@enbox/dwn-sdk-js 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/README.md +352 -0
- package/dist/bundles/dwn.js +153 -0
- package/dist/cjs/index.js +36749 -0
- package/dist/cjs/package.json +1 -0
- package/dist/esm/generated/precompiled-validators.js +11973 -0
- package/dist/esm/generated/precompiled-validators.js.map +1 -0
- package/dist/esm/json-schemas/definitions.json +23 -0
- package/dist/esm/src/core/abstract-message.js +47 -0
- package/dist/esm/src/core/abstract-message.js.map +1 -0
- package/dist/esm/src/core/auth.js +39 -0
- package/dist/esm/src/core/auth.js.map +1 -0
- package/dist/esm/src/core/dwn-constant.js +10 -0
- package/dist/esm/src/core/dwn-constant.js.map +1 -0
- package/dist/esm/src/core/dwn-error.js +169 -0
- package/dist/esm/src/core/dwn-error.js.map +1 -0
- package/dist/esm/src/core/grant-authorization.js +97 -0
- package/dist/esm/src/core/grant-authorization.js.map +1 -0
- package/dist/esm/src/core/message-reply.js +5 -0
- package/dist/esm/src/core/message-reply.js.map +1 -0
- package/dist/esm/src/core/message.js +233 -0
- package/dist/esm/src/core/message.js.map +1 -0
- package/dist/esm/src/core/messages-grant-authorization.js +101 -0
- package/dist/esm/src/core/messages-grant-authorization.js.map +1 -0
- package/dist/esm/src/core/protocol-authorization.js +608 -0
- package/dist/esm/src/core/protocol-authorization.js.map +1 -0
- package/dist/esm/src/core/protocols-grant-authorization.js +66 -0
- package/dist/esm/src/core/protocols-grant-authorization.js.map +1 -0
- package/dist/esm/src/core/records-grant-authorization.js +132 -0
- package/dist/esm/src/core/records-grant-authorization.js.map +1 -0
- package/dist/esm/src/core/resumable-task-manager.js +109 -0
- package/dist/esm/src/core/resumable-task-manager.js.map +1 -0
- package/dist/esm/src/core/tenant-gate.js +20 -0
- package/dist/esm/src/core/tenant-gate.js.map +1 -0
- package/dist/esm/src/dwn.js +164 -0
- package/dist/esm/src/dwn.js.map +1 -0
- package/dist/esm/src/enums/dwn-interface-method.js +16 -0
- package/dist/esm/src/enums/dwn-interface-method.js.map +1 -0
- package/dist/esm/src/event-log/event-emitter-stream.js +60 -0
- package/dist/esm/src/event-log/event-emitter-stream.js.map +1 -0
- package/dist/esm/src/event-log/event-log-level.js +63 -0
- package/dist/esm/src/event-log/event-log-level.js.map +1 -0
- package/dist/esm/src/handlers/messages-query.js +71 -0
- package/dist/esm/src/handlers/messages-query.js.map +1 -0
- package/dist/esm/src/handlers/messages-read.js +102 -0
- package/dist/esm/src/handlers/messages-read.js.map +1 -0
- package/dist/esm/src/handlers/messages-subscribe.js +81 -0
- package/dist/esm/src/handlers/messages-subscribe.js.map +1 -0
- package/dist/esm/src/handlers/protocols-configure.js +133 -0
- package/dist/esm/src/handlers/protocols-configure.js.map +1 -0
- package/dist/esm/src/handlers/protocols-query.js +73 -0
- package/dist/esm/src/handlers/protocols-query.js.map +1 -0
- package/dist/esm/src/handlers/records-delete.js +107 -0
- package/dist/esm/src/handlers/records-delete.js.map +1 -0
- package/dist/esm/src/handlers/records-query.js +210 -0
- package/dist/esm/src/handlers/records-query.js.map +1 -0
- package/dist/esm/src/handlers/records-read.js +169 -0
- package/dist/esm/src/handlers/records-read.js.map +1 -0
- package/dist/esm/src/handlers/records-subscribe.js +172 -0
- package/dist/esm/src/handlers/records-subscribe.js.map +1 -0
- package/dist/esm/src/handlers/records-write.js +344 -0
- package/dist/esm/src/handlers/records-write.js.map +1 -0
- package/dist/esm/src/index.js +49 -0
- package/dist/esm/src/index.js.map +1 -0
- package/dist/esm/src/interfaces/messages-query.js +53 -0
- package/dist/esm/src/interfaces/messages-query.js.map +1 -0
- package/dist/esm/src/interfaces/messages-read.js +61 -0
- package/dist/esm/src/interfaces/messages-read.js.map +1 -0
- package/dist/esm/src/interfaces/messages-subscribe.js +58 -0
- package/dist/esm/src/interfaces/messages-subscribe.js.map +1 -0
- package/dist/esm/src/interfaces/protocols-configure.js +271 -0
- package/dist/esm/src/interfaces/protocols-configure.js.map +1 -0
- package/dist/esm/src/interfaces/protocols-query.js +84 -0
- package/dist/esm/src/interfaces/protocols-query.js.map +1 -0
- package/dist/esm/src/interfaces/records-delete.js +89 -0
- package/dist/esm/src/interfaces/records-delete.js.map +1 -0
- package/dist/esm/src/interfaces/records-query.js +104 -0
- package/dist/esm/src/interfaces/records-query.js.map +1 -0
- package/dist/esm/src/interfaces/records-read.js +84 -0
- package/dist/esm/src/interfaces/records-read.js.map +1 -0
- package/dist/esm/src/interfaces/records-subscribe.js +91 -0
- package/dist/esm/src/interfaces/records-subscribe.js.map +1 -0
- package/dist/esm/src/interfaces/records-write.js +795 -0
- package/dist/esm/src/interfaces/records-write.js.map +1 -0
- package/dist/esm/src/jose/algorithms/signing/ed25519.js +51 -0
- package/dist/esm/src/jose/algorithms/signing/ed25519.js.map +1 -0
- package/dist/esm/src/jose/algorithms/signing/signature-algorithms.js +20 -0
- package/dist/esm/src/jose/algorithms/signing/signature-algorithms.js.map +1 -0
- package/dist/esm/src/jose/jws/general/builder.js +47 -0
- package/dist/esm/src/jose/jws/general/builder.js.map +1 -0
- package/dist/esm/src/jose/jws/general/verifier.js +97 -0
- package/dist/esm/src/jose/jws/general/verifier.js.map +1 -0
- package/dist/esm/src/protocols/permission-grant.js +39 -0
- package/dist/esm/src/protocols/permission-grant.js.map +1 -0
- package/dist/esm/src/protocols/permission-request.js +35 -0
- package/dist/esm/src/protocols/permission-request.js.map +1 -0
- package/dist/esm/src/protocols/permissions.js +357 -0
- package/dist/esm/src/protocols/permissions.js.map +1 -0
- package/dist/esm/src/schema-validator.js +37 -0
- package/dist/esm/src/schema-validator.js.map +1 -0
- package/dist/esm/src/store/blockstore-level.js +187 -0
- package/dist/esm/src/store/blockstore-level.js.map +1 -0
- package/dist/esm/src/store/blockstore-mock.js +168 -0
- package/dist/esm/src/store/blockstore-mock.js.map +1 -0
- package/dist/esm/src/store/data-store-level.js +136 -0
- package/dist/esm/src/store/data-store-level.js.map +1 -0
- package/dist/esm/src/store/index-level.js +660 -0
- package/dist/esm/src/store/index-level.js.map +1 -0
- package/dist/esm/src/store/level-wrapper.js +305 -0
- package/dist/esm/src/store/level-wrapper.js.map +1 -0
- package/dist/esm/src/store/message-store-level.js +159 -0
- package/dist/esm/src/store/message-store-level.js.map +1 -0
- package/dist/esm/src/store/resumable-task-store-level.js +131 -0
- package/dist/esm/src/store/resumable-task-store-level.js.map +1 -0
- package/dist/esm/src/store/storage-controller.js +184 -0
- package/dist/esm/src/store/storage-controller.js.map +1 -0
- package/dist/esm/src/types/cache.js +2 -0
- package/dist/esm/src/types/cache.js.map +1 -0
- package/dist/esm/src/types/data-store.js +2 -0
- package/dist/esm/src/types/data-store.js.map +1 -0
- package/dist/esm/src/types/event-log.js +2 -0
- package/dist/esm/src/types/event-log.js.map +1 -0
- package/dist/esm/src/types/jose-types.js +2 -0
- package/dist/esm/src/types/jose-types.js.map +1 -0
- package/dist/esm/src/types/jws-types.js +2 -0
- package/dist/esm/src/types/jws-types.js.map +1 -0
- package/dist/esm/src/types/message-interface.js +2 -0
- package/dist/esm/src/types/message-interface.js.map +1 -0
- package/dist/esm/src/types/message-store.js +2 -0
- package/dist/esm/src/types/message-store.js.map +1 -0
- package/dist/esm/src/types/message-types.js +3 -0
- package/dist/esm/src/types/message-types.js.map +1 -0
- package/dist/esm/src/types/messages-types.js +2 -0
- package/dist/esm/src/types/messages-types.js.map +1 -0
- package/dist/esm/src/types/method-handler.js +2 -0
- package/dist/esm/src/types/method-handler.js.map +1 -0
- package/dist/esm/src/types/permission-types.js +6 -0
- package/dist/esm/src/types/permission-types.js.map +1 -0
- package/dist/esm/src/types/protocols-types.js +20 -0
- package/dist/esm/src/types/protocols-types.js.map +1 -0
- package/dist/esm/src/types/query-types.js +6 -0
- package/dist/esm/src/types/query-types.js.map +1 -0
- package/dist/esm/src/types/records-types.js +8 -0
- package/dist/esm/src/types/records-types.js.map +1 -0
- package/dist/esm/src/types/resumable-task-store.js +2 -0
- package/dist/esm/src/types/resumable-task-store.js.map +1 -0
- package/dist/esm/src/types/signer.js +2 -0
- package/dist/esm/src/types/signer.js.map +1 -0
- package/dist/esm/src/types/subscriptions.js +2 -0
- package/dist/esm/src/types/subscriptions.js.map +1 -0
- package/dist/esm/src/utils/abort.js +40 -0
- package/dist/esm/src/utils/abort.js.map +1 -0
- package/dist/esm/src/utils/array.js +72 -0
- package/dist/esm/src/utils/array.js.map +1 -0
- package/dist/esm/src/utils/cid.js +130 -0
- package/dist/esm/src/utils/cid.js.map +1 -0
- package/dist/esm/src/utils/data-stream.js +100 -0
- package/dist/esm/src/utils/data-stream.js.map +1 -0
- package/dist/esm/src/utils/encoder.js +45 -0
- package/dist/esm/src/utils/encoder.js.map +1 -0
- package/dist/esm/src/utils/encryption.js +128 -0
- package/dist/esm/src/utils/encryption.js.map +1 -0
- package/dist/esm/src/utils/filter.js +229 -0
- package/dist/esm/src/utils/filter.js.map +1 -0
- package/dist/esm/src/utils/hd-key.js +114 -0
- package/dist/esm/src/utils/hd-key.js.map +1 -0
- package/dist/esm/src/utils/jws.js +89 -0
- package/dist/esm/src/utils/jws.js.map +1 -0
- package/dist/esm/src/utils/memory-cache.js +41 -0
- package/dist/esm/src/utils/memory-cache.js.map +1 -0
- package/dist/esm/src/utils/messages.js +84 -0
- package/dist/esm/src/utils/messages.js.map +1 -0
- package/dist/esm/src/utils/object.js +40 -0
- package/dist/esm/src/utils/object.js.map +1 -0
- package/dist/esm/src/utils/private-key-signer.js +43 -0
- package/dist/esm/src/utils/private-key-signer.js.map +1 -0
- package/dist/esm/src/utils/protocols.js +51 -0
- package/dist/esm/src/utils/protocols.js.map +1 -0
- package/dist/esm/src/utils/records.js +454 -0
- package/dist/esm/src/utils/records.js.map +1 -0
- package/dist/esm/src/utils/secp256k1.js +166 -0
- package/dist/esm/src/utils/secp256k1.js.map +1 -0
- package/dist/esm/src/utils/secp256r1.js +120 -0
- package/dist/esm/src/utils/secp256r1.js.map +1 -0
- package/dist/esm/src/utils/string.js +16 -0
- package/dist/esm/src/utils/string.js.map +1 -0
- package/dist/esm/src/utils/time.js +85 -0
- package/dist/esm/src/utils/time.js.map +1 -0
- package/dist/esm/src/utils/url.js +62 -0
- package/dist/esm/src/utils/url.js.map +1 -0
- package/dist/esm/tests/core/auth.spec.js +22 -0
- package/dist/esm/tests/core/auth.spec.js.map +1 -0
- package/dist/esm/tests/core/message-reply.spec.js +16 -0
- package/dist/esm/tests/core/message-reply.spec.js.map +1 -0
- package/dist/esm/tests/core/message.spec.js +146 -0
- package/dist/esm/tests/core/message.spec.js.map +1 -0
- package/dist/esm/tests/core/protocol-authorization.spec.js +48 -0
- package/dist/esm/tests/core/protocol-authorization.spec.js.map +1 -0
- package/dist/esm/tests/dwn.spec.js +166 -0
- package/dist/esm/tests/dwn.spec.js.map +1 -0
- package/dist/esm/tests/event-log/event-emitter-stream.spec.js +78 -0
- package/dist/esm/tests/event-log/event-emitter-stream.spec.js.map +1 -0
- package/dist/esm/tests/event-log/event-log-level.spec.js +44 -0
- package/dist/esm/tests/event-log/event-log-level.spec.js.map +1 -0
- package/dist/esm/tests/event-log/event-log.spec.js +236 -0
- package/dist/esm/tests/event-log/event-log.spec.js.map +1 -0
- package/dist/esm/tests/event-log/event-stream.spec.js +125 -0
- package/dist/esm/tests/event-log/event-stream.spec.js.map +1 -0
- package/dist/esm/tests/features/author-delegated-grant.spec.js +1273 -0
- package/dist/esm/tests/features/author-delegated-grant.spec.js.map +1 -0
- package/dist/esm/tests/features/owner-delegated-grant.spec.js +584 -0
- package/dist/esm/tests/features/owner-delegated-grant.spec.js.map +1 -0
- package/dist/esm/tests/features/owner-signature.spec.js +192 -0
- package/dist/esm/tests/features/owner-signature.spec.js.map +1 -0
- package/dist/esm/tests/features/permissions.spec.js +815 -0
- package/dist/esm/tests/features/permissions.spec.js.map +1 -0
- package/dist/esm/tests/features/protocol-create-action.spec.js +248 -0
- package/dist/esm/tests/features/protocol-create-action.spec.js.map +1 -0
- package/dist/esm/tests/features/protocol-delete-action.spec.js +492 -0
- package/dist/esm/tests/features/protocol-delete-action.spec.js.map +1 -0
- package/dist/esm/tests/features/protocol-update-action.spec.js +572 -0
- package/dist/esm/tests/features/protocol-update-action.spec.js.map +1 -0
- package/dist/esm/tests/features/records-prune.spec.js +812 -0
- package/dist/esm/tests/features/records-prune.spec.js.map +1 -0
- package/dist/esm/tests/features/records-tags.spec.js +2516 -0
- package/dist/esm/tests/features/records-tags.spec.js.map +1 -0
- package/dist/esm/tests/features/resumable-tasks.spec.js +349 -0
- package/dist/esm/tests/features/resumable-tasks.spec.js.map +1 -0
- package/dist/esm/tests/handlers/messages-query.spec.js +349 -0
- package/dist/esm/tests/handlers/messages-query.spec.js.map +1 -0
- package/dist/esm/tests/handlers/messages-read.spec.js +647 -0
- package/dist/esm/tests/handlers/messages-read.spec.js.map +1 -0
- package/dist/esm/tests/handlers/messages-subscribe.spec.js +432 -0
- package/dist/esm/tests/handlers/messages-subscribe.spec.js.map +1 -0
- package/dist/esm/tests/handlers/protocols-configure.spec.js +608 -0
- package/dist/esm/tests/handlers/protocols-configure.spec.js.map +1 -0
- package/dist/esm/tests/handlers/protocols-query.spec.js +454 -0
- package/dist/esm/tests/handlers/protocols-query.spec.js.map +1 -0
- package/dist/esm/tests/handlers/records-delete.spec.js +662 -0
- package/dist/esm/tests/handlers/records-delete.spec.js.map +1 -0
- package/dist/esm/tests/handlers/records-query.spec.js +2695 -0
- package/dist/esm/tests/handlers/records-query.spec.js.map +1 -0
- package/dist/esm/tests/handlers/records-read.spec.js +1724 -0
- package/dist/esm/tests/handlers/records-read.spec.js.map +1 -0
- package/dist/esm/tests/handlers/records-subscribe.spec.js +684 -0
- package/dist/esm/tests/handlers/records-subscribe.spec.js.map +1 -0
- package/dist/esm/tests/handlers/records-write.spec.js +3637 -0
- package/dist/esm/tests/handlers/records-write.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/messages-get.spec.js +78 -0
- package/dist/esm/tests/interfaces/messages-get.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/messages-subscribe.spec.js +30 -0
- package/dist/esm/tests/interfaces/messages-subscribe.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/messagess-query.spec.js +127 -0
- package/dist/esm/tests/interfaces/messagess-query.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/protocols-configure.spec.js +489 -0
- package/dist/esm/tests/interfaces/protocols-configure.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/protocols-query.spec.js +46 -0
- package/dist/esm/tests/interfaces/protocols-query.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/records-delete.spec.js +39 -0
- package/dist/esm/tests/interfaces/records-delete.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/records-query.spec.js +85 -0
- package/dist/esm/tests/interfaces/records-query.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/records-read.spec.js +62 -0
- package/dist/esm/tests/interfaces/records-read.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/records-subscribe.spec.js +72 -0
- package/dist/esm/tests/interfaces/records-subscribe.spec.js.map +1 -0
- package/dist/esm/tests/interfaces/records-write.spec.js +423 -0
- package/dist/esm/tests/interfaces/records-write.spec.js.map +1 -0
- package/dist/esm/tests/jose/jws/general.spec.js +243 -0
- package/dist/esm/tests/jose/jws/general.spec.js.map +1 -0
- package/dist/esm/tests/protocols/permission-request.spec.js +40 -0
- package/dist/esm/tests/protocols/permission-request.spec.js.map +1 -0
- package/dist/esm/tests/protocols/permissions.spec.js +123 -0
- package/dist/esm/tests/protocols/permissions.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/aggregator.spec.js +670 -0
- package/dist/esm/tests/scenarios/aggregator.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/deleted-record.spec.js +102 -0
- package/dist/esm/tests/scenarios/deleted-record.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js +220 -0
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/messages-query.spec.js +395 -0
- package/dist/esm/tests/scenarios/messages-query.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/nested-roles.spec.js +300 -0
- package/dist/esm/tests/scenarios/nested-roles.spec.js.map +1 -0
- package/dist/esm/tests/scenarios/subscriptions.spec.js +886 -0
- package/dist/esm/tests/scenarios/subscriptions.spec.js.map +1 -0
- package/dist/esm/tests/store/blockstore-mock.spec.js +192 -0
- package/dist/esm/tests/store/blockstore-mock.spec.js.map +1 -0
- package/dist/esm/tests/store/data-store-level.spec.js +146 -0
- package/dist/esm/tests/store/data-store-level.spec.js.map +1 -0
- package/dist/esm/tests/store/index-level.spec.js +1208 -0
- package/dist/esm/tests/store/index-level.spec.js.map +1 -0
- package/dist/esm/tests/store/message-store-level.spec.js +48 -0
- package/dist/esm/tests/store/message-store-level.spec.js.map +1 -0
- package/dist/esm/tests/store/message-store.spec.js +404 -0
- package/dist/esm/tests/store/message-store.spec.js.map +1 -0
- package/dist/esm/tests/store-dependent-tests.spec.js +5 -0
- package/dist/esm/tests/store-dependent-tests.spec.js.map +1 -0
- package/dist/esm/tests/test-event-stream.js +25 -0
- package/dist/esm/tests/test-event-stream.js.map +1 -0
- package/dist/esm/tests/test-stores.js +45 -0
- package/dist/esm/tests/test-stores.js.map +1 -0
- package/dist/esm/tests/test-suite.js +88 -0
- package/dist/esm/tests/test-suite.js.map +1 -0
- package/dist/esm/tests/utils/cid.spec.js +80 -0
- package/dist/esm/tests/utils/cid.spec.js.map +1 -0
- package/dist/esm/tests/utils/data-stream.spec.js +27 -0
- package/dist/esm/tests/utils/data-stream.spec.js.map +1 -0
- package/dist/esm/tests/utils/encryption.spec.js +148 -0
- package/dist/esm/tests/utils/encryption.spec.js.map +1 -0
- package/dist/esm/tests/utils/filters.spec.js +295 -0
- package/dist/esm/tests/utils/filters.spec.js.map +1 -0
- package/dist/esm/tests/utils/hd-key.spec.js +35 -0
- package/dist/esm/tests/utils/hd-key.spec.js.map +1 -0
- package/dist/esm/tests/utils/jws.spec.js +8 -0
- package/dist/esm/tests/utils/jws.spec.js.map +1 -0
- package/dist/esm/tests/utils/memory-cache.spec.js +35 -0
- package/dist/esm/tests/utils/memory-cache.spec.js.map +1 -0
- package/dist/esm/tests/utils/messages.spec.js +101 -0
- package/dist/esm/tests/utils/messages.spec.js.map +1 -0
- package/dist/esm/tests/utils/object.spec.js +36 -0
- package/dist/esm/tests/utils/object.spec.js.map +1 -0
- package/dist/esm/tests/utils/poller.js +49 -0
- package/dist/esm/tests/utils/poller.js.map +1 -0
- package/dist/esm/tests/utils/private-key-signer.spec.js +44 -0
- package/dist/esm/tests/utils/private-key-signer.spec.js.map +1 -0
- package/dist/esm/tests/utils/records.spec.js +53 -0
- package/dist/esm/tests/utils/records.spec.js.map +1 -0
- package/dist/esm/tests/utils/secp256k1.spec.js +50 -0
- package/dist/esm/tests/utils/secp256k1.spec.js.map +1 -0
- package/dist/esm/tests/utils/secp256r1.spec.js +56 -0
- package/dist/esm/tests/utils/secp256r1.spec.js.map +1 -0
- package/dist/esm/tests/utils/test-data-generator.js +643 -0
- package/dist/esm/tests/utils/test-data-generator.js.map +1 -0
- package/dist/esm/tests/utils/test-stub-generator.js +39 -0
- package/dist/esm/tests/utils/test-stub-generator.js.map +1 -0
- package/dist/esm/tests/utils/time.spec.js +64 -0
- package/dist/esm/tests/utils/time.spec.js.map +1 -0
- package/dist/esm/tests/utils/url.spec.js +43 -0
- package/dist/esm/tests/utils/url.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/definitions.spec.js +33 -0
- package/dist/esm/tests/validation/json-schemas/definitions.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/jwk/general-jwk.spec.js +50 -0
- package/dist/esm/tests/validation/json-schemas/jwk/general-jwk.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/jwk/public-jwk.spec.js +36 -0
- package/dist/esm/tests/validation/json-schemas/jwk/public-jwk.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/jwk-verification-method.spec.js +82 -0
- package/dist/esm/tests/validation/json-schemas/jwk-verification-method.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/protocols/protocols-configure.spec.js +75 -0
- package/dist/esm/tests/validation/json-schemas/protocols/protocols-configure.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/records/records-query.spec.js +148 -0
- package/dist/esm/tests/validation/json-schemas/records/records-query.spec.js.map +1 -0
- package/dist/esm/tests/validation/json-schemas/records/records-write.spec.js +421 -0
- package/dist/esm/tests/validation/json-schemas/records/records-write.spec.js.map +1 -0
- package/dist/esm/tests/vectors/protocol-definitions/anyone-collaborate.json +21 -0
- package/dist/esm/tests/vectors/protocol-definitions/author-can.json +33 -0
- package/dist/esm/tests/vectors/protocol-definitions/chat.json +70 -0
- package/dist/esm/tests/vectors/protocol-definitions/credential-issuance.json +41 -0
- package/dist/esm/tests/vectors/protocol-definitions/dex.json +58 -0
- package/dist/esm/tests/vectors/protocol-definitions/email.json +62 -0
- package/dist/esm/tests/vectors/protocol-definitions/free-for-all.json +45 -0
- package/dist/esm/tests/vectors/protocol-definitions/friend-role.json +48 -0
- package/dist/esm/tests/vectors/protocol-definitions/message.json +37 -0
- package/dist/esm/tests/vectors/protocol-definitions/minimal.json +10 -0
- package/dist/esm/tests/vectors/protocol-definitions/nested.json +31 -0
- package/dist/esm/tests/vectors/protocol-definitions/private-protocol.json +15 -0
- package/dist/esm/tests/vectors/protocol-definitions/recipient-can.json +33 -0
- package/dist/esm/tests/vectors/protocol-definitions/slack.json +242 -0
- package/dist/esm/tests/vectors/protocol-definitions/social-media.json +106 -0
- package/dist/esm/tests/vectors/protocol-definitions/thread-role.json +70 -0
- package/dist/types/generated/precompiled-validators.d.ts +597 -0
- package/dist/types/generated/precompiled-validators.d.ts.map +1 -0
- package/dist/types/src/core/abstract-message.d.ts +25 -0
- package/dist/types/src/core/abstract-message.d.ts.map +1 -0
- package/dist/types/src/core/auth.d.ts +9 -0
- package/dist/types/src/core/auth.d.ts.map +1 -0
- package/dist/types/src/core/dwn-constant.d.ts +10 -0
- package/dist/types/src/core/dwn-constant.d.ts.map +1 -0
- package/dist/types/src/core/dwn-error.d.ts +164 -0
- package/dist/types/src/core/dwn-error.d.ts.map +1 -0
- package/dist/types/src/core/grant-authorization.d.ts +43 -0
- package/dist/types/src/core/grant-authorization.d.ts.map +1 -0
- package/dist/types/src/core/message-reply.d.ts +32 -0
- package/dist/types/src/core/message-reply.d.ts.map +1 -0
- package/dist/types/src/core/message.d.ts +94 -0
- package/dist/types/src/core/message.d.ts.map +1 -0
- package/dist/types/src/core/messages-grant-authorization.d.ts +34 -0
- package/dist/types/src/core/messages-grant-authorization.d.ts.map +1 -0
- package/dist/types/src/core/protocol-authorization.d.ts +103 -0
- package/dist/types/src/core/protocol-authorization.d.ts.map +1 -0
- package/dist/types/src/core/protocols-grant-authorization.d.ts +31 -0
- package/dist/types/src/core/protocols-grant-authorization.d.ts.map +1 -0
- package/dist/types/src/core/records-grant-authorization.d.ts +60 -0
- package/dist/types/src/core/records-grant-authorization.d.ts.map +1 -0
- package/dist/types/src/core/resumable-task-manager.d.ts +43 -0
- package/dist/types/src/core/resumable-task-manager.d.ts.map +1 -0
- package/dist/types/src/core/tenant-gate.d.ts +29 -0
- package/dist/types/src/core/tenant-gate.d.ts.map +1 -0
- package/dist/types/src/dwn.d.ts +85 -0
- package/dist/types/src/dwn.d.ts.map +1 -0
- package/dist/types/src/enums/dwn-interface-method.d.ts +14 -0
- package/dist/types/src/enums/dwn-interface-method.d.ts.map +1 -0
- package/dist/types/src/event-log/event-emitter-stream.d.ts +23 -0
- package/dist/types/src/event-log/event-emitter-stream.d.ts.map +1 -0
- package/dist/types/src/event-log/event-log-level.d.ts +35 -0
- package/dist/types/src/event-log/event-log-level.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-query.d.ts +17 -0
- package/dist/types/src/handlers/messages-query.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-read.d.ts +22 -0
- package/dist/types/src/handlers/messages-read.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-subscribe.d.ts +18 -0
- package/dist/types/src/handlers/messages-subscribe.d.ts.map +1 -0
- package/dist/types/src/handlers/protocols-configure.d.ts +24 -0
- package/dist/types/src/handlers/protocols-configure.d.ts.map +1 -0
- package/dist/types/src/handlers/protocols-query.d.ts +20 -0
- package/dist/types/src/handlers/protocols-query.d.ts.map +1 -0
- package/dist/types/src/handlers/records-delete.d.ts +23 -0
- package/dist/types/src/handlers/records-delete.d.ts.map +1 -0
- package/dist/types/src/handlers/records-query.d.ts +70 -0
- package/dist/types/src/handlers/records-query.d.ts.map +1 -0
- package/dist/types/src/handlers/records-read.d.ts +20 -0
- package/dist/types/src/handlers/records-read.d.ts.map +1 -0
- package/dist/types/src/handlers/records-subscribe.d.ts +62 -0
- package/dist/types/src/handlers/records-subscribe.d.ts.map +1 -0
- package/dist/types/src/handlers/records-write.d.ts +51 -0
- package/dist/types/src/handlers/records-write.d.ts.map +1 -0
- package/dist/types/src/index.d.ts +63 -0
- package/dist/types/src/index.d.ts.map +1 -0
- package/dist/types/src/interfaces/messages-query.d.ts +16 -0
- package/dist/types/src/interfaces/messages-query.d.ts.map +1 -0
- package/dist/types/src/interfaces/messages-read.d.ts +20 -0
- package/dist/types/src/interfaces/messages-read.d.ts.map +1 -0
- package/dist/types/src/interfaces/messages-subscribe.d.ts +20 -0
- package/dist/types/src/interfaces/messages-subscribe.d.ts.map +1 -0
- package/dist/types/src/interfaces/protocols-configure.d.ts +40 -0
- package/dist/types/src/interfaces/protocols-configure.d.ts.map +1 -0
- package/dist/types/src/interfaces/protocols-query.d.ts +17 -0
- package/dist/types/src/interfaces/protocols-query.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-delete.d.ts +34 -0
- package/dist/types/src/interfaces/records-delete.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-query.d.ts +31 -0
- package/dist/types/src/interfaces/records-query.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-read.d.ts +36 -0
- package/dist/types/src/interfaces/records-read.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-subscribe.d.ts +27 -0
- package/dist/types/src/interfaces/records-subscribe.d.ts.map +1 -0
- package/dist/types/src/interfaces/records-write.d.ts +309 -0
- package/dist/types/src/interfaces/records-write.d.ts.map +1 -0
- package/dist/types/src/jose/algorithms/signing/ed25519.d.ts +3 -0
- package/dist/types/src/jose/algorithms/signing/ed25519.d.ts.map +1 -0
- package/dist/types/src/jose/algorithms/signing/signature-algorithms.d.ts +3 -0
- package/dist/types/src/jose/algorithms/signing/signature-algorithms.d.ts.map +1 -0
- package/dist/types/src/jose/jws/general/builder.d.ts +10 -0
- package/dist/types/src/jose/jws/general/builder.d.ts.map +1 -0
- package/dist/types/src/jose/jws/general/verifier.d.ts +32 -0
- package/dist/types/src/jose/jws/general/verifier.d.ts.map +1 -0
- package/dist/types/src/protocols/permission-grant.d.ts +50 -0
- package/dist/types/src/protocols/permission-grant.d.ts.map +1 -0
- package/dist/types/src/protocols/permission-request.d.ts +35 -0
- package/dist/types/src/protocols/permission-request.d.ts.map +1 -0
- package/dist/types/src/protocols/permissions.d.ts +150 -0
- package/dist/types/src/protocols/permissions.d.ts.map +1 -0
- package/dist/types/src/schema-validator.d.ts +8 -0
- package/dist/types/src/schema-validator.d.ts.map +1 -0
- package/dist/types/src/store/blockstore-level.d.ts +34 -0
- package/dist/types/src/store/blockstore-level.d.ts.map +1 -0
- package/dist/types/src/store/blockstore-mock.d.ts +27 -0
- package/dist/types/src/store/blockstore-mock.d.ts.map +1 -0
- package/dist/types/src/store/data-store-level.d.ts +34 -0
- package/dist/types/src/store/data-store-level.d.ts.map +1 -0
- package/dist/types/src/store/index-level.d.ts +171 -0
- package/dist/types/src/store/index-level.d.ts.map +1 -0
- package/dist/types/src/store/level-wrapper.d.ts +48 -0
- package/dist/types/src/store/level-wrapper.d.ts.map +1 -0
- package/dist/types/src/store/message-store-level.d.ts +46 -0
- package/dist/types/src/store/message-store-level.d.ts.map +1 -0
- package/dist/types/src/store/resumable-task-store-level.d.ts +28 -0
- package/dist/types/src/store/resumable-task-store-level.d.ts.map +1 -0
- package/dist/types/src/store/storage-controller.d.ts +46 -0
- package/dist/types/src/store/storage-controller.d.ts.map +1 -0
- package/dist/types/src/types/cache.d.ts +16 -0
- package/dist/types/src/types/cache.d.ts.map +1 -0
- package/dist/types/src/types/data-store.d.ts +57 -0
- package/dist/types/src/types/data-store.d.ts.map +1 -0
- package/dist/types/src/types/event-log.d.ts +52 -0
- package/dist/types/src/types/event-log.d.ts.map +1 -0
- package/dist/types/src/types/jose-types.d.ts +75 -0
- package/dist/types/src/types/jose-types.d.ts.map +1 -0
- package/dist/types/src/types/jws-types.d.ts +27 -0
- package/dist/types/src/types/jws-types.d.ts.map +1 -0
- package/dist/types/src/types/message-interface.d.ts +27 -0
- package/dist/types/src/types/message-interface.d.ts.map +1 -0
- package/dist/types/src/types/message-store.d.ts +42 -0
- package/dist/types/src/types/message-store.d.ts.map +1 -0
- package/dist/types/src/types/message-types.d.ts +116 -0
- package/dist/types/src/types/message-types.d.ts.map +1 -0
- package/dist/types/src/types/messages-types.d.ts +65 -0
- package/dist/types/src/types/messages-types.d.ts.map +1 -0
- package/dist/types/src/types/method-handler.d.ts +19 -0
- package/dist/types/src/types/method-handler.d.ts.map +1 -0
- package/dist/types/src/types/permission-types.d.ts +93 -0
- package/dist/types/src/types/permission-types.d.ts.map +1 -0
- package/dist/types/src/types/protocols-types.d.ts +154 -0
- package/dist/types/src/types/protocols-types.d.ts.map +1 -0
- package/dist/types/src/types/query-types.d.ts +66 -0
- package/dist/types/src/types/query-types.d.ts.map +1 -0
- package/dist/types/src/types/records-types.d.ts +230 -0
- package/dist/types/src/types/records-types.d.ts.map +1 -0
- package/dist/types/src/types/resumable-task-store.d.ts +89 -0
- package/dist/types/src/types/resumable-task-store.d.ts.map +1 -0
- package/dist/types/src/types/signer.d.ts +26 -0
- package/dist/types/src/types/signer.d.ts.map +1 -0
- package/dist/types/src/types/subscriptions.d.ts +30 -0
- package/dist/types/src/types/subscriptions.d.ts.map +1 -0
- package/dist/types/src/utils/abort.d.ts +5 -0
- package/dist/types/src/utils/abort.d.ts.map +1 -0
- package/dist/types/src/utils/array.d.ts +18 -0
- package/dist/types/src/utils/array.d.ts.map +1 -0
- package/dist/types/src/utils/cid.d.ts +30 -0
- package/dist/types/src/utils/cid.d.ts.map +1 -0
- package/dist/types/src/utils/data-stream.d.ts +31 -0
- package/dist/types/src/utils/data-stream.d.ts.map +1 -0
- package/dist/types/src/utils/encoder.d.ts +14 -0
- package/dist/types/src/utils/encoder.d.ts.map +1 -0
- package/dist/types/src/utils/encryption.d.ts +44 -0
- package/dist/types/src/utils/encryption.d.ts.map +1 -0
- package/dist/types/src/utils/filter.d.ts +60 -0
- package/dist/types/src/utils/filter.d.ts.map +1 -0
- package/dist/types/src/utils/hd-key.d.ts +54 -0
- package/dist/types/src/utils/hd-key.d.ts.map +1 -0
- package/dist/types/src/utils/jws.d.ts +39 -0
- package/dist/types/src/utils/jws.d.ts.map +1 -0
- package/dist/types/src/utils/memory-cache.d.ts +15 -0
- package/dist/types/src/utils/memory-cache.d.ts.map +1 -0
- package/dist/types/src/utils/messages.d.ts +27 -0
- package/dist/types/src/utils/messages.d.ts.map +1 -0
- package/dist/types/src/utils/object.d.ts +13 -0
- package/dist/types/src/utils/object.d.ts.map +1 -0
- package/dist/types/src/utils/private-key-signer.d.ts +34 -0
- package/dist/types/src/utils/private-key-signer.d.ts.map +1 -0
- package/dist/types/src/utils/protocols.d.ts +14 -0
- package/dist/types/src/utils/protocols.d.ts.map +1 -0
- package/dist/types/src/utils/records.d.ts +122 -0
- package/dist/types/src/utils/records.d.ts.map +1 -0
- package/dist/types/src/utils/secp256k1.d.ts +59 -0
- package/dist/types/src/utils/secp256k1.d.ts.map +1 -0
- package/dist/types/src/utils/secp256r1.d.ts +39 -0
- package/dist/types/src/utils/secp256r1.d.ts.map +1 -0
- package/dist/types/src/utils/string.d.ts +6 -0
- package/dist/types/src/utils/string.d.ts.map +1 -0
- package/dist/types/src/utils/time.d.ts +50 -0
- package/dist/types/src/utils/time.d.ts.map +1 -0
- package/dist/types/src/utils/url.d.ts +5 -0
- package/dist/types/src/utils/url.d.ts.map +1 -0
- package/dist/types/tests/core/auth.spec.d.ts +2 -0
- package/dist/types/tests/core/auth.spec.d.ts.map +1 -0
- package/dist/types/tests/core/message-reply.spec.d.ts +2 -0
- package/dist/types/tests/core/message-reply.spec.d.ts.map +1 -0
- package/dist/types/tests/core/message.spec.d.ts +2 -0
- package/dist/types/tests/core/message.spec.d.ts.map +1 -0
- package/dist/types/tests/core/protocol-authorization.spec.d.ts +2 -0
- package/dist/types/tests/core/protocol-authorization.spec.d.ts.map +1 -0
- package/dist/types/tests/dwn.spec.d.ts +2 -0
- package/dist/types/tests/dwn.spec.d.ts.map +1 -0
- package/dist/types/tests/event-log/event-emitter-stream.spec.d.ts +2 -0
- package/dist/types/tests/event-log/event-emitter-stream.spec.d.ts.map +1 -0
- package/dist/types/tests/event-log/event-log-level.spec.d.ts +2 -0
- package/dist/types/tests/event-log/event-log-level.spec.d.ts.map +1 -0
- package/dist/types/tests/event-log/event-log.spec.d.ts +2 -0
- package/dist/types/tests/event-log/event-log.spec.d.ts.map +1 -0
- package/dist/types/tests/event-log/event-stream.spec.d.ts +2 -0
- package/dist/types/tests/event-log/event-stream.spec.d.ts.map +1 -0
- package/dist/types/tests/features/author-delegated-grant.spec.d.ts +2 -0
- package/dist/types/tests/features/author-delegated-grant.spec.d.ts.map +1 -0
- package/dist/types/tests/features/owner-delegated-grant.spec.d.ts +2 -0
- package/dist/types/tests/features/owner-delegated-grant.spec.d.ts.map +1 -0
- package/dist/types/tests/features/owner-signature.spec.d.ts +2 -0
- package/dist/types/tests/features/owner-signature.spec.d.ts.map +1 -0
- package/dist/types/tests/features/permissions.spec.d.ts +2 -0
- package/dist/types/tests/features/permissions.spec.d.ts.map +1 -0
- package/dist/types/tests/features/protocol-create-action.spec.d.ts +2 -0
- package/dist/types/tests/features/protocol-create-action.spec.d.ts.map +1 -0
- package/dist/types/tests/features/protocol-delete-action.spec.d.ts +2 -0
- package/dist/types/tests/features/protocol-delete-action.spec.d.ts.map +1 -0
- package/dist/types/tests/features/protocol-update-action.spec.d.ts +2 -0
- package/dist/types/tests/features/protocol-update-action.spec.d.ts.map +1 -0
- package/dist/types/tests/features/records-prune.spec.d.ts +2 -0
- package/dist/types/tests/features/records-prune.spec.d.ts.map +1 -0
- package/dist/types/tests/features/records-tags.spec.d.ts +2 -0
- package/dist/types/tests/features/records-tags.spec.d.ts.map +1 -0
- package/dist/types/tests/features/resumable-tasks.spec.d.ts +2 -0
- package/dist/types/tests/features/resumable-tasks.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/messages-query.spec.d.ts +2 -0
- package/dist/types/tests/handlers/messages-query.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/messages-read.spec.d.ts +2 -0
- package/dist/types/tests/handlers/messages-read.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/messages-subscribe.spec.d.ts +2 -0
- package/dist/types/tests/handlers/messages-subscribe.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/protocols-configure.spec.d.ts +2 -0
- package/dist/types/tests/handlers/protocols-configure.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/protocols-query.spec.d.ts +2 -0
- package/dist/types/tests/handlers/protocols-query.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/records-delete.spec.d.ts +2 -0
- package/dist/types/tests/handlers/records-delete.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/records-query.spec.d.ts +2 -0
- package/dist/types/tests/handlers/records-query.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/records-read.spec.d.ts +2 -0
- package/dist/types/tests/handlers/records-read.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/records-subscribe.spec.d.ts +2 -0
- package/dist/types/tests/handlers/records-subscribe.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/records-write.spec.d.ts +2 -0
- package/dist/types/tests/handlers/records-write.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/messages-get.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/messages-get.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/messages-subscribe.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/messages-subscribe.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/messagess-query.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/messagess-query.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/protocols-configure.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/protocols-configure.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/protocols-query.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/protocols-query.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/records-delete.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/records-delete.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/records-query.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/records-query.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/records-read.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/records-read.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/records-subscribe.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/records-subscribe.spec.d.ts.map +1 -0
- package/dist/types/tests/interfaces/records-write.spec.d.ts +2 -0
- package/dist/types/tests/interfaces/records-write.spec.d.ts.map +1 -0
- package/dist/types/tests/jose/jws/general.spec.d.ts +2 -0
- package/dist/types/tests/jose/jws/general.spec.d.ts.map +1 -0
- package/dist/types/tests/protocols/permission-request.spec.d.ts +2 -0
- package/dist/types/tests/protocols/permission-request.spec.d.ts.map +1 -0
- package/dist/types/tests/protocols/permissions.spec.d.ts +2 -0
- package/dist/types/tests/protocols/permissions.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/aggregator.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/aggregator.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/deleted-record.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/deleted-record.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/end-to-end-tests.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/end-to-end-tests.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/messages-query.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/messages-query.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/nested-roles.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/nested-roles.spec.d.ts.map +1 -0
- package/dist/types/tests/scenarios/subscriptions.spec.d.ts +2 -0
- package/dist/types/tests/scenarios/subscriptions.spec.d.ts.map +1 -0
- package/dist/types/tests/store/blockstore-mock.spec.d.ts +2 -0
- package/dist/types/tests/store/blockstore-mock.spec.d.ts.map +1 -0
- package/dist/types/tests/store/data-store-level.spec.d.ts +2 -0
- package/dist/types/tests/store/data-store-level.spec.d.ts.map +1 -0
- package/dist/types/tests/store/index-level.spec.d.ts +2 -0
- package/dist/types/tests/store/index-level.spec.d.ts.map +1 -0
- package/dist/types/tests/store/message-store-level.spec.d.ts +2 -0
- package/dist/types/tests/store/message-store-level.spec.d.ts.map +1 -0
- package/dist/types/tests/store/message-store.spec.d.ts +2 -0
- package/dist/types/tests/store/message-store.spec.d.ts.map +1 -0
- package/dist/types/tests/store-dependent-tests.spec.d.ts +2 -0
- package/dist/types/tests/store-dependent-tests.spec.d.ts.map +1 -0
- package/dist/types/tests/test-event-stream.d.ts +22 -0
- package/dist/types/tests/test-event-stream.d.ts.map +1 -0
- package/dist/types/tests/test-stores.d.ts +33 -0
- package/dist/types/tests/test-stores.d.ts.map +1 -0
- package/dist/types/tests/test-suite.d.ts +18 -0
- package/dist/types/tests/test-suite.d.ts.map +1 -0
- package/dist/types/tests/utils/cid.spec.d.ts +2 -0
- package/dist/types/tests/utils/cid.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/data-stream.spec.d.ts +2 -0
- package/dist/types/tests/utils/data-stream.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/encryption.spec.d.ts +2 -0
- package/dist/types/tests/utils/encryption.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/filters.spec.d.ts +2 -0
- package/dist/types/tests/utils/filters.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/hd-key.spec.d.ts +2 -0
- package/dist/types/tests/utils/hd-key.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/jws.spec.d.ts +2 -0
- package/dist/types/tests/utils/jws.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/memory-cache.spec.d.ts +2 -0
- package/dist/types/tests/utils/memory-cache.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/messages.spec.d.ts +2 -0
- package/dist/types/tests/utils/messages.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/object.spec.d.ts +2 -0
- package/dist/types/tests/utils/object.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/poller.d.ts +21 -0
- package/dist/types/tests/utils/poller.d.ts.map +1 -0
- package/dist/types/tests/utils/private-key-signer.spec.d.ts +2 -0
- package/dist/types/tests/utils/private-key-signer.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/records.spec.d.ts +2 -0
- package/dist/types/tests/utils/records.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/secp256k1.spec.d.ts +2 -0
- package/dist/types/tests/utils/secp256k1.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/secp256r1.spec.d.ts +2 -0
- package/dist/types/tests/utils/secp256r1.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/test-data-generator.d.ts +342 -0
- package/dist/types/tests/utils/test-data-generator.d.ts.map +1 -0
- package/dist/types/tests/utils/test-stub-generator.d.ts +16 -0
- package/dist/types/tests/utils/test-stub-generator.d.ts.map +1 -0
- package/dist/types/tests/utils/time.spec.d.ts +2 -0
- package/dist/types/tests/utils/time.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/url.spec.d.ts +2 -0
- package/dist/types/tests/utils/url.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/definitions.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/definitions.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/jwk/general-jwk.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/jwk/general-jwk.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/jwk/public-jwk.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/jwk/public-jwk.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/jwk-verification-method.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/jwk-verification-method.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/protocols/protocols-configure.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/protocols/protocols-configure.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/records/records-query.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/records/records-query.spec.d.ts.map +1 -0
- package/dist/types/tests/validation/json-schemas/records/records-write.spec.d.ts +2 -0
- package/dist/types/tests/validation/json-schemas/records/records-write.spec.d.ts.map +1 -0
- package/package.json +167 -0
- package/src/core/abstract-message.ts +62 -0
- package/src/core/auth.ts +36 -0
- package/src/core/dwn-constant.ts +9 -0
- package/src/core/dwn-error.ts +167 -0
- package/src/core/grant-authorization.ts +148 -0
- package/src/core/message-reply.ts +41 -0
- package/src/core/message.ts +259 -0
- package/src/core/messages-grant-authorization.ts +134 -0
- package/src/core/protocol-authorization.ts +903 -0
- package/src/core/protocols-grant-authorization.ts +88 -0
- package/src/core/records-grant-authorization.ts +197 -0
- package/src/core/resumable-task-manager.ts +114 -0
- package/src/core/tenant-gate.ts +33 -0
- package/src/dwn.ts +264 -0
- package/src/enums/dwn-interface-method.ts +14 -0
- package/src/event-log/event-emitter-stream.ts +69 -0
- package/src/event-log/event-log-level.ts +72 -0
- package/src/handlers/messages-query.ts +67 -0
- package/src/handlers/messages-read.ts +103 -0
- package/src/handlers/messages-subscribe.ts +89 -0
- package/src/handlers/protocols-configure.ts +137 -0
- package/src/handlers/protocols-query.ts +82 -0
- package/src/handlers/records-delete.ts +124 -0
- package/src/handlers/records-query.ts +262 -0
- package/src/handlers/records-read.ts +187 -0
- package/src/handlers/records-subscribe.ts +218 -0
- package/src/handlers/records-write.ts +404 -0
- package/src/index.ts +67 -0
- package/src/interfaces/messages-query.ts +60 -0
- package/src/interfaces/messages-read.ts +63 -0
- package/src/interfaces/messages-subscribe.ts +64 -0
- package/src/interfaces/protocols-configure.ts +340 -0
- package/src/interfaces/protocols-query.ts +96 -0
- package/src/interfaces/records-delete.ts +117 -0
- package/src/interfaces/records-query.ts +131 -0
- package/src/interfaces/records-read.ts +100 -0
- package/src/interfaces/records-subscribe.ts +104 -0
- package/src/interfaces/records-write.ts +1072 -0
- package/src/jose/algorithms/signing/ed25519.ts +58 -0
- package/src/jose/algorithms/signing/signature-algorithms.ts +22 -0
- package/src/jose/jws/general/builder.ts +48 -0
- package/src/jose/jws/general/verifier.ts +112 -0
- package/src/protocols/permission-grant.ts +86 -0
- package/src/protocols/permission-request.ts +63 -0
- package/src/protocols/permissions.ts +508 -0
- package/src/schema-validator.ts +46 -0
- package/src/store/blockstore-level.ts +113 -0
- package/src/store/blockstore-mock.ts +80 -0
- package/src/store/data-store-level.ts +120 -0
- package/src/store/index-level.ts +691 -0
- package/src/store/level-wrapper.ts +272 -0
- package/src/store/message-store-level.ts +195 -0
- package/src/store/resumable-task-store-level.ts +120 -0
- package/src/store/storage-controller.ts +240 -0
- package/src/types/cache.ts +16 -0
- package/src/types/data-store.ts +64 -0
- package/src/types/event-log.ts +52 -0
- package/src/types/jose-types.ts +76 -0
- package/src/types/jws-types.ts +28 -0
- package/src/types/message-interface.ts +30 -0
- package/src/types/message-store.ts +57 -0
- package/src/types/message-types.ts +132 -0
- package/src/types/messages-types.ts +77 -0
- package/src/types/method-handler.ts +19 -0
- package/src/types/permission-types.ts +110 -0
- package/src/types/protocols-types.ts +177 -0
- package/src/types/query-types.ts +61 -0
- package/src/types/records-types.ts +263 -0
- package/src/types/resumable-task-store.ts +96 -0
- package/src/types/signer.ts +27 -0
- package/src/types/subscriptions.ts +34 -0
- package/src/utils/abort.ts +31 -0
- package/src/utils/array.ts +39 -0
- package/src/utils/cid.ts +101 -0
- package/src/utils/data-stream.ts +99 -0
- package/src/utils/encoder.ts +54 -0
- package/src/utils/encryption.ts +145 -0
- package/src/utils/filter.ts +245 -0
- package/src/utils/hd-key.ts +126 -0
- package/src/utils/jws.ts +95 -0
- package/src/utils/memory-cache.ts +31 -0
- package/src/utils/messages.ts +109 -0
- package/src/utils/object.ts +43 -0
- package/src/utils/private-key-signer.ts +72 -0
- package/src/utils/protocols.ts +50 -0
- package/src/utils/records.ts +559 -0
- package/src/utils/secp256k1.ts +157 -0
- package/src/utils/secp256r1.ts +142 -0
- package/src/utils/string.ts +13 -0
- package/src/utils/time.ts +78 -0
- package/src/utils/url.ts +65 -0
|
@@ -0,0 +1,608 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
var __rest = (this && this.__rest) || function (s, e) {
|
|
11
|
+
var t = {};
|
|
12
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
|
|
13
|
+
t[p] = s[p];
|
|
14
|
+
if (s != null && typeof Object.getOwnPropertySymbols === "function")
|
|
15
|
+
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
|
|
16
|
+
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
|
|
17
|
+
t[p[i]] = s[p[i]];
|
|
18
|
+
}
|
|
19
|
+
return t;
|
|
20
|
+
};
|
|
21
|
+
import Ajv from 'ajv/dist/2020.js';
|
|
22
|
+
import { FilterUtility } from '../utils/filter.js';
|
|
23
|
+
import { PermissionsProtocol } from '../protocols/permissions.js';
|
|
24
|
+
import { Records } from '../utils/records.js';
|
|
25
|
+
import { RecordsWrite } from '../interfaces/records-write.js';
|
|
26
|
+
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
27
|
+
import { DwnInterfaceName, DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
28
|
+
import { ProtocolAction, ProtocolActor } from '../types/protocols-types.js';
|
|
29
|
+
export class ProtocolAuthorization {
|
|
30
|
+
/**
|
|
31
|
+
* Performs validation on the structure of RecordsWrite messages that use a protocol.
|
|
32
|
+
* @throws {Error} if validation fails.
|
|
33
|
+
*/
|
|
34
|
+
static validateReferentialIntegrity(tenant, incomingMessage, messageStore) {
|
|
35
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
36
|
+
// fetch the protocol definition
|
|
37
|
+
const protocolDefinition = yield ProtocolAuthorization.fetchProtocolDefinition(tenant, incomingMessage.message.descriptor.protocol, messageStore);
|
|
38
|
+
// verify declared protocol type exists in protocol and that it conforms to type specification
|
|
39
|
+
ProtocolAuthorization.verifyType(incomingMessage.message, protocolDefinition.types);
|
|
40
|
+
// validate `protocolPath`
|
|
41
|
+
yield ProtocolAuthorization.verifyProtocolPathAndContextId(tenant, incomingMessage, messageStore);
|
|
42
|
+
// get the rule set for the inbound message
|
|
43
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(incomingMessage.message.descriptor.protocolPath, protocolDefinition);
|
|
44
|
+
// Validate as a role record if the incoming message is writing a role record
|
|
45
|
+
yield ProtocolAuthorization.verifyAsRoleRecordIfNeeded(tenant, incomingMessage, ruleSet, messageStore);
|
|
46
|
+
// Verify size limit
|
|
47
|
+
ProtocolAuthorization.verifySizeLimit(incomingMessage, ruleSet);
|
|
48
|
+
// Verify protocol tags
|
|
49
|
+
ProtocolAuthorization.verifyTagsIfNeeded(incomingMessage, ruleSet);
|
|
50
|
+
});
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Performs protocol-based authorization against the incoming RecordsWrite message.
|
|
54
|
+
* @throws {Error} if authorization fails.
|
|
55
|
+
*/
|
|
56
|
+
static authorizeWrite(tenant, incomingMessage, messageStore) {
|
|
57
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
58
|
+
const existingInitialWrite = yield ProtocolAuthorization.fetchInitialWrite(tenant, incomingMessage.message.recordId, messageStore);
|
|
59
|
+
let recordChain;
|
|
60
|
+
if (existingInitialWrite === undefined) {
|
|
61
|
+
// NOTE: we can assume this message is an initial write because an existing initial write does not exist.
|
|
62
|
+
// Additionally, we check further down in the `RecordsWriteHandler` if the incoming message is an initialWrite,
|
|
63
|
+
// so we don't check explicitly here to avoid an unnecessary duplicate check.
|
|
64
|
+
recordChain = yield ProtocolAuthorization.constructRecordChain(tenant, incomingMessage.message.descriptor.parentId, messageStore);
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
recordChain = yield ProtocolAuthorization.constructRecordChain(tenant, incomingMessage.message.recordId, messageStore);
|
|
68
|
+
}
|
|
69
|
+
// fetch the protocol definition
|
|
70
|
+
const protocolDefinition = yield ProtocolAuthorization.fetchProtocolDefinition(tenant, incomingMessage.message.descriptor.protocol, messageStore);
|
|
71
|
+
// get the rule set for the inbound message
|
|
72
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(incomingMessage.message.descriptor.protocolPath, protocolDefinition);
|
|
73
|
+
// If the incoming message has `protocolRole` in the descriptor, validate the invoked role
|
|
74
|
+
yield ProtocolAuthorization.verifyInvokedRole(tenant, incomingMessage, incomingMessage.message.descriptor.protocol, incomingMessage.message.contextId, protocolDefinition, messageStore);
|
|
75
|
+
// verify method invoked against the allowed actions in the rule set
|
|
76
|
+
yield ProtocolAuthorization.authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain, messageStore);
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
/**
|
|
80
|
+
* Performs protocol-based authorization against the incoming `RecordsRead` message.
|
|
81
|
+
* @param newestRecordsWrite The latest RecordsWrite associated with the recordId being read.
|
|
82
|
+
* @throws {Error} if authorization fails.
|
|
83
|
+
*/
|
|
84
|
+
static authorizeRead(tenant, incomingMessage, newestRecordsWrite, messageStore) {
|
|
85
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
86
|
+
// fetch record chain
|
|
87
|
+
const recordChain = yield ProtocolAuthorization.constructRecordChain(tenant, newestRecordsWrite.message.recordId, messageStore);
|
|
88
|
+
// fetch the protocol definition
|
|
89
|
+
const protocolDefinition = yield ProtocolAuthorization.fetchProtocolDefinition(tenant, newestRecordsWrite.message.descriptor.protocol, messageStore);
|
|
90
|
+
// get the rule set for the inbound message
|
|
91
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(newestRecordsWrite.message.descriptor.protocolPath, protocolDefinition);
|
|
92
|
+
// If the incoming message has `protocolRole` in the descriptor, validate the invoked role
|
|
93
|
+
yield ProtocolAuthorization.verifyInvokedRole(tenant, incomingMessage, newestRecordsWrite.message.descriptor.protocol, newestRecordsWrite.message.contextId, protocolDefinition, messageStore);
|
|
94
|
+
// verify method invoked against the allowed actions in the rule set
|
|
95
|
+
yield ProtocolAuthorization.authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain, messageStore);
|
|
96
|
+
});
|
|
97
|
+
}
|
|
98
|
+
static authorizeQueryOrSubscribe(tenant, incomingMessage, messageStore) {
|
|
99
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
100
|
+
const { protocol, protocolPath, contextId } = incomingMessage.message.descriptor.filter;
|
|
101
|
+
// fetch the protocol definition
|
|
102
|
+
const protocolDefinition = yield ProtocolAuthorization.fetchProtocolDefinition(tenant, protocol, // `authorizeQueryOrSubscribe` is only called if `protocol` is present
|
|
103
|
+
messageStore);
|
|
104
|
+
// get the rule set for the inbound message
|
|
105
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(protocolPath, // presence of `protocolPath` is verified in `parse()`
|
|
106
|
+
protocolDefinition);
|
|
107
|
+
// If the incoming message has `protocolRole` in the descriptor, validate the invoked role
|
|
108
|
+
yield ProtocolAuthorization.verifyInvokedRole(tenant, incomingMessage, protocol, contextId, protocolDefinition, messageStore);
|
|
109
|
+
// verify method invoked against the allowed actions in the rule set
|
|
110
|
+
yield ProtocolAuthorization.authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, [], // record chain is not relevant to queries or subscriptions
|
|
111
|
+
messageStore);
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
/**
|
|
115
|
+
* Performs protocol-based authorization against the incoming `RecordsDelete` message.
|
|
116
|
+
* @param recordsWrite A `RecordsWrite` of the record being deleted.
|
|
117
|
+
*/
|
|
118
|
+
static authorizeDelete(tenant, incomingMessage, recordsWrite, messageStore) {
|
|
119
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
120
|
+
// fetch record chain
|
|
121
|
+
const recordChain = yield ProtocolAuthorization.constructRecordChain(tenant, incomingMessage.message.descriptor.recordId, messageStore);
|
|
122
|
+
// fetch the protocol definition
|
|
123
|
+
const protocolDefinition = yield ProtocolAuthorization.fetchProtocolDefinition(tenant, recordsWrite.message.descriptor.protocol, messageStore);
|
|
124
|
+
// get the rule set for the inbound message
|
|
125
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(recordsWrite.message.descriptor.protocolPath, protocolDefinition);
|
|
126
|
+
// If the incoming message has `protocolRole` in the descriptor, validate the invoked role
|
|
127
|
+
yield ProtocolAuthorization.verifyInvokedRole(tenant, incomingMessage, recordsWrite.message.descriptor.protocol, recordsWrite.message.contextId, protocolDefinition, messageStore);
|
|
128
|
+
// verify method invoked against the allowed actions in the rule set
|
|
129
|
+
yield ProtocolAuthorization.authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain, messageStore);
|
|
130
|
+
});
|
|
131
|
+
}
|
|
132
|
+
/**
|
|
133
|
+
* Fetches the protocol definition based on the protocol specified in the given message.
|
|
134
|
+
*/
|
|
135
|
+
static fetchProtocolDefinition(tenant, protocolUri, messageStore) {
|
|
136
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
137
|
+
// if first-class protocol, return the definition from const object directly without going to data store
|
|
138
|
+
if (protocolUri === PermissionsProtocol.uri) {
|
|
139
|
+
return PermissionsProtocol.definition;
|
|
140
|
+
}
|
|
141
|
+
// fetch the corresponding protocol definition
|
|
142
|
+
const query = {
|
|
143
|
+
interface: DwnInterfaceName.Protocols,
|
|
144
|
+
method: DwnMethodName.Configure,
|
|
145
|
+
protocol: protocolUri
|
|
146
|
+
};
|
|
147
|
+
const { messages: protocols } = yield messageStore.query(tenant, [query]);
|
|
148
|
+
if (protocols.length === 0) {
|
|
149
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationProtocolNotFound, `unable to find protocol definition for ${protocolUri}`);
|
|
150
|
+
}
|
|
151
|
+
const protocolMessage = protocols[0];
|
|
152
|
+
return protocolMessage.descriptor.definition;
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
/**
|
|
156
|
+
* Constructs the chain of EXISTING records in the datastore where the first record is the root initial `RecordsWrite` of the record chain
|
|
157
|
+
* and last record is the initial `RecordsWrite` of the descendant record specified.
|
|
158
|
+
* @param descendantRecordId The ID of the descendent record to start constructing the record chain from by repeatedly looking up the parent.
|
|
159
|
+
* @returns the record chain where each record is represented by its initial `RecordsWrite`;
|
|
160
|
+
* returns empty array if `descendantRecordId` is `undefined`.
|
|
161
|
+
* @throws {DwnError} if `descendantRecordId` is defined but any initial `RecordsWrite` is not found in the chain of records.
|
|
162
|
+
*/
|
|
163
|
+
static constructRecordChain(tenant, descendantRecordId, messageStore) {
|
|
164
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
165
|
+
if (descendantRecordId === undefined) {
|
|
166
|
+
return [];
|
|
167
|
+
}
|
|
168
|
+
const recordChain = [];
|
|
169
|
+
// keep walking up the chain from the inbound message's parent, until there is no more parent
|
|
170
|
+
let currentRecordId = descendantRecordId;
|
|
171
|
+
while (currentRecordId !== undefined) {
|
|
172
|
+
const initialWrite = yield ProtocolAuthorization.fetchInitialWrite(tenant, currentRecordId, messageStore);
|
|
173
|
+
// RecordsWrite needed should be available since we perform necessary checks at the time of writes,
|
|
174
|
+
// eg. check the immediate parent in `verifyProtocolPathAndContextId` at the time of writing,
|
|
175
|
+
// so if this condition is triggered, it means there is an unexpected bug that caused an incomplete chain.
|
|
176
|
+
// We add additional defensive check here because returning an unexpected/incorrect record chain could lead to security vulnerabilities.
|
|
177
|
+
if (initialWrite === undefined) {
|
|
178
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationParentNotFoundConstructingRecordChain, `Unexpected error that should never trigger: no parent found with ID ${currentRecordId} when constructing record chain.`);
|
|
179
|
+
}
|
|
180
|
+
recordChain.push(initialWrite);
|
|
181
|
+
currentRecordId = initialWrite.descriptor.parentId;
|
|
182
|
+
}
|
|
183
|
+
return recordChain.reverse(); // root record first
|
|
184
|
+
});
|
|
185
|
+
}
|
|
186
|
+
/**
|
|
187
|
+
* Fetches the initial RecordsWrite message associated with the given (tenant + recordId).
|
|
188
|
+
*/
|
|
189
|
+
static fetchInitialWrite(tenant, recordId, messageStore) {
|
|
190
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
191
|
+
const query = {
|
|
192
|
+
interface: DwnInterfaceName.Records,
|
|
193
|
+
method: DwnMethodName.Write,
|
|
194
|
+
recordId: recordId
|
|
195
|
+
};
|
|
196
|
+
const { messages } = yield messageStore.query(tenant, [query]);
|
|
197
|
+
if (messages.length === 0) {
|
|
198
|
+
return undefined;
|
|
199
|
+
}
|
|
200
|
+
const initialWrite = yield RecordsWrite.getInitialWrite(messages);
|
|
201
|
+
return initialWrite;
|
|
202
|
+
});
|
|
203
|
+
}
|
|
204
|
+
/**
|
|
205
|
+
* Gets the rule set corresponding to the given protocolPath.
|
|
206
|
+
*/
|
|
207
|
+
static getRuleSet(protocolPath, protocolDefinition) {
|
|
208
|
+
const ruleSet = ProtocolAuthorization.getRuleSetAtProtocolPath(protocolPath, protocolDefinition);
|
|
209
|
+
if (ruleSet === undefined) {
|
|
210
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMissingRuleSet, `No rule set defined for protocolPath ${protocolPath}`);
|
|
211
|
+
}
|
|
212
|
+
return ruleSet;
|
|
213
|
+
}
|
|
214
|
+
/**
|
|
215
|
+
* Verifies the `protocolPath` declared in the given message (if it is a RecordsWrite) matches the path of actual record chain.
|
|
216
|
+
* @throws {DwnError} if fails verification.
|
|
217
|
+
*/
|
|
218
|
+
static verifyProtocolPathAndContextId(tenant, inboundMessage, messageStore) {
|
|
219
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
220
|
+
var _a;
|
|
221
|
+
const declaredProtocolPath = inboundMessage.message.descriptor.protocolPath;
|
|
222
|
+
const declaredTypeName = ProtocolAuthorization.getTypeName(declaredProtocolPath);
|
|
223
|
+
const parentId = inboundMessage.message.descriptor.parentId;
|
|
224
|
+
if (parentId === undefined) {
|
|
225
|
+
if (declaredProtocolPath !== declaredTypeName) {
|
|
226
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationParentlessIncorrectProtocolPath, `Declared protocol path '${declaredProtocolPath}' is not valid for records with no parent'.`);
|
|
227
|
+
}
|
|
228
|
+
return;
|
|
229
|
+
}
|
|
230
|
+
// Else `parentId` is defined, so we need to verify both protocolPath and contextId
|
|
231
|
+
// fetch the parent message
|
|
232
|
+
const protocol = inboundMessage.message.descriptor.protocol;
|
|
233
|
+
const query = {
|
|
234
|
+
isLatestBaseState: true, // NOTE: this filter is critical, to ensure are are not returning a deleted parent
|
|
235
|
+
interface: DwnInterfaceName.Records,
|
|
236
|
+
method: DwnMethodName.Write,
|
|
237
|
+
protocol,
|
|
238
|
+
recordId: parentId
|
|
239
|
+
};
|
|
240
|
+
const { messages: parentMessages } = yield messageStore.query(tenant, [query]);
|
|
241
|
+
const parentMessage = parentMessages[0];
|
|
242
|
+
// verifying protocolPath of incoming message is a child of the parent message's protocolPath
|
|
243
|
+
const parentProtocolPath = (_a = parentMessage === null || parentMessage === void 0 ? void 0 : parentMessage.descriptor) === null || _a === void 0 ? void 0 : _a.protocolPath;
|
|
244
|
+
const expectedProtocolPath = `${parentProtocolPath}/${declaredTypeName}`;
|
|
245
|
+
if (expectedProtocolPath !== declaredProtocolPath) {
|
|
246
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationIncorrectProtocolPath, `Could not find matching parent record to verify declared protocol path '${declaredProtocolPath}'.`);
|
|
247
|
+
}
|
|
248
|
+
// verifying contextId of incoming message is a child of the parent message's contextId
|
|
249
|
+
const expectedContextId = `${parentMessage.contextId}/${inboundMessage.message.recordId}`;
|
|
250
|
+
const actualContextId = inboundMessage.message.contextId;
|
|
251
|
+
if (actualContextId !== expectedContextId) {
|
|
252
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationIncorrectContextId, `Declared contextId '${actualContextId}' is not the same as expected: '${expectedContextId}'.`);
|
|
253
|
+
}
|
|
254
|
+
});
|
|
255
|
+
}
|
|
256
|
+
/**
|
|
257
|
+
* Verifies the `dataFormat` and `schema` declared in the given message (if it is a RecordsWrite) matches dataFormat
|
|
258
|
+
* and schema of the type in the given protocol.
|
|
259
|
+
* @throws {DwnError} if fails verification.
|
|
260
|
+
*/
|
|
261
|
+
static verifyType(inboundMessage, protocolTypes) {
|
|
262
|
+
const typeNames = Object.keys(protocolTypes);
|
|
263
|
+
const declaredProtocolPath = inboundMessage.descriptor.protocolPath;
|
|
264
|
+
const declaredTypeName = ProtocolAuthorization.getTypeName(declaredProtocolPath);
|
|
265
|
+
if (!typeNames.includes(declaredTypeName)) {
|
|
266
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationInvalidType, `record with type ${declaredTypeName} not allowed in protocol`);
|
|
267
|
+
}
|
|
268
|
+
const protocolPath = inboundMessage.descriptor.protocolPath;
|
|
269
|
+
// existence of `protocolType` has already been verified
|
|
270
|
+
const typeName = ProtocolAuthorization.getTypeName(protocolPath);
|
|
271
|
+
const protocolType = protocolTypes[typeName];
|
|
272
|
+
// no `schema` specified in protocol definition means that any schema is allowed
|
|
273
|
+
const { schema } = inboundMessage.descriptor;
|
|
274
|
+
if (protocolType.schema !== undefined && protocolType.schema !== schema) {
|
|
275
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationInvalidSchema, `type '${typeName}' must have schema '${protocolType.schema}', \
|
|
276
|
+
instead has '${schema}'`);
|
|
277
|
+
}
|
|
278
|
+
// no `dataFormats` specified in protocol definition means that all dataFormats are allowed
|
|
279
|
+
const { dataFormat } = inboundMessage.descriptor;
|
|
280
|
+
if (protocolType.dataFormats !== undefined && !protocolType.dataFormats.includes(dataFormat)) {
|
|
281
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationIncorrectDataFormat, `type '${typeName}' must have data format in (${protocolType.dataFormats}), \
|
|
282
|
+
instead has '${dataFormat}'`);
|
|
283
|
+
}
|
|
284
|
+
}
|
|
285
|
+
/**
|
|
286
|
+
* Check if the incoming message is invoking a role. If so, validate the invoked role.
|
|
287
|
+
*/
|
|
288
|
+
static verifyInvokedRole(tenant, incomingMessage, protocolUri, contextId, protocolDefinition, messageStore) {
|
|
289
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
290
|
+
var _a;
|
|
291
|
+
const protocolRole = (_a = incomingMessage.signaturePayload) === null || _a === void 0 ? void 0 : _a.protocolRole;
|
|
292
|
+
// Only verify role if there is a role being invoked
|
|
293
|
+
if (protocolRole === undefined) {
|
|
294
|
+
return;
|
|
295
|
+
}
|
|
296
|
+
const roleRuleSet = ProtocolAuthorization.getRuleSetAtProtocolPath(protocolRole, protocolDefinition);
|
|
297
|
+
if (roleRuleSet === undefined || !roleRuleSet.$role) {
|
|
298
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationNotARole, `Protocol path ${protocolRole} does not match role record type.`);
|
|
299
|
+
}
|
|
300
|
+
// Construct a filter to fetch the invoked role record
|
|
301
|
+
const roleRecordFilter = {
|
|
302
|
+
interface: DwnInterfaceName.Records,
|
|
303
|
+
method: DwnMethodName.Write,
|
|
304
|
+
protocol: protocolUri,
|
|
305
|
+
protocolPath: protocolRole,
|
|
306
|
+
recipient: incomingMessage.author,
|
|
307
|
+
isLatestBaseState: true,
|
|
308
|
+
};
|
|
309
|
+
const ancestorSegmentCountOfRolePath = protocolRole.split('/').length - 1;
|
|
310
|
+
if (contextId === undefined && ancestorSegmentCountOfRolePath > 0) {
|
|
311
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMissingContextId, 'Could not verify role because contextId is missing.');
|
|
312
|
+
}
|
|
313
|
+
// Compute `contextId` prefix filter for fetching the invoked role record if the role path is not at the root level.
|
|
314
|
+
// e.g. if invoked role path is `Thread/Participant`, and the `contextId` of the message is `threadX/messageY/attachmentZ`,
|
|
315
|
+
// then we need to add a prefix filter as `threadX` for the `contextId`
|
|
316
|
+
// because the `contextId` of the Participant record would be in the form of be `threadX/participantA`
|
|
317
|
+
if (ancestorSegmentCountOfRolePath > 0) {
|
|
318
|
+
const contextIdSegments = contextId.split('/'); // NOTE: currently contextId segment count is never shorter than the role path count.
|
|
319
|
+
const contextIdPrefix = contextIdSegments.slice(0, ancestorSegmentCountOfRolePath).join('/');
|
|
320
|
+
const contextIdPrefixFilter = FilterUtility.constructPrefixFilterAsRangeFilter(contextIdPrefix);
|
|
321
|
+
roleRecordFilter.contextId = contextIdPrefixFilter;
|
|
322
|
+
}
|
|
323
|
+
const { messages: matchingMessages } = yield messageStore.query(tenant, [roleRecordFilter]);
|
|
324
|
+
if (matchingMessages.length === 0) {
|
|
325
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMatchingRoleRecordNotFound, `No matching role record found for protocol path ${protocolRole}`);
|
|
326
|
+
}
|
|
327
|
+
});
|
|
328
|
+
}
|
|
329
|
+
/**
|
|
330
|
+
* Returns all the ProtocolActions that would authorized the incoming message
|
|
331
|
+
* (but we still need to later verify if there is a rule defined that matches one of the actions).
|
|
332
|
+
* NOTE: the reason why there could be multiple actions is because:
|
|
333
|
+
* - In case of an initial RecordsWrite, the RecordsWrite can be authorized by an allow `create` or `write` rule.
|
|
334
|
+
* - In case of a non-initial RecordsWrite by the original record author, the RecordsWrite can be authorized by a `write` or `co-update` rule.
|
|
335
|
+
*
|
|
336
|
+
* It is important to recognize that the `write` access that allowed the original record author to create the record maybe revoked
|
|
337
|
+
* (e.g. by role revocation) by the time a "non-initial" write by the same author is attempted.
|
|
338
|
+
*/
|
|
339
|
+
static getActionsSeekingARuleMatch(tenant, incomingMessage, messageStore) {
|
|
340
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
341
|
+
switch (incomingMessage.message.descriptor.method) {
|
|
342
|
+
case DwnMethodName.Delete:
|
|
343
|
+
const recordsDelete = incomingMessage;
|
|
344
|
+
const recordId = recordsDelete.message.descriptor.recordId;
|
|
345
|
+
const initialWrite = yield RecordsWrite.fetchInitialRecordsWrite(messageStore, tenant, recordId);
|
|
346
|
+
// if there is no initial write, then no action rule can authorize the incoming message, because we won't know who the original author is
|
|
347
|
+
// NOTE: purely defensive programming: currently not reachable
|
|
348
|
+
// because RecordsDelete handler already have an existence check prior to this method being called.
|
|
349
|
+
if (initialWrite === undefined) {
|
|
350
|
+
return [];
|
|
351
|
+
}
|
|
352
|
+
const actionsThatWouldAuthorizeDelete = [];
|
|
353
|
+
const prune = recordsDelete.message.descriptor.prune;
|
|
354
|
+
if (prune) {
|
|
355
|
+
actionsThatWouldAuthorizeDelete.push(ProtocolAction.CoPrune);
|
|
356
|
+
// A prune by the original record author can also be authorized by a 'prune' rule.
|
|
357
|
+
if (incomingMessage.author === initialWrite.author) {
|
|
358
|
+
actionsThatWouldAuthorizeDelete.push(ProtocolAction.Prune);
|
|
359
|
+
}
|
|
360
|
+
}
|
|
361
|
+
else {
|
|
362
|
+
actionsThatWouldAuthorizeDelete.push(ProtocolAction.CoDelete);
|
|
363
|
+
// A delete by the original record author can also be authorized by a 'delete' rule.
|
|
364
|
+
if (incomingMessage.author === initialWrite.author) {
|
|
365
|
+
actionsThatWouldAuthorizeDelete.push(ProtocolAction.Delete);
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
return actionsThatWouldAuthorizeDelete;
|
|
369
|
+
case DwnMethodName.Query:
|
|
370
|
+
return [ProtocolAction.Query];
|
|
371
|
+
case DwnMethodName.Read:
|
|
372
|
+
return [ProtocolAction.Read];
|
|
373
|
+
case DwnMethodName.Subscribe:
|
|
374
|
+
return [ProtocolAction.Subscribe];
|
|
375
|
+
case DwnMethodName.Write:
|
|
376
|
+
const incomingRecordsWrite = incomingMessage;
|
|
377
|
+
if (yield incomingRecordsWrite.isInitialWrite()) {
|
|
378
|
+
return [ProtocolAction.Create];
|
|
379
|
+
}
|
|
380
|
+
else {
|
|
381
|
+
// else incoming RecordsWrite not an initial write
|
|
382
|
+
const recordId = incomingMessage.message.recordId;
|
|
383
|
+
const initialWrite = yield RecordsWrite.fetchInitialRecordsWrite(messageStore, tenant, recordId);
|
|
384
|
+
// if there is no initial write to update from, then no action rule can authorize the incoming message
|
|
385
|
+
if (initialWrite === undefined) {
|
|
386
|
+
return [];
|
|
387
|
+
}
|
|
388
|
+
if (incomingMessage.author === initialWrite.author) {
|
|
389
|
+
// 'update' or 'co-update' action authorizes the incoming message
|
|
390
|
+
return [ProtocolAction.CoUpdate, ProtocolAction.Update];
|
|
391
|
+
}
|
|
392
|
+
else {
|
|
393
|
+
// An update by someone who is not the record author can only be authorized by a 'co-update' rule.
|
|
394
|
+
return [ProtocolAction.CoUpdate];
|
|
395
|
+
}
|
|
396
|
+
}
|
|
397
|
+
}
|
|
398
|
+
// purely defensive programming: should not be reachable
|
|
399
|
+
// setting to empty array will prevent any message from being authorized
|
|
400
|
+
return [];
|
|
401
|
+
});
|
|
402
|
+
}
|
|
403
|
+
/**
|
|
404
|
+
* Verifies the given message is authorized by one of the action rules in the given protocol rule set.
|
|
405
|
+
* @throws {Error} if action not allowed.
|
|
406
|
+
*/
|
|
407
|
+
static authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain, messageStore) {
|
|
408
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
409
|
+
var _a;
|
|
410
|
+
const incomingMessageMethod = incomingMessage.message.descriptor.method;
|
|
411
|
+
const actionsSeekingARuleMatch = yield ProtocolAuthorization.getActionsSeekingARuleMatch(tenant, incomingMessage, messageStore);
|
|
412
|
+
const author = incomingMessage.author;
|
|
413
|
+
const actionRules = ruleSet.$actions;
|
|
414
|
+
// NOTE: We have already checked that the message is not from tenant, owner, or permission grant authorized prior to this method being called.
|
|
415
|
+
if (actionRules === undefined) {
|
|
416
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationActionRulesNotFound, `no action rule defined for Records${incomingMessageMethod}, ${author} is unauthorized`);
|
|
417
|
+
}
|
|
418
|
+
const invokedRole = (_a = incomingMessage.signaturePayload) === null || _a === void 0 ? void 0 : _a.protocolRole;
|
|
419
|
+
// Iterate through the action rules to find a rule that authorizes the incoming message.
|
|
420
|
+
for (const actionRule of actionRules) {
|
|
421
|
+
// If the action rule does not have an allowed action that matches an action that can authorize the message, skip to evaluate next action rule.
|
|
422
|
+
const ruleHasAMatchingAllowedAction = actionRule.can.some(allowedAction => actionsSeekingARuleMatch.includes(allowedAction));
|
|
423
|
+
if (!ruleHasAMatchingAllowedAction) {
|
|
424
|
+
continue;
|
|
425
|
+
}
|
|
426
|
+
// Code reaches here means this action rule has an allowed action that matches the action of the message.
|
|
427
|
+
// The remaining code checks the actor/author of the incoming message.
|
|
428
|
+
// If the action rule allows `anyone`, then no further checks are needed.
|
|
429
|
+
if (actionRule.who === ProtocolActor.Anyone) {
|
|
430
|
+
return;
|
|
431
|
+
}
|
|
432
|
+
// Since not `anyone` is allowed in this action rule, we will need to check the author of the incoming message,
|
|
433
|
+
// if the author of incoming message is not defined, this action rule cannot authorize the incoming message.
|
|
434
|
+
if (author === undefined) {
|
|
435
|
+
continue;
|
|
436
|
+
}
|
|
437
|
+
// go through role validation path if a role is invoked by the incoming message
|
|
438
|
+
if (invokedRole !== undefined) {
|
|
439
|
+
// When a protocol role is being invoked, we require that there is a matching `role` rule.
|
|
440
|
+
if (actionRule.role === invokedRole) {
|
|
441
|
+
// role is successfully invoked
|
|
442
|
+
return;
|
|
443
|
+
}
|
|
444
|
+
else {
|
|
445
|
+
continue;
|
|
446
|
+
}
|
|
447
|
+
}
|
|
448
|
+
// else we go through the actor (`who`) validation
|
|
449
|
+
// If `of` is not set, handle it as a special case
|
|
450
|
+
// NOTE: `of` is always set if `who` is set to `author` (we do this check in `validateRuleSetRecursively()`)
|
|
451
|
+
if (actionRule.who === ProtocolActor.Recipient && actionRule.of === undefined) {
|
|
452
|
+
// If the action rule specifies a recipient without `of` and the incoming message is authenticated:
|
|
453
|
+
// Author must be recipient of the record being accessed
|
|
454
|
+
let recordsWriteMessage;
|
|
455
|
+
if (incomingMessage.message.descriptor.method === DwnMethodName.Write) {
|
|
456
|
+
recordsWriteMessage = incomingMessage.message;
|
|
457
|
+
}
|
|
458
|
+
else {
|
|
459
|
+
// else the incoming message must be a `RecordsDelete` because only `co-update`, `co-delete`, `co-prune` are allowed recipient actions,
|
|
460
|
+
// (we do this check in `validateRuleSetRecursively()`)
|
|
461
|
+
// and we have already checked that the incoming message is not a `RecordsWrite` above which covers `co-update` path.
|
|
462
|
+
recordsWriteMessage = recordChain[recordChain.length - 1];
|
|
463
|
+
}
|
|
464
|
+
if (recordsWriteMessage.descriptor.recipient === author) {
|
|
465
|
+
return;
|
|
466
|
+
}
|
|
467
|
+
else {
|
|
468
|
+
continue;
|
|
469
|
+
}
|
|
470
|
+
}
|
|
471
|
+
// validate the actor is allowed by the current action rule
|
|
472
|
+
const ancestorRuleSuccess = yield ProtocolAuthorization.checkActor(author, actionRule, recordChain);
|
|
473
|
+
if (ancestorRuleSuccess) {
|
|
474
|
+
return;
|
|
475
|
+
}
|
|
476
|
+
}
|
|
477
|
+
// No action rules were satisfied, message is not authorized
|
|
478
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationActionNotAllowed, `Inbound message action Records${incomingMessageMethod} by author ${incomingMessage.author} not allowed.`);
|
|
479
|
+
});
|
|
480
|
+
}
|
|
481
|
+
/**
|
|
482
|
+
* Verifies that writes adhere to the $size constraints if provided
|
|
483
|
+
* @throws {Error} if size is exceeded.
|
|
484
|
+
*/
|
|
485
|
+
static verifySizeLimit(incomingMessage, ruleSet) {
|
|
486
|
+
const { min = 0, max } = ruleSet.$size || {};
|
|
487
|
+
const dataSize = incomingMessage.message.descriptor.dataSize;
|
|
488
|
+
if (dataSize < min) {
|
|
489
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMinSizeInvalid, `data size ${dataSize} is less than allowed ${min}`);
|
|
490
|
+
}
|
|
491
|
+
if (max === undefined) {
|
|
492
|
+
return;
|
|
493
|
+
}
|
|
494
|
+
if (dataSize > max) {
|
|
495
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMaxSizeInvalid, `data size ${dataSize} is more than allowed ${max}`);
|
|
496
|
+
}
|
|
497
|
+
}
|
|
498
|
+
static verifyTagsIfNeeded(incomingMessage, ruleSet) {
|
|
499
|
+
if (ruleSet.$tags !== undefined) {
|
|
500
|
+
const { tags = {}, protocol, protocolPath } = incomingMessage.message.descriptor;
|
|
501
|
+
const _a = ruleSet.$tags, { $allowUndefinedTags, $requiredTags } = _a, properties = __rest(_a, ["$allowUndefinedTags", "$requiredTags"]);
|
|
502
|
+
// if $allowUndefinedTags is set to false and there are properties not defined in the schema, an error is thrown
|
|
503
|
+
const additionalProperties = $allowUndefinedTags || false;
|
|
504
|
+
// if $requiredTags is set, all required tags must be present
|
|
505
|
+
const required = $requiredTags || [];
|
|
506
|
+
const ajv = new Ajv.default();
|
|
507
|
+
const compiledTags = ajv.compile({
|
|
508
|
+
type: 'object',
|
|
509
|
+
properties,
|
|
510
|
+
required,
|
|
511
|
+
additionalProperties,
|
|
512
|
+
});
|
|
513
|
+
const validSchema = compiledTags(tags);
|
|
514
|
+
if (!validSchema) {
|
|
515
|
+
// the `dataVar` is used to add a qualifier to the error message.
|
|
516
|
+
// For example. If the error is related to a tag `status` in a protocol `https://example.protocol` with the protocolPath `example/path`
|
|
517
|
+
// the error would be described as `https://example.protocol/example/path/$tags/status'
|
|
518
|
+
// without this decorator it would show up as `data/status` which may be confusing.
|
|
519
|
+
const schemaError = ajv.errorsText(compiledTags.errors, { dataVar: `${protocol}/${protocolPath}/$tags` });
|
|
520
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationTagsInvalidSchema, `tags schema validation error: ${schemaError}`);
|
|
521
|
+
}
|
|
522
|
+
}
|
|
523
|
+
}
|
|
524
|
+
/**
|
|
525
|
+
* If the given RecordsWrite is not a role record, this method does nothing and succeeds immediately.
|
|
526
|
+
*
|
|
527
|
+
* Else it verifies the validity of the given `RecordsWrite` as a role record, including:
|
|
528
|
+
* 1. The same role has not been assigned to the same entity/recipient.
|
|
529
|
+
*/
|
|
530
|
+
static verifyAsRoleRecordIfNeeded(tenant, incomingMessage, ruleSet, messageStore) {
|
|
531
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
532
|
+
if (!ruleSet.$role) {
|
|
533
|
+
return;
|
|
534
|
+
}
|
|
535
|
+
// else this is a role record
|
|
536
|
+
const incomingRecordsWrite = incomingMessage;
|
|
537
|
+
const recipient = incomingRecordsWrite.message.descriptor.recipient;
|
|
538
|
+
if (recipient === undefined) {
|
|
539
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationRoleMissingRecipient, 'Role records must have a recipient');
|
|
540
|
+
}
|
|
541
|
+
const protocolPath = incomingRecordsWrite.message.descriptor.protocolPath;
|
|
542
|
+
const filter = {
|
|
543
|
+
interface: DwnInterfaceName.Records,
|
|
544
|
+
method: DwnMethodName.Write,
|
|
545
|
+
isLatestBaseState: true,
|
|
546
|
+
protocol: incomingRecordsWrite.message.descriptor.protocol,
|
|
547
|
+
protocolPath,
|
|
548
|
+
recipient,
|
|
549
|
+
};
|
|
550
|
+
const parentContextId = Records.getParentContextFromOfContextId(incomingRecordsWrite.message.contextId);
|
|
551
|
+
// if this is not the root record, add a prefix filter to the query
|
|
552
|
+
if (parentContextId !== '') {
|
|
553
|
+
const prefixFilter = FilterUtility.constructPrefixFilterAsRangeFilter(parentContextId);
|
|
554
|
+
filter.contextId = prefixFilter;
|
|
555
|
+
}
|
|
556
|
+
const { messages: matchingMessages } = yield messageStore.query(tenant, [filter]);
|
|
557
|
+
const matchingRecords = matchingMessages;
|
|
558
|
+
const matchingRecordsExceptIncomingRecordId = matchingRecords.filter((recordsWriteMessage) => recordsWriteMessage.recordId !== incomingRecordsWrite.message.recordId);
|
|
559
|
+
if (matchingRecordsExceptIncomingRecordId.length > 0) {
|
|
560
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationDuplicateRoleRecipient, `DID '${recipient}' is already recipient of a role record at protocol path '${protocolPath} under the parent context ${parentContextId}.`);
|
|
561
|
+
}
|
|
562
|
+
});
|
|
563
|
+
}
|
|
564
|
+
static getRuleSetAtProtocolPath(protocolPath, protocolDefinition) {
|
|
565
|
+
const protocolPathArray = protocolPath.split('/');
|
|
566
|
+
let currentRuleSet = protocolDefinition.structure;
|
|
567
|
+
let i = 0;
|
|
568
|
+
while (i < protocolPathArray.length) {
|
|
569
|
+
const currentTypeName = protocolPathArray[i];
|
|
570
|
+
const nextRuleSet = currentRuleSet[currentTypeName];
|
|
571
|
+
if (nextRuleSet === undefined) {
|
|
572
|
+
return undefined;
|
|
573
|
+
}
|
|
574
|
+
currentRuleSet = nextRuleSet;
|
|
575
|
+
i++;
|
|
576
|
+
}
|
|
577
|
+
return currentRuleSet;
|
|
578
|
+
}
|
|
579
|
+
/**
|
|
580
|
+
* Checks if the `who: 'author' | 'recipient'` action rule has a matching record in the record chain.
|
|
581
|
+
* @returns `true` if the action rule is satisfied; `false` otherwise.
|
|
582
|
+
*/
|
|
583
|
+
static checkActor(author, actionRule, recordChain) {
|
|
584
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
585
|
+
// find a message with matching protocolPath
|
|
586
|
+
const ancestorRecordsWrite = recordChain.find((recordsWriteMessage) => recordsWriteMessage.descriptor.protocolPath === actionRule.of);
|
|
587
|
+
if (ancestorRecordsWrite === undefined) {
|
|
588
|
+
// If this is reached, there is likely an issue with the protocol definition.
|
|
589
|
+
// The protocolPath to the actionRule should start with actionRule.of
|
|
590
|
+
// consider moving this check to ProtocolsConfigure message ingestion
|
|
591
|
+
return false;
|
|
592
|
+
}
|
|
593
|
+
if (actionRule.who === ProtocolActor.Recipient) {
|
|
594
|
+
// author of the incoming message must be the recipient of the ancestor message
|
|
595
|
+
return author === ancestorRecordsWrite.descriptor.recipient;
|
|
596
|
+
}
|
|
597
|
+
else { // actionRule.who === ProtocolActor.Author
|
|
598
|
+
// author of the incoming message must be the author of the ancestor message
|
|
599
|
+
const ancestorAuthor = (yield RecordsWrite.parse(ancestorRecordsWrite)).author;
|
|
600
|
+
return author === ancestorAuthor;
|
|
601
|
+
}
|
|
602
|
+
});
|
|
603
|
+
}
|
|
604
|
+
static getTypeName(protocolPath) {
|
|
605
|
+
return protocolPath.split('/').slice(-1)[0];
|
|
606
|
+
}
|
|
607
|
+
}
|
|
608
|
+
//# sourceMappingURL=protocol-authorization.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protocol-authorization.js","sourceRoot":"","sources":["../../../../src/core/protocol-authorization.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;AASA,OAAO,GAAG,MAAM,kBAAkB,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5E,MAAM,OAAO,qBAAqB;IAEhC;;;OAGG;IACI,MAAM,CAAO,4BAA4B,CAC9C,MAAc,EACd,eAA6B,EAC7B,YAA0B;;YAE1B,gCAAgC;YAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EAC5C,YAAY,CACb,CAAC;YAEF,8FAA8F;YAC9F,qBAAqB,CAAC,UAAU,CAC9B,eAAe,CAAC,OAAO,EACvB,kBAAkB,CAAC,KAAK,CACzB,CAAC;YAEF,0BAA0B;YAC1B,MAAM,qBAAqB,CAAC,8BAA8B,CACxD,MAAM,EACN,eAAe,EACf,YAAY,CACb,CAAC;YAEF,2CAA2C;YAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,EAChD,kBAAkB,CACnB,CAAC;YAEF,6EAA6E;YAC7E,MAAM,qBAAqB,CAAC,0BAA0B,CACpD,MAAM,EACN,eAAe,EACf,OAAO,EACP,YAAY,CACb,CAAC;YAEF,oBAAoB;YACpB,qBAAqB,CAAC,eAAe,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;YAEhE,uBAAuB;YACvB,qBAAqB,CAAC,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QACrE,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,cAAc,CAChC,MAAc,EACd,eAA6B,EAC7B,YAA0B;;YAE1B,MAAM,oBAAoB,GAAG,MAAM,qBAAqB,CAAC,iBAAiB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YAEnI,IAAI,WAAW,CAAC;YAChB,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACvC,yGAAyG;gBACzG,+GAA+G;gBAC/G,6EAA6E;gBAC7E,WAAW,GAAG,MAAM,qBAAqB,CAAC,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YACpI,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,qBAAqB,CAAC,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YACzH,CAAC;YAED,gCAAgC;YAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EAC5C,YAAY,CACb,CAAC;YAEF,2CAA2C;YAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,EAChD,kBAAkB,CACnB,CAAC;YAEF,0FAA0F;YAC1F,MAAM,qBAAqB,CAAC,iBAAiB,CAC3C,MAAM,EACN,eAAe,EACf,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EAC5C,eAAe,CAAC,OAAO,CAAC,SAAU,EAClC,kBAAkB,EAClB,YAAY,CACb,CAAC;YAEF,oEAAoE;YACpE,MAAM,qBAAqB,CAAC,8BAA8B,CACxD,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,CACb,CAAC;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,aAAa,CAC/B,MAAc,EACd,eAA4B,EAC5B,kBAAgC,EAChC,YAA0B;;YAE1B,qBAAqB;YACrB,MAAM,WAAW,GACf,MAAM,qBAAqB,CAAC,oBAAoB,CAAC,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YAE9G,gCAAgC;YAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EAC/C,YAAY,CACb,CAAC;YAEF,2CAA2C;YAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,EACnD,kBAAkB,CACnB,CAAC;YAEF,0FAA0F;YAC1F,MAAM,qBAAqB,CAAC,iBAAiB,CAC3C,MAAM,EACN,eAAe,EACf,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EAC/C,kBAAkB,CAAC,OAAO,CAAC,SAAU,EACrC,kBAAkB,EAClB,YAAY,CACb,CAAC;YAEF,oEAAoE;YACpE,MAAM,qBAAqB,CAAC,8BAA8B,CACxD,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,CACb,CAAC;QACJ,CAAC;KAAA;IAEM,MAAM,CAAO,yBAAyB,CAC3C,MAAc,EACd,eAAgD,EAChD,YAA0B;;YAE1B,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;YAExF,gCAAgC;YAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,QAAS,EAAE,sEAAsE;YACjF,YAAY,CACb,CAAC;YAEF,2CAA2C;YAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAa,EAAE,sDAAsD;YACrE,kBAAkB,CACnB,CAAC;YAEF,0FAA0F;YAC1F,MAAM,qBAAqB,CAAC,iBAAiB,CAC3C,MAAM,EACN,eAAe,EACf,QAAS,EACT,SAAS,EACT,kBAAkB,EAClB,YAAY,CACb,CAAC;YAEF,oEAAoE;YACpE,MAAM,qBAAqB,CAAC,8BAA8B,CACxD,MAAM,EACN,eAAe,EACf,OAAO,EACP,EAAE,EAAE,2DAA2D;YAC/D,YAAY,CACb,CAAC;QACJ,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,eAAe,CACjC,MAAc,EACd,eAA8B,EAC9B,YAA0B,EAC1B,YAA0B;;YAG1B,qBAAqB;YACrB,MAAM,WAAW,GACf,MAAM,qBAAqB,CAAC,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YAEtH,gCAAgC;YAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EACzC,YAAY,CACb,CAAC;YAEF,2CAA2C;YAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,EAC7C,kBAAkB,CACnB,CAAC;YAEF,0FAA0F;YAC1F,MAAM,qBAAqB,CAAC,iBAAiB,CAC3C,MAAM,EACN,eAAe,EACf,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,EACzC,YAAY,CAAC,OAAO,CAAC,SAAU,EAC/B,kBAAkB,EAClB,YAAY,CACb,CAAC;YAEF,oEAAoE;YACpE,MAAM,qBAAqB,CAAC,8BAA8B,CACxD,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,CACb,CAAC;QACJ,CAAC;KAAA;IAED;;OAEG;IACK,MAAM,CAAO,uBAAuB,CAC1C,MAAc,EACd,WAAmB,EACnB,YAA0B;;YAE1B,wGAAwG;YACxG,IAAI,WAAW,KAAK,mBAAmB,CAAC,GAAG,EAAE,CAAC;gBAC5C,OAAO,mBAAmB,CAAC,UAAU,CAAC;YACxC,CAAC;YAED,8CAA8C;YAC9C,MAAM,KAAK,GAAW;gBACpB,SAAS,EAAG,gBAAgB,CAAC,SAAS;gBACtC,MAAM,EAAM,aAAa,CAAC,SAAS;gBACnC,QAAQ,EAAI,WAAW;aACxB,CAAC;YACF,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAE1E,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,qCAAqC,EAAE,0CAA0C,WAAW,EAAE,CAAC,CAAC;YAClI,CAAC;YAED,MAAM,eAAe,GAAG,SAAS,CAAC,CAAC,CAA8B,CAAC;YAClE,OAAO,eAAe,CAAC,UAAU,CAAC,UAAU,CAAC;QAC/C,CAAC;KAAA;IAED;;;;;;;OAOG;IACK,MAAM,CAAO,oBAAoB,CACvC,MAAc,EACd,kBAAsC,EACtC,YAA0B;;YAG1B,IAAI,kBAAkB,KAAK,SAAS,EAAE,CAAC;gBACrC,OAAO,EAAE,CAAC;YACZ,CAAC;YAED,MAAM,WAAW,GAA0B,EAAE,CAAC;YAE9C,6FAA6F;YAC7F,IAAI,eAAe,GAAuB,kBAAkB,CAAC;YAC7D,OAAO,eAAe,KAAK,SAAS,EAAE,CAAC;gBAErC,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,iBAAiB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC;gBAE1G,mGAAmG;gBACnG,6FAA6F;gBAC7F,0GAA0G;gBAC1G,wIAAwI;gBACxI,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;oBAC/B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0DAA0D,EACvE,uEAAuE,eAAe,kCAAkC,CACzH,CAAC;gBACJ,CAAC;gBAED,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;gBAC/B,eAAe,GAAG,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC;YACrD,CAAC;YAED,OAAO,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC,oBAAoB;QACpD,CAAC;KAAA;IAED;;OAEG;IACK,MAAM,CAAO,iBAAiB,CACpC,MAAc,EACd,QAAgB,EAChB,YAA0B;;YAG1B,MAAM,KAAK,GAAW;gBACpB,SAAS,EAAG,gBAAgB,CAAC,OAAO;gBACpC,MAAM,EAAM,aAAa,CAAC,KAAK;gBAC/B,QAAQ,EAAI,QAAQ;aACrB,CAAC;YACF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAE/D,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAClE,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CACvB,YAAoB,EACpB,kBAAsC;QAEtC,MAAM,OAAO,GAAG,qBAAqB,CAAC,wBAAwB,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;QACjG,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,mCAAmC,EACjE,wCAAwC,YAAY,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;OAGG;IACK,MAAM,CAAO,8BAA8B,CACjD,MAAc,EACd,cAA4B,EAC5B,YAA0B;;;YAE1B,MAAM,oBAAoB,GAAG,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,CAAC;YAC7E,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;YAEjF,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC5D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,IAAI,oBAAoB,KAAK,gBAAgB,EAAE,CAAC;oBAC9C,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,oDAAoD,EACjE,2BAA2B,oBAAoB,6CAA6C,CAC7F,CAAC;gBACJ,CAAC;gBAED,OAAO;YACT,CAAC;YAED,mFAAmF;YAEnF,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS,CAAC;YAC7D,MAAM,KAAK,GAAW;gBACpB,iBAAiB,EAAG,IAAI,EAAE,kFAAkF;gBAC5G,SAAS,EAAW,gBAAgB,CAAC,OAAO;gBAC5C,MAAM,EAAc,aAAa,CAAC,KAAK;gBACvC,QAAQ;gBACR,QAAQ,EAAY,QAAQ;aAC7B,CAAC;YACF,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YAC/E,MAAM,aAAa,GAAI,cAAwC,CAAC,CAAC,CAAC,CAAC;YAEnE,6FAA6F;YAC7F,MAAM,kBAAkB,GAAG,MAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,UAAU,0CAAE,YAAY,CAAC;YACnE,MAAM,oBAAoB,GAAG,GAAG,kBAAkB,IAAI,gBAAgB,EAAE,CAAC;YACzE,IAAI,oBAAoB,KAAK,oBAAoB,EAAE,CAAC;gBAClD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0CAA0C,EACvD,2EAA2E,oBAAoB,IAAI,CACpG,CAAC;YACJ,CAAC;YAED,uFAAuF;YACvF,MAAM,iBAAiB,GAAG,GAAG,aAAa,CAAC,SAAS,IAAI,cAAc,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YAC1F,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC;YACzD,IAAI,eAAe,KAAK,iBAAiB,EAAE,CAAC;gBAC1C,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,uCAAuC,EACpD,uBAAuB,eAAe,mCAAmC,iBAAiB,IAAI,CAC/F,CAAC;YACJ,CAAC;QAEH,CAAC;KAAA;IAED;;;;OAIG;IACK,MAAM,CAAC,UAAU,CACvB,cAAmC,EACnC,aAA4B;QAG5B,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,MAAM,oBAAoB,GAAG,cAAc,CAAC,UAAU,CAAC,YAAa,CAAC;QACrE,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;QACjF,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,gCAAgC,EAC9D,oBAAoB,gBAAgB,0BAA0B,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,YAAY,GAAG,cAAc,CAAC,UAAU,CAAC,YAAa,CAAC;QAC7D,wDAAwD;QACxD,MAAM,QAAQ,GAAG,qBAAqB,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QACjE,MAAM,YAAY,GAAiB,aAAa,CAAC,QAAQ,CAAC,CAAC;QAE3D,gFAAgF;QAChF,MAAM,EAAE,MAAM,EAAE,GAAG,cAAc,CAAC,UAAU,CAAC;QAC7C,IAAI,YAAY,CAAC,MAAM,KAAK,SAAS,IAAI,YAAY,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACxE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,kCAAkC,EAC/C,SAAS,QAAQ,uBAAuB,YAAY,CAAC,MAAM;uBAC5C,MAAM,GAAG,CACzB,CAAC;QACJ,CAAC;QAED,2FAA2F;QAC3F,MAAM,EAAE,UAAU,EAAE,GAAG,cAAc,CAAC,UAAU,CAAC;QACjD,IAAI,YAAY,CAAC,WAAW,KAAK,SAAS,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7F,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,wCAAwC,EACrD,SAAS,QAAQ,+BAA+B,YAAY,CAAC,WAAW;uBACzD,UAAU,GAAG,CAC7B,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAO,iBAAiB,CACpC,MAAc,EACd,eAA6F,EAC7F,WAAmB,EACnB,SAA6B,EAC7B,kBAAsC,EACtC,YAA0B;;;YAE1B,MAAM,YAAY,GAAG,MAAA,eAAe,CAAC,gBAAgB,0CAAE,YAAY,CAAC;YAEpE,oDAAoD;YACpD,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO;YACT,CAAC;YAED,MAAM,WAAW,GAAG,qBAAqB,CAAC,wBAAwB,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;YACrG,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACpD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,6BAA6B,EAC1C,iBAAiB,YAAY,mCAAmC,CACjE,CAAC;YACJ,CAAC;YAED,sDAAsD;YACtD,MAAM,gBAAgB,GAAW;gBAC/B,SAAS,EAAW,gBAAgB,CAAC,OAAO;gBAC5C,MAAM,EAAc,aAAa,CAAC,KAAK;gBACvC,QAAQ,EAAY,WAAW;gBAC/B,YAAY,EAAQ,YAAY;gBAChC,SAAS,EAAW,eAAe,CAAC,MAAO;gBAC3C,iBAAiB,EAAG,IAAI;aACzB,CAAC;YAEF,MAAM,8BAA8B,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;YAC1E,IAAI,SAAS,KAAK,SAAS,IAAI,8BAA8B,GAAG,CAAC,EAAE,CAAC;gBAClE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qCAAqC,EAClD,qDAAqD,CACtD,CAAC;YACJ,CAAC;YAED,oHAAoH;YACpH,2HAA2H;YAC3H,uEAAuE;YACvE,sGAAsG;YACtG,IAAI,8BAA8B,GAAG,CAAC,EAAE,CAAC;gBACvC,MAAM,iBAAiB,GAAG,SAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,qFAAqF;gBACtI,MAAM,eAAe,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,8BAA8B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC7F,MAAM,qBAAqB,GAAG,aAAa,CAAC,kCAAkC,CAAC,eAAe,CAAC,CAAC;gBAEhG,gBAAgB,CAAC,SAAS,GAAG,qBAAqB,CAAC;YACrD,CAAC;YAGD,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;YAE5F,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,+CAA+C,EAC5D,mDAAmD,YAAY,EAAE,CAClE,CAAC;YACJ,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;OASG;IACK,MAAM,CAAO,2BAA2B,CAC9C,MAAc,EACd,eAA6F,EAC7F,YAA0B;;YAG1B,QAAQ,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;gBACpD,KAAK,aAAa,CAAC,MAAM;oBACvB,MAAM,aAAa,GAAG,eAAgC,CAAC;oBACvD,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;oBAC3D,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,wBAAwB,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;oBAEjG,yIAAyI;oBACzI,8DAA8D;oBAC9D,mGAAmG;oBACnG,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;wBAC/B,OAAO,EAAE,CAAC;oBACZ,CAAC;oBAED,MAAM,+BAA+B,GAAG,EAAE,CAAC;oBAC3C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;oBACrD,IAAI,KAAK,EAAE,CAAC;wBACV,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;wBAE7D,kFAAkF;wBAClF,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;4BACnD,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;wBAC7D,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;wBAE9D,oFAAoF;wBACpF,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;4BACnD,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;wBAC9D,CAAC;oBACH,CAAC;oBAED,OAAO,+BAA+B,CAAC;gBAEzC,KAAK,aAAa,CAAC,KAAK;oBACtB,OAAO,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;gBAEhC,KAAK,aAAa,CAAC,IAAI;oBACrB,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;gBAE/B,KAAK,aAAa,CAAC,SAAS;oBAC1B,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;gBAEpC,KAAK,aAAa,CAAC,KAAK;oBACtB,MAAM,oBAAoB,GAAG,eAA+B,CAAC;oBAE7D,IAAI,MAAM,oBAAoB,CAAC,cAAc,EAAE,EAAE,CAAC;wBAChD,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;oBACjC,CAAC;yBAAM,CAAC;wBACN,kDAAkD;wBAElD,MAAM,QAAQ,GAAI,eAAgC,CAAC,OAAO,CAAC,QAAQ,CAAC;wBACpE,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,wBAAwB,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;wBAEjG,sGAAsG;wBACtG,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;4BAC/B,OAAO,EAAE,CAAC;wBACZ,CAAC;wBAED,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;4BACrD,iEAAiE;4BAC/D,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;wBAC1D,CAAC;6BAAM,CAAC;4BACN,kGAAkG;4BAClG,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;wBACnC,CAAC;oBACH,CAAC;YACH,CAAC;YAED,wDAAwD;YACxD,wEAAwE;YACxE,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAED;;;OAGG;IACK,MAAM,CAAO,8BAA8B,CACjD,MAAc,EACd,eAA6F,EAC7F,OAAwB,EACxB,WAAkC,EAClC,YAA0B;;;YAE1B,MAAM,qBAAqB,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;YACxE,MAAM,wBAAwB,GAAG,MAAM,qBAAqB,CAAC,2BAA2B,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC;YAChI,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC;YACtC,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;YAErC,8IAA8I;YAE9I,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,wCAAwC,EACrD,qCAAqC,qBAAqB,KAAK,MAAM,kBAAkB,CACxF,CAAC;YACJ,CAAC;YAED,MAAM,WAAW,GAAG,MAAA,eAAe,CAAC,gBAAgB,0CAAE,YAAY,CAAC;YAEnE,wFAAwF;YACxF,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;gBACrC,+IAA+I;gBAC/I,MAAM,6BAA6B,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC,wBAAwB,CAAC,QAAQ,CAAC,aAA+B,CAAC,CAAC,CAAC;gBAC/I,IAAI,CAAC,6BAA6B,EAAE,CAAC;oBACnC,SAAS;gBACX,CAAC;gBAED,yGAAyG;gBACzG,sEAAsE;gBAEtE,yEAAyE;gBACzE,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,MAAM,EAAE,CAAC;oBAC5C,OAAO;gBACT,CAAC;gBAED,+GAA+G;gBAC/G,4GAA4G;gBAC5G,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,SAAS;gBACX,CAAC;gBAED,+EAA+E;gBAC/E,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;oBAC9B,0FAA0F;oBAC1F,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;wBACpC,+BAA+B;wBAC/B,OAAO;oBACT,CAAC;yBAAM,CAAC;wBACN,SAAS;oBACX,CAAC;gBACH,CAAC;gBAED,kDAAkD;gBAElD,kDAAkD;gBAClD,4GAA4G;gBAC5G,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,SAAS,IAAI,UAAU,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;oBAC9E,mGAAmG;oBAEnG,wDAAwD;oBACxD,IAAI,mBAAwC,CAAC;oBAC7C,IAAI,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,KAAK,aAAa,CAAC,KAAK,EAAE,CAAC;wBACtE,mBAAmB,GAAG,eAAe,CAAC,OAA8B,CAAC;oBACvE,CAAC;yBAAM,CAAC;wBACN,uIAAuI;wBACvI,uDAAuD;wBACvD,qHAAqH;wBACrH,mBAAmB,GAAG,WAAW,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBAC5D,CAAC;oBAED,IAAI,mBAAmB,CAAC,UAAU,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;wBACxD,OAAO;oBACT,CAAC;yBAAM,CAAC;wBACN,SAAS;oBACX,CAAC;gBACH,CAAC;gBAED,2DAA2D;gBAC3D,MAAM,mBAAmB,GAAY,MAAM,qBAAqB,CAAC,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;gBAC7G,IAAI,mBAAmB,EAAE,CAAC;oBACxB,OAAO;gBACT,CAAC;YACH,CAAC;YAED,4DAA4D;YAC5D,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qCAAqC,EAClD,iCAAiC,qBAAqB,cAAc,eAAe,CAAC,MAAM,eAAe,CAC1G,CAAC;QACJ,CAAC;KAAA;IAED;;;OAGG;IACK,MAAM,CAAC,eAAe,CAC5B,eAA6B,EAC7B,OAAwB;QAExB,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAE7C,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;QAE7D,IAAI,QAAQ,GAAG,GAAG,EAAE,CAAC;YACnB,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,mCAAmC,EAAE,aAAa,QAAQ,yBAAyB,GAAG,EAAE,CAAC,CAAC;QAC5H,CAAC;QAED,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,QAAQ,GAAG,GAAG,EAAE,CAAC;YACnB,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,mCAAmC,EAAE,aAAa,QAAQ,yBAAyB,GAAG,EAAE,CAAC,CAAC;QAC5H,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAC/B,eAA6B,EAC7B,OAAwB;QAExB,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAChC,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC;YAEjF,MAAM,KAAwD,OAAO,CAAC,KAAK,EAArE,EAAE,mBAAmB,EAAE,aAAa,OAAiC,EAA5B,UAAU,cAAnD,wCAAqD,CAAgB,CAAC;YAE5E,gHAAgH;YAChH,MAAM,oBAAoB,GAAG,mBAAmB,IAAI,KAAK,CAAC;YAE1D,6DAA6D;YAC7D,MAAM,QAAQ,GAAG,aAAa,IAAI,EAAE,CAAC;YAErC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC9B,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC;gBAC/B,IAAI,EAAE,QAAQ;gBACd,UAAU;gBACV,QAAQ;gBACR,oBAAoB;aACrB,CAAC,CAAC;YAEH,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;YACvC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,iEAAiE;gBACjE,uIAAuI;gBACvI,uFAAuF;gBACvF,mFAAmF;gBACnF,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,GAAG,QAAQ,IAAI,YAAY,QAAQ,EAAE,CAAC,CAAC;gBAC1G,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,sCAAsC,EAAE,iCAAiC,WAAW,EAAE,CAAC,CAAC;YAC1H,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAO,0BAA0B,CAC7C,MAAc,EACd,eAA6B,EAC7B,OAAwB,EACxB,YAA0B;;YAE1B,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACnB,OAAO;YACT,CAAC;YAED,6BAA6B;YAE7B,MAAM,oBAAoB,GAAG,eAAe,CAAC;YAC7C,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC;YACpE,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC5B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,yCAAyC,EACtD,oCAAoC,CACrC,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC,YAAa,CAAC;YAC3E,MAAM,MAAM,GAAW;gBACrB,SAAS,EAAW,gBAAgB,CAAC,OAAO;gBAC5C,MAAM,EAAc,aAAa,CAAC,KAAK;gBACvC,iBAAiB,EAAG,IAAI;gBACxB,QAAQ,EAAY,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAS;gBACrE,YAAY;gBACZ,SAAS;aACV,CAAC;YAEF,MAAM,eAAe,GAAG,OAAO,CAAC,+BAA+B,CAAC,oBAAoB,CAAC,OAAO,CAAC,SAAS,CAAE,CAAC;YAEzG,mEAAmE;YACnE,IAAI,eAAe,KAAK,EAAE,EAAE,CAAC;gBAC3B,MAAM,YAAY,GAAG,aAAa,CAAC,kCAAkC,CAAC,eAAe,CAAC,CAAC;gBACvF,MAAM,CAAC,SAAS,GAAG,YAAY,CAAC;YAClC,CAAC;YAED,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;YAClF,MAAM,eAAe,GAAG,gBAAyC,CAAC;YAClE,MAAM,qCAAqC,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,mBAAmB,EAAE,EAAE,CAC3F,mBAAmB,CAAC,QAAQ,KAAK,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CACvE,CAAC;YACF,IAAI,qCAAqC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,2CAA2C,EACxD,QAAQ,SAAS,6DAA6D,YAAY,6BAA6B,eAAe,GAAG,CAC1I,CAAC;YACJ,CAAC;QACH,CAAC;KAAA;IAEO,MAAM,CAAC,wBAAwB,CAAC,YAAoB,EAAE,kBAAsC;QAClG,MAAM,iBAAiB,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,cAAc,GAAoB,kBAAkB,CAAC,SAAS,CAAC;QACnE,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,OAAO,CAAC,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;YACpC,MAAM,eAAe,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAgC,cAAc,CAAC,eAAe,CAAC,CAAC;YAEjF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,cAAc,GAAG,WAAW,CAAC;YAC7B,CAAC,EAAE,CAAC;QACN,CAAC;QAED,OAAO,cAAc,CAAC;IACxB,CAAC;IAED;;;OAGG;IACK,MAAM,CAAO,UAAU,CAC7B,MAAc,EACd,UAA8B,EAC9B,WAAkC;;YAElC,4CAA4C;YAC5C,MAAM,oBAAoB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,mBAAmB,EAAE,EAAE,CACpE,mBAAmB,CAAC,UAAU,CAAC,YAAY,KAAK,UAAU,CAAC,EAAG,CAC/D,CAAC;YAEF,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACvC,6EAA6E;gBAC7E,qEAAqE;gBACrE,qEAAqE;gBACrE,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,SAAS,EAAE,CAAC;gBAC/C,+EAA+E;gBAC/E,OAAO,MAAM,KAAK,oBAAoB,CAAC,UAAU,CAAC,SAAS,CAAC;YAC9D,CAAC;iBAAM,CAAC,CAAC,0CAA0C;gBACjD,4EAA4E;gBAC5E,MAAM,cAAc,GAAG,CAAC,MAAM,YAAY,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,MAAM,CAAC;gBAC/E,OAAO,MAAM,KAAK,cAAc,CAAC;YACnC,CAAC;QACH,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,YAAoB;QAC7C,OAAO,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9C,CAAC;CACF"}
|