@flowerforce/flowerbase 1.0.1-beta.10

package/dist/utils/roles/helpers.js

@@ -0,0 +1,47 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.evaluateExpression = void 0;
+const services_1 = require("../../services");
+const state_1 = require("../../state");
+const context_1 = require("../context");
+const rules_1 = require("../rules");
+const utils_1 = __importDefault(require("../rules-matcher/utils"));
+const functionsConditions = ["%%true", "%%false"];
+const evaluateExpression = (params, expression, user) => __awaiter(void 0, void 0, void 0, function* () {
+    if (!expression || typeof expression === 'boolean')
+        return !!expression;
+    const value = Object.assign(Object.assign(Object.assign({}, params.expansions), params.cursor), { "%%user": user, '%%true': true });
+    const conditions = (0, rules_1.expandQuery)(expression, value);
+    const complexCondition = Object.entries(conditions).find(([key]) => functionsConditions.includes(key));
+    return complexCondition ? yield evaluateComplexExpression(complexCondition, params, user) : utils_1.default.checkRule(conditions, value, {});
+});
+exports.evaluateExpression = evaluateExpression;
+const evaluateComplexExpression = (condition, params, user) => __awaiter(void 0, void 0, void 0, function* () {
+    const [key, config] = condition;
+    const { name } = config["%function"];
+    const functionsList = state_1.StateManager.select("functions");
+    const app = state_1.StateManager.select("app");
+    const currentFunction = functionsList[name];
+    const response = yield (0, context_1.GenerateContext)({
+        args: [params.cursor],
+        app,
+        rules: {},
+        user,
+        currentFunction,
+        functionsList,
+        services: services_1.services
+    });
+    return key === "%%true" ? response : !response;
+});

package/dist/utils/roles/interface.d.ts

@@ -0,0 +1,33 @@
+export type PermissionExpression = boolean;
+export type FieldPermissionExpression = {
+    read?: boolean;
+    write?: boolean;
+};
+export interface DocumentFiltersPermissions {
+    read?: PermissionExpression;
+    write?: PermissionExpression;
+}
+export interface Role {
+    name: string;
+    apply_when: Record<string, any>;
+    search?: PermissionExpression;
+    document_filters?: DocumentFiltersPermissions;
+    read?: PermissionExpression;
+    write?: PermissionExpression;
+    insert?: PermissionExpression;
+    delete?: PermissionExpression;
+    fields?: {
+        [K: string]: FieldPermissionExpression;
+    };
+    additional_fields?: {
+        [K: string]: FieldPermissionExpression;
+    };
+}
+export interface Params {
+    roles: Role[];
+    cursor: any;
+    expansions: Record<string, any>;
+    type: 'insert' | 'read' | 'delete' | 'search' | 'write';
+}
+export type Condition = Record<string, any>;
+//# sourceMappingURL=interface.d.ts.map

package/dist/utils/roles/interface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/utils/roles/interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAAG,OAAO,CAAA;AAE1C,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,0BAA0B;IACzC,IAAI,CAAC,EAAE,oBAAoB,CAAA;IAC3B,KAAK,CAAC,EAAE,oBAAoB,CAAA;CAC7B;AAED,MAAM,WAAW,IAAI;IACnB,IAAI,EAAE,MAAM,CAAA;IAEZ,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC/B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,gBAAgB,CAAC,EAAE,0BAA0B,CAAA;IAC7C,IAAI,CAAC,EAAE,oBAAoB,CAAA;IAC3B,KAAK,CAAC,EAAE,oBAAoB,CAAA;IAC5B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,MAAM,CAAC,EAAE;QACP,CAAC,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAAA;KACvC,CAAA;IACD,iBAAiB,CAAC,EAAE;QAClB,CAAC,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAAA;KACvC,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,KAAK,EAAE,IAAI,EAAE,CAAA;IAEb,MAAM,EAAE,GAAG,CAAA;IAEX,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC/B,IAAI,EAAE,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAA;CACxD;AAID,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA"}

package/dist/utils/roles/interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/utils/roles/machines/commonValidators.d.ts

@@ -0,0 +1,6 @@
+import { DocumentFiltersPermissions } from "../interface";
+import { MachineContext } from "./interface";
+export declare const evaluateDocumentFiltersFn: ({ params, role, user }: MachineContext, currentType: keyof DocumentFiltersPermissions) => Promise<boolean>;
+export declare const evaluateTopLevelPermissionsFn: ({ params, role, user }: MachineContext, currentType: MachineContext["params"]["type"]) => Promise<boolean | undefined>;
+export declare const checkFieldsPropertyExists: ({ role }: MachineContext) => boolean;
+//# sourceMappingURL=commonValidators.d.ts.map

package/dist/utils/roles/machines/commonValidators.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"commonValidators.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/commonValidators.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAA;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAK5C,eAAO,MAAM,yBAAyB,GAAU,wBAAwB,cAAc,EAAE,aAAa,MAAM,0BAA0B,qBAMpI,CAAA;AAGD,eAAO,MAAM,6BAA6B,GAAU,wBAAwB,cAAc,EAAE,aAAa,cAAc,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,iCAExI,CAAA;AAED,eAAO,MAAM,yBAAyB,GAAI,UAAU,cAAc,YAEjE,CAAA"}

package/dist/utils/roles/machines/commonValidators.js

@@ -0,0 +1,34 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkFieldsPropertyExists = exports.evaluateTopLevelPermissionsFn = exports.evaluateDocumentFiltersFn = void 0;
+const someAsync_1 = require("../../helpers/someAsync");
+const helpers_1 = require("../helpers");
+const readOnlyPermissions = ['read'];
+const readWritePermissions = ['write', 'delete', 'insert', ...readOnlyPermissions];
+const evaluateDocumentFiltersFn = (_a, currentType_1) => __awaiter(void 0, [_a, currentType_1], void 0, function* ({ params, role, user }, currentType) {
+    var _b;
+    const permissions = currentType === "read" ? readOnlyPermissions : readWritePermissions;
+    return yield (0, someAsync_1.someAsync)([
+        permissions.includes(params.type) && ((_b = role.document_filters) === null || _b === void 0 ? void 0 : _b[currentType])
+    ]
+        .filter(Boolean), (expr) => __awaiter(void 0, void 0, void 0, function* () { return (0, helpers_1.evaluateExpression)(params, expr, user); }));
+});
+exports.evaluateDocumentFiltersFn = evaluateDocumentFiltersFn;
+const evaluateTopLevelPermissionsFn = (_a, currentType_1) => __awaiter(void 0, [_a, currentType_1], void 0, function* ({ params, role, user }, currentType) {
+    return role[currentType] ? yield (0, helpers_1.evaluateExpression)(params, role[currentType], user) : undefined;
+});
+exports.evaluateTopLevelPermissionsFn = evaluateTopLevelPermissionsFn;
+const checkFieldsPropertyExists = ({ role }) => {
+    var _a;
+    return !!Object.keys((_a = role.fields) !== null && _a !== void 0 ? _a : {}).length;
+};
+exports.checkFieldsPropertyExists = checkFieldsPropertyExists;

package/dist/utils/roles/machines/index.d.ts

@@ -0,0 +1,14 @@
+import { User } from '../../../auth/dtos';
+import { Params, Role } from '../interface';
+import { StepResult } from './interface';
+/**
+ * Executes the validation process using the `StateMachine` for the given role, parameters, and user.
+ *
+ * @param {Role} role - The role configuration for validation.
+ * @param {Params} params - The parameters relevant to the validation process.
+ * @param {User} user - The user for whom the validation is being performed.
+ *
+ * @returns {Promise<StepResult>} - The result of the state machine's validation process.
+ */
+export declare const checkValidation: (role: Role, params: Params, user: User, enableLog?: boolean) => Promise<StepResult>;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAGxC;;;;;;;;GAQG;AACH,eAAO,MAAM,eAAe,GAAU,MAAM,IAAI,EAAE,QAAQ,MAAM,EAAE,MAAM,IAAI,EAAE,YAAY,OAAO,KAAG,OAAO,CAAC,UAAU,CAGrH,CAAA"}

package/dist/utils/roles/machines/index.js

@@ -0,0 +1,27 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkValidation = void 0;
+const machine_1 = require("./machine");
+/**
+ * Executes the validation process using the `StateMachine` for the given role, parameters, and user.
+ *
+ * @param {Role} role - The role configuration for validation.
+ * @param {Params} params - The parameters relevant to the validation process.
+ * @param {User} user - The user for whom the validation is being performed.
+ *
+ * @returns {Promise<StepResult>} - The result of the state machine's validation process.
+ */
+const checkValidation = (role, params, user, enableLog) => __awaiter(void 0, void 0, void 0, function* () {
+    const stateMachine = new machine_1.StateMachine(role, params, user, enableLog);
+    return yield stateMachine.runValidation();
+});
+exports.checkValidation = checkValidation;

package/dist/utils/roles/machines/interface.d.ts

@@ -0,0 +1,46 @@
+import { Document } from 'mongodb';
+import { User } from '../../../auth/dtos';
+import { Params, Role } from '../interface';
+export type PrevParams = Record<string, any>;
+export interface MachineContext {
+    user: User;
+    role: Role;
+    params: Params;
+    prevParams?: PrevParams;
+    enableLog?: boolean;
+}
+type StateFunction = (params: RunParams & {
+    context: MachineContext;
+} & {
+    next: (step: string, params?: Record<string, any>) => void;
+    endValidation: ({ success, document }: {
+        success: boolean;
+        document?: Document;
+    }) => void;
+    goToNextValidationStage: (initialStep?: string | null) => void;
+}) => Promise<void>;
+export type States = Record<string, StateFunction>;
+export interface RunParams {
+    initialStep: string | null;
+}
+export interface ValidationStatus {
+    status: boolean | null;
+    document?: Document;
+}
+export interface StepResult {
+    status: boolean | null;
+    nextInitialStep: string | null;
+    document?: Document;
+}
+export interface EndValidationParams {
+    success: boolean;
+    document?: Document;
+}
+export type LogMachineInfoParams = {
+    enabled?: boolean;
+    machine: string;
+    step: number;
+    stepName: string;
+};
+export {};
+//# sourceMappingURL=interface.d.ts.map

package/dist/utils/roles/machines/interface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/interface.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAE3C,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;AAC5C,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,IAAI,CAAA;IACV,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,SAAS,CAAC,EAAE,OAAO,CAAA;CACpB;AAED,KAAK,aAAa,GAAG,CACnB,MAAM,EAAE,SAAS,GAAG;IAClB,OAAO,EAAE,cAAc,CAAA;CACxB,GAAG;IACF,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,IAAI,CAAA;IAC1D,aAAa,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;KAAE,KAAK,IAAI,CAAA;IACzF,uBAAuB,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,CAAA;CAC/D,KACE,OAAO,CAAC,IAAI,CAAC,CAAA;AAElB,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;AAElD,MAAM,WAAW,SAAS;IACxB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;CAC3B;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,OAAO,GAAG,IAAI,CAAA;IACtB,QAAQ,CAAC,EAAE,QAAQ,CAAA;CACpB;AAGD,MAAM,WAAW,UAAU;IAAG,MAAM,EAAE,OAAO,GAAG,IAAI,CAAC;IAAC,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE;AAE3G,MAAM,WAAW,mBAAmB;IAAG,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE;AAE9E,MAAM,MAAM,oBAAoB,GAAG;IACjC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA"}

package/dist/utils/roles/machines/interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/utils/roles/machines/machine.d.ts

@@ -0,0 +1,15 @@
+import { User } from "../../../auth/dtos";
+import { Params, Role } from "../interface";
+import { StepResult } from "./interface";
+export declare class StateMachine {
+    private _context;
+    private _validation;
+    private _machines;
+    private _currentStep;
+    constructor(role: Role, params: Params, user: User, enableLog?: boolean);
+    runValidation(): Promise<StepResult>;
+    private runMachine;
+    private endValidation;
+    private goToNextValidationStage;
+}
+//# sourceMappingURL=machine.d.ts.map

package/dist/utils/roles/machines/machine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"machine.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/machine.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAsC,UAAU,EAAoB,MAAM,aAAa,CAAC;AAI/F,qBAAa,YAAY;IACrB,OAAO,CAAC,QAAQ,CAAgB;IAChC,OAAO,CAAC,WAAW,CAGlB;IACD,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,YAAY,CAMnB;gBACW,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,EAAE,OAAO;IAajE,aAAa;YAeL,UAAU;IAqBxB,OAAO,CAAC,aAAa;IAQrB,OAAO,CAAC,uBAAuB;CAMlC"}

package/dist/utils/roles/machines/machine.js

@@ -0,0 +1,97 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __asyncValues = (this && this.__asyncValues) || function (o) {
+    if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
+    var m = o[Symbol.asyncIterator], i;
+    return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
+    function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
+    function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StateMachine = void 0;
+const read_1 = require("./read");
+const write_1 = require("./write");
+class StateMachine {
+    constructor(role, params, user, enableLog) {
+        this._validation = {
+            status: null,
+            nextInitialStep: null
+        };
+        this._context = { role, params, user, enableLog };
+        this._machines = params.type === "read" ? read_1.READ_MACHINE : write_1.WRITE_MACHINE;
+        this._currentStep = {
+            names: [],
+            states: {},
+            validation: {
+                status: null
+            },
+            initialStep: null
+        };
+    }
+    runValidation() {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, e_1, _b, _c;
+            try {
+                for (var _d = true, _e = __asyncValues(this._machines), _f; _f = yield _e.next(), _a = _f.done, !_a; _d = true) {
+                    _c = _f.value;
+                    _d = false;
+                    const machine = _c;
+                    this._currentStep = { names: Object.freeze(Object.keys(machine)), states: machine, validation: { status: null }, initialStep: null };
+                    yield this.runMachine(this._validation.nextInitialStep);
+                    this._validation.nextInitialStep = this._currentStep.initialStep;
+                    if (this._currentStep.validation.status !== null) {
+                        this._validation.status = this._currentStep.validation.status;
+                        this._validation.document = this._currentStep.validation.document;
+                        break;
+                    }
+                }
+            }
+            catch (e_1_1) { e_1 = { error: e_1_1 }; }
+            finally {
+                try {
+                    if (!_d && !_a && (_b = _e.return)) yield _b.call(_e);
+                }
+                finally { if (e_1) throw e_1.error; }
+            }
+            return this._validation;
+        });
+    }
+    runMachine(initialStep) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const executeStep = (step, params) => __awaiter(this, void 0, void 0, function* () {
+                const currentStep = this._currentStep.states[step];
+                const next = (nextStep, params) => executeStep(nextStep, params);
+                yield currentStep({
+                    context: Object.assign(Object.assign({}, this._context), { prevParams: params }),
+                    next,
+                    endValidation: this.endValidation.bind(this),
+                    goToNextValidationStage: this.goToNextValidationStage.bind(this),
+                    initialStep
+                });
+                if (this._currentStep.validation.status !== null || this._currentStep.completed !== undefined)
+                    return Object.assign({ isValid: this._currentStep.validation.status }, this._currentStep);
+            });
+            const nextStep = initialStep && this._currentStep.states[initialStep] ? initialStep : this._currentStep.names[0];
+            yield executeStep(nextStep);
+        });
+    }
+    endValidation({ success, document }) {
+        this._currentStep.validation.status = success;
+        if (success) {
+            this._currentStep.validation.document = document || this._context.params.cursor;
+        }
+    }
+    goToNextValidationStage(initialStep = null) {
+        this._currentStep.completed = true;
+        this._currentStep.initialStep = initialStep;
+    }
+}
+exports.StateMachine = StateMachine;

package/dist/utils/roles/machines/read/A/index.d.ts

@@ -0,0 +1,3 @@
+import { States } from '../../interface';
+export declare const STEP_A_STATES: States;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/read/A/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/A/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAGxC,eAAO,MAAM,aAAa,EAAE,MAa3B,CAAA"}

package/dist/utils/roles/machines/read/A/index.js

@@ -0,0 +1,27 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STEP_A_STATES = void 0;
+const utils_1 = require("../../utils");
+exports.STEP_A_STATES = {
+    checkSearchRequest: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, goToNextValidationStage }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "A", step: 1, stepName: "checkSearchRequest" });
+        if (context.params.type === 'search') {
+            return next('evaluateSearch');
+        }
+        return goToNextValidationStage();
+    }),
+    evaluateSearch: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "A", step: 2, stepName: "evaluateSearch" });
+        // NOTE -> we don't support search operations
+        return endValidation({ success: false });
+    })
+};

package/dist/utils/roles/machines/read/B/index.d.ts

@@ -0,0 +1,3 @@
+import { States } from '../../interface';
+export declare const STEP_B_STATES: States;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/read/B/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/B/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAGxC,eAAO,MAAM,aAAa,EAAE,MAwB3B,CAAA"}

package/dist/utils/roles/machines/read/B/index.js

@@ -0,0 +1,36 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STEP_B_STATES = void 0;
+const commonValidators_1 = require("../../commonValidators");
+const utils_1 = require("../../utils");
+exports.STEP_B_STATES = {
+    checkDocumentsFilters: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, goToNextValidationStage }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "B", step: 1, stepName: "checkDocumentsFilters" });
+        const { role } = context;
+        if (role.document_filters) {
+            return next('evaluateDocumentsFiltersRead');
+        }
+        return goToNextValidationStage();
+    }),
+    evaluateDocumentsFiltersRead: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, goToNextValidationStage }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "B", step: 2, stepName: "evaluateDocumentsFiltersRead" });
+        const hasDocumentFiltersRead = yield (0, commonValidators_1.evaluateDocumentFiltersFn)(context, "read");
+        if (!hasDocumentFiltersRead)
+            return next('evaluateDocumentsFiltersWrite');
+        return goToNextValidationStage();
+    }),
+    evaluateDocumentsFiltersWrite: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation, goToNextValidationStage }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "B", step: 3, stepName: "evaluateDocumentsFiltersWrite" });
+        const check = yield (0, commonValidators_1.evaluateDocumentFiltersFn)(context, "write");
+        return check ? goToNextValidationStage() : endValidation({ success: false });
+    })
+};

package/dist/utils/roles/machines/read/C/index.d.ts

@@ -0,0 +1,3 @@
+import { States } from '../../interface';
+export declare const STEP_C_STATES: States;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/read/C/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAIxC,eAAO,MAAM,aAAa,EAAE,MAuB3B,CAAA"}

package/dist/utils/roles/machines/read/C/index.js

@@ -0,0 +1,38 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STEP_C_STATES = void 0;
+const commonValidators_1 = require("../../commonValidators");
+const utils_1 = require("../../utils");
+exports.STEP_C_STATES = {
+    evaluateTopLevelRead: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "C", step: 1, stepName: "evaluateTopLevelRead" });
+        const check = yield (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, "read");
+        return check
+            ? endValidation({ success: true })
+            : next('evaluateTopLevelWrite', { check });
+    }),
+    evaluateTopLevelWrite: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
+        var _b;
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "C", step: 2, stepName: "evaluateTopLevelWrite" });
+        const check = yield (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, "write");
+        if (check)
+            return endValidation({ success: true });
+        return ((_b = context === null || context === void 0 ? void 0 : context.prevParams) === null || _b === void 0 ? void 0 : _b.check) === false
+            ? endValidation({ success: false })
+            : next('checkFieldsProperty');
+    }),
+    checkFieldsProperty: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, goToNextValidationStage }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "C", step: 3, stepName: "checkFieldsProperty" });
+        const check = (0, commonValidators_1.checkFieldsPropertyExists)(context);
+        return goToNextValidationStage(check ? 'checkIsValidFieldName' : 'checkAdditionalFields');
+    })
+};

package/dist/utils/roles/machines/read/D/index.d.ts

@@ -0,0 +1,3 @@
+import { States } from '../../interface';
+export declare const STEP_D_STATES: States;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/read/D/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAOxC,eAAO,MAAM,aAAa,EAAE,MAW3B,CAAA"}

package/dist/utils/roles/machines/read/D/index.js

@@ -0,0 +1,26 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STEP_D_STATES = void 0;
+const utils_1 = require("../../utils");
+const validators_1 = require("./validators");
+exports.STEP_D_STATES = {
+    checkAdditionalFields: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "D", step: 1, stepName: "checkAdditionalFields" });
+        const check = (0, validators_1.checkAdditionalFieldsFn)(context);
+        return check ? next('checkIsValidFieldName') : endValidation({ success: false });
+    }),
+    checkIsValidFieldName: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
+        (0, utils_1.logMachineInfo)({ enabled: context.enableLog, machine: "D", step: 2, stepName: "checkIsValidFieldName" });
+        const document = (0, validators_1.checkIsValidFieldNameFn)(context);
+        return endValidation({ success: !!Object.keys(document).length, document });
+    }),
+};

package/dist/utils/roles/machines/read/D/validators.d.ts

@@ -0,0 +1,4 @@
+import { MachineContext } from "../../interface";
+export declare const checkAdditionalFieldsFn: ({ role }: MachineContext) => boolean;
+export declare const checkIsValidFieldNameFn: ({ role, params }: MachineContext) => {};
+//# sourceMappingURL=validators.d.ts.map

package/dist/utils/roles/machines/read/D/validators.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/validators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAGhD,eAAO,MAAM,uBAAuB,GAAI,UAAU,cAAc,YAE/D,CAAA;AAED,eAAO,MAAM,uBAAuB,GAAI,kBAAkB,cAAc,OAgBvE,CAAA"}

package/dist/utils/roles/machines/read/D/validators.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkIsValidFieldNameFn = exports.checkAdditionalFieldsFn = void 0;
+const checkAdditionalFieldsFn = ({ role }) => {
+    return !!Object.keys(role.additional_fields || {}).length;
+};
+exports.checkAdditionalFieldsFn = checkAdditionalFieldsFn;
+const checkIsValidFieldNameFn = ({ role, params }) => {
+    const { cursor } = params;
+    const { fields = {}, additional_fields = {} } = role;
+    const rulesOnId = !!(fields["_id"] || additional_fields["_id"]);
+    const filteredDocument = Object.entries(cursor).reduce((filteredDocument, [key, value]) => {
+        var _a, _b;
+        if (fields[key]) {
+            return (role.fields[key].read || role.fields[key].write) ? Object.assign(Object.assign({}, filteredDocument), { [key]: value }) : filteredDocument;
+        }
+        if (additional_fields[key]) {
+            return (((_a = additional_fields[key]) === null || _a === void 0 ? void 0 : _a.read) || ((_b = additional_fields[key]) === null || _b === void 0 ? void 0 : _b.write)) ? Object.assign(Object.assign({}, filteredDocument), { [key]: value }) : filteredDocument;
+        }
+        return Object.assign(Object.assign({}, filteredDocument), { [key]: value });
+    }, {});
+    return (rulesOnId || cursor._id === undefined) ? filteredDocument : Object.assign(Object.assign({}, filteredDocument), { "_id": cursor._id });
+};
+exports.checkIsValidFieldNameFn = checkIsValidFieldNameFn;

package/dist/utils/roles/machines/read/index.d.ts

@@ -0,0 +1,2 @@
+export declare const READ_MACHINE: import("../interface").States[];
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/roles/machines/read/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/utils/roles/machines/read/index.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,YAAY,iCAA+D,CAAA"}

package/dist/utils/roles/machines/read/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.READ_MACHINE = void 0;
+const A_1 = require("./A");
+const B_1 = require("./B");
+const C_1 = require("./C");
+const D_1 = require("./D");
+exports.READ_MACHINE = [A_1.STEP_A_STATES, B_1.STEP_B_STATES, C_1.STEP_C_STATES, D_1.STEP_D_STATES];

package/dist/utils/roles/machines/utils.d.ts

@@ -0,0 +1,37 @@
+import { Document, OptionalId } from "mongodb";
+import { User } from "../../../auth/dtos";
+import { Role } from "../interface";
+import { LogMachineInfoParams } from "./interface";
+/**
+ * Determines the first applicable role for a given user and document.
+ *
+ * @param {OptionalId<Document> | null} document - The document to check against role conditions.
+ * @param {User} user - The user for whom the role is being determined.
+ * @param {Role[]} [roles=[]] - The list of available roles to evaluate.
+ *
+ * @returns {Role | null} - Returns the first role that matches the `apply_when` condition, or `null` if none match.
+ */
+export declare const getWinningRole: (document: OptionalId<Document> | null, user: User, roles?: Role[]) => Role | null;
+/**
+ * Checks if the `apply_when` condition is valid for the given user and document.
+ *
+ * @param {Role["apply_when"]} apply_when - The rule condition to evaluate.
+ * @param {User} user - The user for whom the condition is being checked.
+ * @param {WithId<Document> | null} document - The document to check against the condition.
+ *
+ * @returns {boolean} - Returns `true` if at least one valid rule is found, otherwise `false`.
+ */
+export declare const checkApplyWhen: (apply_when: Role["apply_when"], user: User, document: OptionalId<Document> | null) => boolean;
+/**
+ * Logs machine step information if logging is enabled.
+ *
+ * @param {Object} params - The parameters for logging machine info.
+ * @param {boolean} params.enabled - Whether logging is enabled.
+ * @param {string} params.machine - The name of the machine.
+ * @param {number} params.step - The current step number.
+ * @param {string} params.stepName - The name of the current step.
+ *
+ * @returns {void}
+ */
+export declare const logMachineInfo: ({ enabled, machine, step, stepName }: LogMachineInfoParams) => void;
+//# sourceMappingURL=utils.d.ts.map

package/dist/utils/roles/machines/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAG1C,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,GAAI,UAAU,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,IAAI,EAAE,QAAO,IAAI,EAAO,KAAG,IAAI,GAAG,IAQ7G,CAAA;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,cAAc,GAAI,YAAY,IAAI,CAAC,YAAY,CAAC,EAAE,MAAM,IAAI,EAAE,UAAU,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,YAG/G,CAAA;AAED;;;;;;;;;;GAUG;AACH,eAAO,MAAM,cAAc,GAAI,sCAAsC,oBAAoB,SAExF,CAAA"}