@enbox/dwn-sdk-js 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -4
- package/dist/browser.mjs +8 -8
- package/dist/browser.mjs.map +4 -4
- package/dist/esm/generated/precompiled-validators.js +799 -885
- package/dist/esm/generated/precompiled-validators.js.map +1 -1
- package/dist/esm/src/core/dwn-constant.js +5 -0
- package/dist/esm/src/core/dwn-constant.js.map +1 -1
- package/dist/esm/src/core/dwn-error.js +12 -4
- package/dist/esm/src/core/dwn-error.js.map +1 -1
- package/dist/esm/src/core/grant-authorization.js +9 -18
- package/dist/esm/src/core/grant-authorization.js.map +1 -1
- package/dist/esm/src/core/message-reply.js.map +1 -1
- package/dist/esm/src/core/messages-grant-authorization.js +28 -45
- package/dist/esm/src/core/messages-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/protocol-authorization-action.js +25 -27
- package/dist/esm/src/core/protocol-authorization-action.js.map +1 -1
- package/dist/esm/src/core/protocol-authorization-validation.js +30 -68
- package/dist/esm/src/core/protocol-authorization-validation.js.map +1 -1
- package/dist/esm/src/core/protocol-authorization.js +44 -118
- package/dist/esm/src/core/protocol-authorization.js.map +1 -1
- package/dist/esm/src/core/protocols-grant-authorization.js +5 -5
- package/dist/esm/src/core/protocols-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/recording-validation-state-reader.js +84 -0
- package/dist/esm/src/core/recording-validation-state-reader.js.map +1 -0
- package/dist/esm/src/core/records-grant-authorization.js +11 -11
- package/dist/esm/src/core/records-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/replication-apply.js +123 -28
- package/dist/esm/src/core/replication-apply.js.map +1 -1
- package/dist/esm/src/core/resumable-task-manager.js +5 -4
- package/dist/esm/src/core/resumable-task-manager.js.map +1 -1
- package/dist/esm/src/core/validation-state-reader.js +237 -0
- package/dist/esm/src/core/validation-state-reader.js.map +1 -0
- package/dist/esm/src/dwn.js +165 -132
- package/dist/esm/src/dwn.js.map +1 -1
- package/dist/esm/src/enums/dwn-interface-method.js +0 -1
- package/dist/esm/src/enums/dwn-interface-method.js.map +1 -1
- package/dist/esm/src/event-stream/durable-event-log.js +365 -0
- package/dist/esm/src/event-stream/durable-event-log.js.map +1 -0
- package/dist/esm/src/event-stream/event-emitter-wake-publisher.js +25 -0
- package/dist/esm/src/event-stream/event-emitter-wake-publisher.js.map +1 -0
- package/dist/esm/src/handlers/messages-query.js +159 -0
- package/dist/esm/src/handlers/messages-query.js.map +1 -0
- package/dist/esm/src/handlers/messages-read.js +5 -5
- package/dist/esm/src/handlers/messages-read.js.map +1 -1
- package/dist/esm/src/handlers/messages-subscribe.js +8 -8
- package/dist/esm/src/handlers/messages-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/protocols-configure.js +30 -49
- package/dist/esm/src/handlers/protocols-configure.js.map +1 -1
- package/dist/esm/src/handlers/protocols-query.js +1 -1
- package/dist/esm/src/handlers/protocols-query.js.map +1 -1
- package/dist/esm/src/handlers/records-count.js +20 -11
- package/dist/esm/src/handlers/records-count.js.map +1 -1
- package/dist/esm/src/handlers/records-delete.js +20 -16
- package/dist/esm/src/handlers/records-delete.js.map +1 -1
- package/dist/esm/src/handlers/records-query.js +35 -11
- package/dist/esm/src/handlers/records-query.js.map +1 -1
- package/dist/esm/src/handlers/records-read.js +52 -42
- package/dist/esm/src/handlers/records-read.js.map +1 -1
- package/dist/esm/src/handlers/records-subscribe.js +107 -11
- package/dist/esm/src/handlers/records-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/records-write.js +62 -116
- package/dist/esm/src/handlers/records-write.js.map +1 -1
- package/dist/esm/src/index.js +6 -7
- package/dist/esm/src/index.js.map +1 -1
- package/dist/esm/src/interfaces/{messages-sync.js → messages-query.js} +21 -15
- package/dist/esm/src/interfaces/messages-query.js.map +1 -0
- package/dist/esm/src/interfaces/protocols-configure.js +7 -3
- package/dist/esm/src/interfaces/protocols-configure.js.map +1 -1
- package/dist/esm/src/interfaces/protocols-query.js +3 -4
- package/dist/esm/src/interfaces/protocols-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-count.js +4 -3
- package/dist/esm/src/interfaces/records-count.js.map +1 -1
- package/dist/esm/src/interfaces/records-delete.js +21 -4
- package/dist/esm/src/interfaces/records-delete.js.map +1 -1
- package/dist/esm/src/interfaces/records-query.js +4 -3
- package/dist/esm/src/interfaces/records-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-read.js +3 -3
- package/dist/esm/src/interfaces/records-read.js.map +1 -1
- package/dist/esm/src/interfaces/records-subscribe.js +4 -3
- package/dist/esm/src/interfaces/records-subscribe.js.map +1 -1
- package/dist/esm/src/interfaces/records-write.js +27 -13
- package/dist/esm/src/interfaces/records-write.js.map +1 -1
- package/dist/esm/src/protocols/permissions.js +27 -34
- package/dist/esm/src/protocols/permissions.js.map +1 -1
- package/dist/esm/src/store/index-level.js +24 -9
- package/dist/esm/src/store/index-level.js.map +1 -1
- package/dist/esm/src/store/level-wrapper.js +7 -0
- package/dist/esm/src/store/level-wrapper.js.map +1 -1
- package/dist/esm/src/store/message-store-level.js +536 -42
- package/dist/esm/src/store/message-store-level.js.map +1 -1
- package/dist/esm/src/store/storage-controller.js +58 -49
- package/dist/esm/src/store/storage-controller.js.map +1 -1
- package/dist/esm/src/types/message-types.js.map +1 -1
- package/dist/esm/src/types/validation-state-reader.js +2 -0
- package/dist/esm/src/types/validation-state-reader.js.map +1 -0
- package/dist/esm/src/utils/messages.js +17 -0
- package/dist/esm/src/utils/messages.js.map +1 -1
- package/dist/esm/src/utils/record-limit-occupancy.js +244 -0
- package/dist/esm/src/utils/record-limit-occupancy.js.map +1 -0
- package/dist/esm/src/utils/records.js +50 -14
- package/dist/esm/src/utils/records.js.map +1 -1
- package/dist/esm/src/utils/replication.js +85 -0
- package/dist/esm/src/utils/replication.js.map +1 -0
- package/dist/esm/tests/core/grant-authorization.spec.js +4 -4
- package/dist/esm/tests/core/grant-authorization.spec.js.map +1 -1
- package/dist/esm/tests/core/process-message-parity.spec.js +222 -0
- package/dist/esm/tests/core/process-message-parity.spec.js.map +1 -0
- package/dist/esm/tests/core/protocol-authorization.spec.js +5 -2
- package/dist/esm/tests/core/protocol-authorization.spec.js.map +1 -1
- package/dist/esm/tests/core/records-grant-authorization.spec.js +5 -5
- package/dist/esm/tests/core/records-grant-authorization.spec.js.map +1 -1
- package/dist/esm/tests/core/replication-apply.spec.js +55 -1
- package/dist/esm/tests/core/replication-apply.spec.js.map +1 -1
- package/dist/esm/tests/core/replication-replay-property.spec.js +350 -0
- package/dist/esm/tests/core/replication-replay-property.spec.js.map +1 -0
- package/dist/esm/tests/core/validation-read-closure.spec.js +469 -0
- package/dist/esm/tests/core/validation-read-closure.spec.js.map +1 -0
- package/dist/esm/tests/core/validation-state-reader.spec.js +716 -0
- package/dist/esm/tests/core/validation-state-reader.spec.js.map +1 -0
- package/dist/esm/tests/durable-event-log.spec.js +373 -0
- package/dist/esm/tests/durable-event-log.spec.js.map +1 -0
- package/dist/esm/tests/dwn.spec.js +504 -35
- package/dist/esm/tests/dwn.spec.js.map +1 -1
- package/dist/esm/tests/features/author-delegated-grant.spec.js +9 -6
- package/dist/esm/tests/features/author-delegated-grant.spec.js.map +1 -1
- package/dist/esm/tests/features/owner-delegated-grant.spec.js +1 -4
- package/dist/esm/tests/features/owner-delegated-grant.spec.js.map +1 -1
- package/dist/esm/tests/features/owner-signature.spec.js +1 -4
- package/dist/esm/tests/features/owner-signature.spec.js.map +1 -1
- package/dist/esm/tests/features/permissions.spec.js +165 -4
- package/dist/esm/tests/features/permissions.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-composition.spec.js +8 -11
- package/dist/esm/tests/features/protocol-composition.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-create-action.spec.js +1 -4
- package/dist/esm/tests/features/protocol-create-action.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-delete-action.spec.js +3 -5
- package/dist/esm/tests/features/protocol-delete-action.spec.js.map +1 -1
- package/dist/esm/tests/features/protocol-update-action.spec.js +3 -6
- package/dist/esm/tests/features/protocol-update-action.spec.js.map +1 -1
- package/dist/esm/tests/features/records-delivery.spec.js +1 -4
- package/dist/esm/tests/features/records-delivery.spec.js.map +1 -1
- package/dist/esm/tests/features/records-immutable.spec.js +1 -4
- package/dist/esm/tests/features/records-immutable.spec.js.map +1 -1
- package/dist/esm/tests/features/records-nested-query-scope.spec.js +281 -0
- package/dist/esm/tests/features/records-nested-query-scope.spec.js.map +1 -0
- package/dist/esm/tests/features/records-prune-cross-protocol.spec.js +3 -7
- package/dist/esm/tests/features/records-prune-cross-protocol.spec.js.map +1 -1
- package/dist/esm/tests/features/records-prune.spec.js +11 -22
- package/dist/esm/tests/features/records-prune.spec.js.map +1 -1
- package/dist/esm/tests/features/records-record-limit.spec.js +441 -231
- package/dist/esm/tests/features/records-record-limit.spec.js.map +1 -1
- package/dist/esm/tests/features/records-squash.spec.js +6 -4
- package/dist/esm/tests/features/records-squash.spec.js.map +1 -1
- package/dist/esm/tests/features/records-tags.spec.js +1 -4
- package/dist/esm/tests/features/records-tags.spec.js.map +1 -1
- package/dist/esm/tests/features/resumable-tasks.spec.js +3 -5
- package/dist/esm/tests/features/resumable-tasks.spec.js.map +1 -1
- package/dist/esm/tests/fuzz/message-store.fuzz.spec.js +1 -2
- package/dist/esm/tests/fuzz/message-store.fuzz.spec.js.map +1 -1
- package/dist/esm/tests/fuzz/process-message.fuzz.spec.js +2 -4
- package/dist/esm/tests/fuzz/process-message.fuzz.spec.js.map +1 -1
- package/dist/esm/tests/fuzz/schema-validation.fuzz.spec.js +1 -1
- package/dist/esm/tests/fuzz/schema-validation.fuzz.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-query.spec.js +246 -0
- package/dist/esm/tests/handlers/messages-query.spec.js.map +1 -0
- package/dist/esm/tests/handlers/messages-read.spec.js +2 -5
- package/dist/esm/tests/handlers/messages-read.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-subscribe.spec.js +3 -14
- package/dist/esm/tests/handlers/messages-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/handlers/protocols-configure.spec.js +27 -26
- package/dist/esm/tests/handlers/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/handlers/protocols-query.spec.js +1 -4
- package/dist/esm/tests/handlers/protocols-query.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-count.spec.js +1 -4
- package/dist/esm/tests/handlers/records-count.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-delete.spec.js +312 -30
- package/dist/esm/tests/handlers/records-delete.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-query.spec.js +32 -9
- package/dist/esm/tests/handlers/records-query.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-read.spec.js +4 -4
- package/dist/esm/tests/handlers/records-read.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-subscribe.spec.js +33 -14
- package/dist/esm/tests/handlers/records-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-write.spec.js +82 -36
- package/dist/esm/tests/handlers/records-write.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-delete.spec.js +69 -2
- package/dist/esm/tests/interfaces/records-delete.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-write.spec.js +4 -3
- package/dist/esm/tests/interfaces/records-write.spec.js.map +1 -1
- package/dist/esm/tests/protocols/permissions.spec.js +55 -6
- package/dist/esm/tests/protocols/permissions.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/aggregator.spec.js +1 -4
- package/dist/esm/tests/scenarios/aggregator.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/deleted-record.spec.js +1 -4
- package/dist/esm/tests/scenarios/deleted-record.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js +1 -4
- package/dist/esm/tests/scenarios/end-to-end-tests.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/nested-roles.spec.js +1 -4
- package/dist/esm/tests/scenarios/nested-roles.spec.js.map +1 -1
- package/dist/esm/tests/scenarios/subscriptions.spec.js +1 -4
- package/dist/esm/tests/scenarios/subscriptions.spec.js.map +1 -1
- package/dist/esm/tests/store/message-store-level.spec.js +361 -5
- package/dist/esm/tests/store/message-store-level.spec.js.map +1 -1
- package/dist/esm/tests/store/message-store.spec.js +60 -0
- package/dist/esm/tests/store/message-store.spec.js.map +1 -1
- package/dist/esm/tests/test-event-stream.js +7 -3
- package/dist/esm/tests/test-event-stream.js.map +1 -1
- package/dist/esm/tests/test-stores.js +19 -9
- package/dist/esm/tests/test-stores.js.map +1 -1
- package/dist/esm/tests/test-suite.js +4 -2
- package/dist/esm/tests/test-suite.js.map +1 -1
- package/dist/esm/tests/utils/test-data-generator.js +25 -0
- package/dist/esm/tests/utils/test-data-generator.js.map +1 -1
- package/dist/esm/tests/utils/test-stub-generator.js.map +1 -1
- package/dist/esm/tests/utils/test-validation-state-reader.js +16 -0
- package/dist/esm/tests/utils/test-validation-state-reader.js.map +1 -0
- package/dist/types/generated/precompiled-validators.d.ts +6 -6
- package/dist/types/generated/precompiled-validators.d.ts.map +1 -1
- package/dist/types/src/core/core-protocol.d.ts +3 -3
- package/dist/types/src/core/core-protocol.d.ts.map +1 -1
- package/dist/types/src/core/dwn-constant.d.ts +5 -0
- package/dist/types/src/core/dwn-constant.d.ts.map +1 -1
- package/dist/types/src/core/dwn-error.d.ts +12 -4
- package/dist/types/src/core/dwn-error.d.ts.map +1 -1
- package/dist/types/src/core/grant-authorization.d.ts +5 -5
- package/dist/types/src/core/grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/message-reply.d.ts +5 -4
- package/dist/types/src/core/message-reply.d.ts.map +1 -1
- package/dist/types/src/core/messages-grant-authorization.d.ts +12 -14
- package/dist/types/src/core/messages-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/protocol-authorization-action.d.ts +4 -5
- package/dist/types/src/core/protocol-authorization-action.d.ts.map +1 -1
- package/dist/types/src/core/protocol-authorization-validation.d.ts +13 -16
- package/dist/types/src/core/protocol-authorization-validation.d.ts.map +1 -1
- package/dist/types/src/core/protocol-authorization.d.ts +8 -33
- package/dist/types/src/core/protocol-authorization.d.ts.map +1 -1
- package/dist/types/src/core/protocols-grant-authorization.d.ts +4 -4
- package/dist/types/src/core/protocols-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/recording-validation-state-reader.d.ts +75 -0
- package/dist/types/src/core/recording-validation-state-reader.d.ts.map +1 -0
- package/dist/types/src/core/records-grant-authorization.d.ts +8 -8
- package/dist/types/src/core/records-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/replication-apply.d.ts +36 -0
- package/dist/types/src/core/replication-apply.d.ts.map +1 -1
- package/dist/types/src/core/resumable-task-manager.d.ts +1 -1
- package/dist/types/src/core/resumable-task-manager.d.ts.map +1 -1
- package/dist/types/src/core/validation-state-reader.d.ts +79 -0
- package/dist/types/src/core/validation-state-reader.d.ts.map +1 -0
- package/dist/types/src/dwn.d.ts +33 -20
- package/dist/types/src/dwn.d.ts.map +1 -1
- package/dist/types/src/enums/dwn-interface-method.d.ts +0 -1
- package/dist/types/src/enums/dwn-interface-method.d.ts.map +1 -1
- package/dist/types/src/event-stream/durable-event-log.d.ts +69 -0
- package/dist/types/src/event-stream/durable-event-log.d.ts.map +1 -0
- package/dist/types/src/event-stream/event-emitter-wake-publisher.d.ts +13 -0
- package/dist/types/src/event-stream/event-emitter-wake-publisher.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-query.d.ts +20 -0
- package/dist/types/src/handlers/messages-query.d.ts.map +1 -0
- package/dist/types/src/handlers/messages-read.d.ts +1 -1
- package/dist/types/src/handlers/messages-read.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/protocols-configure.d.ts +0 -5
- package/dist/types/src/handlers/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/handlers/records-count.d.ts +2 -1
- package/dist/types/src/handlers/records-count.d.ts.map +1 -1
- package/dist/types/src/handlers/records-delete.d.ts +2 -2
- package/dist/types/src/handlers/records-delete.d.ts.map +1 -1
- package/dist/types/src/handlers/records-query.d.ts +1 -1
- package/dist/types/src/handlers/records-query.d.ts.map +1 -1
- package/dist/types/src/handlers/records-read.d.ts +2 -1
- package/dist/types/src/handlers/records-read.d.ts.map +1 -1
- package/dist/types/src/handlers/records-subscribe.d.ts +4 -5
- package/dist/types/src/handlers/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/records-write.d.ts +3 -11
- package/dist/types/src/handlers/records-write.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +14 -16
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/interfaces/messages-query.d.ts +23 -0
- package/dist/types/src/interfaces/messages-query.d.ts.map +1 -0
- package/dist/types/src/interfaces/protocols-configure.d.ts +3 -3
- package/dist/types/src/interfaces/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/interfaces/protocols-query.d.ts +2 -2
- package/dist/types/src/interfaces/protocols-query.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-count.d.ts +3 -3
- package/dist/types/src/interfaces/records-count.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-delete.d.ts +11 -3
- package/dist/types/src/interfaces/records-delete.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-query.d.ts +3 -3
- package/dist/types/src/interfaces/records-query.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-read.d.ts +3 -3
- package/dist/types/src/interfaces/records-read.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-subscribe.d.ts +3 -3
- package/dist/types/src/interfaces/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-write.d.ts +15 -7
- package/dist/types/src/interfaces/records-write.d.ts.map +1 -1
- package/dist/types/src/protocols/permissions.d.ts +9 -12
- package/dist/types/src/protocols/permissions.d.ts.map +1 -1
- package/dist/types/src/store/index-level.d.ts +10 -1
- package/dist/types/src/store/index-level.d.ts.map +1 -1
- package/dist/types/src/store/level-wrapper.d.ts +5 -0
- package/dist/types/src/store/level-wrapper.d.ts.map +1 -1
- package/dist/types/src/store/message-store-level.d.ts +94 -14
- package/dist/types/src/store/message-store-level.d.ts.map +1 -1
- package/dist/types/src/store/storage-controller.d.ts +17 -14
- package/dist/types/src/store/storage-controller.d.ts.map +1 -1
- package/dist/types/src/types/message-store.d.ts +29 -1
- package/dist/types/src/types/message-store.d.ts.map +1 -1
- package/dist/types/src/types/message-types.d.ts +2 -0
- package/dist/types/src/types/message-types.d.ts.map +1 -1
- package/dist/types/src/types/messages-types.d.ts +21 -37
- package/dist/types/src/types/messages-types.d.ts.map +1 -1
- package/dist/types/src/types/method-handler.d.ts +2 -2
- package/dist/types/src/types/method-handler.d.ts.map +1 -1
- package/dist/types/src/types/permission-types.d.ts +1 -1
- package/dist/types/src/types/subscriptions.d.ts +50 -39
- package/dist/types/src/types/subscriptions.d.ts.map +1 -1
- package/dist/types/src/types/validation-state-reader.d.ts +116 -0
- package/dist/types/src/types/validation-state-reader.d.ts.map +1 -0
- package/dist/types/src/utils/messages.d.ts +10 -0
- package/dist/types/src/utils/messages.d.ts.map +1 -1
- package/dist/types/src/utils/record-limit-occupancy.d.ts +40 -0
- package/dist/types/src/utils/record-limit-occupancy.d.ts.map +1 -0
- package/dist/types/src/utils/records.d.ts +25 -3
- package/dist/types/src/utils/records.d.ts.map +1 -1
- package/dist/types/src/utils/replication.d.ts +22 -0
- package/dist/types/src/utils/replication.d.ts.map +1 -0
- package/dist/types/tests/core/process-message-parity.spec.d.ts +2 -0
- package/dist/types/tests/core/process-message-parity.spec.d.ts.map +1 -0
- package/dist/types/tests/core/replication-replay-property.spec.d.ts +2 -0
- package/dist/types/tests/core/replication-replay-property.spec.d.ts.map +1 -0
- package/dist/types/tests/core/validation-read-closure.spec.d.ts +2 -0
- package/dist/types/tests/core/validation-read-closure.spec.d.ts.map +1 -0
- package/dist/types/tests/core/validation-state-reader.spec.d.ts +2 -0
- package/dist/types/tests/core/validation-state-reader.spec.d.ts.map +1 -0
- package/dist/types/tests/durable-event-log.spec.d.ts +2 -0
- package/dist/types/tests/durable-event-log.spec.d.ts.map +1 -0
- package/dist/types/tests/dwn.spec.d.ts.map +1 -1
- package/dist/types/tests/features/author-delegated-grant.spec.d.ts.map +1 -1
- package/dist/types/tests/features/owner-delegated-grant.spec.d.ts.map +1 -1
- package/dist/types/tests/features/owner-signature.spec.d.ts.map +1 -1
- package/dist/types/tests/features/permissions.spec.d.ts.map +1 -1
- package/dist/types/tests/features/protocol-composition.spec.d.ts.map +1 -1
- package/dist/types/tests/features/protocol-create-action.spec.d.ts.map +1 -1
- package/dist/types/tests/features/protocol-delete-action.spec.d.ts.map +1 -1
- package/dist/types/tests/features/protocol-update-action.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-delivery.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-immutable.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-nested-query-scope.spec.d.ts +2 -0
- package/dist/types/tests/features/records-nested-query-scope.spec.d.ts.map +1 -0
- package/dist/types/tests/features/records-prune-cross-protocol.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-prune.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-record-limit.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-squash.spec.d.ts.map +1 -1
- package/dist/types/tests/features/records-tags.spec.d.ts.map +1 -1
- package/dist/types/tests/features/resumable-tasks.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-query.spec.d.ts +2 -0
- package/dist/types/tests/handlers/messages-query.spec.d.ts.map +1 -0
- package/dist/types/tests/handlers/messages-read.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/protocols-configure.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/protocols-query.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-count.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-delete.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-query.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-read.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-write.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/deleted-record.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/end-to-end-tests.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/nested-roles.spec.d.ts.map +1 -1
- package/dist/types/tests/scenarios/subscriptions.spec.d.ts.map +1 -1
- package/dist/types/tests/store/message-store.spec.d.ts.map +1 -1
- package/dist/types/tests/test-event-stream.d.ts +1 -1
- package/dist/types/tests/test-event-stream.d.ts.map +1 -1
- package/dist/types/tests/test-stores.d.ts +5 -4
- package/dist/types/tests/test-stores.d.ts.map +1 -1
- package/dist/types/tests/test-suite.d.ts +1 -2
- package/dist/types/tests/test-suite.d.ts.map +1 -1
- package/dist/types/tests/utils/test-data-generator.d.ts +20 -1
- package/dist/types/tests/utils/test-data-generator.d.ts.map +1 -1
- package/dist/types/tests/utils/test-validation-state-reader.d.ts +15 -0
- package/dist/types/tests/utils/test-validation-state-reader.d.ts.map +1 -0
- package/package.json +2 -2
- package/src/core/core-protocol.ts +3 -3
- package/src/core/dwn-constant.ts +7 -1
- package/src/core/dwn-error.ts +12 -4
- package/src/core/grant-authorization.ts +11 -20
- package/src/core/message-reply.ts +6 -5
- package/src/core/messages-grant-authorization.ts +37 -70
- package/src/core/protocol-authorization-action.ts +29 -38
- package/src/core/protocol-authorization-validation.ts +39 -96
- package/src/core/protocol-authorization.ts +56 -202
- package/src/core/protocols-grant-authorization.ts +9 -9
- package/src/core/recording-validation-state-reader.ts +130 -0
- package/src/core/records-grant-authorization.ts +16 -16
- package/src/core/replication-apply.ts +172 -32
- package/src/core/resumable-task-manager.ts +10 -8
- package/src/core/validation-state-reader.ts +350 -0
- package/src/dwn.ts +285 -192
- package/src/enums/dwn-interface-method.ts +0 -1
- package/src/event-stream/durable-event-log.ts +509 -0
- package/src/event-stream/event-emitter-wake-publisher.ts +34 -0
- package/src/handlers/messages-query.ts +203 -0
- package/src/handlers/messages-read.ts +9 -10
- package/src/handlers/messages-subscribe.ts +12 -13
- package/src/handlers/protocols-configure.ts +37 -58
- package/src/handlers/protocols-query.ts +1 -1
- package/src/handlers/records-count.ts +24 -17
- package/src/handlers/records-delete.ts +29 -27
- package/src/handlers/records-query.ts +38 -17
- package/src/handlers/records-read.ts +63 -50
- package/src/handlers/records-subscribe.ts +132 -19
- package/src/handlers/records-write.ts +77 -168
- package/src/index.ts +14 -17
- package/src/interfaces/messages-query.ts +70 -0
- package/src/interfaces/protocols-configure.ts +12 -4
- package/src/interfaces/protocols-query.ts +4 -5
- package/src/interfaces/records-count.ts +9 -4
- package/src/interfaces/records-delete.ts +25 -5
- package/src/interfaces/records-query.ts +9 -4
- package/src/interfaces/records-read.ts +4 -4
- package/src/interfaces/records-subscribe.ts +9 -4
- package/src/interfaces/records-write.ts +41 -13
- package/src/protocols/permissions.ts +32 -52
- package/src/store/index-level.ts +30 -9
- package/src/store/level-wrapper.ts +9 -1
- package/src/store/message-store-level.ts +757 -47
- package/src/store/storage-controller.ts +74 -63
- package/src/types/message-store.ts +45 -2
- package/src/types/message-types.ts +3 -1
- package/src/types/messages-types.ts +26 -45
- package/src/types/method-handler.ts +3 -3
- package/src/types/permission-types.ts +1 -1
- package/src/types/subscriptions.ts +53 -42
- package/src/types/validation-state-reader.ts +127 -0
- package/src/utils/messages.ts +25 -1
- package/src/utils/record-limit-occupancy.ts +377 -0
- package/src/utils/records.ts +69 -13
- package/src/utils/replication.ts +122 -0
- package/dist/esm/src/core/record-chain.js +0 -64
- package/dist/esm/src/core/record-chain.js.map +0 -1
- package/dist/esm/src/event-stream/event-emitter-event-log.js +0 -334
- package/dist/esm/src/event-stream/event-emitter-event-log.js.map +0 -1
- package/dist/esm/src/handlers/messages-sync.js +0 -278
- package/dist/esm/src/handlers/messages-sync.js.map +0 -1
- package/dist/esm/src/interfaces/messages-sync.js.map +0 -1
- package/dist/esm/src/smt/smt-store-level.js +0 -103
- package/dist/esm/src/smt/smt-store-level.js.map +0 -1
- package/dist/esm/src/smt/smt-store-memory.js +0 -41
- package/dist/esm/src/smt/smt-store-memory.js.map +0 -1
- package/dist/esm/src/smt/smt-utils.js +0 -129
- package/dist/esm/src/smt/smt-utils.js.map +0 -1
- package/dist/esm/src/smt/sparse-merkle-tree.js +0 -577
- package/dist/esm/src/smt/sparse-merkle-tree.js.map +0 -1
- package/dist/esm/src/state-index/state-index-level.js +0 -191
- package/dist/esm/src/state-index/state-index-level.js.map +0 -1
- package/dist/esm/src/types/smt-types.js +0 -5
- package/dist/esm/src/types/smt-types.js.map +0 -1
- package/dist/esm/src/types/state-index.js +0 -2
- package/dist/esm/src/types/state-index.js.map +0 -1
- package/dist/esm/tests/event-emitter-event-log.spec.js +0 -499
- package/dist/esm/tests/event-emitter-event-log.spec.js.map +0 -1
- package/dist/esm/tests/handlers/messages-sync.spec.js +0 -1088
- package/dist/esm/tests/handlers/messages-sync.spec.js.map +0 -1
- package/dist/esm/tests/smt/smt-store-level.spec.js +0 -132
- package/dist/esm/tests/smt/smt-store-level.spec.js.map +0 -1
- package/dist/esm/tests/smt/sparse-merkle-tree.spec.js +0 -732
- package/dist/esm/tests/smt/sparse-merkle-tree.spec.js.map +0 -1
- package/dist/esm/tests/state-index/state-index-level.spec.js +0 -245
- package/dist/esm/tests/state-index/state-index-level.spec.js.map +0 -1
- package/dist/types/src/core/record-chain.d.ts +0 -24
- package/dist/types/src/core/record-chain.d.ts.map +0 -1
- package/dist/types/src/event-stream/event-emitter-event-log.d.ts +0 -80
- package/dist/types/src/event-stream/event-emitter-event-log.d.ts.map +0 -1
- package/dist/types/src/handlers/messages-sync.d.ts +0 -39
- package/dist/types/src/handlers/messages-sync.d.ts.map +0 -1
- package/dist/types/src/interfaces/messages-sync.d.ts +0 -20
- package/dist/types/src/interfaces/messages-sync.d.ts.map +0 -1
- package/dist/types/src/smt/smt-store-level.d.ts +0 -32
- package/dist/types/src/smt/smt-store-level.d.ts.map +0 -1
- package/dist/types/src/smt/smt-store-memory.d.ts +0 -22
- package/dist/types/src/smt/smt-store-memory.d.ts.map +0 -1
- package/dist/types/src/smt/smt-utils.d.ts +0 -58
- package/dist/types/src/smt/smt-utils.d.ts.map +0 -1
- package/dist/types/src/smt/sparse-merkle-tree.d.ts +0 -124
- package/dist/types/src/smt/sparse-merkle-tree.d.ts.map +0 -1
- package/dist/types/src/state-index/state-index-level.d.ts +0 -83
- package/dist/types/src/state-index/state-index-level.d.ts.map +0 -1
- package/dist/types/src/types/smt-types.d.ts +0 -81
- package/dist/types/src/types/smt-types.d.ts.map +0 -1
- package/dist/types/src/types/state-index.d.ts +0 -90
- package/dist/types/src/types/state-index.d.ts.map +0 -1
- package/dist/types/tests/event-emitter-event-log.spec.d.ts +0 -2
- package/dist/types/tests/event-emitter-event-log.spec.d.ts.map +0 -1
- package/dist/types/tests/handlers/messages-sync.spec.d.ts +0 -2
- package/dist/types/tests/handlers/messages-sync.spec.d.ts.map +0 -1
- package/dist/types/tests/smt/smt-store-level.spec.d.ts +0 -2
- package/dist/types/tests/smt/smt-store-level.spec.d.ts.map +0 -1
- package/dist/types/tests/smt/sparse-merkle-tree.spec.d.ts +0 -2
- package/dist/types/tests/smt/sparse-merkle-tree.spec.d.ts.map +0 -1
- package/dist/types/tests/state-index/state-index-level.spec.d.ts +0 -2
- package/dist/types/tests/state-index/state-index-level.spec.d.ts.map +0 -1
- package/src/core/record-chain.ts +0 -99
- package/src/event-stream/event-emitter-event-log.ts +0 -430
- package/src/handlers/messages-sync.ts +0 -403
- package/src/interfaces/messages-sync.ts +0 -69
- package/src/smt/smt-store-level.ts +0 -143
- package/src/smt/smt-store-memory.ts +0 -53
- package/src/smt/smt-utils.ts +0 -149
- package/src/smt/sparse-merkle-tree.ts +0 -698
- package/src/state-index/state-index-level.ts +0 -239
- package/src/types/smt-types.ts +0 -95
- package/src/types/state-index.ts +0 -100
|
@@ -6,5 +6,10 @@ export class DwnConstant {
|
|
|
6
6
|
* We currently encode using base64url which is a 33% increase in size.
|
|
7
7
|
*/
|
|
8
8
|
static maxDataSizeAllowedToBeEncoded = 30_000;
|
|
9
|
+
/**
|
|
10
|
+
* Maximum supported `$recordLimit.max`. Read-time occupancy projection may load
|
|
11
|
+
* up to this many occupants per scope before applying the caller's filter/page.
|
|
12
|
+
*/
|
|
13
|
+
static maxRecordLimit = 1000;
|
|
9
14
|
}
|
|
10
15
|
//# sourceMappingURL=dwn-constant.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dwn-constant.js","sourceRoot":"","sources":["../../../../src/core/dwn-constant.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,WAAW;IACtB;;;;;OAKG;IACI,MAAM,CAAU,6BAA6B,GAAG,MAAM,CAAC"}
|
|
1
|
+
{"version":3,"file":"dwn-constant.js","sourceRoot":"","sources":["../../../../src/core/dwn-constant.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,WAAW;IACtB;;;;;OAKG;IACI,MAAM,CAAU,6BAA6B,GAAG,MAAM,CAAC;IAE9D;;;OAGG;IACI,MAAM,CAAU,cAAc,GAAG,IAAI,CAAC"}
|
|
@@ -24,7 +24,6 @@ export var DwnErrorCode;
|
|
|
24
24
|
DwnErrorCode["EventLogNotOpenError"] = "EventLogNotOpenError";
|
|
25
25
|
DwnErrorCode["EventLogProgressGap"] = "EventLogProgressGap";
|
|
26
26
|
DwnErrorCode["MessagesGrantAuthorizationMismatchedProtocol"] = "MessagesGrantAuthorizationMismatchedProtocol";
|
|
27
|
-
DwnErrorCode["MessagesGrantAuthorizationProtocolSyncInfrastructureProtocol"] = "MessagesGrantAuthorizationProtocolSyncInfrastructureProtocol";
|
|
28
27
|
DwnErrorCode["MessagesGrantAuthorizationSubscribeProtocolMismatch"] = "MessagesGrantAuthorizationSubscribeProtocolMismatch";
|
|
29
28
|
DwnErrorCode["MessagesGrantAuthorizationUnfilteredSubscribeProtocolScope"] = "MessagesGrantAuthorizationUnfilteredSubscribeProtocolScope";
|
|
30
29
|
DwnErrorCode["MessagesSubscribeAuthorizationFailed"] = "MessagesSubscribeAuthorizationFailed";
|
|
@@ -49,6 +48,13 @@ export var DwnErrorCode;
|
|
|
49
48
|
DwnErrorCode["IndexInvalidSortPropertyInMemory"] = "IndexInvalidSortPropertyInMemory";
|
|
50
49
|
DwnErrorCode["IndexMissingIndexableProperty"] = "IndexMissingIndexableProperty";
|
|
51
50
|
DwnErrorCode["JwsDecodePlainObjectPayloadInvalid"] = "JwsDecodePlainObjectPayloadInvalid";
|
|
51
|
+
DwnErrorCode["MessageStoreDeleteLogEntryMissing"] = "MessageStoreDeleteLogEntryMissing";
|
|
52
|
+
DwnErrorCode["MessageStoreFingerprintScopeMutation"] = "MessageStoreFingerprintScopeMutation";
|
|
53
|
+
DwnErrorCode["MessageStorePreSubstrateLayout"] = "MessageStorePreSubstrateLayout";
|
|
54
|
+
DwnErrorCode["MessageStoreReplicationPositionOverflow"] = "MessageStoreReplicationPositionOverflow";
|
|
55
|
+
DwnErrorCode["MessageStoreUpdateMessageAndIndexesCidMismatch"] = "MessageStoreUpdateMessageAndIndexesCidMismatch";
|
|
56
|
+
DwnErrorCode["MessageStoreUpdateMessageAndIndexesMessageNotFound"] = "MessageStoreUpdateMessageAndIndexesMessageNotFound";
|
|
57
|
+
DwnErrorCode["MessageStoreUpdateIndexesMessageNotFound"] = "MessageStoreUpdateIndexesMessageNotFound";
|
|
52
58
|
DwnErrorCode["MessagePermissionGrantCreateInvocationAmbiguous"] = "MessagePermissionGrantCreateInvocationAmbiguous";
|
|
53
59
|
DwnErrorCode["MessagePermissionGrantDescriptorPayloadMismatch"] = "MessagePermissionGrantDescriptorPayloadMismatch";
|
|
54
60
|
DwnErrorCode["MessagePermissionGrantIdsDescriptorPayloadMismatch"] = "MessagePermissionGrantIdsDescriptorPayloadMismatch";
|
|
@@ -56,11 +62,11 @@ export var DwnErrorCode;
|
|
|
56
62
|
DwnErrorCode["MessagePermissionGrantIdsNotCanonical"] = "MessagePermissionGrantIdsNotCanonical";
|
|
57
63
|
DwnErrorCode["MessagePermissionGrantValidateInvocationAmbiguous"] = "MessagePermissionGrantValidateInvocationAmbiguous";
|
|
58
64
|
DwnErrorCode["MessagesReadInvalidCid"] = "MessagesReadInvalidCid";
|
|
65
|
+
DwnErrorCode["MessagesQueryAuthorizationFailed"] = "MessagesQueryAuthorizationFailed";
|
|
66
|
+
DwnErrorCode["MessagesQueryReplicationFeedUnimplemented"] = "MessagesQueryReplicationFeedUnimplemented";
|
|
59
67
|
DwnErrorCode["MessagesReadAuthorizationFailed"] = "MessagesReadAuthorizationFailed";
|
|
60
68
|
DwnErrorCode["MessageGetInvalidCid"] = "MessageGetInvalidCid";
|
|
61
69
|
DwnErrorCode["MessagesReadVerifyScopeFailed"] = "MessagesReadVerifyScopeFailed";
|
|
62
|
-
DwnErrorCode["MessagesSyncAuthorizationFailed"] = "MessagesSyncAuthorizationFailed";
|
|
63
|
-
DwnErrorCode["MessagesSyncInvalidPrefix"] = "MessagesSyncInvalidPrefix";
|
|
64
70
|
DwnErrorCode["ParseCidCodecNotSupported"] = "ParseCidCodecNotSupported";
|
|
65
71
|
DwnErrorCode["ParseCidMultihashNotSupported"] = "ParseCidMultihashNotSupported";
|
|
66
72
|
DwnErrorCode["PermissionsProtocolCreateGrantScopeContextIdProtocolPathConflict"] = "PermissionsProtocolCreateGrantScopeContextIdProtocolPathConflict";
|
|
@@ -102,7 +108,6 @@ export var DwnErrorCode;
|
|
|
102
108
|
DwnErrorCode["ProtocolAuthorizationMatchingRoleRecordNotFound"] = "ProtocolAuthorizationMatchingRoleRecordNotFound";
|
|
103
109
|
DwnErrorCode["ProtocolAuthorizationMaxSizeInvalid"] = "ProtocolAuthorizationMaxSizeInvalid";
|
|
104
110
|
DwnErrorCode["ProtocolAuthorizationMinSizeInvalid"] = "ProtocolAuthorizationMinSizeInvalid";
|
|
105
|
-
DwnErrorCode["ProtocolAuthorizationRecordLimitExceeded"] = "ProtocolAuthorizationRecordLimitExceeded";
|
|
106
111
|
DwnErrorCode["ProtocolAuthorizationRecordLimitStrategyNotImplemented"] = "ProtocolAuthorizationRecordLimitStrategyNotImplemented";
|
|
107
112
|
DwnErrorCode["ProtocolAuthorizationSquashNotEnabled"] = "ProtocolAuthorizationSquashNotEnabled";
|
|
108
113
|
DwnErrorCode["ProtocolAuthorizationSquashNotInitialWrite"] = "ProtocolAuthorizationSquashNotInitialWrite";
|
|
@@ -155,6 +160,7 @@ export var DwnErrorCode;
|
|
|
155
160
|
DwnErrorCode["RecordsAuthorDelegatedGrantNotADelegatedGrant"] = "RecordsAuthorDelegatedGrantNotADelegatedGrant";
|
|
156
161
|
DwnErrorCode["RecordsDecryptNoMatchingKeyEncryptedFound"] = "RecordsDecryptNoMatchingKeyEncryptedFound";
|
|
157
162
|
DwnErrorCode["RecordsCountFilterMissingRequiredProperties"] = "RecordsCountFilterMissingRequiredProperties";
|
|
163
|
+
DwnErrorCode["RecordsCountNestedProtocolPathContextIdInvalid"] = "RecordsCountNestedProtocolPathContextIdInvalid";
|
|
158
164
|
DwnErrorCode["RecordsQueryCreateFilterPublishedSortInvalid"] = "RecordsQueryCreateFilterPublishedSortInvalid";
|
|
159
165
|
DwnErrorCode["RecordsQueryParseFilterPublishedSortInvalid"] = "RecordsQueryParseFilterPublishedSortInvalid";
|
|
160
166
|
DwnErrorCode["RecordsGrantAuthorizationConditionPublicationProhibited"] = "RecordsGrantAuthorizationConditionPublicationProhibited";
|
|
@@ -172,10 +178,12 @@ export var DwnErrorCode;
|
|
|
172
178
|
DwnErrorCode["RecordsOwnerDelegatedGrantGrantedToAndOwnerSignatureMismatch"] = "RecordsOwnerDelegatedGrantGrantedToAndOwnerSignatureMismatch";
|
|
173
179
|
DwnErrorCode["RecordsOwnerDelegatedGrantNotADelegatedGrant"] = "RecordsOwnerDelegatedGrantNotADelegatedGrant";
|
|
174
180
|
DwnErrorCode["RecordsQueryFilterMissingRequiredProperties"] = "RecordsQueryFilterMissingRequiredProperties";
|
|
181
|
+
DwnErrorCode["RecordsQueryNestedProtocolPathContextIdInvalid"] = "RecordsQueryNestedProtocolPathContextIdInvalid";
|
|
175
182
|
DwnErrorCode["RecordsReadCreateFilterPublishedSortInvalid"] = "RecordsReadCreateFilterPublishedSortInvalid";
|
|
176
183
|
DwnErrorCode["RecordsReadParseFilterPublishedSortInvalid"] = "RecordsReadParseFilterPublishedSortInvalid";
|
|
177
184
|
DwnErrorCode["RecordsSubscribeEventLogUnimplemented"] = "RecordsSubscribeEventLogUnimplemented";
|
|
178
185
|
DwnErrorCode["RecordsSubscribeFilterMissingRequiredProperties"] = "RecordsSubscribeFilterMissingRequiredProperties";
|
|
186
|
+
DwnErrorCode["RecordsSubscribeNestedProtocolPathContextIdInvalid"] = "RecordsSubscribeNestedProtocolPathContextIdInvalid";
|
|
179
187
|
DwnErrorCode["RecordsWriteAttestationIntegrityMoreThanOneSignature"] = "RecordsWriteAttestationIntegrityMoreThanOneSignature";
|
|
180
188
|
DwnErrorCode["RecordsWriteAttestationIntegrityDescriptorCidMismatch"] = "RecordsWriteAttestationIntegrityDescriptorCidMismatch";
|
|
181
189
|
DwnErrorCode["RecordsWriteAttestationIntegrityInvalidPayloadProperty"] = "RecordsWriteAttestationIntegrityInvalidPayloadProperty";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dwn-error.js","sourceRoot":"","sources":["../../../../src/core/dwn-error.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,OAAO,QAAS,SAAQ,KAAK;IACb;IAApB,YAAoB,IAAY,EAAE,OAAe;QAC/C,KAAK,CAAC,GAAG,IAAI,KAAK,OAAO,EAAE,CAAC,CAAC;QADX,SAAI,GAAJ,IAAI,CAAQ;QAG9B,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;IACzB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,
|
|
1
|
+
{"version":3,"file":"dwn-error.js","sourceRoot":"","sources":["../../../../src/core/dwn-error.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,OAAO,QAAS,SAAQ,KAAK;IACb;IAApB,YAAoB,IAAY,EAAE,OAAe;QAC/C,KAAK,CAAC,GAAG,IAAI,KAAK,OAAO,EAAE,CAAC,CAAC;QADX,SAAI,GAAJ,IAAI,CAAQ;QAG9B,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;IACzB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,YAuNX;AAvND,WAAY,YAAY;IACtB,iEAAiD,CAAA;IACjD,uFAAuE,CAAA;IACvE,iHAAiG,CAAA;IACjG,mFAAmE,CAAA;IACnE,2EAA2D,CAAA;IAC3D,mFAAmE,CAAA;IACnE,uDAAuC,CAAA;IACvC,6DAA6C,CAAA;IAC7C,2DAA2C,CAAA;IAC3C,6GAA6F,CAAA;IAC7F,2HAA2G,CAAA;IAC3G,yIAAyH,CAAA;IACzH,6FAA6E,CAAA;IAC7E,6GAA6F,CAAA;IAC7F,iGAAiF,CAAA;IACjF,iGAAiF,CAAA;IACjF,yFAAyE,CAAA;IACzE,6EAA6D,CAAA;IAC7D,6EAA6D,CAAA;IAC7D,iFAAiE,CAAA;IACjE,iFAAiE,CAAA;IACjE,iFAAiE,CAAA;IACjE,2FAA2E,CAAA;IAC3E,qFAAqE,CAAA;IACrE,+FAA+E,CAAA;IAC/E,6FAA6E,CAAA;IAC7E,2FAA2E,CAAA;IAC3E,yEAAyD,CAAA;IACzD,qFAAqE,CAAA;IACrE,2EAA2D,CAAA;IAC3D,iFAAiE,CAAA;IACjE,qFAAqE,CAAA;IACrE,+EAA+D,CAAA;IAC/D,yFAAyE,CAAA;IACzE,uFAAuE,CAAA;IACvE,6FAA6E,CAAA;IAC7E,iFAAiE,CAAA;IACjE,mGAAmF,CAAA;IACnF,iHAAiG,CAAA;IACjG,yHAAyG,CAAA;IACzG,qGAAqF,CAAA;IACrF,mHAAmG,CAAA;IACnG,mHAAmG,CAAA;IACnG,yHAAyG,CAAA;IACzG,iFAAiE,CAAA;IACjE,+FAA+E,CAAA;IAC/E,uHAAuG,CAAA;IACvG,iEAAiD,CAAA;IACjD,qFAAqE,CAAA;IACrE,uGAAuF,CAAA;IACvF,mFAAmE,CAAA;IACnE,6DAA6C,CAAA;IAC7C,+EAA+D,CAAA;IAC/D,uEAAuD,CAAA;IACvD,+EAA+D,CAAA;IAC/D,qJAAqI,CAAA;IACrI,uIAAuH,CAAA;IACvH,uIAAuH,CAAA;IACvH,yJAAyI,CAAA;IACzI,2IAA2H,CAAA;IAC3H,2IAA2H,CAAA;IAC3H,yGAAyF,CAAA;IACzF,uHAAuG,CAAA;IACvG,+IAA+H,CAAA;IAC/H,2IAA2H,CAAA;IAC3H,qHAAqG,CAAA;IACrG,yHAAyG,CAAA;IACzG,qIAAqH,CAAA;IACrH,qGAAqF,CAAA;IACrF,iGAAiF,CAAA;IACjF,6FAA6E,CAAA;IAC7E,qFAAqE,CAAA;IACrE,iGAAiF,CAAA;IACjF,yGAAyF,CAAA;IACzF,qGAAqF,CAAA;IACrF,yFAAyE,CAAA;IACzE,mGAAmF,CAAA;IACnF,2FAA2E,CAAA;IAC3E,qFAAqE,CAAA;IACrE,+FAA+E,CAAA;IAC/E,qGAAqF,CAAA;IACrF,qHAAqG,CAAA;IACrG,qGAAqF,CAAA;IACrF,mGAAmF,CAAA;IACnF,yGAAyF,CAAA;IACzF,mIAAmH,CAAA;IACnH,2GAA2F,CAAA;IAC3F,mGAAmF,CAAA;IACnF,6FAA6E,CAAA;IAC7E,yFAAyE,CAAA;IACzE,qFAAqE,CAAA;IACrE,mHAAmG,CAAA;IACnG,2FAA2E,CAAA;IAC3E,2FAA2E,CAAA;IAC3E,iIAAiH,CAAA;IACjH,+FAA+E,CAAA;IAC/E,yGAAyF,CAAA;IACzF,2FAA2E,CAAA;IAC3E,mIAAmH,CAAA;IACnH,yIAAyH,CAAA;IACzH,2IAA2H,CAAA;IAC3H,+FAA+E,CAAA;IAC/E,2FAA2E,CAAA;IAC3E,uGAAuF,CAAA;IACvF,6HAA6G,CAAA;IAC7G,+EAA+D,CAAA;IAC/D,yIAAyH,CAAA;IACzH,+FAA+E,CAAA;IAC/E,uGAAuF,CAAA;IACvF,iGAAiF,CAAA;IACjF,+FAA+E,CAAA;IAC/E,iHAAiG,CAAA;IACjG,uGAAuF,CAAA;IACvF,qGAAqF,CAAA;IACrF,uFAAuE,CAAA;IACvE,+GAA+F,CAAA;IAC/F,+FAA+E,CAAA;IAC/E,qGAAqF,CAAA;IACrF,6GAA6F,CAAA;IAC7F,6FAA6E,CAAA;IAC7E,+EAA+D,CAAA;IAC/D,qGAAqF,CAAA;IACrF,iHAAiG,CAAA;IACjG,2GAA2F,CAAA;IAC3F,yHAAyG,CAAA;IACzG,uHAAuG,CAAA;IACvG,yHAAyG,CAAA;IACzG,qGAAqF,CAAA;IACrF,yGAAyF,CAAA;IACzF,yGAAyF,CAAA;IACzF,yGAAyF,CAAA;IACzF,yFAAyE,CAAA;IACzE,yFAAyE,CAAA;IACzE,qGAAqF,CAAA;IACrF,yGAAyF,CAAA;IACzF,6GAA6F,CAAA;IAC7F,+GAA+F,CAAA;IAC/F,+HAA+G,CAAA;IAC/G,qHAAqG,CAAA;IACrG,yEAAyD,CAAA;IACzD,uHAAuG,CAAA;IACvG,iGAAiF,CAAA;IACjF,+IAA+H,CAAA;IAC/H,+GAA+F,CAAA;IAC/F,uGAAuF,CAAA;IACvF,2GAA2F,CAAA;IAC3F,iHAAiG,CAAA;IAEjG,6GAA6F,CAAA;IAC7F,2GAA2F,CAAA;IAC3F,mIAAmH,CAAA;IACnH,+HAA+G,CAAA;IAC/G,6HAA6G,CAAA;IAC7G,iJAAiI,CAAA;IACjI,mHAAmG,CAAA;IACnG,iGAAiF,CAAA;IACjF,iHAAiG,CAAA;IACjG,yHAAyG,CAAA;IACzG,mGAAmF,CAAA;IACnF,yGAAyF,CAAA;IACzF,qHAAqG,CAAA;IACrG,+FAA+E,CAAA;IAC/E,6IAA6H,CAAA;IAC7H,6GAA6F,CAAA;IAE7F,2GAA2F,CAAA;IAC3F,iHAAiG,CAAA;IAEjG,2GAA2F,CAAA;IAC3F,yGAAyF,CAAA;IACzF,+FAA+E,CAAA;IAC/E,mHAAmG,CAAA;IACnG,yHAAyG,CAAA;IAEzG,6HAA6G,CAAA;IAC7G,+HAA+G,CAAA;IAC/G,iIAAiH,CAAA;IAEjH,mFAAmE,CAAA;IACnE,uHAAuG,CAAA;IACvG,+HAA+G,CAAA;IAC/G,uFAAuE,CAAA;IACvE,2EAA2D,CAAA;IAC3D,6EAA6D,CAAA;IAC7D,+FAA+E,CAAA;IAC/E,qGAAqF,CAAA;IACrF,2FAA2E,CAAA;IAC3E,6FAA6E,CAAA;IAC7E,uEAAuD,CAAA;IACvD,uFAAuE,CAAA;IACvE,qGAAqF,CAAA;IACrF,+EAA+D,CAAA;IAE/D,uFAAuE,CAAA;IACvE,yFAAyE,CAAA;IACzE,6GAA6F,CAAA;IAC7F,6FAA6E,CAAA;IAC7E,qHAAqG,CAAA;IACrG,iHAAiG,CAAA;IACjG,uJAAuI,CAAA;IACvI,qHAAqG,CAAA;IACrG,yHAAyG,CAAA;IACzG,uHAAuG,CAAA;IACvG,2GAA2F,CAAA;IAC3F,iEAAiD,CAAA;IACjD,+EAA+D,CAAA;IAC/D,6GAA6F,CAAA;IAC7F,6DAA6C,CAAA;IAC7C,6DAA6C,CAAA;IAC7C,qDAAqC,CAAA;IACrC,qEAAqD,CAAA;IACrD,yEAAyD,CAAA;IACzD,iEAAiD,CAAA;IACjD,mFAAmE,CAAA;AACrE,CAAC,EAvNW,YAAY,KAAZ,YAAY,QAuNvB;AAAA,CAAC"}
|
|
@@ -1,5 +1,3 @@
|
|
|
1
|
-
import { Message } from './message.js';
|
|
2
|
-
import { PERMISSIONS_REVOCATION_PATH } from './constants.js';
|
|
3
1
|
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
4
2
|
import { DwnInterfaceName, DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
5
3
|
export class GrantAuthorization {
|
|
@@ -11,16 +9,16 @@ export class GrantAuthorization {
|
|
|
11
9
|
*
|
|
12
10
|
* NOTE: Does not validate grant `conditions` or `scope` beyond `interface` and `method`
|
|
13
11
|
*
|
|
14
|
-
* @param
|
|
12
|
+
* @param validationStateReader Used to check if the grant has been revoked.
|
|
15
13
|
* @throws {DwnError} if validation fails
|
|
16
14
|
*/
|
|
17
15
|
static async performBaseValidation(input) {
|
|
18
|
-
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrant,
|
|
16
|
+
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrant, validationStateReader } = input;
|
|
19
17
|
const incomingMessageDescriptor = incomingMessage.descriptor;
|
|
20
18
|
GrantAuthorization.verifyExpectedGrantorAndGrantee(expectedGrantor, expectedGrantee, permissionGrant);
|
|
21
19
|
// verify that grant is active during incomingMessage's timestamp
|
|
22
20
|
const grantedFor = expectedGrantor; // renaming for better readability now that we have verified the grantor above
|
|
23
|
-
await GrantAuthorization.verifyGrantActive(grantedFor, incomingMessageDescriptor.messageTimestamp, permissionGrant,
|
|
21
|
+
await GrantAuthorization.verifyGrantActive(grantedFor, incomingMessageDescriptor.messageTimestamp, permissionGrant, validationStateReader);
|
|
24
22
|
// Check grant scope for interface and method
|
|
25
23
|
await GrantAuthorization.verifyGrantScopeInterfaceAndMethod(incomingMessageDescriptor.interface, incomingMessageDescriptor.method, permissionGrant);
|
|
26
24
|
}
|
|
@@ -42,10 +40,10 @@ export class GrantAuthorization {
|
|
|
42
40
|
/**
|
|
43
41
|
* Verify that the incoming message is within the allowed time frame of the grant,
|
|
44
42
|
* and the grant has not been revoked.
|
|
45
|
-
* @param
|
|
43
|
+
* @param validationStateReader Used to check if the grant has been revoked.
|
|
46
44
|
* @throws {DwnError} if incomingMessage has timestamp for a time in which the grant is not active.
|
|
47
45
|
*/
|
|
48
|
-
static async verifyGrantActive(grantedFor, incomingMessageTimestamp, permissionGrant,
|
|
46
|
+
static async verifyGrantActive(grantedFor, incomingMessageTimestamp, permissionGrant, validationStateReader) {
|
|
49
47
|
// Check that incomingMessage is within the grant's time frame
|
|
50
48
|
if (incomingMessageTimestamp < permissionGrant.dateGranted) {
|
|
51
49
|
// grant is not yet active
|
|
@@ -55,14 +53,7 @@ export class GrantAuthorization {
|
|
|
55
53
|
// grant has expired
|
|
56
54
|
throw new DwnError(DwnErrorCode.GrantAuthorizationGrantExpired, `The message has timestamp after the expiry of the associated permission grant`);
|
|
57
55
|
}
|
|
58
|
-
|
|
59
|
-
const query = {
|
|
60
|
-
parentId: permissionGrant.id,
|
|
61
|
-
protocolPath: PERMISSIONS_REVOCATION_PATH,
|
|
62
|
-
isLatestBaseState: true
|
|
63
|
-
};
|
|
64
|
-
const { messages: revokes } = await messageStore.query(grantedFor, [query]);
|
|
65
|
-
const oldestExistingRevoke = await Message.getOldestMessage(revokes);
|
|
56
|
+
const oldestExistingRevoke = await validationStateReader.fetchOldestGrantRevocation(grantedFor, permissionGrant.id);
|
|
66
57
|
if (oldestExistingRevoke !== undefined && oldestExistingRevoke.descriptor.messageTimestamp <= incomingMessageTimestamp) {
|
|
67
58
|
throw new DwnError(DwnErrorCode.GrantAuthorizationGrantRevoked, `Permission grant with CID ${permissionGrant.id} has been revoked`);
|
|
68
59
|
}
|
|
@@ -71,7 +62,7 @@ export class GrantAuthorization {
|
|
|
71
62
|
* Verify that the `interface` and `method` grant scopes match the incoming message.
|
|
72
63
|
*
|
|
73
64
|
* For the Messages interface, a `Read` scope is treated as a unified scope that also authorizes
|
|
74
|
-
* `Subscribe
|
|
65
|
+
* `Query`, `Subscribe`, and `Sync` operations.
|
|
75
66
|
*
|
|
76
67
|
* @throws {DwnError} if the `interface` and `method` of the incoming message do not match the scope of the permission grant.
|
|
77
68
|
*/
|
|
@@ -79,13 +70,13 @@ export class GrantAuthorization {
|
|
|
79
70
|
if (dwnInterface !== permissionGrant.scope.interface) {
|
|
80
71
|
throw new DwnError(DwnErrorCode.GrantAuthorizationInterfaceMismatch, `DWN Interface of incoming message is outside the scope of permission grant with ID ${permissionGrant.id}`);
|
|
81
72
|
}
|
|
82
|
-
// Messages.Read is the only valid Messages scope and covers Read,
|
|
73
|
+
// Messages.Read is the only valid Messages scope and covers Read, Query, and Subscribe operations.
|
|
83
74
|
// Reject any Messages grant with method !== Read.
|
|
84
75
|
if (dwnInterface === DwnInterfaceName.Messages) {
|
|
85
76
|
if (permissionGrant.scope.method !== DwnMethodName.Read) {
|
|
86
77
|
throw new DwnError(DwnErrorCode.GrantAuthorizationMethodMismatch, `messages permission grant must have method 'Read', got '${permissionGrant.scope.method}' for grant ${permissionGrant.id}`);
|
|
87
78
|
}
|
|
88
|
-
const allowedMethods = [DwnMethodName.Read, DwnMethodName.
|
|
79
|
+
const allowedMethods = [DwnMethodName.Read, DwnMethodName.Query, DwnMethodName.Subscribe];
|
|
89
80
|
if (!allowedMethods.includes(dwnMethod)) {
|
|
90
81
|
throw new DwnError(DwnErrorCode.GrantAuthorizationMethodMismatch, `DWN Method of incoming message is outside the scope of permission grant with ID ${permissionGrant.id}`);
|
|
91
82
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/grant-authorization.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/grant-authorization.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAEnF,MAAM,OAAO,kBAAkB;IAE7B;;;;;;;;;;OAUG;IACI,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,KAMvC;QACD,MAAM,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,qBAAqB,EAAE,GAAG,KAAK,CAAC;QAE5G,MAAM,yBAAyB,GAAG,eAAe,CAAC,UAAU,CAAC;QAE7D,kBAAkB,CAAC,+BAA+B,CAAC,eAAe,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAEtG,iEAAiE;QACjE,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,8EAA8E;QAClH,MAAM,kBAAkB,CAAC,iBAAiB,CACxC,UAAU,EACV,yBAAyB,CAAC,gBAAgB,EAC1C,eAAe,EACf,qBAAqB,CACtB,CAAC;QAEF,6CAA6C;QAC7C,MAAM,kBAAkB,CAAC,kCAAkC,CACzD,yBAAyB,CAAC,SAAS,EACnC,yBAAyB,CAAC,MAAM,EAChC,eAAe,CAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACK,MAAM,CAAC,+BAA+B,CAC5C,eAAuB,EACvB,eAAuB,EACvB,eAAgC;QAGhC,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC;QAC9C,IAAI,eAAe,KAAK,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,oCAAoC,EACjD,kCAAkC,aAAa,+BAA+B,eAAe,EAAE,CAChG,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC;QAC9C,IAAI,eAAe,KAAK,aAAa,EAAE,CAAC;YACtC,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qCAAqC,EAClD,kCAAkC,aAAa,+BAA+B,eAAe,EAAE,CAChG,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAC,KAAK,CAAC,iBAAiB,CACpC,UAAkB,EAClB,wBAAgC,EAChC,eAAgC,EAChC,qBAA4C;QAE5C,8DAA8D;QAC9D,IAAI,wBAAwB,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC;YAC3D,0BAA0B;YAC1B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,mCAAmC,EAChD,mFAAmF,CACpF,CAAC;QACJ,CAAC;QAED,IAAI,wBAAwB,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;YAC5D,oBAAoB;YACpB,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,8BAA8B,EAC3C,+EAA+E,CAChF,CAAC;QACJ,CAAC;QAED,MAAM,oBAAoB,GAAG,MAAM,qBAAqB,CAAC,0BAA0B,CAAC,UAAU,EAAE,eAAe,CAAC,EAAE,CAAC,CAAC;QAEpH,IAAI,oBAAoB,KAAK,SAAS,IAAI,oBAAoB,CAAC,UAAU,CAAC,gBAAgB,IAAI,wBAAwB,EAAE,CAAC;YACvH,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,8BAA8B,EAC3C,6BAA6B,eAAe,CAAC,EAAE,mBAAmB,CACnE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,MAAM,CAAC,KAAK,CAAC,kCAAkC,CACrD,YAAoB,EACpB,SAAiB,EACjB,eAAgC;QAGhC,IAAI,YAAY,KAAK,eAAe,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACrD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,mCAAmC,EAChD,sFAAsF,eAAe,CAAC,EAAE,EAAE,CAC3G,CAAC;QACJ,CAAC;QAED,mGAAmG;QACnG,kDAAkD;QAClD,IAAI,YAAY,KAAK,gBAAgB,CAAC,QAAQ,EAAE,CAAC;YAC/C,IAAI,eAAe,CAAC,KAAK,CAAC,MAAM,KAAK,aAAa,CAAC,IAAI,EAAE,CAAC;gBACxD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,gCAAgC,EAC7C,2DAA2D,eAAe,CAAC,KAAK,CAAC,MAAM,eAAe,eAAe,CAAC,EAAE,EAAE,CAC3H,CAAC;YACJ,CAAC;YACD,MAAM,cAAc,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,aAAa,CAAC,KAAK,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;YAC1F,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,SAA0B,CAAC,EAAE,CAAC;gBACzD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,gCAAgC,EAC7C,mFAAmF,eAAe,CAAC,EAAE,EAAE,CACxG,CAAC;YACJ,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,SAAS,KAAK,eAAe,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC/C,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,gCAAgC,EAC7C,mFAAmF,eAAe,CAAC,EAAE,EAAE,CACxG,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"message-reply.js","sourceRoot":"","sources":["../../../../src/core/message-reply.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"message-reply.js","sourceRoot":"","sources":["../../../../src/core/message-reply.ts"],"names":[],"mappings":"AAOA,MAAM,UAAU,qBAAqB,CAAC,CAAU,EAAE,IAAY;IAE5D,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;IAExD,OAAO,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,CAAC;AACtC,CAAC"}
|
|
@@ -1,69 +1,52 @@
|
|
|
1
1
|
import { DwnInterfaceName } from '../enums/dwn-interface-method.js';
|
|
2
2
|
import { GrantAuthorization } from './grant-authorization.js';
|
|
3
|
-
import { isRecordsPrimaryProjectionExcludedProtocol } from './constants.js';
|
|
4
3
|
import { PermissionScopeMatcher } from '../utils/permission-scope.js';
|
|
5
4
|
import { PermissionsProtocol } from '../protocols/permissions.js';
|
|
6
5
|
import { Records } from '../utils/records.js';
|
|
7
|
-
import { RecordsWrite } from '../interfaces/records-write.js';
|
|
8
6
|
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
9
7
|
export class MessagesGrantAuthorization {
|
|
10
|
-
static async fetchPermissionGrants(tenant,
|
|
11
|
-
return Promise.all(permissionGrantIds.map(permissionGrantId =>
|
|
8
|
+
static async fetchPermissionGrants(tenant, validationStateReader, permissionGrantIds) {
|
|
9
|
+
return Promise.all(permissionGrantIds.map(permissionGrantId => validationStateReader.fetchGrant(tenant, permissionGrantId)));
|
|
12
10
|
}
|
|
13
11
|
/**
|
|
14
12
|
* Authorizes a MessagesReadMessage using the given permission grant.
|
|
15
|
-
* @param
|
|
13
|
+
* @param validationStateReader Used to check grant revocation and fetch related RecordsWrites if needed.
|
|
16
14
|
*/
|
|
17
15
|
static async authorizeMessagesRead(input) {
|
|
18
|
-
const { messagesReadMessage, messageToRead, expectedGrantor, expectedGrantee, permissionGrants,
|
|
16
|
+
const { messagesReadMessage, messageToRead, expectedGrantor, expectedGrantee, permissionGrants, validationStateReader } = input;
|
|
19
17
|
await MessagesGrantAuthorization.performBaseValidationForGrantSet({
|
|
20
18
|
incomingMessage: messagesReadMessage,
|
|
21
19
|
expectedGrantor,
|
|
22
20
|
expectedGrantee,
|
|
23
21
|
permissionGrants,
|
|
24
|
-
|
|
22
|
+
validationStateReader
|
|
25
23
|
});
|
|
26
24
|
for (const permissionGrant of permissionGrants) {
|
|
27
25
|
const scope = permissionGrant.scope;
|
|
28
|
-
if (await MessagesGrantAuthorization.isScopeAuthorized(expectedGrantor, messageToRead, scope,
|
|
26
|
+
if (await MessagesGrantAuthorization.isScopeAuthorized(expectedGrantor, messageToRead, scope, validationStateReader)) {
|
|
29
27
|
return;
|
|
30
28
|
}
|
|
31
29
|
}
|
|
32
30
|
throw new DwnError(DwnErrorCode.MessagesReadVerifyScopeFailed, 'record message failed scope authorization');
|
|
33
31
|
}
|
|
34
32
|
/**
|
|
35
|
-
* Authorizes the scope of a permission grant for
|
|
36
|
-
* @param
|
|
33
|
+
* Authorizes the scope of a permission grant for MessagesQuery or MessagesSubscribe.
|
|
34
|
+
* @param validationStateReader Used to check if the grant has been revoked.
|
|
37
35
|
*/
|
|
38
|
-
static async
|
|
39
|
-
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrants,
|
|
36
|
+
static async authorizeQueryOrSubscribe(input) {
|
|
37
|
+
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrants, validationStateReader } = input;
|
|
40
38
|
await MessagesGrantAuthorization.performBaseValidationForGrantSet({
|
|
41
39
|
incomingMessage,
|
|
42
40
|
expectedGrantor,
|
|
43
41
|
expectedGrantee,
|
|
44
42
|
permissionGrants,
|
|
45
|
-
|
|
43
|
+
validationStateReader
|
|
46
44
|
});
|
|
47
45
|
const scopes = permissionGrants.map(permissionGrant => permissionGrant.scope);
|
|
48
|
-
|
|
49
|
-
MessagesGrantAuthorization.authorizeSyncScope(incomingMessage, scopes);
|
|
50
|
-
return;
|
|
51
|
-
}
|
|
52
|
-
MessagesGrantAuthorization.authorizeSubscribeScope(incomingMessage, scopes);
|
|
53
|
-
}
|
|
54
|
-
static authorizeSyncScope(syncMessage, scopes) {
|
|
55
|
-
MessagesGrantAuthorization.authorizeProtocolSyncScope(scopes, syncMessage.descriptor.protocol);
|
|
56
|
-
}
|
|
57
|
-
static authorizeProtocolSyncScope(scopes, protocol) {
|
|
58
|
-
if (isRecordsPrimaryProjectionExcludedProtocol(protocol)) {
|
|
59
|
-
throw new DwnError(DwnErrorCode.MessagesGrantAuthorizationProtocolSyncInfrastructureProtocol, `Protocol-scoped MessagesSync cannot authorize infrastructure protocol ${protocol}`);
|
|
60
|
-
}
|
|
61
|
-
if (!MessagesGrantAuthorization.someScopeMatches(scopes, { protocol })) {
|
|
62
|
-
throw new DwnError(DwnErrorCode.MessagesGrantAuthorizationMismatchedProtocol, `No permission grant scope matches protocol ${protocol}`);
|
|
63
|
-
}
|
|
46
|
+
MessagesGrantAuthorization.authorizeFilterScope(incomingMessage, scopes);
|
|
64
47
|
}
|
|
65
|
-
static
|
|
66
|
-
const { filters } =
|
|
48
|
+
static authorizeFilterScope(messagesMessage, scopes) {
|
|
49
|
+
const { filters } = messagesMessage.descriptor;
|
|
67
50
|
if (filters.length === 0 && !MessagesGrantAuthorization.hasUnscopedGrant(scopes)) {
|
|
68
51
|
throw new DwnError(DwnErrorCode.MessagesGrantAuthorizationUnfilteredSubscribeProtocolScope, `A protocol-scoped grant cannot authorize an unfiltered subscription`);
|
|
69
52
|
}
|
|
@@ -87,7 +70,7 @@ export class MessagesGrantAuthorization {
|
|
|
87
70
|
* invalid.
|
|
88
71
|
*/
|
|
89
72
|
static async authorizeSubscribeDelivery(input) {
|
|
90
|
-
const { messagesSubscribeMessage, expectedGrantor, expectedGrantee, permissionGrants,
|
|
73
|
+
const { messagesSubscribeMessage, expectedGrantor, expectedGrantee, permissionGrants, validationStateReader, deliveryTimestamp, } = input;
|
|
91
74
|
const deliveryMessage = {
|
|
92
75
|
...messagesSubscribeMessage,
|
|
93
76
|
descriptor: {
|
|
@@ -95,12 +78,12 @@ export class MessagesGrantAuthorization {
|
|
|
95
78
|
messageTimestamp: deliveryTimestamp,
|
|
96
79
|
},
|
|
97
80
|
};
|
|
98
|
-
await MessagesGrantAuthorization.
|
|
81
|
+
await MessagesGrantAuthorization.authorizeQueryOrSubscribe({
|
|
99
82
|
incomingMessage: deliveryMessage,
|
|
100
83
|
expectedGrantor,
|
|
101
84
|
expectedGrantee,
|
|
102
85
|
permissionGrants,
|
|
103
|
-
|
|
86
|
+
validationStateReader,
|
|
104
87
|
});
|
|
105
88
|
}
|
|
106
89
|
/**
|
|
@@ -108,44 +91,44 @@ export class MessagesGrantAuthorization {
|
|
|
108
91
|
* unresolved, revoked, expired, or interface/method-mismatched grants fail the request.
|
|
109
92
|
*/
|
|
110
93
|
static async performBaseValidationForGrantSet(input) {
|
|
111
|
-
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrants,
|
|
94
|
+
const { incomingMessage, expectedGrantor, expectedGrantee, permissionGrants, validationStateReader } = input;
|
|
112
95
|
for (const permissionGrant of permissionGrants) {
|
|
113
96
|
await GrantAuthorization.performBaseValidation({
|
|
114
97
|
incomingMessage,
|
|
115
98
|
expectedGrantor,
|
|
116
99
|
expectedGrantee,
|
|
117
100
|
permissionGrant,
|
|
118
|
-
|
|
101
|
+
validationStateReader
|
|
119
102
|
});
|
|
120
103
|
}
|
|
121
104
|
}
|
|
122
105
|
/**
|
|
123
106
|
* Determines whether the given record is inside a grant scope.
|
|
124
107
|
*/
|
|
125
|
-
static async isScopeAuthorized(tenant, messageToGet, incomingScope,
|
|
108
|
+
static async isScopeAuthorized(tenant, messageToGet, incomingScope, validationStateReader) {
|
|
126
109
|
if (incomingScope.protocol === undefined) {
|
|
127
110
|
return true;
|
|
128
111
|
}
|
|
129
112
|
if (messageToGet.descriptor.interface === DwnInterfaceName.Records) {
|
|
130
|
-
return MessagesGrantAuthorization.isRecordsMessageScopeAuthorized(tenant, messageToGet, incomingScope,
|
|
113
|
+
return MessagesGrantAuthorization.isRecordsMessageScopeAuthorized(tenant, messageToGet, incomingScope, validationStateReader);
|
|
131
114
|
}
|
|
132
115
|
if (messageToGet.descriptor.interface === DwnInterfaceName.Protocols) {
|
|
133
116
|
return MessagesGrantAuthorization.isProtocolsConfigureScopeAuthorized(messageToGet, incomingScope);
|
|
134
117
|
}
|
|
135
118
|
return false;
|
|
136
119
|
}
|
|
137
|
-
static async isRecordsMessageScopeAuthorized(tenant, recordsMessage, incomingScope,
|
|
138
|
-
const recordsWriteMessage = await MessagesGrantAuthorization.getAssociatedRecordsWrite(tenant, recordsMessage,
|
|
120
|
+
static async isRecordsMessageScopeAuthorized(tenant, recordsMessage, incomingScope, validationStateReader) {
|
|
121
|
+
const recordsWriteMessage = await MessagesGrantAuthorization.getAssociatedRecordsWrite(tenant, recordsMessage, validationStateReader);
|
|
139
122
|
if (recordsWriteMessage.descriptor.protocol === PermissionsProtocol.uri) {
|
|
140
|
-
return MessagesGrantAuthorization.isPermissionRecordScopeAuthorized(tenant, recordsWriteMessage, incomingScope,
|
|
123
|
+
return MessagesGrantAuthorization.isPermissionRecordScopeAuthorized(tenant, recordsWriteMessage, incomingScope, validationStateReader);
|
|
141
124
|
}
|
|
142
125
|
return PermissionScopeMatcher.matches(incomingScope, MessagesGrantAuthorization.getRecordsScopeTarget(recordsWriteMessage));
|
|
143
126
|
}
|
|
144
|
-
static async isPermissionRecordScopeAuthorized(tenant, recordsWriteMessage, incomingScope,
|
|
127
|
+
static async isPermissionRecordScopeAuthorized(tenant, recordsWriteMessage, incomingScope, validationStateReader) {
|
|
145
128
|
if (MessagesGrantAuthorization.isSubtreeScope(incomingScope)) {
|
|
146
129
|
return false;
|
|
147
130
|
}
|
|
148
|
-
const permissionScope = await PermissionsProtocol.getScopeFromPermissionRecord(tenant,
|
|
131
|
+
const permissionScope = await PermissionsProtocol.getScopeFromPermissionRecord(tenant, validationStateReader, recordsWriteMessage);
|
|
149
132
|
return PermissionsProtocol.hasProtocolScope(permissionScope)
|
|
150
133
|
&& PermissionScopeMatcher.matches(incomingScope, permissionScope);
|
|
151
134
|
}
|
|
@@ -155,11 +138,11 @@ export class MessagesGrantAuthorization {
|
|
|
155
138
|
return incomingScope.protocol !== undefined &&
|
|
156
139
|
incomingScope.protocol === protocolsConfigureMessage.descriptor.definition.protocol;
|
|
157
140
|
}
|
|
158
|
-
static async getAssociatedRecordsWrite(tenant, recordsMessage,
|
|
141
|
+
static async getAssociatedRecordsWrite(tenant, recordsMessage, validationStateReader) {
|
|
159
142
|
if (Records.isRecordsWrite(recordsMessage)) {
|
|
160
143
|
return recordsMessage;
|
|
161
144
|
}
|
|
162
|
-
return
|
|
145
|
+
return validationStateReader.fetchNewestRecordsWrite(tenant, recordsMessage.descriptor.recordId);
|
|
163
146
|
}
|
|
164
147
|
static getRecordsScopeTarget(recordsWriteMessage) {
|
|
165
148
|
const { protocol, protocolPath } = recordsWriteMessage.descriptor;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"messages-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/messages-grant-authorization.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"messages-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/messages-grant-authorization.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAExD,MAAM,OAAO,0BAA0B;IAE9B,MAAM,CAAC,KAAK,CAAC,qBAAqB,CACvC,MAAc,EACd,qBAA4C,EAC5C,kBAA4B;QAE5B,OAAO,OAAO,CAAC,GAAG,CAChB,kBAAkB,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,CAAC,qBAAqB,CAAC,UAAU,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC,CACzG,CAAC;IACJ,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,KAOzC;QACC,MAAM,EACJ,mBAAmB,EAAE,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,EAC9G,GAAG,KAAK,CAAC;QAEV,MAAM,0BAA0B,CAAC,gCAAgC,CAAC;YAChE,eAAe,EAAE,mBAAmB;YACpC,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,qBAAqB;SACtB,CAAC,CAAC;QAEH,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,eAAe,CAAC,KAAgC,CAAC;YAC/D,IAAI,MAAM,0BAA0B,CAAC,iBAAiB,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,EAAE,qBAAqB,CAAC,EAAE,CAAC;gBACrH,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,6BAA6B,EAAE,2CAA2C,CAAC,CAAC;IAC9G,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAAC,KAM7C;QACC,MAAM,EACJ,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,EAC3F,GAAG,KAAK,CAAC;QAEV,MAAM,0BAA0B,CAAC,gCAAgC,CAAC;YAChE,eAAe;YACf,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,qBAAqB;SACtB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,eAAe,CAAC,KAAgC,CAAC,CAAC;QAEzG,0BAA0B,CAAC,oBAAoB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC3E,CAAC;IAEO,MAAM,CAAC,oBAAoB,CACjC,eAAgE,EAChE,MAAiC;QAEjC,MAAM,EAAE,OAAO,EAAE,GAAG,eAAe,CAAC,UAAU,CAAC;QAE/C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;YACjF,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0DAA0D,EACvE,qEAAqE,CACtE,CAAC;QACJ,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC;gBACvF,SAAS;YACX,CAAC;YAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,mDAAmD,EAChE,8CAA8C,MAAM,CAAC,QAAQ,EAAE,CAChE,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAiC,EAAE,MAAqB;QACtF,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,sBAAsB,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7E,CAAC;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAiC;QAC/D,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,KAO9C;QACC,MAAM,EACJ,wBAAwB,EACxB,eAAe,EACf,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,iBAAiB,GAClB,GAAG,KAAK,CAAC;QAEV,MAAM,eAAe,GAA6B;YAChD,GAAG,wBAAwB;YAC3B,UAAU,EAAE;gBACV,GAAG,wBAAwB,CAAC,UAAU;gBACtC,gBAAgB,EAAE,iBAAiB;aACpC;SACF,CAAC;QAEF,MAAM,0BAA0B,CAAC,yBAAyB,CAAC;YACzD,eAAe,EAAE,eAAe;YAChC,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,qBAAqB;SACtB,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,MAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,KAMrD;QACC,MAAM,EACJ,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,EAC3F,GAAG,KAAK,CAAC;QAEV,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;YAC/C,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;gBAC7C,eAAe;gBACf,eAAe;gBACf,eAAe;gBACf,eAAe;gBACf,qBAAqB;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAK,CAAC,iBAAiB,CACpC,MAAc,EACd,YAA4B,EAC5B,aAAsC,EACtC,qBAA4C;QAE5C,IAAI,aAAa,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,YAAY,CAAC,UAAU,CAAC,SAAS,KAAK,gBAAgB,CAAC,OAAO,EAAE,CAAC;YACnE,OAAO,0BAA0B,CAAC,+BAA+B,CAC/D,MAAM,EACN,YAA0D,EAC1D,aAAa,EACb,qBAAqB,CACtB,CAAC;QACJ,CAAC;QAED,IAAI,YAAY,CAAC,UAAU,CAAC,SAAS,KAAK,gBAAgB,CAAC,SAAS,EAAE,CAAC;YACrE,OAAO,0BAA0B,CAAC,mCAAmC,CACnE,YAAyC,EACzC,aAAa,CACd,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAClD,MAAc,EACd,cAA0D,EAC1D,aAAsC,EACtC,qBAA4C;QAE5C,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,yBAAyB,CACpF,MAAM,EACN,cAAc,EACd,qBAAqB,CACtB,CAAC;QAEF,IAAI,mBAAmB,CAAC,UAAU,CAAC,QAAQ,KAAK,mBAAmB,CAAC,GAAG,EAAE,CAAC;YACxE,OAAO,0BAA0B,CAAC,iCAAiC,CACjE,MAAM,EACN,mBAAmB,EACnB,aAAa,EACb,qBAAqB,CACtB,CAAC;QACJ,CAAC;QAED,OAAO,sBAAsB,CAAC,OAAO,CAAC,aAAa,EAAE,0BAA0B,CAAC,qBAAqB,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC9H,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,iCAAiC,CACpD,MAAc,EACd,mBAAwC,EACxC,aAAsC,EACtC,qBAA4C;QAE5C,IAAI,0BAA0B,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;YAC7D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,mBAAmB,CAAC,4BAA4B,CAC5E,MAAM,EACN,qBAAqB,EACrB,mBAAqD,CACtD,CAAC;QAEF,OAAO,mBAAmB,CAAC,gBAAgB,CAAC,eAAe,CAAC;eACvD,sBAAsB,CAAC,OAAO,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IACtE,CAAC;IAEO,MAAM,CAAC,mCAAmC,CAChD,yBAAoD,EACpD,aAAsC;QAEtC,uEAAuE;QACvE,yEAAyE;QACzE,OAAO,aAAa,CAAC,QAAQ,KAAK,SAAS;YACzC,aAAa,CAAC,QAAQ,KAAK,yBAAyB,CAAC,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC;IACxF,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAC5C,MAAc,EACd,cAA0D,EAC1D,qBAA4C;QAE5C,IAAI,OAAO,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE,CAAC;YAC3C,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,OAAO,qBAAqB,CAAC,uBAAuB,CAAC,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACnG,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,mBAAwC;QAC3E,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC;QAClE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC;QAC1C,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;IAC/C,CAAC;IAEO,MAAM,CAAC,cAAc,CAAC,KAA8B;QAC1D,OAAO,KAAK,CAAC,YAAY,KAAK,SAAS,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,CAAC;IAC3E,CAAC;CACF"}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
2
2
|
import { RecordsWrite } from '../interfaces/records-write.js';
|
|
3
3
|
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
4
|
-
import { DwnInterfaceName, DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
5
4
|
import { getRuleSetAtPath, isCrossProtocolRef, parseCrossProtocolRef } from '../utils/protocols.js';
|
|
6
5
|
import { ProtocolAction, ProtocolActor } from '../types/protocols-types.js';
|
|
7
6
|
/**
|
|
@@ -9,7 +8,7 @@ import { ProtocolAction, ProtocolActor } from '../types/protocols-types.js';
|
|
|
9
8
|
* For cross-protocol role invocation, the role record may live in a different protocol
|
|
10
9
|
* (resolved via the composing protocol's `uses` map).
|
|
11
10
|
*/
|
|
12
|
-
export async function verifyInvokedRole(tenant, incomingMessage, protocolUri, contextId, protocolDefinition,
|
|
11
|
+
export async function verifyInvokedRole(tenant, incomingMessage, protocolUri, contextId, protocolDefinition, validationStateReader, protocolDefinitionTimestamp) {
|
|
13
12
|
const protocolRole = incomingMessage.signaturePayload?.protocolRole;
|
|
14
13
|
// Only verify role if there is a role being invoked
|
|
15
14
|
if (protocolRole === undefined) {
|
|
@@ -30,7 +29,7 @@ export async function verifyInvokedRole(tenant, incomingMessage, protocolUri, co
|
|
|
30
29
|
roleProtocolUri = protocolDefinition.uses[parsed.alias];
|
|
31
30
|
roleProtocolPath = parsed.protocolPath;
|
|
32
31
|
// Fetch the referenced protocol's definition to validate the role exists
|
|
33
|
-
const refDefinition = await fetchProtocolDefinition(tenant, roleProtocolUri,
|
|
32
|
+
const refDefinition = await validationStateReader.fetchProtocolDefinition(tenant, roleProtocolUri, protocolDefinitionTimestamp);
|
|
34
33
|
const roleRuleSet = getRuleSetAtPath(roleProtocolPath, refDefinition.structure);
|
|
35
34
|
if (!roleRuleSet?.$role) {
|
|
36
35
|
throw new DwnError(DwnErrorCode.ProtocolAuthorizationNotARole, `Cross-protocol role path ${protocolRole} does not match role record type.`);
|
|
@@ -43,31 +42,28 @@ export async function verifyInvokedRole(tenant, incomingMessage, protocolUri, co
|
|
|
43
42
|
throw new DwnError(DwnErrorCode.ProtocolAuthorizationNotARole, `Protocol path ${protocolRole} does not match role record type.`);
|
|
44
43
|
}
|
|
45
44
|
}
|
|
46
|
-
// Construct a filter to fetch the invoked role record
|
|
47
|
-
const roleRecordFilter = {
|
|
48
|
-
interface: DwnInterfaceName.Records,
|
|
49
|
-
method: DwnMethodName.Write,
|
|
50
|
-
protocol: roleProtocolUri,
|
|
51
|
-
protocolPath: roleProtocolPath,
|
|
52
|
-
recipient: incomingMessage.author,
|
|
53
|
-
isLatestBaseState: true,
|
|
54
|
-
};
|
|
55
45
|
const ancestorSegmentCountOfRolePath = roleProtocolPath.split('/').length - 1;
|
|
56
46
|
if (contextId === undefined && ancestorSegmentCountOfRolePath > 0) {
|
|
57
47
|
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMissingContextId, 'Could not verify role because contextId is missing.');
|
|
58
48
|
}
|
|
59
|
-
// Compute `contextId` prefix
|
|
49
|
+
// Compute `contextId` prefix for fetching the invoked role record if the role path is not at the root level.
|
|
60
50
|
// e.g. if invoked role path is `Thread/Participant`, and the `contextId` of the message is `threadX/messageY/attachmentZ`,
|
|
61
|
-
// then we need to
|
|
51
|
+
// then we need to use the prefix `threadX` for the `contextId`
|
|
62
52
|
// because the `contextId` of the Participant record would be in the form of be `threadX/participantA`
|
|
53
|
+
let contextIdPrefix;
|
|
63
54
|
if (ancestorSegmentCountOfRolePath > 0) {
|
|
64
55
|
const contextIdSegments = contextId.split('/'); // NOTE: currently contextId segment count is never shorter than the role path count.
|
|
65
|
-
|
|
66
|
-
const contextIdPrefixFilter = FilterUtility.constructPrefixFilterAsRangeFilter(contextIdPrefix);
|
|
67
|
-
roleRecordFilter.contextId = contextIdPrefixFilter;
|
|
56
|
+
contextIdPrefix = contextIdSegments.slice(0, ancestorSegmentCountOfRolePath).join('/');
|
|
68
57
|
}
|
|
69
|
-
|
|
70
|
-
|
|
58
|
+
// fetch the invoked role record
|
|
59
|
+
const matchingRoleRecordExists = await validationStateReader.hasMatchingRoleRecord({
|
|
60
|
+
tenant,
|
|
61
|
+
protocol: roleProtocolUri,
|
|
62
|
+
protocolPath: roleProtocolPath,
|
|
63
|
+
recipient: incomingMessage.author,
|
|
64
|
+
contextIdPrefix,
|
|
65
|
+
});
|
|
66
|
+
if (!matchingRoleRecordExists) {
|
|
71
67
|
throw new DwnError(DwnErrorCode.ProtocolAuthorizationMatchingRoleRecordNotFound, `No matching role record found for protocol path ${roleProtocolPath}`);
|
|
72
68
|
}
|
|
73
69
|
}
|
|
@@ -81,12 +77,12 @@ export async function verifyInvokedRole(tenant, incomingMessage, protocolUri, co
|
|
|
81
77
|
* It is important to recognize that the `write` access that allowed the original record author to create the record maybe revoked
|
|
82
78
|
* (e.g. by role revocation) by the time a "non-initial" write by the same author is attempted.
|
|
83
79
|
*/
|
|
84
|
-
export async function getActionsSeekingARuleMatch(tenant, incomingMessage,
|
|
80
|
+
export async function getActionsSeekingARuleMatch(tenant, incomingMessage, validationStateReader) {
|
|
85
81
|
switch (incomingMessage.message.descriptor.method) {
|
|
86
|
-
case DwnMethodName.Delete:
|
|
82
|
+
case DwnMethodName.Delete: {
|
|
87
83
|
const recordsDelete = incomingMessage;
|
|
88
84
|
const recordId = recordsDelete.message.descriptor.recordId;
|
|
89
|
-
const initialWrite = await
|
|
85
|
+
const initialWrite = await validationStateReader.fetchInitialRecordsWrite(tenant, recordId);
|
|
90
86
|
// if there is no initial write, then no action rule can authorize the incoming message, because we won't know who the original author is
|
|
91
87
|
// NOTE: purely defensive programming: currently not reachable
|
|
92
88
|
// because RecordsDelete handler already have an existence check prior to this method being called.
|
|
@@ -110,6 +106,7 @@ export async function getActionsSeekingARuleMatch(tenant, incomingMessage, messa
|
|
|
110
106
|
}
|
|
111
107
|
}
|
|
112
108
|
return actionsThatWouldAuthorizeDelete;
|
|
109
|
+
}
|
|
113
110
|
case DwnMethodName.Count:
|
|
114
111
|
return [ProtocolAction.Read];
|
|
115
112
|
case DwnMethodName.Query:
|
|
@@ -118,7 +115,7 @@ export async function getActionsSeekingARuleMatch(tenant, incomingMessage, messa
|
|
|
118
115
|
return [ProtocolAction.Read];
|
|
119
116
|
case DwnMethodName.Subscribe:
|
|
120
117
|
return [ProtocolAction.Read];
|
|
121
|
-
case DwnMethodName.Write:
|
|
118
|
+
case DwnMethodName.Write: {
|
|
122
119
|
const incomingRecordsWrite = incomingMessage;
|
|
123
120
|
if (await incomingRecordsWrite.isInitialWrite()) {
|
|
124
121
|
// A squash write seeks the `squash` action first, with fallback to `create`.
|
|
@@ -131,7 +128,7 @@ export async function getActionsSeekingARuleMatch(tenant, incomingMessage, messa
|
|
|
131
128
|
else {
|
|
132
129
|
// else incoming RecordsWrite not an initial write
|
|
133
130
|
const recordId = incomingMessage.message.recordId;
|
|
134
|
-
const initialWrite = await
|
|
131
|
+
const initialWrite = await validationStateReader.fetchInitialRecordsWrite(tenant, recordId);
|
|
135
132
|
// if there is no initial write to update from, then no action rule can authorize the incoming message
|
|
136
133
|
if (initialWrite === undefined) {
|
|
137
134
|
return [];
|
|
@@ -145,6 +142,7 @@ export async function getActionsSeekingARuleMatch(tenant, incomingMessage, messa
|
|
|
145
142
|
return [ProtocolAction.CoUpdate];
|
|
146
143
|
}
|
|
147
144
|
}
|
|
145
|
+
}
|
|
148
146
|
}
|
|
149
147
|
// purely defensive programming: should not be reachable
|
|
150
148
|
// setting to empty array will prevent any message from being authorized
|
|
@@ -155,9 +153,9 @@ export async function getActionsSeekingARuleMatch(tenant, incomingMessage, messa
|
|
|
155
153
|
* @param protocolDefinition Optional protocol definition for resolving cross-protocol `of` and `role` references.
|
|
156
154
|
* @throws {Error} if action not allowed.
|
|
157
155
|
*/
|
|
158
|
-
export async function authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain,
|
|
156
|
+
export async function authorizeAgainstAllowedActions(tenant, incomingMessage, ruleSet, recordChain, validationStateReader, protocolDefinition) {
|
|
159
157
|
const incomingMessageMethod = incomingMessage.message.descriptor.method;
|
|
160
|
-
const actionsSeekingARuleMatch = await getActionsSeekingARuleMatch(tenant, incomingMessage,
|
|
158
|
+
const actionsSeekingARuleMatch = await getActionsSeekingARuleMatch(tenant, incomingMessage, validationStateReader);
|
|
161
159
|
const author = incomingMessage.author;
|
|
162
160
|
const actionRules = ruleSet.$actions;
|
|
163
161
|
// NOTE: We have already checked that the message is not from tenant, owner, or permission grant authorized prior to this method being called.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol-authorization-action.js","sourceRoot":"","sources":["../../../../src/core/protocol-authorization-action.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"protocol-authorization-action.js","sourceRoot":"","sources":["../../../../src/core/protocol-authorization-action.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5E;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAc,EACd,eAA4G,EAC5G,WAAmB,EACnB,SAA6B,EAC7B,kBAAsC,EACtC,qBAA4C,EAC5C,2BAAoC;IAEpC,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,EAAE,YAAY,CAAC;IAEpE,oDAAoD;IACpD,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO;IACT,CAAC;IAED,oEAAoE;IACpE,oFAAoF;IACpF,IAAI,eAAe,GAAG,WAAW,CAAC;IAClC,IAAI,gBAAgB,GAAG,YAAY,CAAC;IAEpC,IAAI,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;QACrC,MAAM,MAAM,GAAG,qBAAqB,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,6BAA6B,EAC1C,wBAAwB,YAAY,uDAAuD,CAC5F,CAAC;QACJ,CAAC;QAED,IAAI,kBAAkB,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,SAAS,EAAE,CAAC;YAC1D,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,6BAA6B,EAC1C,8BAA8B,MAAM,CAAC,KAAK,SAAS,YAAY,gDAAgD,CAChH,CAAC;QACJ,CAAC;QAED,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACxD,gBAAgB,GAAG,MAAM,CAAC,YAAY,CAAC;QAEvC,yEAAyE;QACzE,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CACvE,MAAM,EAAE,eAAe,EAAE,2BAA2B,CACrD,CAAC;QACF,MAAM,WAAW,GAAG,gBAAgB,CAAC,gBAAgB,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;QAChF,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC;YACxB,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,6BAA6B,EAC1C,4BAA4B,YAAY,mCAAmC,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,8DAA8D;QAC9D,MAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACjF,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC;YACxB,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,6BAA6B,EAC1C,iBAAiB,YAAY,mCAAmC,CACjE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,8BAA8B,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAC9E,IAAI,SAAS,KAAK,SAAS,IAAI,8BAA8B,GAAG,CAAC,EAAE,CAAC;QAClE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qCAAqC,EAClD,qDAAqD,CACtD,CAAC;IACJ,CAAC;IAED,6GAA6G;IAC7G,2HAA2H;IAC3H,+DAA+D;IAC/D,sGAAsG;IACtG,IAAI,eAAmC,CAAC;IACxC,IAAI,8BAA8B,GAAG,CAAC,EAAE,CAAC;QACvC,MAAM,iBAAiB,GAAG,SAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,qFAAqF;QACtI,eAAe,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,8BAA8B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzF,CAAC;IAED,gCAAgC;IAChC,MAAM,wBAAwB,GAAG,MAAM,qBAAqB,CAAC,qBAAqB,CAAC;QACjF,MAAM;QACN,QAAQ,EAAO,eAAe;QAC9B,YAAY,EAAG,gBAAgB;QAC/B,SAAS,EAAM,eAAe,CAAC,MAAO;QACtC,eAAe;KAChB,CAAC,CAAC;IAEH,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC9B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,+CAA+C,EAC5D,mDAAmD,gBAAgB,EAAE,CACtE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,MAAc,EACd,eAA4G,EAC5G,qBAA4C;IAG5C,QAAQ,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACpD,KAAK,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;YAC1B,MAAM,aAAa,GAAG,eAAgC,CAAC;YACvD,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC3D,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,wBAAwB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE5F,yIAAyI;YACzI,8DAA8D;YAC9D,mGAAmG;YACnG,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO,EAAE,CAAC;YACZ,CAAC;YAED,MAAM,+BAA+B,GAAqB,EAAE,CAAC;YAC7D,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;YACrD,IAAI,KAAK,EAAE,CAAC;gBACV,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;gBAE7D,kFAAkF;gBAClF,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;oBACnD,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;gBAE9D,oFAAoF;gBACpF,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;oBACnD,+BAA+B,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,+BAA+B,CAAC;QACzC,CAAC;QAED,KAAK,aAAa,CAAC,KAAK;YACtB,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,aAAa,CAAC,KAAK;YACtB,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,aAAa,CAAC,IAAI;YACrB,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,aAAa,CAAC,SAAS;YAC1B,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC;YACzB,MAAM,oBAAoB,GAAG,eAA+B,CAAC;YAE7D,IAAI,MAAM,oBAAoB,CAAC,cAAc,EAAE,EAAE,CAAC;gBAChD,6EAA6E;gBAC7E,mGAAmG;gBACnG,IAAI,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;oBAC5D,OAAO,CAAC,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;gBACxD,CAAC;gBACD,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YACjC,CAAC;iBAAM,CAAC;gBACN,kDAAkD;gBAElD,MAAM,QAAQ,GAAI,eAAgC,CAAC,OAAO,CAAC,QAAQ,CAAC;gBACpE,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,wBAAwB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAE5F,sGAAsG;gBACtG,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;oBAC/B,OAAO,EAAE,CAAC;gBACZ,CAAC;gBAED,IAAI,eAAe,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;oBACrD,iEAAiE;oBAC/D,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;gBAC1D,CAAC;qBAAM,CAAC;oBACN,kGAAkG;oBAClG,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC;IACD,CAAC;IAED,wDAAwD;IACxD,wEAAwE;IACxE,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,MAAc,EACd,eAA4G,EAC5G,OAAwB,EACxB,WAAkC,EAClC,qBAA4C,EAC5C,kBAAuC;IAEvC,MAAM,qBAAqB,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;IACxE,MAAM,wBAAwB,GAAG,MAAM,2BAA2B,CAAC,MAAM,EAAE,eAAe,EAAE,qBAAqB,CAAC,CAAC;IACnH,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC;IACtC,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAErC,8IAA8I;IAE9I,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,wCAAwC,EACrD,qCAAqC,qBAAqB,KAAK,MAAM,kBAAkB,CACxF,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,eAAe,CAAC,gBAAgB,EAAE,YAAY,CAAC;IAEnE,wFAAwF;IACxF,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,+IAA+I;QAC/I,MAAM,6BAA6B,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CACvD,CAAC,aAAqB,EAAW,EAAE,CAAC,wBAAwB,CAAC,QAAQ,CAAC,aAA+B,CAAC,CACvG,CAAC;QACF,IAAI,CAAC,6BAA6B,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QAED,yGAAyG;QACzG,sEAAsE;QAEtE,yEAAyE;QACzE,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,MAAM,EAAE,CAAC;YAC5C,OAAO;QACT,CAAC;QAED,+GAA+G;QAC/G,4GAA4G;QAC5G,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,SAAS;QACX,CAAC;QAED,+EAA+E;QAC/E,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,0FAA0F;YAC1F,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;gBACpC,+BAA+B;gBAC/B,OAAO;YACT,CAAC;iBAAM,CAAC;gBACN,SAAS;YACX,CAAC;QACH,CAAC;QAED,kDAAkD;QAElD,kDAAkD;QAClD,4GAA4G;QAC5G,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,SAAS,IAAI,UAAU,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;YAC9E,mGAAmG;YAEnG,wDAAwD;YACxD,IAAI,mBAAwC,CAAC;YAC7C,IAAI,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,KAAK,aAAa,CAAC,KAAK,EAAE,CAAC;gBACtE,mBAAmB,GAAG,eAAe,CAAC,OAA8B,CAAC;YACvE,CAAC;iBAAM,CAAC;gBACN,uIAAuI;gBACvI,uDAAuD;gBACvD,qHAAqH;gBACrH,mBAAmB,GAAG,WAAW,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC5D,CAAC;YAED,IAAI,mBAAmB,CAAC,UAAU,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;gBACxD,OAAO;YACT,CAAC;iBAAM,CAAC;gBACN,SAAS;YACX,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,MAAM,mBAAmB,GAAY,MAAM,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;QAC3G,IAAI,mBAAmB,EAAE,CAAC;YACxB,OAAO;QACT,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qCAAqC,EAClD,iCAAiC,qBAAqB,cAAc,eAAe,CAAC,MAAM,eAAe,CAC1G,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,MAAc,EACd,UAA8B,EAC9B,WAAkC,EAClC,mBAAwC;IAExC,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,CAAC;IAE9B,mFAAmF;IACnF,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,oBAAqD,CAAC;IAE1D,IAAI,kBAAkB,CAAC,OAAO,CAAC,IAAI,mBAAmB,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC3E,+FAA+F;QAC/F,MAAM,MAAM,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAC9C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,cAAc,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC9D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBACjC,oBAAoB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,GAAwB,EAAW,EAAE,CAC5E,GAAG,CAAC,UAAU,CAAC,QAAQ,KAAK,cAAc,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,KAAK,MAAM,CAAC,YAAY,CAClG,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,iEAAiE;QACjE,oBAAoB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,GAAwB,EAAW,EAAE,CAC5E,GAAG,CAAC,UAAU,CAAC,YAAY,KAAK,OAAO,CACxC,CAAC;IACJ,CAAC;IAED,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;QACvC,mFAAmF;QACnF,8EAA8E;QAC9E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,SAAS,EAAE,CAAC;QAC/C,+EAA+E;QAC/E,OAAO,MAAM,KAAK,oBAAoB,CAAC,UAAU,CAAC,SAAS,CAAC;IAC9D,CAAC;SAAM,CAAC,CAAC,0CAA0C;QACjD,4EAA4E;QAC5E,MAAM,cAAc,GAAG,CAAC,MAAM,YAAY,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,MAAM,CAAC;QAC/E,OAAO,MAAM,KAAK,cAAc,CAAC;IACnC,CAAC;AACH,CAAC"}
|