@forestadmin/agent 1.0.0-alpha.3 → 1.0.0-alpha.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/routes/modification/action.d.ts +1 -0
- package/dist/routes/modification/action.js +13 -2
- package/dist/services/authorization/authorization.d.ts +5 -1
- package/dist/services/authorization/authorization.js +50 -17
- package/dist/services/authorization/index.js +2 -2
- package/dist/services/authorization/internal/action-permission.d.ts +1 -1
- package/dist/services/authorization/internal/action-permission.js +3 -1
- package/dist/services/authorization/internal/hash-chart.d.ts +2 -2
- package/dist/services/authorization/internal/hash-chart.js +9 -9
- package/dist/services/authorization/internal/rendering-permission.d.ts +2 -2
- package/dist/services/authorization/internal/rendering-permission.js +9 -5
- package/dist/services/authorization/internal/types.d.ts +44 -37
- package/dist/services/authorization/internal/types.js +9 -2
- package/dist/services/authorization/internal/user-permission.d.ts +1 -1
- package/dist/services/authorization/internal/user-permission.js +2 -1
- package/dist/services/authorization/internal/verify-approval.d.ts +3 -0
- package/dist/services/authorization/internal/verify-approval.js +45 -0
- package/dist/utils/forest-http-api.d.ts +1 -1
- package/dist/utils/forest-http-api.js +1 -1
- package/package.json +1 -1
|
@@ -11,6 +11,7 @@ export default class ActionRoute extends CollectionRoute {
|
|
|
11
11
|
private handleExecute;
|
|
12
12
|
private handleHook;
|
|
13
13
|
private checkPermissions;
|
|
14
|
+
private middlewareCustomActionApprovalRequestData;
|
|
14
15
|
private getRecordSelection;
|
|
15
16
|
}
|
|
16
17
|
//# sourceMappingURL=action.d.ts.map
|
|
@@ -20,7 +20,7 @@ class ActionRoute extends collection_route_1.default {
|
|
|
20
20
|
setupRoutes(router) {
|
|
21
21
|
const actionIndex = Object.keys(this.collection.schema.actions).indexOf(this.actionName);
|
|
22
22
|
const path = `/_actions/${this.collection.name}/${actionIndex}`;
|
|
23
|
-
router.post(`${path}/:slug`, this.handleExecute.bind(this));
|
|
23
|
+
router.post(`${path}/:slug`, this.middlewareCustomActionApprovalRequestData.bind(this), this.handleExecute.bind(this));
|
|
24
24
|
router.post(`${path}/:slug/hooks/load`, this.handleHook.bind(this));
|
|
25
25
|
router.post(`${path}/:slug/hooks/change`, this.handleHook.bind(this));
|
|
26
26
|
}
|
|
@@ -82,6 +82,17 @@ class ActionRoute extends collection_route_1.default {
|
|
|
82
82
|
async checkPermissions(context) {
|
|
83
83
|
await this.services.authorization.assertCanExecuteCustomAction(context, this.actionName, this.collection.name);
|
|
84
84
|
}
|
|
85
|
+
async middlewareCustomActionApprovalRequestData(context, next) {
|
|
86
|
+
const approvalRequestDataWithAttributes = this.services.authorization.getApprovalRequestData(context);
|
|
87
|
+
if (approvalRequestDataWithAttributes) {
|
|
88
|
+
context.request.body = approvalRequestDataWithAttributes;
|
|
89
|
+
context.state.isCustomActionApprovalRequest = true;
|
|
90
|
+
}
|
|
91
|
+
else {
|
|
92
|
+
context.state.isCustomActionApprovalRequest = false;
|
|
93
|
+
}
|
|
94
|
+
return next();
|
|
95
|
+
}
|
|
85
96
|
async getRecordSelection(context) {
|
|
86
97
|
const selectionIds = body_parser_1.default.parseSelectionIds(this.collection.schema, context);
|
|
87
98
|
let selectedIds = datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, selectionIds.ids);
|
|
@@ -101,4 +112,4 @@ class ActionRoute extends collection_route_1.default {
|
|
|
101
112
|
}
|
|
102
113
|
}
|
|
103
114
|
exports.default = ActionRoute;
|
|
104
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
115
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWN0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3JvdXRlcy9tb2RpZmljYXRpb24vYWN0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBS3lDO0FBSXpDLHVDQUFpRTtBQUVqRSwwRUFBaUQ7QUFDakQsMkVBQWtEO0FBQ2xELGdHQUFzRTtBQUN0RSw0RkFBMkU7QUFDM0Usd0RBQXFDO0FBQ3JDLDRFQUF5RDtBQUN6RCxvR0FBaUY7QUFFakYsTUFBcUIsV0FBWSxTQUFRLDBCQUFlO0lBR3RELFlBQ0UsUUFBdUMsRUFDdkMsT0FBaUMsRUFDakMsVUFBc0IsRUFDdEIsY0FBc0IsRUFDdEIsVUFBa0I7UUFFbEIsS0FBSyxDQUFDLFFBQVEsRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLGNBQWMsQ0FBQyxDQUFDO1FBQ3JELElBQUksQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDO0lBQy9CLENBQUM7SUFFRCxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDekYsTUFBTSxJQUFJLEdBQUcsYUFBYSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksSUFBSSxXQUFXLEVBQUUsQ0FBQztRQUVoRSxNQUFNLENBQUMsSUFBSSxDQUNULEdBQUcsSUFBSSxRQUFRLEVBQ2YsSUFBSSxDQUFDLHlDQUF5QyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFDekQsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQzlCLENBQUM7UUFDRixNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBSSxtQkFBbUIsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBQ3BFLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxJQUFJLHFCQUFxQixFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDeEUsQ0FBQztJQUVPLEtBQUssQ0FBQyxhQUFhLENBQUMsT0FBZ0I7UUFDMUMsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFckMsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUM7UUFDdkMsTUFBTSxNQUFNLEdBQUcsc0JBQWlCLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDO1FBRTVELDhGQUE4RjtRQUM5RiwyRkFBMkY7UUFDM0YsTUFBTSxVQUFVLEdBQUcsdUJBQW9CLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDcEUsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLFVBQVUsRUFBRSxVQUFVLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFMUYsZ0VBQWdFO1FBQ2hFLE1BQU0sSUFBSSxHQUFHLHVCQUFvQixDQUFDLFlBQVksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzVFLE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxVQUFVLEVBQUUsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRXBGLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxPQUFPLEVBQUU7WUFDNUIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxVQUFVLENBQUM7WUFDOUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsRUFBRSxLQUFLLEVBQUUsTUFBTSxDQUFDLE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1NBQ3RFO2FBQU0sSUFBSSxNQUFNLEVBQUUsSUFBSSxLQUFLLFNBQVMsRUFBRTtZQUNyQyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRztnQkFDdEIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUk7Z0JBQ2pCLE9BQU8sRUFBRSxFQUFFLGFBQWEsRUFBRSxDQUFDLEdBQUcsTUFBTSxDQUFDLFdBQVcsQ0FBQyxFQUFFO2FBQ3BELENBQUM7U0FDSDthQUFNLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxTQUFTLEVBQUU7WUFDckMsTUFBTSxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sQ0FBQztZQUM5QyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLE9BQU8sRUFBRSxFQUFFLEdBQUcsRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxFQUFFLENBQUM7U0FDckU7YUFBTSxJQUFJLE1BQU0sRUFBRSxJQUFJLEtBQUssVUFBVSxFQUFFO1lBQ3RDLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLEVBQUUsVUFBVSxFQUFFLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQztTQUNyRDthQUFNLElBQUksTUFBTSxFQUFFLElBQUksS0FBSyxNQUFNLEVBQUU7WUFDbEMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3pDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLCtCQUErQixFQUFFLHFCQUFxQixDQUFDLENBQUM7WUFDN0UsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FBQztZQUN4QyxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO1NBQ3ZDO2FBQU07WUFDTCxNQUFNLElBQUksS0FBSyxDQUFDLDJCQUEyQixDQUFDLENBQUM7U0FDOUM7SUFDSCxDQUFDO0lBRU8sS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFnQjtRQUN2QyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUVyQyxNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQztRQUN2QyxNQUFNLFlBQVksR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLE1BQU0sQ0FBQztRQUNwRSxNQUFNLElBQUksR0FBRyxZQUFZO1lBQ3ZCLENBQUMsQ0FBQyx1QkFBb0IsQ0FBQyxzQkFBc0IsQ0FBQyxVQUFVLEVBQUUsWUFBWSxDQUFDO1lBQ3ZFLENBQUMsQ0FBQyxJQUFJLENBQUM7UUFFVCxNQUFNLE1BQU0sR0FBRyxzQkFBaUIsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEYsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUc7WUFDdEIsTUFBTSxFQUFFLE1BQU0sQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FDekIsMkJBQXNCLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLENBQzNFO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsT0FBZ0I7UUFDN0MsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyw0QkFBNEIsQ0FDNUQsT0FBTyxFQUNQLElBQUksQ0FBQyxVQUFVLEVBQ2YsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQ3JCLENBQUM7SUFDSixDQUFDO0lBRU8sS0FBSyxDQUFDLHlDQUF5QyxDQUFDLE9BQWdCLEVBQUUsSUFBVTtRQUNsRixNQUFNLGlDQUFpQyxHQUNyQyxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxzQkFBc0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUU5RCxJQUFJLGlDQUFpQyxFQUFFO1lBQ3JDLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxHQUFHLGlDQUFpQyxDQUFDO1lBQ3pELE9BQU8sQ0FBQyxLQUFLLENBQUMsNkJBQTZCLEdBQUcsSUFBSSxDQUFDO1NBQ3BEO2FBQU07WUFDTCxPQUFPLENBQUMsS0FBSyxDQUFDLDZCQUE2QixHQUFHLEtBQUssQ0FBQztTQUNyRDtRQUVELE9BQU8sSUFBSSxFQUFFLENBQUM7SUFDaEIsQ0FBQztJQUVPLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxPQUFnQjtRQUMvQyxNQUFNLFlBQVksR0FBRyxxQkFBVSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25GLElBQUksV0FBVyxHQUFHLHlDQUFvQixDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDMUYsSUFBSSxZQUFZLENBQUMsV0FBVztZQUFFLFdBQVcsR0FBRyxXQUFXLENBQUMsT0FBTyxFQUFFLENBQUM7UUFFbEUsTUFBTSxhQUFhLEdBQUcseUNBQW9CLENBQUMsU0FBUyxDQUNsRCxXQUFXLEVBQ1gsc0JBQWlCLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsRUFDOUQsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FDckUsQ0FBQztRQUVGLE1BQU0sTUFBTSxHQUFHLHNCQUFpQixDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN0RCxNQUFNLE1BQU0sR0FBRyxnQ0FBb0IsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLEVBQUUsYUFBYSxFQUFFLENBQUMsQ0FBQztRQUM3RixNQUFNLFVBQVUsR0FBRyxPQUFPLENBQUMsT0FBTyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDO1FBRTNELElBQUksVUFBVSxFQUFFLHVCQUF1QixFQUFFO1lBQ3ZDLE1BQU0sUUFBUSxHQUFHLFVBQVUsRUFBRSx1QkFBdUIsQ0FBQztZQUNyRCxNQUFNLGdCQUFnQixHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO1lBQzFGLE1BQU0sUUFBUSxHQUFHLFlBQU8sQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1lBRTVGLE9BQU8sa0NBQWEsQ0FBQyxpQkFBaUIsQ0FBQyxnQkFBZ0IsRUFBRSxRQUFRLEVBQUUsUUFBUSxFQUFFLE1BQU0sRUFBRSxNQUFNLENBQUMsQ0FBQztTQUM5RjtRQUVELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7Q0FDRjtBQXZJRCw4QkF1SUMifQ==
|
|
@@ -1,11 +1,14 @@
|
|
|
1
1
|
import { Context } from 'koa';
|
|
2
2
|
import { Collection, ConditionTree } from '@forestadmin/datasource-toolkit';
|
|
3
|
+
import { AgentOptionsWithDefaults } from '../../types';
|
|
3
4
|
import ActionPermissionService from './internal/action-permission';
|
|
4
5
|
import RenderingPermissionService from './internal/rendering-permission';
|
|
6
|
+
export declare type AuthorizationServiceOptions = Pick<AgentOptionsWithDefaults, 'envSecret'>;
|
|
5
7
|
export default class AuthorizationService {
|
|
6
8
|
private readonly actionPermissionService;
|
|
7
9
|
private readonly renderingPermissionService;
|
|
8
|
-
|
|
10
|
+
private readonly options;
|
|
11
|
+
constructor(actionPermissionService: ActionPermissionService, renderingPermissionService: RenderingPermissionService, options: AuthorizationServiceOptions);
|
|
9
12
|
assertCanBrowse(context: Context, collectionName: string): Promise<void>;
|
|
10
13
|
assertCanRead(context: Context, collectionName: string): Promise<void>;
|
|
11
14
|
assertCanAdd(context: Context, collectionName: string): Promise<void>;
|
|
@@ -14,6 +17,7 @@ export default class AuthorizationService {
|
|
|
14
17
|
assertCanExport(context: Context, collectionName: string): Promise<void>;
|
|
15
18
|
private assertCanOnCollection;
|
|
16
19
|
assertCanExecuteCustomAction(context: Context, customActionName: string, collectionName: string): Promise<void>;
|
|
20
|
+
getApprovalRequestData(context: Context): import("./internal/types").ActionApprovalJWT;
|
|
17
21
|
getScope(collection: Collection, context: Context): Promise<ConditionTree>;
|
|
18
22
|
assertCanRetrieveChart(context: Context): Promise<void>;
|
|
19
23
|
invalidateScopeCache(renderingId: number): void;
|
|
@@ -1,46 +1,79 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
|
|
4
|
-
const types_1 = require("
|
|
7
|
+
const types_1 = require("../../types");
|
|
8
|
+
const types_2 = require("./internal/types");
|
|
5
9
|
const generate_action_identifier_1 = require("./internal/generate-action-identifier");
|
|
10
|
+
const verify_approval_1 = __importDefault(require("./internal/verify-approval"));
|
|
6
11
|
class AuthorizationService {
|
|
7
|
-
constructor(actionPermissionService, renderingPermissionService) {
|
|
12
|
+
constructor(actionPermissionService, renderingPermissionService, options) {
|
|
8
13
|
this.actionPermissionService = actionPermissionService;
|
|
9
14
|
this.renderingPermissionService = renderingPermissionService;
|
|
15
|
+
this.options = options;
|
|
10
16
|
}
|
|
11
17
|
async assertCanBrowse(context, collectionName) {
|
|
12
|
-
await this.assertCanOnCollection(context,
|
|
18
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Browse, collectionName);
|
|
13
19
|
}
|
|
14
20
|
async assertCanRead(context, collectionName) {
|
|
15
|
-
await this.assertCanOnCollection(context,
|
|
21
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Read, collectionName);
|
|
16
22
|
}
|
|
17
23
|
async assertCanAdd(context, collectionName) {
|
|
18
|
-
await this.assertCanOnCollection(context,
|
|
24
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Add, collectionName);
|
|
19
25
|
}
|
|
20
26
|
async assertCanEdit(context, collectionName) {
|
|
21
|
-
await this.assertCanOnCollection(context,
|
|
27
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Edit, collectionName);
|
|
22
28
|
}
|
|
23
29
|
async assertCanDelete(context, collectionName) {
|
|
24
|
-
await this.assertCanOnCollection(context,
|
|
30
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Delete, collectionName);
|
|
25
31
|
}
|
|
26
32
|
async assertCanExport(context, collectionName) {
|
|
27
|
-
await this.assertCanOnCollection(context,
|
|
33
|
+
await this.assertCanOnCollection(context, types_2.CollectionActionEvent.Export, collectionName);
|
|
28
34
|
}
|
|
29
35
|
async assertCanOnCollection(context, event, collectionName) {
|
|
30
36
|
const { id: userId } = context.state.user;
|
|
31
37
|
if (!(await this.actionPermissionService.can(`${userId}`, (0, generate_action_identifier_1.generateCollectionActionIdentifier)(event, collectionName)))) {
|
|
32
|
-
context.throw(
|
|
38
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
33
39
|
}
|
|
34
40
|
}
|
|
35
41
|
async assertCanExecuteCustomAction(context, customActionName, collectionName) {
|
|
36
42
|
const { id: userId } = context.state.user;
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
+
let customActionEvenType = types_2.CustomActionEvent.Trigger;
|
|
44
|
+
if (context.state.isCustomActionApprovalRequest) {
|
|
45
|
+
const { body: { data: { attributes: { requester_id: approvalRequesterId }, }, }, } = context.request;
|
|
46
|
+
customActionEvenType =
|
|
47
|
+
`${approvalRequesterId}` === `${context.state.user.id}`
|
|
48
|
+
? types_2.CustomActionEvent.SelfApprove
|
|
49
|
+
: types_2.CustomActionEvent.Approve;
|
|
43
50
|
}
|
|
51
|
+
if (!(await this.actionPermissionService.can(`${userId}`, (0, generate_action_identifier_1.generateCustomActionIdentifier)(customActionEvenType, customActionName, collectionName)))) {
|
|
52
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
getApprovalRequestData(context) {
|
|
56
|
+
const { body: { data: { attributes: { signed_approval_request: signedApprovalRequest } = {
|
|
57
|
+
signed_approval_request: null,
|
|
58
|
+
}, } = {}, } = {}, } = context.request;
|
|
59
|
+
if (signedApprovalRequest) {
|
|
60
|
+
try {
|
|
61
|
+
return (0, verify_approval_1.default)(signedApprovalRequest, this.options.envSecret);
|
|
62
|
+
}
|
|
63
|
+
catch (e) {
|
|
64
|
+
if (e instanceof types_2.JTWTokenExpiredError) {
|
|
65
|
+
context.throw(types_1.HttpCode.Forbidden, 'Failed to verify approval payload. The signed approval request token as expired.');
|
|
66
|
+
}
|
|
67
|
+
else if (e instanceof types_2.JTWUnableToVerifyError) {
|
|
68
|
+
context.throw(types_1.HttpCode.Forbidden, 'Failed to verify and extract approval payload.' +
|
|
69
|
+
' Can you check the envSecret you have configured in the AgentOptions?');
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
throw e;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
return null;
|
|
44
77
|
}
|
|
45
78
|
async getScope(collection, context) {
|
|
46
79
|
const { user } = context.state;
|
|
@@ -61,7 +94,7 @@ class AuthorizationService {
|
|
|
61
94
|
userId,
|
|
62
95
|
chartRequest,
|
|
63
96
|
}))) {
|
|
64
|
-
context.throw(
|
|
97
|
+
context.throw(types_1.HttpCode.Forbidden, 'Forbidden');
|
|
65
98
|
}
|
|
66
99
|
}
|
|
67
100
|
invalidateScopeCache(renderingId) {
|
|
@@ -69,4 +102,4 @@ class AuthorizationService {
|
|
|
69
102
|
}
|
|
70
103
|
}
|
|
71
104
|
exports.default = AuthorizationService;
|
|
72
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
105
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aG9yaXphdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9zZXJ2aWNlcy9hdXRob3JpemF0aW9uL2F1dGhvcml6YXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFFQSx3RUFBa0c7QUFFbEcsdUNBQWlFO0FBQ2pFLDRDQUswQjtBQUMxQixzRkFHK0M7QUFHL0MsaUZBQWtFO0FBSWxFLE1BQXFCLG9CQUFvQjtJQUN2QyxZQUNtQix1QkFBZ0QsRUFDaEQsMEJBQXNELEVBQ3RELE9BQW9DO1FBRnBDLDRCQUF1QixHQUF2Qix1QkFBdUIsQ0FBeUI7UUFDaEQsK0JBQTBCLEdBQTFCLDBCQUEwQixDQUE0QjtRQUN0RCxZQUFPLEdBQVAsT0FBTyxDQUE2QjtJQUNwRCxDQUFDO0lBRUcsS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUFnQixFQUFFLGNBQXNCO1FBQ25FLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLE9BQU8sRUFBRSw2QkFBcUIsQ0FBQyxNQUFNLEVBQUUsY0FBYyxDQUFDLENBQUM7SUFDMUYsQ0FBQztJQUVNLEtBQUssQ0FBQyxhQUFhLENBQUMsT0FBZ0IsRUFBRSxjQUFzQjtRQUNqRSxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxPQUFPLEVBQUUsNkJBQXFCLENBQUMsSUFBSSxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQ3hGLENBQUM7SUFFTSxLQUFLLENBQUMsWUFBWSxDQUFDLE9BQWdCLEVBQUUsY0FBc0I7UUFDaEUsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsT0FBTyxFQUFFLDZCQUFxQixDQUFDLEdBQUcsRUFBRSxjQUFjLENBQUMsQ0FBQztJQUN2RixDQUFDO0lBRU0sS0FBSyxDQUFDLGFBQWEsQ0FBQyxPQUFnQixFQUFFLGNBQXNCO1FBQ2pFLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLE9BQU8sRUFBRSw2QkFBcUIsQ0FBQyxJQUFJLEVBQUUsY0FBYyxDQUFDLENBQUM7SUFDeEYsQ0FBQztJQUVNLEtBQUssQ0FBQyxlQUFlLENBQUMsT0FBZ0IsRUFBRSxjQUFzQjtRQUNuRSxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxPQUFPLEVBQUUsNkJBQXFCLENBQUMsTUFBTSxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQzFGLENBQUM7SUFFTSxLQUFLLENBQUMsZUFBZSxDQUFDLE9BQWdCLEVBQUUsY0FBc0I7UUFDbkUsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsT0FBTyxFQUFFLDZCQUFxQixDQUFDLE1BQU0sRUFBRSxjQUFjLENBQUMsQ0FBQztJQUMxRixDQUFDO0lBRU8sS0FBSyxDQUFDLHFCQUFxQixDQUNqQyxPQUFnQixFQUNoQixLQUE0QixFQUM1QixjQUFzQjtRQUV0QixNQUFNLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDO1FBRTFDLElBQ0UsQ0FBQyxDQUFDLE1BQU0sSUFBSSxDQUFDLHVCQUF1QixDQUFDLEdBQUcsQ0FDdEMsR0FBRyxNQUFNLEVBQUUsRUFDWCxJQUFBLCtEQUFrQyxFQUFDLEtBQUssRUFBRSxjQUFjLENBQUMsQ0FDMUQsQ0FBQyxFQUNGO1lBQ0EsT0FBTyxDQUFDLEtBQUssQ0FBQyxnQkFBUSxDQUFDLFNBQVMsRUFBRSxXQUFXLENBQUMsQ0FBQztTQUNoRDtJQUNILENBQUM7SUFFTSxLQUFLLENBQUMsNEJBQTRCLENBQ3ZDLE9BQWdCLEVBQ2hCLGdCQUF3QixFQUN4QixjQUFzQjtRQUV0QixNQUFNLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDO1FBRTFDLElBQUksb0JBQW9CLEdBQUcseUJBQWlCLENBQUMsT0FBTyxDQUFDO1FBRXJELElBQUksT0FBTyxDQUFDLEtBQUssQ0FBQyw2QkFBNkIsRUFBRTtZQUMvQyxNQUFNLEVBQ0osSUFBSSxFQUFFLEVBQ0osSUFBSSxFQUFFLEVBQ0osVUFBVSxFQUFFLEVBQUUsWUFBWSxFQUFFLG1CQUFtQixFQUFFLEdBQ2xELEdBQ0YsR0FDRixHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUM7WUFFcEIsb0JBQW9CO2dCQUNsQixHQUFHLG1CQUFtQixFQUFFLEtBQUssR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLEVBQUU7b0JBQ3JELENBQUMsQ0FBQyx5QkFBaUIsQ0FBQyxXQUFXO29CQUMvQixDQUFDLENBQUMseUJBQWlCLENBQUMsT0FBTyxDQUFDO1NBQ2pDO1FBRUQsSUFDRSxDQUFDLENBQUMsTUFBTSxJQUFJLENBQUMsdUJBQXVCLENBQUMsR0FBRyxDQUN0QyxHQUFHLE1BQU0sRUFBRSxFQUNYLElBQUEsMkRBQThCLEVBQUMsb0JBQW9CLEVBQUUsZ0JBQWdCLEVBQUUsY0FBYyxDQUFDLENBQ3ZGLENBQUMsRUFDRjtZQUNBLE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQVEsQ0FBQyxTQUFTLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDaEQ7SUFDSCxDQUFDO0lBRU0sc0JBQXNCLENBQUMsT0FBZ0I7UUFDNUMsTUFBTSxFQUNKLElBQUksRUFBRSxFQUNKLElBQUksRUFBRSxFQUNKLFVBQVUsRUFBRSxFQUFFLHVCQUF1QixFQUFFLHFCQUFxQixFQUFFLEdBQUc7WUFDL0QsdUJBQXVCLEVBQUUsSUFBSTtTQUM5QixHQUNGLEdBQUcsRUFBRSxHQUNQLEdBQUcsRUFBRSxHQUNQLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUVwQixJQUFJLHFCQUFxQixFQUFFO1lBQ3pCLElBQUk7Z0JBQ0YsT0FBTyxJQUFBLHlCQUF3QixFQUFDLHFCQUFxQixFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7YUFDaEY7WUFBQyxPQUFPLENBQUMsRUFBRTtnQkFDVixJQUFJLENBQUMsWUFBWSw0QkFBb0IsRUFBRTtvQkFDckMsT0FBTyxDQUFDLEtBQUssQ0FDWCxnQkFBUSxDQUFDLFNBQVMsRUFDbEIsa0ZBQWtGLENBQ25GLENBQUM7aUJBQ0g7cUJBQU0sSUFBSSxDQUFDLFlBQVksOEJBQXNCLEVBQUU7b0JBQzlDLE9BQU8sQ0FBQyxLQUFLLENBQ1gsZ0JBQVEsQ0FBQyxTQUFTLEVBQ2xCLGdEQUFnRDt3QkFDOUMsdUVBQXVFLENBQzFFLENBQUM7aUJBQ0g7cUJBQU07b0JBQ0wsTUFBTSxDQUFDLENBQUM7aUJBQ1Q7YUFDRjtTQUNGO1FBRUQsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQVEsQ0FBQyxVQUFzQixFQUFFLE9BQWdCO1FBQ3JELE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBRS9CLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixDQUFDLFFBQVEsQ0FBQztZQUMzRCxXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsY0FBYyxFQUFFLFVBQVUsQ0FBQyxJQUFJO1lBQy9CLElBQUk7U0FDTCxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsS0FBSztZQUFFLE9BQU8sSUFBSSxDQUFDO1FBRXhCLE9BQU8seUNBQW9CLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ3JELENBQUM7SUFFRCxLQUFLLENBQUMsc0JBQXNCLENBQUMsT0FBZ0I7UUFDM0MsTUFBTSxFQUFFLFdBQVcsRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUM7UUFDdkQsTUFBTSxFQUFFLElBQUksRUFBRSxZQUFZLEVBQUUsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBRS9DLElBQ0UsQ0FBQyxDQUFDLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixDQUFDLGdCQUFnQixDQUFDO1lBQ3ZELFdBQVc7WUFDWCxNQUFNO1lBQ04sWUFBWTtTQUNiLENBQUMsQ0FBQyxFQUNIO1lBQ0EsT0FBTyxDQUFDLEtBQUssQ0FBQyxnQkFBUSxDQUFDLFNBQVMsRUFBRSxXQUFXLENBQUMsQ0FBQztTQUNoRDtJQUNILENBQUM7SUFFTSxvQkFBb0IsQ0FBQyxXQUFtQjtRQUM3QyxJQUFJLENBQUMsMEJBQTBCLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9ELENBQUM7Q0FDRjtBQXJKRCx1Q0FxSkMifQ==
|
|
@@ -12,9 +12,9 @@ function authorizationServiceFactory(options) {
|
|
|
12
12
|
const actionPermissionService = new action_permission_1.default(options);
|
|
13
13
|
const userPermissionService = new user_permission_1.default(options);
|
|
14
14
|
const renderingPermissionService = new rendering_permission_1.default(options, userPermissionService);
|
|
15
|
-
return new authorization_1.default(actionPermissionService, renderingPermissionService);
|
|
15
|
+
return new authorization_1.default(actionPermissionService, renderingPermissionService, options);
|
|
16
16
|
}
|
|
17
17
|
exports.default = authorizationServiceFactory;
|
|
18
18
|
var types_1 = require("./internal/types");
|
|
19
19
|
Object.defineProperty(exports, "CustomActionEvent", { enumerable: true, get: function () { return types_1.CustomActionEvent; } });
|
|
20
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSxxRkFBbUU7QUFDbkUsb0VBQW1EO0FBQ25ELDJGQUF5RTtBQUN6RSxpRkFBK0Q7QUFFL0QsU0FBd0IsMkJBQTJCLENBQ2pELE9BQWlDO0lBRWpDLE1BQU0sdUJBQXVCLEdBQUcsSUFBSSwyQkFBdUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNyRSxNQUFNLHFCQUFxQixHQUFHLElBQUkseUJBQXFCLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDakUsTUFBTSwwQkFBMEIsR0FBRyxJQUFJLDhCQUEwQixDQUFDLE9BQU8sRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO0lBRWxHLE9BQU8sSUFBSSx1QkFBb0IsQ0FBQyx1QkFBdUIsRUFBRSwwQkFBMEIsRUFBRSxPQUFPLENBQUMsQ0FBQztBQUNoRyxDQUFDO0FBUkQsOENBUUM7QUFFRCwwQ0FBaUc7QUFBeEYsMEdBQUEsaUJBQWlCLE9BQUEifQ==
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { AgentOptionsWithDefaults } from '../../../types';
|
|
2
|
-
export declare type ActionPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds'>;
|
|
2
|
+
export declare type ActionPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds' | 'logger'>;
|
|
3
3
|
export default class ActionPermissionService {
|
|
4
4
|
private readonly options;
|
|
5
5
|
private permissionsPromise;
|
|
@@ -35,6 +35,7 @@ class ActionPermissionService {
|
|
|
35
35
|
allowRefetch: false,
|
|
36
36
|
});
|
|
37
37
|
}
|
|
38
|
+
this.options.logger('Debug', `User ${userId} is ${isAllowed ? '' : 'not '}allowed to perform ${actionNames.length > 1 ? ' one of ' : ''}${actionNames.join(', ')}`);
|
|
38
39
|
return isAllowed;
|
|
39
40
|
}
|
|
40
41
|
isAllowedOneOf({ permissions, actionNames, userId, }) {
|
|
@@ -57,6 +58,7 @@ class ActionPermissionService {
|
|
|
57
58
|
return this.permissionsPromise;
|
|
58
59
|
}
|
|
59
60
|
async fetchEnvironmentPermissions() {
|
|
61
|
+
this.options.logger('Debug', 'Fetching environment permissions');
|
|
60
62
|
const [rawPermissions, users] = await Promise.all([
|
|
61
63
|
forest_http_api_1.default.getEnvironmentPermissions(this.options),
|
|
62
64
|
forest_http_api_1.default.getUsers(this.options),
|
|
@@ -65,4 +67,4 @@ class ActionPermissionService {
|
|
|
65
67
|
}
|
|
66
68
|
}
|
|
67
69
|
exports.default = ActionPermissionService;
|
|
68
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
70
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWN0aW9uLXBlcm1pc3Npb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi9pbnRlcm5hbC9hY3Rpb24tcGVybWlzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUNBLHFGQUEyRDtBQUMzRCw0R0FFNkM7QUFPN0MsTUFBcUIsdUJBQXVCO0lBSTFDLFlBQTZCLE9BQWdDO1FBQWhDLFlBQU8sR0FBUCxPQUFPLENBQXlCO0lBQUcsQ0FBQztJQUUxRCxRQUFRLENBQUMsTUFBYyxFQUFFLFdBQXFCO1FBQ25ELE9BQU8sSUFBSSxDQUFDLHNCQUFzQixDQUFDO1lBQ2pDLE1BQU07WUFDTixXQUFXO1lBQ1gsWUFBWSxFQUFFLElBQUk7U0FDbkIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVNLEdBQUcsQ0FBQyxNQUFjLEVBQUUsVUFBa0I7UUFDM0MsT0FBTyxJQUFJLENBQUMsc0JBQXNCLENBQUM7WUFDakMsTUFBTTtZQUNOLFdBQVcsRUFBRSxDQUFDLFVBQVUsQ0FBQztZQUN6QixZQUFZLEVBQUUsSUFBSTtTQUNuQixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sS0FBSyxDQUFDLHNCQUFzQixDQUFDLEVBQ25DLE1BQU0sRUFDTixXQUFXLEVBQ1gsWUFBWSxHQUtiO1FBQ0MsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7UUFDaEQsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGNBQWMsQ0FBQyxFQUFFLFdBQVcsRUFBRSxXQUFXLEVBQUUsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUU1RSxJQUFJLENBQUMsU0FBUyxJQUFJLFlBQVksRUFBRTtZQUM5QixJQUFJLENBQUMsa0JBQWtCLEdBQUcsU0FBUyxDQUFDO1lBQ3BDLElBQUksQ0FBQyw2QkFBNkIsR0FBRyxTQUFTLENBQUM7WUFFL0MsT0FBTyxJQUFJLENBQUMsc0JBQXNCLENBQUM7Z0JBQ2pDLE1BQU07Z0JBQ04sV0FBVztnQkFDWCxZQUFZLEVBQUUsS0FBSzthQUNwQixDQUFDLENBQUM7U0FDSjtRQUVELElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUNqQixPQUFPLEVBQ1AsUUFBUSxNQUFNLE9BQU8sU0FBUyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLE1BQU0sc0JBQzFDLFdBQVcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLEVBQ3hDLEdBQUcsV0FBVyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUM1QixDQUFDO1FBRUYsT0FBTyxTQUFTLENBQUM7SUFDbkIsQ0FBQztJQUVPLGNBQWMsQ0FBQyxFQUNyQixXQUFXLEVBQ1gsV0FBVyxFQUNYLE1BQU0sR0FLUDtRQUNDLE9BQU8sV0FBVyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxXQUFXLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxDQUFDLENBQUMsQ0FBQztJQUM3RixDQUFDO0lBRU8sU0FBUyxDQUFDLEVBQ2hCLFdBQVcsRUFDWCxVQUFVLEVBQ1YsTUFBTSxHQUtQO1FBQ0MsT0FBTyxDQUNMLFdBQVcsQ0FBQyxpQkFBaUI7WUFDN0IsV0FBVyxDQUFDLHNCQUFzQixDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUM7WUFDbEQsV0FBVyxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUMsRUFBRSxHQUFHLENBQUMsTUFBTSxDQUFDLENBQzlELENBQUM7SUFDSixDQUFDO0lBRU8sS0FBSyxDQUFDLGNBQWM7UUFDMUIsSUFDRSxJQUFJLENBQUMsa0JBQWtCO1lBQ3ZCLElBQUksQ0FBQyw2QkFBNkI7WUFDbEMsSUFBSSxDQUFDLDZCQUE2QixHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsRUFDL0M7WUFDQSxPQUFPLElBQUksQ0FBQyxrQkFBa0IsQ0FBQztTQUNoQztRQUVELElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLENBQUMsMkJBQTJCLEVBQUUsQ0FBQztRQUM3RCxJQUFJLENBQUMsNkJBQTZCO1lBQ2hDLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLGlDQUFpQyxHQUFHLElBQUksQ0FBQztRQUVyRSxPQUFPLElBQUksQ0FBQyxrQkFBa0IsQ0FBQztJQUNqQyxDQUFDO0lBRU8sS0FBSyxDQUFDLDJCQUEyQjtRQUN2QyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxPQUFPLEVBQUUsa0NBQWtDLENBQUMsQ0FBQztRQUVqRSxNQUFNLENBQUMsY0FBYyxFQUFFLEtBQUssQ0FBQyxHQUFHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQztZQUNoRCx5QkFBYSxDQUFDLHlCQUF5QixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUM7WUFDckQseUJBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQztTQUNyQyxDQUFDLENBQUM7UUFFSCxPQUFPLElBQUEsMkNBQThCLEVBQUMsY0FBYyxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQy9ELENBQUM7Q0FDRjtBQTdHRCwwQ0E2R0MifQ==
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
2
|
-
export declare function hashServerCharts(
|
|
1
|
+
import { Chart } from './types';
|
|
2
|
+
export declare function hashServerCharts(charts: Chart[]): Set<string>;
|
|
3
3
|
export declare function hashChartRequest(chart: any): string;
|
|
4
4
|
//# sourceMappingURL=hash-chart.d.ts.map
|
|
@@ -5,20 +5,20 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.hashChartRequest = exports.hashServerCharts = void 0;
|
|
7
7
|
const object_hash_1 = __importDefault(require("object-hash"));
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
.
|
|
13
|
-
|
|
8
|
+
const types_1 = require("./types");
|
|
9
|
+
function hashServerCharts(charts) {
|
|
10
|
+
const frontendCharts = charts
|
|
11
|
+
// Query charts are not supported
|
|
12
|
+
.filter(x => !x.query)
|
|
13
|
+
.map(chart => ({
|
|
14
14
|
type: chart.type,
|
|
15
15
|
filters: chart.filter,
|
|
16
16
|
aggregate: chart.aggregator,
|
|
17
17
|
aggregate_field: chart.aggregateFieldName,
|
|
18
18
|
collection: chart.sourceCollectionId,
|
|
19
19
|
time_range: chart.timeRange,
|
|
20
|
-
group_by_date_field: (chart.type ===
|
|
21
|
-
group_by_field: (chart.type !==
|
|
20
|
+
group_by_date_field: (chart.type === types_1.ChartType.Line && chart.groupByFieldName) || null,
|
|
21
|
+
group_by_field: (chart.type !== types_1.ChartType.Line && chart.groupByFieldName) || null,
|
|
22
22
|
limit: chart.limit,
|
|
23
23
|
label_field: chart.labelFieldName,
|
|
24
24
|
relationship_field: chart.relationshipFieldName,
|
|
@@ -45,4 +45,4 @@ function hashChartRequest(chart) {
|
|
|
45
45
|
});
|
|
46
46
|
}
|
|
47
47
|
exports.hashChartRequest = hashChartRequest;
|
|
48
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
48
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGFzaC1jaGFydC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9zZXJ2aWNlcy9hdXRob3JpemF0aW9uL2ludGVybmFsL2hhc2gtY2hhcnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsOERBQXFDO0FBRXJDLG1DQVVpQjtBQUVqQixTQUFnQixnQkFBZ0IsQ0FBQyxNQUFlO0lBQzlDLE1BQU0sY0FBYyxHQUFHLE1BQU07UUFDM0IsaUNBQWlDO1NBQ2hDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUUsQ0FBZ0IsQ0FBQyxLQUFLLENBQUM7U0FDckMsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNiLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtRQUNoQixPQUFPLEVBQUcsS0FBeUIsQ0FBQyxNQUFNO1FBQzFDLFNBQVMsRUFBRyxLQUF5QixDQUFDLFVBQVU7UUFDaEQsZUFBZSxFQUFHLEtBQXlCLENBQUMsa0JBQWtCO1FBQzlELFVBQVUsRUFBRyxLQUF5QixDQUFDLGtCQUFrQjtRQUN6RCxVQUFVLEVBQUcsS0FBbUIsQ0FBQyxTQUFTO1FBQzFDLG1CQUFtQixFQUNqQixDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssaUJBQVMsQ0FBQyxJQUFJLElBQUssS0FBbUIsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLElBQUk7UUFDbEYsY0FBYyxFQUNaLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxpQkFBUyxDQUFDLElBQUksSUFBSyxLQUF3QixDQUFDLGdCQUFnQixDQUFDLElBQUksSUFBSTtRQUN2RixLQUFLLEVBQUcsS0FBMEIsQ0FBQyxLQUFLO1FBQ3hDLFdBQVcsRUFBRyxLQUEwQixDQUFDLGNBQWM7UUFDdkQsa0JBQWtCLEVBQUcsS0FBMEIsQ0FBQyxxQkFBcUI7S0FDdEUsQ0FBQyxDQUFDLENBQUM7SUFFTixNQUFNLE1BQU0sR0FBRyxjQUFjLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQ3hDLElBQUEscUJBQVUsRUFBQyxLQUFLLEVBQUU7UUFDaEIsV0FBVyxFQUFFLEtBQUs7UUFDbEIsV0FBVyxFQUFFLEdBQUcsQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxLQUFLLElBQUksSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDLEtBQUssU0FBUztLQUNwRSxDQUFDLENBQ0gsQ0FBQztJQUVGLE9BQU8sSUFBSSxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUM7QUFDekIsQ0FBQztBQTVCRCw0Q0E0QkM7QUFFRCxTQUFnQixnQkFBZ0IsQ0FBQyxLQUFVO0lBQ3pDLE1BQU0sTUFBTSxHQUFHO1FBQ2IsR0FBRyxLQUFLO1FBQ1IsMkZBQTJGO1FBQzNGLG1DQUFtQztRQUNuQyxHQUFHLENBQUMsS0FBSyxFQUFFLGNBQWMsRUFBRSxRQUFRLENBQUMsR0FBRyxDQUFDO1lBQ3RDLENBQUMsQ0FBQyxFQUFFLGNBQWMsRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsS0FBSyxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRTtZQUMxRixDQUFDLENBQUMsRUFBRSxDQUFDO0tBQ1IsQ0FBQztJQUVGLE9BQU8sSUFBQSxxQkFBVSxFQUFDLE1BQU0sRUFBRTtRQUN4QixXQUFXLEVBQUUsS0FBSztRQUNsQixXQUFXLEVBQUUsR0FBRyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLEtBQUssSUFBSTtLQUN4QyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBZEQsNENBY0MifQ==
|
|
@@ -2,14 +2,14 @@ import { GenericTree } from '@forestadmin/datasource-toolkit';
|
|
|
2
2
|
import { AgentOptionsWithDefaults } from '../../../types';
|
|
3
3
|
import { User } from './types';
|
|
4
4
|
import UserPermissionService from './user-permission';
|
|
5
|
-
export declare type RenderingPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds'>;
|
|
5
|
+
export declare type RenderingPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds' | 'logger'>;
|
|
6
6
|
export default class RenderingPermissionService {
|
|
7
7
|
private readonly options;
|
|
8
8
|
private readonly userPermissions;
|
|
9
9
|
private readonly permissionsByRendering;
|
|
10
10
|
constructor(options: RenderingPermissionOptions, userPermissions: UserPermissionService);
|
|
11
11
|
getScope({ renderingId, collectionName, user, }: {
|
|
12
|
-
renderingId: string;
|
|
12
|
+
renderingId: number | string;
|
|
13
13
|
collectionName: string;
|
|
14
14
|
user: User;
|
|
15
15
|
}): Promise<GenericTree>;
|
|
@@ -23,7 +23,7 @@ class RenderingPermissionService {
|
|
|
23
23
|
}
|
|
24
24
|
async getScopeOrRetry({ renderingId, collectionName, user, allowRetry, }) {
|
|
25
25
|
const [permissions, userInfo] = await Promise.all([
|
|
26
|
-
this.permissionsByRendering.fetch(renderingId),
|
|
26
|
+
this.permissionsByRendering.fetch(`${renderingId}`),
|
|
27
27
|
this.userPermissions.getUserInfo(user.id),
|
|
28
28
|
]);
|
|
29
29
|
const collectionPermissions = permissions?.collections?.[collectionName];
|
|
@@ -37,6 +37,7 @@ class RenderingPermissionService {
|
|
|
37
37
|
return (0, generate_user_scope_1.default)(collectionPermissions.scope, permissions.team, userInfo);
|
|
38
38
|
}
|
|
39
39
|
async loadPermissions(renderingId) {
|
|
40
|
+
this.options.logger('Debug', `Loading rendering permissions for rendering ${renderingId}`);
|
|
40
41
|
const rawPermissions = await forest_http_api_1.default.getRenderingPermissions(renderingId, this.options);
|
|
41
42
|
return {
|
|
42
43
|
team: rawPermissions.team,
|
|
@@ -51,10 +52,11 @@ class RenderingPermissionService {
|
|
|
51
52
|
async canRetrieveChartHashOrRetry({ renderingId, userId, chartHash, allowRetry, }) {
|
|
52
53
|
const [userInfo, permissions] = await Promise.all([
|
|
53
54
|
this.userPermissions.getUserInfo(userId),
|
|
54
|
-
this.permissionsByRendering.fetch(renderingId),
|
|
55
|
+
this.permissionsByRendering.fetch(`${renderingId}`),
|
|
55
56
|
]);
|
|
56
|
-
if ([types_1.PermissionLevel.Admin, types_1.PermissionLevel.Developer].includes(userInfo?.permissionLevel) ||
|
|
57
|
+
if ([types_1.PermissionLevel.Admin, types_1.PermissionLevel.Developer, types_1.PermissionLevel.Editor].includes(userInfo?.permissionLevel) ||
|
|
57
58
|
permissions.charts.has(chartHash)) {
|
|
59
|
+
this.options.logger('Debug', `User ${userId} can retrieve chart on rendering ${renderingId}`);
|
|
58
60
|
return true;
|
|
59
61
|
}
|
|
60
62
|
if (allowRetry) {
|
|
@@ -67,11 +69,13 @@ class RenderingPermissionService {
|
|
|
67
69
|
allowRetry: false,
|
|
68
70
|
});
|
|
69
71
|
}
|
|
72
|
+
this.options.logger('Debug', `User ${userId} cannot retrieve chart on rendering ${renderingId}`);
|
|
70
73
|
return false;
|
|
71
74
|
}
|
|
72
75
|
invalidateCache(renderingId) {
|
|
73
|
-
this.
|
|
76
|
+
this.options.logger('Debug', `Invalidating rendering permissions cache for rendering ${renderingId}`);
|
|
77
|
+
this.permissionsByRendering.del(`${renderingId}`);
|
|
74
78
|
}
|
|
75
79
|
}
|
|
76
80
|
exports.default = RenderingPermissionService;
|
|
77
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
81
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVuZGVyaW5nLXBlcm1pc3Npb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi9pbnRlcm5hbC9yZW5kZXJpbmctcGVybWlzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUNBLDBEQUFpQztBQUdqQyxtQ0FNaUI7QUFDakIsNkNBQWtFO0FBQ2xFLHFGQUEyRDtBQUUzRCxnRkFBc0Q7QUFhdEQsTUFBcUIsMEJBQTBCO0lBRzdDLFlBQ21CLE9BQW1DLEVBQ25DLGVBQXNDO1FBRHRDLFlBQU8sR0FBUCxPQUFPLENBQTRCO1FBQ25DLG9CQUFlLEdBQWYsZUFBZSxDQUF1QjtRQUV2RCxJQUFJLENBQUMsc0JBQXNCLEdBQUcsSUFBSSxtQkFBUSxDQUFDO1lBQ3pDLEdBQUcsRUFBRSxHQUFHO1lBQ1IsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsaUNBQWlDLEdBQUcsSUFBSTtZQUMxRCxXQUFXLEVBQUUsV0FBVyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQztTQUM5RCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU0sS0FBSyxDQUFDLFFBQVEsQ0FBQyxFQUNwQixXQUFXLEVBQ1gsY0FBYyxFQUNkLElBQUksR0FLTDtRQUNDLE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQyxFQUFFLFdBQVcsRUFBRSxjQUFjLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ3ZGLENBQUM7SUFFTyxLQUFLLENBQUMsZUFBZSxDQUFDLEVBQzVCLFdBQVcsRUFDWCxjQUFjLEVBQ2QsSUFBSSxFQUNKLFVBQVUsR0FNWDtRQUNDLE1BQU0sQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLEdBQTRDLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQztZQUN6RixJQUFJLENBQUMsc0JBQXNCLENBQUMsS0FBSyxDQUFDLEdBQUcsV0FBVyxFQUFFLENBQUM7WUFDbkQsSUFBSSxDQUFDLGVBQWUsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztTQUMxQyxDQUFDLENBQUM7UUFFSCxNQUFNLHFCQUFxQixHQUFHLFdBQVcsRUFBRSxXQUFXLEVBQUUsQ0FBQyxjQUFjLENBQUMsQ0FBQztRQUV6RSxJQUFJLENBQUMscUJBQXFCLEVBQUU7WUFDMUIsSUFBSSxVQUFVLEVBQUU7Z0JBQ2QsSUFBSSxDQUFDLGVBQWUsQ0FBQyxXQUFXLENBQUMsQ0FBQztnQkFFbEMsT0FBTyxJQUFJLENBQUMsZUFBZSxDQUFDLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUM7YUFDdkY7WUFFRCxPQUFPLElBQUksQ0FBQztTQUNiO1FBRUQsT0FBTyxJQUFBLDZCQUFpQixFQUFDLHFCQUFxQixDQUFDLEtBQUssRUFBRSxXQUFXLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBQ3BGLENBQUM7SUFFTyxLQUFLLENBQUMsZUFBZSxDQUFDLFdBQW1CO1FBQy9DLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLE9BQU8sRUFBRSwrQ0FBK0MsV0FBVyxFQUFFLENBQUMsQ0FBQztRQUUzRixNQUFNLGNBQWMsR0FBRyxNQUFNLHlCQUFhLENBQUMsdUJBQXVCLENBQUMsV0FBVyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUU5RixPQUFPO1lBQ0wsSUFBSSxFQUFFLGNBQWMsQ0FBQyxJQUFJO1lBQ3pCLFdBQVcsRUFBRSxjQUFjLENBQUMsV0FBVztZQUN2QyxNQUFNLEVBQUUsSUFBQSw2QkFBZ0IsRUFBQyxjQUFjLENBQUMsS0FBSyxDQUFDO1NBQy9DLENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLGdCQUFnQixDQUFDLEVBQzVCLFdBQVcsRUFDWCxZQUFZLEVBQ1osTUFBTSxHQUtQO1FBQ0MsTUFBTSxTQUFTLEdBQUcsSUFBQSw2QkFBZ0IsRUFBQyxZQUFZLENBQUMsQ0FBQztRQUVqRCxPQUFPLElBQUksQ0FBQywyQkFBMkIsQ0FBQyxFQUFFLFdBQVcsRUFBRSxTQUFTLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ2hHLENBQUM7SUFFTyxLQUFLLENBQUMsMkJBQTJCLENBQUMsRUFDeEMsV0FBVyxFQUNYLE1BQU0sRUFDTixTQUFTLEVBQ1QsVUFBVSxHQU1YO1FBQ0MsTUFBTSxDQUFDLFFBQVEsRUFBRSxXQUFXLENBQUMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUM7WUFDaEQsSUFBSSxDQUFDLGVBQWUsQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDO1lBQ3hDLElBQUksQ0FBQyxzQkFBc0IsQ0FBQyxLQUFLLENBQUMsR0FBRyxXQUFXLEVBQUUsQ0FBQztTQUNwRCxDQUFDLENBQUM7UUFFSCxJQUNFLENBQUMsdUJBQWUsQ0FBQyxLQUFLLEVBQUUsdUJBQWUsQ0FBQyxTQUFTLEVBQUUsdUJBQWUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxRQUFRLENBQ2pGLFFBQVEsRUFBRSxlQUFlLENBQzFCO1lBQ0QsV0FBVyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsU0FBUyxDQUFDLEVBQ2pDO1lBQ0EsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLFFBQVEsTUFBTSxvQ0FBb0MsV0FBVyxFQUFFLENBQUMsQ0FBQztZQUU5RixPQUFPLElBQUksQ0FBQztTQUNiO1FBRUQsSUFBSSxVQUFVLEVBQUU7WUFDZCxJQUFJLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1lBQ2xDLElBQUksQ0FBQyxlQUFlLENBQUMsVUFBVSxFQUFFLENBQUM7WUFFbEMsT0FBTyxJQUFJLENBQUMsMkJBQTJCLENBQUM7Z0JBQ3RDLFdBQVc7Z0JBQ1gsTUFBTTtnQkFDTixTQUFTO2dCQUNULFVBQVUsRUFBRSxLQUFLO2FBQ2xCLENBQUMsQ0FBQztTQUNKO1FBRUQsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQ2pCLE9BQU8sRUFDUCxRQUFRLE1BQU0sdUNBQXVDLFdBQVcsRUFBRSxDQUNuRSxDQUFDO1FBRUYsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRU0sZUFBZSxDQUFDLFdBQVc7UUFDaEMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQ2pCLE9BQU8sRUFDUCwwREFBMEQsV0FBVyxFQUFFLENBQ3hFLENBQUM7UUFFRixJQUFJLENBQUMsc0JBQXNCLENBQUMsR0FBRyxDQUFDLEdBQUcsV0FBVyxFQUFFLENBQUMsQ0FBQztJQUNwRCxDQUFDO0NBQ0Y7QUExSUQsNkNBMElDIn0=
|
|
@@ -34,6 +34,7 @@ export interface EnvironmentPermissionsV4Remote {
|
|
|
34
34
|
export declare enum PermissionLevel {
|
|
35
35
|
Admin = "admin",
|
|
36
36
|
Developer = "developer",
|
|
37
|
+
Editor = "editor",
|
|
37
38
|
User = "user"
|
|
38
39
|
}
|
|
39
40
|
export declare type UserPermissionV4 = {
|
|
@@ -94,6 +95,19 @@ export interface S3Versions {
|
|
|
94
95
|
'component.js': string;
|
|
95
96
|
'template.hbs': string;
|
|
96
97
|
}
|
|
98
|
+
export interface FilterableChart extends BaseChart {
|
|
99
|
+
filter?: string;
|
|
100
|
+
}
|
|
101
|
+
export interface AggregatedChart extends BaseChart {
|
|
102
|
+
aggregator: 'Sum' | 'Count';
|
|
103
|
+
aggregateFieldName: string | null;
|
|
104
|
+
}
|
|
105
|
+
export interface CollectionChart extends BaseChart {
|
|
106
|
+
sourceCollectionId: string | number;
|
|
107
|
+
}
|
|
108
|
+
export interface GroupedByChart extends BaseChart {
|
|
109
|
+
groupByFieldName: string | null;
|
|
110
|
+
}
|
|
97
111
|
export interface SmartChart extends BaseChart {
|
|
98
112
|
type: ChartType.Smart;
|
|
99
113
|
s3Versions: S3Versions & {
|
|
@@ -101,62 +115,32 @@ export interface SmartChart extends BaseChart {
|
|
|
101
115
|
};
|
|
102
116
|
id: string;
|
|
103
117
|
}
|
|
104
|
-
export interface LeaderboardChart extends BaseChart {
|
|
118
|
+
export interface LeaderboardChart extends BaseChart, AggregatedChart, CollectionChart {
|
|
105
119
|
type: ChartType.Leaderboard;
|
|
106
|
-
sourceCollectionId: string | number;
|
|
107
120
|
labelFieldName: string;
|
|
108
121
|
relationshipFieldName: string;
|
|
109
|
-
|
|
110
|
-
aggregator: 'Sum' | 'Count';
|
|
111
|
-
limit: any;
|
|
122
|
+
limit: number;
|
|
112
123
|
}
|
|
113
|
-
export interface LineChart extends BaseChart {
|
|
124
|
+
export interface LineChart extends BaseChart, FilterableChart, AggregatedChart, CollectionChart, GroupedByChart {
|
|
114
125
|
type: ChartType.Line;
|
|
115
|
-
sourceCollectionId: string | number;
|
|
116
|
-
groupByFieldName: string;
|
|
117
|
-
aggregateFieldName: string | null;
|
|
118
|
-
aggregator: 'Sum' | 'Count';
|
|
119
126
|
timeRange: 'Day' | 'Week' | 'Month' | 'Year';
|
|
120
|
-
filter: Filter | null;
|
|
121
127
|
}
|
|
122
|
-
export interface ObjectiveChart extends BaseChart {
|
|
128
|
+
export interface ObjectiveChart extends BaseChart, FilterableChart, AggregatedChart, CollectionChart {
|
|
123
129
|
type: ChartType.Objective;
|
|
124
|
-
sourceCollectionId: string | number;
|
|
125
|
-
aggregateFieldName: string;
|
|
126
|
-
aggregator: 'Sum' | 'Count';
|
|
127
130
|
objective: number;
|
|
128
|
-
filter: Filter | null;
|
|
129
131
|
}
|
|
130
132
|
export interface PercentageChart extends BaseChart {
|
|
131
133
|
type: ChartType.Percentage;
|
|
132
134
|
numeratorChartId: string;
|
|
133
135
|
denominatorChartId: string;
|
|
134
136
|
}
|
|
135
|
-
export interface PieChart extends BaseChart {
|
|
137
|
+
export interface PieChart extends BaseChart, FilterableChart, AggregatedChart, CollectionChart, GroupedByChart {
|
|
136
138
|
type: ChartType.Pie;
|
|
137
|
-
sourceCollectionId: string | number;
|
|
138
|
-
aggregateFieldName: string;
|
|
139
|
-
groupByFieldName: string;
|
|
140
|
-
aggregator: 'Sum' | 'Count';
|
|
141
|
-
filter: Filter | null;
|
|
142
139
|
}
|
|
143
|
-
export interface ValueChart extends BaseChart {
|
|
140
|
+
export interface ValueChart extends BaseChart, FilterableChart, AggregatedChart, CollectionChart {
|
|
144
141
|
type: ChartType.Value;
|
|
145
|
-
sourceCollectionId: string | number;
|
|
146
|
-
aggregateFieldName: string;
|
|
147
|
-
aggregator: 'Sum' | 'Count';
|
|
148
|
-
filter: Filter | null;
|
|
149
142
|
}
|
|
150
143
|
export declare type Chart = SmartChart | ApiRouteChart | QueryChart | SmartRouteChart | LeaderboardChart | LineChart | ObjectiveChart | PercentageChart | PieChart | ValueChart;
|
|
151
|
-
export interface RenderingChartDefinitions {
|
|
152
|
-
queries: string[];
|
|
153
|
-
leaderboards: LeaderboardChart[];
|
|
154
|
-
lines: LineChart[];
|
|
155
|
-
objectives: ObjectiveChart[];
|
|
156
|
-
percentages: PercentageChart[];
|
|
157
|
-
pies: PieChart[];
|
|
158
|
-
values: ValueChart[];
|
|
159
|
-
}
|
|
160
144
|
export interface CollectionColumn {
|
|
161
145
|
id: string | number;
|
|
162
146
|
fieldName: string;
|
|
@@ -216,10 +200,33 @@ export declare type Team = {
|
|
|
216
200
|
export declare type RenderingPermissionV4 = {
|
|
217
201
|
team: Team;
|
|
218
202
|
collections: Record<string, CollectionRenderingPermissionV4>;
|
|
219
|
-
stats:
|
|
203
|
+
stats: Chart[];
|
|
220
204
|
};
|
|
221
205
|
export declare type User = Record<string, any> & {
|
|
222
206
|
id: number;
|
|
223
207
|
tags: Record<string, string>;
|
|
224
208
|
};
|
|
209
|
+
export interface ActionApprovalAttributes {
|
|
210
|
+
requester_id: number;
|
|
211
|
+
ids: Array<string>;
|
|
212
|
+
collection_name: string;
|
|
213
|
+
smart_action_id: string;
|
|
214
|
+
values: any | null;
|
|
215
|
+
parent_collection_name: string | null;
|
|
216
|
+
parent_collection_id: string | null;
|
|
217
|
+
parent_association_name: string | null;
|
|
218
|
+
all_records: boolean;
|
|
219
|
+
all_records_subset_query: null;
|
|
220
|
+
}
|
|
221
|
+
export declare type ActionApprovalJWT = {
|
|
222
|
+
data: {
|
|
223
|
+
id: string | number;
|
|
224
|
+
type: string;
|
|
225
|
+
attributes: ActionApprovalAttributes;
|
|
226
|
+
};
|
|
227
|
+
};
|
|
228
|
+
export declare class JTWUnableToVerifyError extends Error {
|
|
229
|
+
}
|
|
230
|
+
export declare class JTWTokenExpiredError extends Error {
|
|
231
|
+
}
|
|
225
232
|
//# sourceMappingURL=types.d.ts.map
|
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.ChartType = exports.CustomActionEvent = exports.CollectionActionEvent = exports.PermissionLevel = void 0;
|
|
3
|
+
exports.JTWTokenExpiredError = exports.JTWUnableToVerifyError = exports.ChartType = exports.CustomActionEvent = exports.CollectionActionEvent = exports.PermissionLevel = void 0;
|
|
4
4
|
var PermissionLevel;
|
|
5
5
|
(function (PermissionLevel) {
|
|
6
6
|
PermissionLevel["Admin"] = "admin";
|
|
7
7
|
PermissionLevel["Developer"] = "developer";
|
|
8
|
+
PermissionLevel["Editor"] = "editor";
|
|
8
9
|
PermissionLevel["User"] = "user";
|
|
9
10
|
})(PermissionLevel = exports.PermissionLevel || (exports.PermissionLevel = {}));
|
|
10
11
|
var CollectionActionEvent;
|
|
@@ -33,4 +34,10 @@ var ChartType;
|
|
|
33
34
|
ChartType["Percentage"] = "Percentage";
|
|
34
35
|
ChartType["Smart"] = "Smart";
|
|
35
36
|
})(ChartType = exports.ChartType || (exports.ChartType = {}));
|
|
36
|
-
|
|
37
|
+
class JTWUnableToVerifyError extends Error {
|
|
38
|
+
}
|
|
39
|
+
exports.JTWUnableToVerifyError = JTWUnableToVerifyError;
|
|
40
|
+
class JTWTokenExpiredError extends Error {
|
|
41
|
+
}
|
|
42
|
+
exports.JTWTokenExpiredError = JTWTokenExpiredError;
|
|
43
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvc2VydmljZXMvYXV0aG9yaXphdGlvbi9pbnRlcm5hbC90eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUF5Q0EsSUFBWSxlQUtYO0FBTEQsV0FBWSxlQUFlO0lBQ3pCLGtDQUFlLENBQUE7SUFDZiwwQ0FBdUIsQ0FBQTtJQUN2QixvQ0FBaUIsQ0FBQTtJQUNqQixnQ0FBYSxDQUFBO0FBQ2YsQ0FBQyxFQUxXLGVBQWUsR0FBZix1QkFBZSxLQUFmLHVCQUFlLFFBSzFCO0FBWUQsSUFBWSxxQkFPWDtBQVBELFdBQVkscUJBQXFCO0lBQy9CLDBDQUFpQixDQUFBO0lBQ2pCLDBDQUFpQixDQUFBO0lBQ2pCLHNDQUFhLENBQUE7SUFDYixzQ0FBYSxDQUFBO0lBQ2IsMENBQWlCLENBQUE7SUFDakIsb0NBQVcsQ0FBQTtBQUNiLENBQUMsRUFQVyxxQkFBcUIsR0FBckIsNkJBQXFCLEtBQXJCLDZCQUFxQixRQU9oQztBQUVELElBQVksaUJBS1g7QUFMRCxXQUFZLGlCQUFpQjtJQUMzQix3Q0FBbUIsQ0FBQTtJQUNuQix3Q0FBbUIsQ0FBQTtJQUNuQixpREFBNEIsQ0FBQTtJQUM1Qix5REFBb0MsQ0FBQTtBQUN0QyxDQUFDLEVBTFcsaUJBQWlCLEdBQWpCLHlCQUFpQixLQUFqQix5QkFBaUIsUUFLNUI7QUFFRCxJQUFZLFNBUVg7QUFSRCxXQUFZLFNBQVM7SUFDbkIsd0JBQVcsQ0FBQTtJQUNYLDRCQUFlLENBQUE7SUFDZix3Q0FBMkIsQ0FBQTtJQUMzQiwwQkFBYSxDQUFBO0lBQ2Isb0NBQXVCLENBQUE7SUFDdkIsc0NBQXlCLENBQUE7SUFDekIsNEJBQWUsQ0FBQTtBQUNqQixDQUFDLEVBUlcsU0FBUyxHQUFULGlCQUFTLEtBQVQsaUJBQVMsUUFRcEI7QUErTUQsTUFBYSxzQkFBdUIsU0FBUSxLQUFLO0NBQUc7QUFBcEQsd0RBQW9EO0FBQ3BELE1BQWEsb0JBQXFCLFNBQVEsS0FBSztDQUFHO0FBQWxELG9EQUFrRCJ9
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AgentOptionsWithDefaults } from '../../../types';
|
|
2
2
|
import { UserPermissionV4 } from './types';
|
|
3
|
-
export declare type UserPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds'>;
|
|
3
|
+
export declare type UserPermissionOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds' | 'logger'>;
|
|
4
4
|
export default class UserPermissionService {
|
|
5
5
|
private readonly options;
|
|
6
6
|
private cacheExpirationTimestamp;
|
|
@@ -19,6 +19,7 @@ class UserPermissionService {
|
|
|
19
19
|
!(await this.userInfoById).has(userId)) {
|
|
20
20
|
this.cacheExpirationTimestamp =
|
|
21
21
|
Date.now() + this.options.permissionsCacheDurationInSeconds * 1000;
|
|
22
|
+
this.options.logger('Debug', `Refreshing user permissions cache`);
|
|
22
23
|
// The response here is not awaited in order to be set in the cache
|
|
23
24
|
// allowing subsequent calls to getUserInfo to use the cache even if
|
|
24
25
|
// the response is not yet available.
|
|
@@ -32,4 +33,4 @@ class UserPermissionService {
|
|
|
32
33
|
}
|
|
33
34
|
}
|
|
34
35
|
exports.default = UserPermissionService;
|
|
35
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
36
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlci1wZXJtaXNzaW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3NlcnZpY2VzL2F1dGhvcml6YXRpb24vaW50ZXJuYWwvdXNlci1wZXJtaXNzaW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBRUEscUZBQTJEO0FBTzNELE1BQXFCLHFCQUFxQjtJQVF4QyxZQUE2QixPQUE4QjtRQUE5QixZQUFPLEdBQVAsT0FBTyxDQUF1QjtRQVBuRCw2QkFBd0IsR0FBRyxDQUFDLENBQUM7UUFFckMsaUVBQWlFO1FBQ2pFLDJEQUEyRDtRQUMzRCxvREFBb0Q7UUFDNUMsaUJBQVksR0FBMkMsSUFBSSxDQUFDO0lBRU4sQ0FBQztJQUV4RCxLQUFLLENBQUMsV0FBVyxDQUFDLE1BQWM7UUFDckMsSUFDRSxDQUFDLElBQUksQ0FBQyx3QkFBd0I7WUFDOUIsSUFBSSxDQUFDLHdCQUF3QixHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUU7WUFDMUMsQ0FBQyxDQUFDLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFDdEM7WUFDQSxJQUFJLENBQUMsd0JBQXdCO2dCQUMzQixJQUFJLENBQUMsR0FBRyxFQUFFLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxpQ0FBaUMsR0FBRyxJQUFJLENBQUM7WUFFckUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLG1DQUFtQyxDQUFDLENBQUM7WUFFbEUsbUVBQW1FO1lBQ25FLG9FQUFvRTtZQUNwRSxxQ0FBcUM7WUFDckMsSUFBSSxDQUFDLFlBQVksR0FBRyx5QkFBYSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUMzRCxLQUFLLENBQUMsRUFBRSxDQUFDLElBQUksR0FBRyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUNyRCxDQUFDO1NBQ0g7UUFFRCxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFTSxVQUFVO1FBQ2YsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLENBQUM7UUFDekIsSUFBSSxDQUFDLHdCQUF3QixHQUFHLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQztJQUMzRCxDQUFDO0NBQ0Y7QUFwQ0Qsd0NBb0NDIn0=
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
25
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
+
const jsonwebtoken_1 = __importStar(require("jsonwebtoken"));
|
|
27
|
+
const types_1 = require("./types");
|
|
28
|
+
function verifyAndExtractApproval(approvalRequestToken, privateKey) {
|
|
29
|
+
try {
|
|
30
|
+
return jsonwebtoken_1.default.verify(approvalRequestToken, privateKey);
|
|
31
|
+
}
|
|
32
|
+
catch (err) {
|
|
33
|
+
if (err instanceof jsonwebtoken_1.TokenExpiredError) {
|
|
34
|
+
throw new types_1.JTWTokenExpiredError();
|
|
35
|
+
}
|
|
36
|
+
else if (err instanceof jsonwebtoken_1.JsonWebTokenError) {
|
|
37
|
+
throw new types_1.JTWUnableToVerifyError();
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
throw err;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
exports.default = verifyAndExtractApproval;
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmVyaWZ5LWFwcHJvdmFsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3NlcnZpY2VzL2F1dGhvcml6YXRpb24vaW50ZXJuYWwvdmVyaWZ5LWFwcHJvdmFsLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw2REFBa0Y7QUFFbEYsbUNBQTBGO0FBRTFGLFNBQXdCLHdCQUF3QixDQUFDLG9CQUE0QixFQUFFLFVBQWtCO0lBQy9GLElBQUk7UUFDRixPQUFPLHNCQUFZLENBQUMsTUFBTSxDQUFDLG9CQUFvQixFQUFFLFVBQVUsQ0FBc0IsQ0FBQztLQUNuRjtJQUFDLE9BQU8sR0FBRyxFQUFFO1FBQ1osSUFBSSxHQUFHLFlBQVksZ0NBQWlCLEVBQUU7WUFDcEMsTUFBTSxJQUFJLDRCQUFvQixFQUFFLENBQUM7U0FDbEM7YUFBTSxJQUFJLEdBQUcsWUFBWSxnQ0FBaUIsRUFBRTtZQUMzQyxNQUFNLElBQUksOEJBQXNCLEVBQUUsQ0FBQztTQUNwQzthQUFNO1lBQ0wsTUFBTSxHQUFHLENBQUM7U0FDWDtLQUNGO0FBQ0gsQ0FBQztBQVpELDJDQVlDIn0=
|
|
@@ -35,7 +35,7 @@ export default class ForestHttpApi {
|
|
|
35
35
|
static uploadSchema(options: HttpOptions, apimap: JSONAPIDocument): Promise<void>;
|
|
36
36
|
static getEnvironmentPermissions(options: HttpOptions): Promise<EnvironmentPermissionsV4>;
|
|
37
37
|
static getUsers(options: HttpOptions): Promise<UserPermissionV4[]>;
|
|
38
|
-
static getRenderingPermissions(renderingId: number, options: HttpOptions): Promise<RenderingPermissionV4>;
|
|
38
|
+
static getRenderingPermissions(renderingId: string | number, options: HttpOptions): Promise<RenderingPermissionV4>;
|
|
39
39
|
private static handleResponseError;
|
|
40
40
|
}
|
|
41
41
|
export {};
|
|
@@ -130,4 +130,4 @@ class ForestHttpApi {
|
|
|
130
130
|
}
|
|
131
131
|
}
|
|
132
132
|
exports.default = ForestHttpApi;
|
|
133
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
133
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZm9yZXN0LWh0dHAtYXBpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3V0aWxzL2ZvcmVzdC1odHRwLWFwaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUdBLDREQUFpRTtBQStCakUsTUFBcUIsYUFBYTtJQUNoQyxNQUFNLENBQUMsS0FBSyxDQUFDLDJCQUEyQixDQUN0QyxPQUFvQjtRQUVwQixJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQWEsTUFBTSxvQkFBVTtpQkFDeEMsR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLDhCQUE4QixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDaEYsR0FBRyxDQUFDLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUUvQyxNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7WUFFMUMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxPQUFPLEVBQUUsVUFBVSxDQUFDLEtBQUssRUFBRSxDQUFDO1NBQ3JGO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDN0I7SUFDSCxDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyx1QkFBdUIsQ0FBQyxPQUFvQjtRQUN2RCxJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQWEsTUFBTSxvQkFBVTtpQkFDeEMsR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLHdDQUF3QyxFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDMUYsR0FBRyxDQUFDLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUUvQyxPQUFPLFFBQVEsQ0FBQyxJQUFJLENBQUM7U0FDdEI7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUM3QjtJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUM3QixPQUFvQixFQUNwQixXQUFtQixFQUNuQixXQUFtQjtRQUVuQixJQUFJO1lBQ0YsTUFBTSxHQUFHLEdBQUcsSUFBSSxHQUFHLENBQ2pCLHdCQUF3QixXQUFXLGdCQUFnQixFQUNuRCxPQUFPLENBQUMsZUFBZSxDQUN4QixDQUFDO1lBRUYsTUFBTSxRQUFRLEdBQUcsTUFBTSxvQkFBVTtpQkFDOUIsR0FBRyxDQUFDLEdBQUcsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDbkIsR0FBRyxDQUFDLGNBQWMsRUFBRSxXQUFXLENBQUM7aUJBQ2hDLEdBQUcsQ0FBQyxtQkFBbUIsRUFBRSxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFL0MsTUFBTSxFQUFFLFVBQVUsRUFBRSxFQUFFLEVBQUUsR0FBRyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQztZQUU5QyxPQUFPO2dCQUNMLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRSxDQUFDO2dCQUNkLEtBQUssRUFBRSxVQUFVLENBQUMsS0FBSztnQkFDdkIsU0FBUyxFQUFFLFVBQVUsQ0FBQyxVQUFVO2dCQUNoQyxRQUFRLEVBQUUsVUFBVSxDQUFDLFNBQVM7Z0JBQzlCLElBQUksRUFBRSxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDekIsSUFBSSxFQUFFLFVBQVUsQ0FBQyxJQUFJO2dCQUNyQixJQUFJLEVBQUUsVUFBVSxDQUFDLElBQUksRUFBRSxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxHQUFHLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxHQUFHLElBQUksRUFBRSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO2dCQUN4RixXQUFXO2dCQUNYLGVBQWUsRUFBRSxVQUFVLENBQUMsZ0JBQWdCO2FBQzdDLENBQUM7U0FDSDtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQzdCO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQW9CLEVBQUUsSUFBWTtRQUN2RCxJQUFJO1lBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxvQkFBVTtpQkFDOUIsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLDJCQUEyQixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDOUUsSUFBSSxDQUFDLEVBQUUsY0FBYyxFQUFFLElBQUksRUFBRSxDQUFDO2lCQUM5QixHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRS9DLE9BQU8sQ0FBQyxRQUFRLEVBQUUsSUFBSSxFQUFFLFVBQVUsQ0FBQztTQUNwQztRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQzdCO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLE9BQW9CLEVBQUUsTUFBdUI7UUFDckUsSUFBSTtZQUNGLE1BQU0sb0JBQVU7aUJBQ2IsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxlQUFlLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztpQkFDcEUsSUFBSSxDQUFDLE1BQU0sQ0FBQztpQkFDWixHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1NBQ2hEO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDN0I7SUFDSCxDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxPQUFvQjtRQUN6RCxJQUFJO1lBQ0YsTUFBTSxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sb0JBQVU7aUJBQzlCLEdBQUcsQ0FBQyxHQUFHLE9BQU8sQ0FBQyxlQUFlLG1DQUFtQyxDQUFDO2lCQUNsRSxHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRS9DLE9BQU8sSUFBSSxDQUFDO1NBQ2I7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUM3QjtJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUFvQjtRQUN4QyxJQUFJO1lBQ0YsTUFBTSxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sb0JBQVU7aUJBQzlCLEdBQUcsQ0FBQyxHQUFHLE9BQU8sQ0FBQyxlQUFlLDZCQUE2QixDQUFDO2lCQUM1RCxHQUFHLENBQUMsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRS9DLE9BQU8sSUFBSSxDQUFDO1NBQ2I7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUM3QjtJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLHVCQUF1QixDQUNsQyxXQUE0QixFQUM1QixPQUFvQjtRQUVwQixJQUFJO1lBQ0YsTUFBTSxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sb0JBQVU7aUJBQzlCLEdBQUcsQ0FBQyxHQUFHLE9BQU8sQ0FBQyxlQUFlLG9DQUFvQyxXQUFXLEVBQUUsQ0FBQztpQkFDaEYsR0FBRyxDQUFDLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUUvQyxPQUFPLElBQUksQ0FBQztTQUNiO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDN0I7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLG1CQUFtQixDQUFDLENBQVE7UUFDekMsSUFBSSxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUM7WUFDaEMsTUFBTSxJQUFJLEtBQUssQ0FDYix5REFBeUQ7Z0JBQ3ZELHFEQUFxRCxDQUN4RCxDQUFDO1FBRUosSUFBSyxDQUFtQixDQUFDLFFBQVEsRUFBRTtZQUNqQyxNQUFNLE1BQU0sR0FBSSxDQUFtQixFQUFFLFFBQVEsRUFBRSxNQUFNLENBQUM7WUFFdEQsOENBQThDO1lBQzlDLElBQUksTUFBTSxLQUFLLENBQUMsSUFBSSxNQUFNLEtBQUssR0FBRztnQkFDaEMsTUFBTSxJQUFJLEtBQUssQ0FBQyxxREFBcUQsQ0FBQyxDQUFDO1lBRXpFLElBQUksTUFBTSxLQUFLLEdBQUc7Z0JBQ2hCLE1BQU0sSUFBSSxLQUFLLENBQ2Isd0ZBQXdGO29CQUN0RiwwRUFBMEUsQ0FDN0UsQ0FBQztZQUVKLElBQUksTUFBTSxLQUFLLEdBQUc7Z0JBQ2hCLE1BQU0sSUFBSSxLQUFLLENBQ2Isa0ZBQWtGO29CQUNoRiw4REFBOEQsQ0FDakUsQ0FBQztZQUVKLE1BQU0sSUFBSSxLQUFLLENBQ2IsdUVBQXVFO2dCQUNyRSxvRUFBb0UsQ0FDdkUsQ0FBQztTQUNIO1FBRUQsTUFBTSxDQUFDLENBQUM7SUFDVixDQUFDO0NBQ0Y7QUFoS0QsZ0NBZ0tDIn0=
|