAM;AACN,YAAA,WAAW,EAAE,iBAAiB;YAC9B,MAAM;AACN,YAAA,QAAQ,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;AACtC,YAAA,SAAS,EAAE,YAAY;AACvB,YAAA,KAAK,EAAE,eAAe;SACtB;AAED,QAAA,OAAO,MAAM;IACd;IAEO,KAAK,GAAA;AACX,QAAA,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE;AAC9B,QAAA,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE;IAC7B;IAEO,cAAc,CAAC,UAA+C,EAAE,EAAA;QACtE,IAAI,CAAC,YAAY,GAAG;AACnB,YAAA,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC;YACrC,KAAK,EAAE,OAAO,CAAC,KAAK;SACpB;IACF;AAEO,IAAA,kBAAkB,CAA2B,YAA8D,EAAA;AACjH,QAAA,MAAM,sBAAsB,GAAkE;YAC7F,KAAK,EAAE,YAAY,CAAC,KAAK;YACzB,WAAW,EAAE,YAAY,CAAC,WAAW;YACrC,MAAM,EAAE,YAAY,CAAC,MAA4C;YACjE,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,CAAC;YACpC,UAAU,EAAE,YAAY,CAAC,UAAmB;SAC5C;QAED,MAAM,UAAU,GAAW,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC;AAE5E,QAAA,oBAAoB,CAAC,OAAO,CAAC,CAAA,0CAAA,EAA6C,UAAU,CAAA,iBAAA,EAAoB,sBAAsB,CAAC,QAAQ,kBAAkB,sBAAsB,CAAC,QAAQ,CAAA,CAAE,CAAC;QAE3L,IAAI,OAAO,GAAwC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC;QAEvF,IAAI,CAAC,OAAO,EAAE;AACb,YAAA,OAAO,GAAG,IAAI,uBAAuB,CAAC,UAAU,CAAC;AACjD,YAAA,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC;QACvC;AAEA,QAAA,OAAO,CAAC,eAAe,CAAC,sBAAsB,CAAC;AAC/C,QAAA,oBAAoB,CAAC,KAAK,CAAC,CAAA,gCAAA,EAAmC,UAAU,CAAA,GAAA,EAAM,OAAO,CAAC,oBAAoB,EAAE,CAAA,CAAE,CAAC;AAE/G,QAAA,IAAI,CAAC,wBAAwB,CAAC,UAAU,CAAC;IAC1C;AAEQ,IAAA,UAAU,CAA8B,QAAgB,EAAE,KAAyD,EAAE,YAAiD,EAAA;AAC7K,QAAA,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE;YAC5B;QACD;QAEA,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,KAA8E,EAAE,CAAC;IACtJ;AAEQ,IAAA,oBAAoB,CAA2B,UAAkB,EAAE,YAA8D,EAAE,MAAc,EAAA;QACxJ,MAAM,cAAc,GAAW,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,UAA0E,CAAC;AAE9I,QAAA,OAAO,CAAA,EAAG,UAAU,CAAA,EAAA,EAAK,YAAY,CAAC,QAAQ,CAAA,EAAA,EAAK,cAAc,CAAA,EAAA,EAAK,MAAM,CAAC,WAAW,EAAE,EAAE;IAC7F;IAEQ,cAAc,CAA8B,QAAgB,EAAE,YAAiD,EAAA;AACtH,QAAA,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE;AAC5B,YAAA,OAAO,SAAS;QACjB;QAEA,MAAM,WAAW,GAAmH,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC;QAExK,IAAI,CAAC,WAAW,EAAE;AACjB,YAAA,OAAO,SAAS;QACjB;AAEA,QAAA,IAAI,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,KAAK,CAAC,EAAE;AAClE,YAAA,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,QAAQ,CAAC;AAEvC,YAAA,OAAO,SAAS;QACjB;QAEA,OAAO,WAAW,CAAC,KAAsE;IAC1F;AAEQ,IAAA,aAAa,CAA2B,MAA6B,EAAA;QAC5E,OAAO,CAAC,MAAM,CAAC,IAAI,IAAI,iBAAiB,EAAE,WAAW,EAAE;IACxD;AAEQ,IAAA,iBAAiB,CAAC,UAA6D,EAAA;AACtF,QAAA,OAAO,UAAU,CAAC,WAAW,EAAE,IAAI,IAAI,yBAAyB;IACjE;AAEQ,IAAA,wBAAwB,CAAC,UAAkB,EAAA;QAClD,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,EAAE;YACrD,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,UAAU,CAAA,EAAA,CAAI,CAAC,EAAE;AAC3C,gBAAA,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,QAAQ,CAAC;YACxC;QACD;IACD;IAEQ,cAAc,CAAC,QAAgB,EAAE,KAAc,EAAA;AACtD,QAAA,IAAI,KAAK,KAAK,SAAS,EAAE;AACxB,YAAA,OAAO,KAAK;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,KAAK;IACrC;AAEQ,IAAA,aAAa,CAAmD,QAAgB,EAAE,kBAA0B,EAAE,IAA6F,EAAE,MAAe,EAAA;AACnO,QAAA,MAAM,YAAY,GAAW,IAAI,CAAC,QAAQ,IAAI,CAAC;QAE/C,OAAO;YACN,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ;YACR,QAAQ,EAAE,kBAAkB,GAAG,YAAY;YAC3C,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,KAAK,EAAE,IAAI,CAAC,KAAK;SACjB;IACF;AAEQ,IAAA,mBAAmB,CAAC,OAA6C,EAAA;QACxE,OAAO;YACN,SAAS,EAAE,OAAO,EAAE,SAAS,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS;YAC5D,KAAK,EAAE,OAAO,EAAE,KAAK,IAAI,IAAI,CAAC,YAAY,CAAC,KAAK;SAChD;IACF;AAEQ,IAAA,eAAe,CAA2B,MAA6B,EAAA;AAC9E,QAAA,OAAO,CAAA,EAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAA,EAAGC,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;IAC1G;IAEQ,MAAM,kBAAkB,CAAmD,YAA2E,EAAE,MAAe,EAAE,OAAoD,EAAE,UAAkB,EAAA;QACxP,MAAM,YAAY,GAAwC,IAAI,CAAC,mBAAmB,CAAC,YAAY,CAAC,KAAK,CAAC;AACtG,QAAA,MAAM,QAAQ,GAAW,IAAI,CAAC,oBAAoB,CAAC,UAAU,EAAE,YAAY,EAAE,MAAM,CAAC;QACpF,MAAM,WAAW,GAA+G,IAAI,CAAC,cAAc,CAAmD,QAAQ,EAAE,YAAY,CAAC;QAE7N,IAAI,WAAW,EAAE;AAChB,YAAA,OAAO,WAAW;QACnB;AAEA,QAAA,MAAM,KAAK,GAAmG,MAAMC,6CAA8B,CAAC,OAAO,CAAC,YAAY,CAAC,UAA6D,EAAE,MAAM,EAAE,OAAO,CAAC;QAEvP,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,KAAK,EAAE,YAAY,CAAC;AAE9C,QAAA,OAAO,KAAK;IACb;AAEQ,IAAA,gBAAgB,CAAC,MAAc,EAAA;QACtC,MAAM,UAAU,GAAkB,MAAM,CAAC,MAAM,CAACC,4BAAa,CAAkB;AAE/E,QAAA,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,SAAiB,KAAK,SAAS,KAAK,MAAM,CAA8B;IACjG;AACA;AAEM,MAAM,8BAA8B,GAAmC,IAAI,8BAA8B;AAEhH,MAAM,uBAAuB,CAAA;AAIV,IAAA,IAAA;AAHX,IAAA,aAAa;IAEpB,WAAA,CACkB,IAAY,EAC7B,aAAA,GAAsF,EAAE,EAAA;QADvE,IAAA,CAAA,IAAI,GAAJ,IAAI;AAGrB,QAAA,IAAI,CAAC,aAAa,GAAG,aAAa;IACnC;AAEO,IAAA,eAAe,CAAC,YAA2E,EAAA;AACjG,QAAA,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC;AACrC,QAAA,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAgE,EAAE,CAAgE,KAAK,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC;IACvM;IAEO,OAAO,GAAA;AACb,QAAA,OAAO,IAAI,CAAC,iBAAiB,EAAE;IAChC;IAEO,oBAAoB,GAAA;AAC1B,QAAA,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM;IACjC;IAEQ,iBAAiB,GAAA;QACxB,OAAO,IAAI,CAAC,IAAI;IACjB;AACA;;;;;"}

package/dist/cjs/decorator/api/authorization/policy.decorator.js

@@ -12,6 +12,7 @@ var decorator_constant = require('../../../constant/class/authorization/policy/d
 function ApiAuthorizationPolicy(properties) {
     const normalizedPolicyId = properties.policyId ?? `${properties.entity.name?.toLowerCase() ?? "unknown"}${decorator_constant.AUTHORIZATION_POLICY_DECORATOR_CONSTANT.DEFAULT_POLICY_ID_SUFFIX}`;
     const metadata = {
+        cache: properties.cache,
         description: properties.description,
         entity: properties.entity,
         policyId: normalizedPolicyId,

package/dist/cjs/decorator/api/authorization/policy.decorator.js.map

@@ -1 +1 @@
-{"version":3,"file":"policy.decorator.js","sources":["../../../../../../src/decorator/api/authorization/policy.decorator.ts"],"sourcesContent":[null],"names":["AUTHORIZATION_POLICY_DECORATOR_CONSTANT"],"mappings":";;;;AAKA;;;;;;AAMG;AACG,SAAU,sBAAsB,CAA2B,UAA0D,EAAA;IAC1H,MAAM,kBAAkB,GAAW,UAAU,CAAC,QAAQ,IAAI,CAAA,EAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,SAAS,GAAGA,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;AAEpL,IAAA,MAAM,QAAQ,GAAmD;QAChE,WAAW,EAAE,UAAU,CAAC,WAAW;QACnC,MAAM,EAAE,UAAU,CAAC,MAAM;AACzB,QAAA,QAAQ,EAAE,kBAAkB;AAC5B,QAAA,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,CAAC;KAClC;IAED,OAAO,CAAC,MAAc,KAAI;QACzB,OAAO,CAAC,cAAc,CAACA,0DAAuC,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC;AAC/F,IAAA,CAAC;AACF;;;;"}
+{"version":3,"file":"policy.decorator.js","sources":["../../../../../../src/decorator/api/authorization/policy.decorator.ts"],"sourcesContent":[null],"names":["AUTHORIZATION_POLICY_DECORATOR_CONSTANT"],"mappings":";;;;AAKA;;;;;;AAMG;AACG,SAAU,sBAAsB,CAA2B,UAA0D,EAAA;IAC1H,MAAM,kBAAkB,GAAW,UAAU,CAAC,QAAQ,IAAI,CAAA,EAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,SAAS,GAAGA,0DAAuC,CAAC,wBAAwB,CAAA,CAAE;AAEpL,IAAA,MAAM,QAAQ,GAAmD;QAChE,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,WAAW,EAAE,UAAU,CAAC,WAAW;QACnC,MAAM,EAAE,UAAU,CAAC,MAAM;AACzB,QAAA,QAAQ,EAAE,kBAAkB;AAC5B,QAAA,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,CAAC;KAClC;IAED,OAAO,CAAC,MAAc,KAAI;QACzB,OAAO,CAAC,cAAc,CAACA,0DAAuC,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC;AAC/F,IAAA,CAAC;AACF;;;;"}

package/dist/cjs/interface/class/api/authorization/decision.interface.d.ts

@@ -9,6 +9,7 @@ export interface IApiAuthorizationDecision<E extends IApiBaseEntity, R> {
     appliedRules: Array<IApiAuthorizationRule<E, R>>;
     effect: EAuthorizationEffect;
     policyId: string;
+    policyIds: Array<string>;
     resource?: E;
     resourceType: string;
     scope?: IApiAuthorizationScope<E>;

package/dist/cjs/interface/class/api/authorization/policy/build-options.interface.d.ts

@@ -0,0 +1,10 @@
+import type { IApiAuthenticationRequest } from '../../../../api-authentication-request.interface';
+import type { IApiAuthorizationSubject } from '../subject.interface';
+/**
+ * Optional inputs for policy building.
+ * Used to enrich policy hook context.
+ */
+export interface IApiAuthorizationPolicyBuildOptions {
+    authenticationRequest?: IApiAuthenticationRequest;
+    subject?: IApiAuthorizationSubject;
+}

package/dist/cjs/interface/class/api/authorization/policy/cache-options.interface.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Cache configuration for authorization policy registry.
+ * Disabled by default to avoid caching subject-dependent rules.
+ */
+export interface IApiAuthorizationPolicyCacheOptions {
+    isEnabled?: boolean;
+    ttlMs?: number;
+}

package/dist/cjs/interface/class/api/authorization/policy/index.d.ts

@@ -1,3 +1,5 @@
+export { type IApiAuthorizationPolicyBuildOptions } from './build-options.interface';
+export { type IApiAuthorizationPolicyCacheOptions } from './cache-options.interface';
 export { type IApiAuthorizationPolicy } from './interface';
 export { type IApiAuthorizationPolicyRegistry } from './registry.interface';
 export type * from './subscriber/index';

package/dist/cjs/interface/class/api/authorization/policy/interface.d.ts

@@ -5,5 +5,6 @@ export interface IApiAuthorizationPolicy<E extends IApiBaseEntity, R> {
     description?: string;
     entity: new () => E;
     policyId: string;
+    policyIds: Array<string>;
     rules: Array<IApiAuthorizationRule<E, R>>;
 }

package/dist/cjs/interface/class/api/authorization/policy/registry.interface.d.ts

@@ -1,9 +1,12 @@
 import type { IApiBaseEntity } from '../../../../api-base-entity.interface';
+import type { IApiAuthorizationPolicyBuildOptions } from './build-options.interface';
+import type { IApiAuthorizationPolicyCacheOptions } from './cache-options.interface';
 import type { IApiAuthorizationPolicy } from './interface';
 import type { IApiAuthorizationPolicySubscriberRegistration } from './subscriber/registration.interface';
 import type { TApiAuthorizationPolicyHookResult } from '../../../../../type/class/api/authorization/policy/hook/index';
 export interface IApiAuthorizationPolicyRegistry {
-    buildAggregatedPolicy<E extends IApiBaseEntity, TAction extends string>(entity: new () => E, action: TAction): Promise<IApiAuthorizationPolicy<E, TApiAuthorizationPolicyHookResult<TAction, E>> | undefined>;
+    buildAggregatedPolicy<E extends IApiBaseEntity, TAction extends string>(entity: new () => E, action: TAction, options?: IApiAuthorizationPolicyBuildOptions): Promise<IApiAuthorizationPolicy<E, TApiAuthorizationPolicyHookResult<TAction, E>> | undefined>;
     clear(): void;
+    configureCache(options?: IApiAuthorizationPolicyCacheOptions): void;
     registerSubscriber<E extends IApiBaseEntity>(registration: IApiAuthorizationPolicySubscriberRegistration<E>): void;
 }

package/dist/cjs/interface/class/api/authorization/policy/subscriber/context/data.interface.d.ts

@@ -0,0 +1,17 @@
+import type { EApiRouteType } from '../../../../../../../enum/decorator/api/route-type.enum';
+import type { IApiAuthenticationRequest } from '../../../../../../api-authentication-request.interface';
+import type { IApiBaseEntity } from '../../../../../../api-base-entity.interface';
+import type { IApiAuthorizationSubject } from '../../../subject.interface';
+import type { IApiEntity } from '../../../../../../entity/interface';
+/**
+ * Data container for authorization policy subscriber context.
+ * Provides strongly typed access to request metadata and subject.
+ */
+export interface IApiAuthorizationPolicySubscriberContextData<E extends IApiBaseEntity> {
+    action: string;
+    authenticationRequest?: IApiAuthenticationRequest;
+    entity: new () => E;
+    entityMetadata: IApiEntity<E>;
+    routeType?: EApiRouteType;
+    subject: IApiAuthorizationSubject;
+}

package/dist/cjs/interface/class/api/authorization/policy/subscriber/context/index.d.ts

@@ -0,0 +1,2 @@
+export { type IApiAuthorizationPolicySubscriberContextData } from './data.interface';
+export { type IApiAuthorizationPolicySubscriberContext } from './interface';

package/dist/cjs/interface/class/api/authorization/policy/subscriber/context/interface.d.ts

@@ -0,0 +1,19 @@
+import type { EApiRouteType } from '../../../../../../../enum/decorator/api/route-type.enum';
+import type { IApiAuthenticationRequest } from '../../../../../../api-authentication-request.interface';
+import type { IApiBaseEntity } from '../../../../../../api-base-entity.interface';
+import type { IApiAuthorizationSubject } from '../../../subject.interface';
+import type { IApiEntity } from '../../../../../../entity/interface';
+import type { IApiAuthorizationPolicySubscriberContextData } from './data.interface';
+/**
+ * Execution context for authorization policy hooks.
+ * Includes typed DATA while keeping legacy top-level fields.
+ */
+export interface IApiAuthorizationPolicySubscriberContext<E extends IApiBaseEntity> {
+    action: string;
+    authenticationRequest?: IApiAuthenticationRequest;
+    readonly DATA: IApiAuthorizationPolicySubscriberContextData<E>;
+    entity: new () => E;
+    entityMetadata: IApiEntity<E>;
+    routeType?: EApiRouteType;
+    subject: IApiAuthorizationSubject;
+}

package/dist/cjs/interface/class/api/authorization/policy/subscriber/index.d.ts

@@ -1,4 +1,4 @@
-export { type IApiAuthorizationPolicySubscriberContext } from './context.interface';
+export type * from './context/index';
 export { type IApiAuthorizationPolicySubscriber } from './interface';
 export { type IApiAuthorizationPolicySubscriberProperties } from './properties.interface';
 export { type IApiAuthorizationPolicySubscriberRegistration } from './registration.interface';

package/dist/cjs/interface/class/api/authorization/policy/subscriber/interface.d.ts

@@ -1,9 +1,10 @@
 import type { EApiRouteType } from '../../../../../../enum/decorator/api/route-type.enum';
 import type { IApiBaseEntity } from '../../../../../api-base-entity.interface';
-import type { IApiAuthorizationPolicySubscriberContext } from './context.interface';
+import type { IApiAuthorizationPolicySubscriberContext } from './context/index';
+import type { IApiSubscriber } from '../../../subscriber/interface';
 import type { TApiAuthorizationPolicyHookResult } from '../../../../../../type/class/api/authorization/policy/hook/index';
 import type { TApiAuthorizationPolicySubscriberRuleResult } from '../../../../../../type/class/api/authorization/policy/policy-subscriber-rule-result.type';
-export interface IApiAuthorizationPolicySubscriber<E extends IApiBaseEntity> {
+export interface IApiAuthorizationPolicySubscriber<E extends IApiBaseEntity> extends IApiSubscriber {
     getCustomActionRule?<TAction extends string>(action: TAction, context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<TAction, E>>;
     onBeforeCreate?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.CREATE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.CREATE, E>>;
     onBeforeDelete?(context: IApiAuthorizationPolicySubscriberContext<E>): Promise<TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.DELETE, E>>> | TApiAuthorizationPolicySubscriberRuleResult<E, TApiAuthorizationPolicyHookResult<EApiRouteType.DELETE, E>>;

package/dist/cjs/interface/class/api/authorization/policy/subscriber/properties.interface.d.ts

@@ -1,5 +1,7 @@
 import type { IApiBaseEntity } from '../../../../../api-base-entity.interface';
+import type { IApiAuthorizationPolicyCacheOptions } from '../cache-options.interface';
 export interface IApiAuthorizationPolicySubscriberProperties<E extends IApiBaseEntity> {
+    cache?: IApiAuthorizationPolicyCacheOptions;
     description?: string;
     entity: new () => E;
     policyId?: string;