@forestadmin/agent 1.0.0-beta.1

package/dist/agent/routes/modification/update-relation.js

@@ -0,0 +1,53 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
+const types_1 = require("../../types");
+const id_1 = __importDefault(require("../../utils/id"));
+const query_string_1 = __importDefault(require("../../utils/query-string"));
+const relation_route_1 = __importDefault(require("../relation-route"));
+class UpdateRelation extends relation_route_1.default {
+    setupRoutes(router) {
+        router.put(`/${this.collection.name}/:parentId/relationships/${this.relationName}`, this.handleUpdateRelationRoute.bind(this));
+    }
+    async handleUpdateRelationRoute(context) {
+        const relation = this.collection.schema.fields[this.relationName];
+        const timezone = query_string_1.default.parseTimezone(context);
+        const parentId = id_1.default.unpackId(this.collection.schema, context.params.parentId);
+        const linkedId = id_1.default.unpackId(this.foreignCollection.schema, context.request.body?.data.id);
+        if (relation.type === 'ManyToOne') {
+            await this.updateManyToOne(context, relation, parentId, linkedId, timezone);
+        }
+        else if (relation.type === 'OneToOne') {
+            await this.updateOneToOne(context, relation, parentId, linkedId, timezone);
+        }
+        context.response.status = types_1.HttpCode.NoContent;
+    }
+    async updateManyToOne(context, relation, parentId, linkedId, timezone) {
+        // Perms
+        const scope = await this.services.permissions.getScope(this.collection, context);
+        await this.services.permissions.can(context, `edit:${this.collection.name}`);
+        // Load the value that will be used as foreignKey (=== linkedId[0] most of the time)
+        const foreignValue = await datasource_toolkit_1.CollectionUtils.getValue(this.foreignCollection, linkedId, relation.foreignKeyTarget);
+        // Overwrite old foreign key with new one (only one query needed).
+        const fkOwner = datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [parentId]);
+        await this.collection.update(new datasource_toolkit_1.Filter({ conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(fkOwner, scope), timezone }), { [relation.foreignKey]: foreignValue });
+    }
+    async updateOneToOne(context, relation, parentId, linkedId, timezone) {
+        // Permissions
+        const scope = await this.services.permissions.getScope(this.foreignCollection, context);
+        await this.services.permissions.can(context, `edit:${this.foreignCollection.name}`);
+        // Load the value that will be used as originKey (=== parentId[0] most of the time)
+        const originValue = await datasource_toolkit_1.CollectionUtils.getValue(this.collection, parentId, relation.originKeyTarget);
+        // Break old relation (may update zero or one records).
+        const oldFkOwner = new datasource_toolkit_1.ConditionTreeLeaf(relation.originKey, 'Equal', originValue);
+        await this.foreignCollection.update(new datasource_toolkit_1.Filter({ conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(oldFkOwner, scope), timezone }), { [relation.originKey]: null });
+        // Create new relation (will update exactly one record).
+        const newFkOwner = datasource_toolkit_1.ConditionTreeFactory.matchIds(this.foreignCollection.schema, [linkedId]);
+        await this.foreignCollection.update(new datasource_toolkit_1.Filter({ conditionTree: datasource_toolkit_1.ConditionTreeFactory.intersect(newFkOwner, scope), timezone }), { [relation.originKey]: originValue });
+    }
+}
+exports.default = UpdateRelation;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXBkYXRlLXJlbGF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FnZW50L3JvdXRlcy9tb2RpZmljYXRpb24vdXBkYXRlLXJlbGF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBUXlDO0FBSXpDLHVDQUF1QztBQUN2Qyx3REFBcUM7QUFDckMsNEVBQXlEO0FBQ3pELHVFQUE4QztBQUU5QyxNQUFxQixjQUFlLFNBQVEsd0JBQWE7SUFDdkQsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FDUixJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSw0QkFBNEIsSUFBSSxDQUFDLFlBQVksRUFBRSxFQUN2RSxJQUFJLENBQUMseUJBQXlCLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUMxQyxDQUFDO0lBQ0osQ0FBQztJQUVNLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxPQUFnQjtRQUNyRCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ2xFLE1BQU0sUUFBUSxHQUFHLHNCQUFpQixDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMxRCxNQUFNLFFBQVEsR0FBRyxZQUFPLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDbkYsTUFBTSxRQUFRLEdBQUcsWUFBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUVoRyxJQUFJLFFBQVEsQ0FBQyxJQUFJLEtBQUssV0FBVyxFQUFFO1lBQ2pDLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsUUFBUSxDQUFDLENBQUM7U0FDN0U7YUFBTSxJQUFJLFFBQVEsQ0FBQyxJQUFJLEtBQUssVUFBVSxFQUFFO1lBQ3ZDLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsUUFBUSxDQUFDLENBQUM7U0FDNUU7UUFFRCxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLFNBQVMsQ0FBQztJQUMvQyxDQUFDO0lBRU8sS0FBSyxDQUFDLGVBQWUsQ0FDM0IsT0FBZ0IsRUFDaEIsUUFBeUIsRUFDekIsUUFBcUIsRUFDckIsUUFBcUIsRUFDckIsUUFBZ0I7UUFFaEIsUUFBUTtRQUNSLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDakYsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFFBQVEsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTdFLG9GQUFvRjtRQUNwRixNQUFNLFlBQVksR0FBRyxNQUFNLG9DQUFlLENBQUMsUUFBUSxDQUNqRCxJQUFJLENBQUMsaUJBQWlCLEVBQ3RCLFFBQVEsRUFDUixRQUFRLENBQUMsZ0JBQWdCLENBQzFCLENBQUM7UUFFRixrRUFBa0U7UUFDbEUsTUFBTSxPQUFPLEdBQUcseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQztRQUVsRixNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUMxQixJQUFJLDJCQUFNLENBQUMsRUFBRSxhQUFhLEVBQUUseUNBQW9CLENBQUMsU0FBUyxDQUFDLE9BQU8sRUFBRSxLQUFLLENBQUMsRUFBRSxRQUFRLEVBQUUsQ0FBQyxFQUN2RixFQUFFLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLFlBQVksRUFBRSxDQUN4QyxDQUFDO0lBQ0osQ0FBQztJQUVPLEtBQUssQ0FBQyxjQUFjLENBQzFCLE9BQWdCLEVBQ2hCLFFBQXdCLEVBQ3hCLFFBQXFCLEVBQ3JCLFFBQXFCLEVBQ3JCLFFBQWdCO1FBRWhCLGNBQWM7UUFDZCxNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDeEYsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFFBQVEsSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7UUFFcEYsbUZBQW1GO1FBQ25GLE1BQU0sV0FBVyxHQUFHLE1BQU0sb0NBQWUsQ0FBQyxRQUFRLENBQ2hELElBQUksQ0FBQyxVQUFVLEVBQ2YsUUFBUSxFQUNSLFFBQVEsQ0FBQyxlQUFlLENBQ3pCLENBQUM7UUFFRix1REFBdUQ7UUFDdkQsTUFBTSxVQUFVLEdBQUcsSUFBSSxzQ0FBaUIsQ0FBQyxRQUFRLENBQUMsU0FBUyxFQUFFLE9BQU8sRUFBRSxXQUFXLENBQUMsQ0FBQztRQUNuRixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLENBQ2pDLElBQUksMkJBQU0sQ0FBQyxFQUFFLGFBQWEsRUFBRSx5Q0FBb0IsQ0FBQyxTQUFTLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxFQUFFLFFBQVEsRUFBRSxDQUFDLEVBQzFGLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsSUFBSSxFQUFFLENBQy9CLENBQUM7UUFFRix3REFBd0Q7UUFDeEQsTUFBTSxVQUFVLEdBQUcseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDO1FBQzVGLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FDakMsSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLHlDQUFvQixDQUFDLFNBQVMsQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFDMUYsRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FDdEMsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQWxGRCxpQ0FrRkMifQ==

package/dist/agent/routes/modification/update.d.ts

@@ -0,0 +1,9 @@
+/// <reference types="koa__router" />
+import { Context } from 'koa';
+import Router from '@koa/router';
+import CollectionRoute from '../collection-route';
+export default class UpdateRoute extends CollectionRoute {
+    setupRoutes(router: Router): void;
+    handleUpdate(context: Context): Promise<void>;
+}
+//# sourceMappingURL=update.d.ts.map

package/dist/agent/routes/modification/update.js

@@ -0,0 +1,29 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
+const collection_route_1 = __importDefault(require("../collection-route"));
+const id_1 = __importDefault(require("../../utils/id"));
+class UpdateRoute extends collection_route_1.default {
+    setupRoutes(router) {
+        router.put(`/${this.collection.name}/:id`, this.handleUpdate.bind(this));
+    }
+    async handleUpdate(context) {
+        await this.services.permissions.can(context, `edit:${this.collection.name}`);
+        const id = id_1.default.unpackId(this.collection.schema, context.params.id);
+        const { body } = context.request;
+        if ('relationships' in body.data) {
+            delete body.data.relationships;
+        }
+        const record = this.services.serializer.deserialize(this.collection, body);
+        datasource_toolkit_1.RecordValidator.validate(this.collection, record);
+        const conditionTree = datasource_toolkit_1.ConditionTreeFactory.intersect(datasource_toolkit_1.ConditionTreeFactory.matchIds(this.collection.schema, [id]), await this.services.permissions.getScope(this.collection, context));
+        await this.collection.update(new datasource_toolkit_1.Filter({ conditionTree }), record);
+        const [updateResult] = await this.collection.list(new datasource_toolkit_1.Filter({ conditionTree }), datasource_toolkit_1.ProjectionFactory.all(this.collection));
+        context.response.body = this.services.serializer.serialize(this.collection, updateResult);
+    }
+}
+exports.default = UpdateRoute;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXBkYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FnZW50L3JvdXRlcy9tb2RpZmljYXRpb24vdXBkYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsd0VBS3lDO0FBSXpDLDJFQUFrRDtBQUNsRCx3REFBcUM7QUFFckMsTUFBcUIsV0FBWSxTQUFRLDBCQUFlO0lBQ3RELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksTUFBTSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDM0UsQ0FBQztJQUVNLEtBQUssQ0FBQyxZQUFZLENBQUMsT0FBZ0I7UUFDeEMsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLFFBQVEsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTdFLE1BQU0sRUFBRSxHQUFHLFlBQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUV2RSxNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUVqQyxJQUFJLGVBQWUsSUFBSSxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ2hDLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUM7U0FDaEM7UUFFRCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUMzRSxvQ0FBZSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRWxELE1BQU0sYUFBYSxHQUFHLHlDQUFvQixDQUFDLFNBQVMsQ0FDbEQseUNBQW9CLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsRUFDM0QsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FDbkUsQ0FBQztRQUVGLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLENBQUMsRUFBRSxNQUFNLENBQUMsQ0FBQztRQUNwRSxNQUFNLENBQUMsWUFBWSxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FDL0MsSUFBSSwyQkFBTSxDQUFDLEVBQUUsYUFBYSxFQUFFLENBQUMsRUFDN0Isc0NBQWlCLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FDdkMsQ0FBQztRQUVGLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLFlBQVksQ0FBQyxDQUFDO0lBQzVGLENBQUM7Q0FDRjtBQWhDRCw4QkFnQ0MifQ==

package/dist/agent/routes/relation-route.d.ts

@@ -0,0 +1,10 @@
+import { Collection, DataSource } from '@forestadmin/datasource-toolkit';
+import { AgentOptionsWithDefaults } from '../types';
+import { ForestAdminHttpDriverServices } from '../services';
+import CollectionRoute from './collection-route';
+export default abstract class RelationRoute extends CollectionRoute {
+    protected readonly relationName: string;
+    protected get foreignCollection(): Collection;
+    constructor(services: ForestAdminHttpDriverServices, options: AgentOptionsWithDefaults, dataSource: DataSource, collectionName: string, relationName: string);
+}
+//# sourceMappingURL=relation-route.d.ts.map

package/dist/agent/routes/relation-route.js

@@ -0,0 +1,18 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const collection_route_1 = __importDefault(require("./collection-route"));
+class RelationRoute extends collection_route_1.default {
+    constructor(services, options, dataSource, collectionName, relationName) {
+        super(services, options, dataSource, collectionName);
+        this.relationName = relationName;
+    }
+    get foreignCollection() {
+        const schema = this.collection.schema.fields[this.relationName];
+        return this.collection.dataSource.getCollection(schema.foreignCollection);
+    }
+}
+exports.default = RelationRoute;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVsYXRpb24tcm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYWdlbnQvcm91dGVzL3JlbGF0aW9uLXJvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBSUEsMEVBQWlEO0FBRWpELE1BQThCLGFBQWMsU0FBUSwwQkFBZTtJQVNqRSxZQUNFLFFBQXVDLEVBQ3ZDLE9BQWlDLEVBQ2pDLFVBQXNCLEVBQ3RCLGNBQXNCLEVBQ3RCLFlBQW9CO1FBRXBCLEtBQUssQ0FBQyxRQUFRLEVBQUUsT0FBTyxFQUFFLFVBQVUsRUFBRSxjQUFjLENBQUMsQ0FBQztRQUNyRCxJQUFJLENBQUMsWUFBWSxHQUFHLFlBQVksQ0FBQztJQUNuQyxDQUFDO0lBZkQsSUFBYyxpQkFBaUI7UUFDN0IsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQW1CLENBQUM7UUFFbEYsT0FBTyxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDNUUsQ0FBQztDQVlGO0FBbkJELGdDQW1CQyJ9

package/dist/agent/routes/security/authentication.d.ts

@@ -0,0 +1,17 @@
+/// <reference types="koa__router" />
+import Router from '@koa/router';
+import { Context } from 'koa';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class Authentication extends BaseRoute {
+    readonly type = RouteType.Authentication;
+    private client;
+    private get redirectUrl();
+    bootstrap(): Promise<void>;
+    setupRoutes(router: Router): void;
+    handleAuthentication(context: Context): Promise<void>;
+    handleAuthenticationCallback(context: Context): Promise<void>;
+    handleAuthenticationLogout(context: Context): Promise<void>;
+    private checkRenderingId;
+}
+//# sourceMappingURL=authentication.d.ts.map

package/dist/agent/routes/security/authentication.js

@@ -0,0 +1,86 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const openid_client_1 = require("openid-client");
+const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
+const path_1 = require("path");
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const koa_jwt_1 = __importDefault(require("koa-jwt"));
+const types_1 = require("../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+const forest_http_api_1 = __importDefault(require("../../utils/forest-http-api"));
+class Authentication extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.Authentication;
+    }
+    get redirectUrl() {
+        const base = this.options.agentUrl;
+        const path = (0, path_1.join)(this.options.prefix, '/authentication/callback');
+        return new URL(path, base).toString();
+    }
+    async bootstrap() {
+        // Retrieve OpenId Issuer from forestadmin-server
+        // We can't use 'Issuer.discover' because the oidc config is behind an auth-wall.
+        const issuer = new openid_client_1.Issuer(await forest_http_api_1.default.getOpenIdIssuerMetadata(this.options));
+        // Either instanciate or create a new oidc client.
+        const registration = {
+            client_id: this.options.clientId,
+            token_endpoint_auth_method: 'none',
+            redirect_uris: [this.redirectUrl],
+        };
+        this.client = registration.client_id
+            ? new issuer.Client(registration)
+            : await issuer.Client.register(registration, { initialAccessToken: this.options.envSecret });
+    }
+    setupRoutes(router) {
+        router.post('/authentication', this.handleAuthentication.bind(this));
+        router.get('/authentication/callback', this.handleAuthenticationCallback.bind(this));
+        router.use((0, koa_jwt_1.default)({ secret: this.options.authSecret, cookie: 'forest_session_token' }));
+        router.post('/authentication/logout', this.handleAuthenticationLogout.bind(this));
+    }
+    async handleAuthentication(context) {
+        const renderingId = Number(context.request.body?.renderingId);
+        this.checkRenderingId(renderingId);
+        const authorizationUrl = this.client.authorizationUrl({
+            scope: 'openid email profile',
+            state: JSON.stringify({ renderingId }),
+        });
+        context.response.body = { authorizationUrl };
+    }
+    async handleAuthenticationCallback(context) {
+        // Retrieve renderingId
+        const { query } = context.request;
+        const state = query.state.toString();
+        let renderingId;
+        try {
+            renderingId = JSON.parse(state).renderingId;
+            this.checkRenderingId(renderingId);
+        }
+        catch {
+            throw new datasource_toolkit_1.ValidationError('Failed to retrieve renderingId from query[state]');
+        }
+        // Retrieve user
+        const tokenSet = await this.client.callback(this.redirectUrl, query, { state });
+        const accessToken = tokenSet.access_token;
+        const user = await forest_http_api_1.default.getUserInformation(this.options, renderingId, accessToken);
+        // Generate final token.
+        const token = jsonwebtoken_1.default.sign(user, this.options.authSecret, { expiresIn: '1 hours' });
+        context.response.body = {
+            token,
+            tokenData: jsonwebtoken_1.default.decode(token),
+        };
+    }
+    async handleAuthenticationLogout(context) {
+        context.response.status = types_1.HttpCode.NoContent;
+    }
+    checkRenderingId(renderingId) {
+        if (Number.isNaN(renderingId)) {
+            throw new datasource_toolkit_1.ValidationError('Rendering id must be a number');
+        }
+    }
+}
+exports.default = Authentication;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aGVudGljYXRpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYWdlbnQvcm91dGVzL3NlY3VyaXR5L2F1dGhlbnRpY2F0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsaURBQWlFO0FBQ2pFLHdFQUFrRTtBQUNsRSwrQkFBNEI7QUFFNUIsZ0VBQXdDO0FBQ3hDLHNEQUEwQjtBQUcxQix1Q0FBa0Q7QUFDbEQsK0RBQXNDO0FBQ3RDLGtGQUF3RDtBQUV4RCxNQUFxQixjQUFlLFNBQVEsb0JBQVM7SUFBckQ7O1FBQ1csU0FBSSxHQUFHLGlCQUFTLENBQUMsY0FBYyxDQUFDO0lBcUYzQyxDQUFDO0lBakZDLElBQVksV0FBVztRQUNyQixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQztRQUNuQyxNQUFNLElBQUksR0FBRyxJQUFBLFdBQUksRUFBQyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSwwQkFBMEIsQ0FBQyxDQUFDO1FBRW5FLE9BQU8sSUFBSSxHQUFHLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO0lBQ3hDLENBQUM7SUFFUSxLQUFLLENBQUMsU0FBUztRQUN0QixpREFBaUQ7UUFDakQsaUZBQWlGO1FBQ2pGLE1BQU0sTUFBTSxHQUFHLElBQUksc0JBQU0sQ0FBQyxNQUFNLHlCQUFhLENBQUMsdUJBQXVCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7UUFFckYsa0RBQWtEO1FBQ2xELE1BQU0sWUFBWSxHQUFHO1lBQ25CLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVE7WUFDaEMsMEJBQTBCLEVBQUUsTUFBMEI7WUFDdEQsYUFBYSxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQztTQUNsQyxDQUFDO1FBRUYsSUFBSSxDQUFDLE1BQU0sR0FBRyxZQUFZLENBQUMsU0FBUztZQUNsQyxDQUFDLENBQUMsSUFBSSxNQUFNLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQztZQUNqQyxDQUFDLENBQUMsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxZQUFZLEVBQUUsRUFBRSxrQkFBa0IsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUM7SUFDakcsQ0FBQztJQUVELFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sQ0FBQyxHQUFHLENBQUMsMEJBQTBCLEVBQUUsSUFBSSxDQUFDLDRCQUE0QixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBRXJGLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBQSxpQkFBRyxFQUFDLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxFQUFFLE1BQU0sRUFBRSxzQkFBc0IsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUVyRixNQUFNLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLElBQUksQ0FBQywwQkFBMEIsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUNwRixDQUFDO0lBRU0sS0FBSyxDQUFDLG9CQUFvQixDQUFDLE9BQWdCO1FBQ2hELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxXQUFXLENBQUMsQ0FBQztRQUM5RCxJQUFJLENBQUMsZ0JBQWdCLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFbkMsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDO1lBQ3BELEtBQUssRUFBRSxzQkFBc0I7WUFDN0IsS0FBSyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FBQztTQUN2QyxDQUFDLENBQUM7UUFFSCxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksR0FBRyxFQUFFLGdCQUFnQixFQUFFLENBQUM7SUFDL0MsQ0FBQztJQUVNLEtBQUssQ0FBQyw0QkFBNEIsQ0FBQyxPQUFnQjtRQUN4RCx1QkFBdUI7UUFDdkIsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUM7UUFDbEMsTUFBTSxLQUFLLEdBQUcsS0FBSyxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUNyQyxJQUFJLFdBQW1CLENBQUM7UUFFeEIsSUFBSTtZQUNGLFdBQVcsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLFdBQVcsQ0FBQztZQUM1QyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsV0FBVyxDQUFDLENBQUM7U0FDcEM7UUFBQyxNQUFNO1lBQ04sTUFBTSxJQUFJLG9DQUFlLENBQUMsa0RBQWtELENBQUMsQ0FBQztTQUMvRTtRQUVELGdCQUFnQjtRQUNoQixNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsS0FBSyxFQUFFLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUNoRixNQUFNLFdBQVcsR0FBRyxRQUFRLENBQUMsWUFBWSxDQUFDO1FBQzFDLE1BQU0sSUFBSSxHQUFHLE1BQU0seUJBQWEsQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLFdBQVcsRUFBRSxXQUFXLENBQUMsQ0FBQztRQUU1Rix3QkFBd0I7UUFDeEIsTUFBTSxLQUFLLEdBQUcsc0JBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxFQUFFLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxDQUFDLENBQUM7UUFFekYsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUc7WUFDdEIsS0FBSztZQUNMLFNBQVMsRUFBRSxzQkFBWSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUM7U0FDdEMsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsMEJBQTBCLENBQUMsT0FBZ0I7UUFDdEQsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxTQUFTLENBQUM7SUFDL0MsQ0FBQztJQUVPLGdCQUFnQixDQUFDLFdBQW1CO1FBQzFDLElBQUksTUFBTSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsRUFBRTtZQUM3QixNQUFNLElBQUksb0NBQWUsQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO1NBQzVEO0lBQ0gsQ0FBQztDQUNGO0FBdEZELGlDQXNGQyJ9

package/dist/agent/routes/security/ip-whitelist.d.ts

@@ -0,0 +1,14 @@
+/// <reference types="koa__router" />
+import { Context, Next } from 'koa';
+import Router from '@koa/router';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class IpWhitelist extends BaseRoute {
+    type: RouteType;
+    private configuration;
+    setupRoutes(router: Router): void;
+    /** Load whitelist */
+    bootstrap(): Promise<void>;
+    checkIp(context: Context, next: Next): Promise<boolean>;
+}
+//# sourceMappingURL=ip-whitelist.d.ts.map

package/dist/agent/routes/security/ip-whitelist.js

@@ -0,0 +1,35 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const forest_ip_utils_1 = __importDefault(require("forest-ip-utils"));
+const types_1 = require("../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+const forest_http_api_1 = __importDefault(require("../../utils/forest-http-api"));
+class IpWhitelist extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.Authentication;
+    }
+    setupRoutes(router) {
+        router.use(this.checkIp.bind(this));
+    }
+    /** Load whitelist */
+    async bootstrap() {
+        this.configuration = await forest_http_api_1.default.getIpWhitelistConfiguration(this.options);
+    }
+    async checkIp(context, next) {
+        if (this.configuration.isFeatureEnabled) {
+            const { ipRules } = this.configuration;
+            const currentIp = context.request.headers['x-forwarded-for'] ?? context.request.ip;
+            const allowed = ipRules.some(ipRule => forest_ip_utils_1.default.isIpMatchesRule(currentIp, ipRule));
+            if (!allowed) {
+                return context.throw(types_1.HttpCode.Forbidden, `IP address rejected (${currentIp})`);
+            }
+        }
+        return next();
+    }
+}
+exports.default = IpWhitelist;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaXAtd2hpdGVsaXN0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FnZW50L3JvdXRlcy9zZWN1cml0eS9pcC13aGl0ZWxpc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFDQSxzRUFBcUM7QUFHckMsdUNBQWtEO0FBQ2xELCtEQUFzQztBQUN0QyxrRkFBc0Y7QUFFdEYsTUFBcUIsV0FBWSxTQUFRLG9CQUFTO0lBQWxEOztRQUNFLFNBQUksR0FBRyxpQkFBUyxDQUFDLGNBQWMsQ0FBQztJQTBCbEMsQ0FBQztJQXRCQyxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVELHFCQUFxQjtJQUNaLEtBQUssQ0FBQyxTQUFTO1FBQ3RCLElBQUksQ0FBQyxhQUFhLEdBQUcsTUFBTSx5QkFBYSxDQUFDLDJCQUEyQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNyRixDQUFDO0lBRUQsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFnQixFQUFFLElBQVU7UUFDeEMsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLGdCQUFnQixFQUFFO1lBQ3ZDLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDO1lBQ3ZDLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLGlCQUFpQixDQUFDLElBQUksT0FBTyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDbkYsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLHlCQUFNLENBQUMsZUFBZSxDQUFDLFNBQVMsRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDO1lBRWxGLElBQUksQ0FBQyxPQUFPLEVBQUU7Z0JBQ1osT0FBTyxPQUFPLENBQUMsS0FBSyxDQUFDLGdCQUFRLENBQUMsU0FBUyxFQUFFLHdCQUF3QixTQUFTLEdBQUcsQ0FBQyxDQUFDO2FBQ2hGO1NBQ0Y7UUFFRCxPQUFPLElBQUksRUFBRSxDQUFDO0lBQ2hCLENBQUM7Q0FDRjtBQTNCRCw4QkEyQkMifQ==

package/dist/agent/routes/security/scope-invalidation.d.ts

@@ -0,0 +1,11 @@
+/// <reference types="koa__router" />
+import Router from '@koa/router';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class ScopeInvalidation extends BaseRoute {
+    readonly type = RouteType.PrivateRoute;
+    setupRoutes(router: Router): void;
+    /** Route called when scopes are modified so that we don't have to wait for expiration. */
+    private invalidateCache;
+}
+//# sourceMappingURL=scope-invalidation.d.ts.map

package/dist/agent/routes/security/scope-invalidation.js

@@ -0,0 +1,28 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
+const types_1 = require("../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+class ScopeInvalidation extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.PrivateRoute;
+    }
+    setupRoutes(router) {
+        router.post(`/scope-cache-invalidation`, this.invalidateCache.bind(this));
+    }
+    /** Route called when scopes are modified so that we don't have to wait for expiration. */
+    async invalidateCache(context) {
+        const renderingId = Number(context.request.body?.renderingId);
+        if (Number.isNaN(renderingId)) {
+            throw new datasource_toolkit_1.ValidationError('Malformed body');
+        }
+        this.services.permissions.invalidateCache(renderingId);
+        context.response.status = types_1.HttpCode.NoContent;
+    }
+}
+exports.default = ScopeInvalidation;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NvcGUtaW52YWxpZGF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FnZW50L3JvdXRlcy9zZWN1cml0eS9zY29wZS1pbnZhbGlkYXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFDQSx3RUFBa0U7QUFHbEUsdUNBQWtEO0FBQ2xELCtEQUFzQztBQUV0QyxNQUFxQixpQkFBa0IsU0FBUSxvQkFBUztJQUF4RDs7UUFDVyxTQUFJLEdBQUcsaUJBQVMsQ0FBQyxZQUFZLENBQUM7SUFrQnpDLENBQUM7SUFoQkMsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLElBQUksQ0FBQywyQkFBMkIsRUFBRSxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBQzVFLENBQUM7SUFFRCwwRkFBMEY7SUFDbEYsS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUFnQjtRQUM1QyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsV0FBVyxDQUFDLENBQUM7UUFFOUQsSUFBSSxNQUFNLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxFQUFFO1lBQzdCLE1BQU0sSUFBSSxvQ0FBZSxDQUFDLGdCQUFnQixDQUFDLENBQUM7U0FDN0M7UUFFRCxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxlQUFlLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFdkQsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxTQUFTLENBQUM7SUFDL0MsQ0FBQztDQUNGO0FBbkJELG9DQW1CQyJ9

package/dist/agent/routes/system/error-handling.d.ts

@@ -0,0 +1,11 @@
+/// <reference types="koa__router" />
+import Router from '@koa/router';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class ErrorHandling extends BaseRoute {
+    type: RouteType;
+    setupRoutes(router: Router): void;
+    private errorHandler;
+    private debugLogError;
+}
+//# sourceMappingURL=error-handling.d.ts.map

package/dist/agent/routes/system/error-handling.js

@@ -0,0 +1,56 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const koa_1 = require("koa");
+const datasource_toolkit_1 = require("@forestadmin/datasource-toolkit");
+const types_1 = require("../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+class ErrorHandling extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.ErrorHandler;
+    }
+    setupRoutes(router) {
+        router.use(this.errorHandler.bind(this));
+    }
+    async errorHandler(context, next) {
+        try {
+            await next();
+        }
+        catch (e) {
+            let status = types_1.HttpCode.InternalServerError;
+            let message = 'Unexpected error';
+            if (e instanceof koa_1.HttpError || e instanceof datasource_toolkit_1.ValidationError) {
+                status = e instanceof koa_1.HttpError ? e.status : types_1.HttpCode.BadRequest;
+                message = e.message;
+            }
+            context.response.status = status;
+            context.response.body = { errors: [{ detail: message }] };
+            if (!this.options.isProduction) {
+                process.nextTick(() => this.debugLogError(context, e));
+            }
+        }
+    }
+    debugLogError(context, error) {
+        const { request } = context;
+        const query = JSON.stringify(request.query, null, ' ')?.replace(/"/g, '');
+        console.error('');
+        console.error(`\x1b[33m===== An exception was raised =====\x1b[0m`);
+        console.error(`${request.method} \x1b[34m${request.path}\x1b[36m?${query}\x1b[0m`);
+        if (request.method === 'POST' || request.method === 'PUT' || request.method === 'PATCH') {
+            const body = JSON.stringify(request.body, null, ' ')?.replace(/"/g, '');
+            console.error('');
+            console.error(`Body \x1b[36m${body}\x1b[0m`);
+        }
+        console.error('');
+        console.error('\x1b[31m', error.message, '\x1b[0m');
+        console.error('');
+        console.error(error.stack);
+        console.error(`\x1b[33m===================================\x1b[0m`);
+        console.error('');
+    }
+}
+exports.default = ErrorHandling;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXJyb3ItaGFuZGxpbmcuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYWdlbnQvcm91dGVzL3N5c3RlbS9lcnJvci1oYW5kbGluZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLDZCQUErQztBQUMvQyx3RUFBa0U7QUFHbEUsdUNBQWtEO0FBQ2xELCtEQUFzQztBQUV0QyxNQUFxQixhQUFjLFNBQVEsb0JBQVM7SUFBcEQ7O1FBQ0UsU0FBSSxHQUFHLGlCQUFTLENBQUMsWUFBWSxDQUFDO0lBZ0RoQyxDQUFDO0lBOUNDLFdBQVcsQ0FBQyxNQUFjO1FBQ3hCLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRU8sS0FBSyxDQUFDLFlBQVksQ0FBQyxPQUFnQixFQUFFLElBQVU7UUFDckQsSUFBSTtZQUNGLE1BQU0sSUFBSSxFQUFFLENBQUM7U0FDZDtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxNQUFNLEdBQUcsZ0JBQVEsQ0FBQyxtQkFBbUIsQ0FBQztZQUMxQyxJQUFJLE9BQU8sR0FBRyxrQkFBa0IsQ0FBQztZQUVqQyxJQUFJLENBQUMsWUFBWSxlQUFTLElBQUksQ0FBQyxZQUFZLG9DQUFlLEVBQUU7Z0JBQzFELE1BQU0sR0FBRyxDQUFDLFlBQVksZUFBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxnQkFBUSxDQUFDLFVBQVUsQ0FBQztnQkFDakUsT0FBTyxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUM7YUFDckI7WUFFRCxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7WUFDakMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEdBQUcsRUFBRSxNQUFNLEVBQUUsQ0FBQyxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFFMUQsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxFQUFFO2dCQUM5QixPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsRUFBRSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7YUFDeEQ7U0FDRjtJQUNILENBQUM7SUFFTyxhQUFhLENBQUMsT0FBZ0IsRUFBRSxLQUFZO1FBQ2xELE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxPQUFPLENBQUM7UUFFNUIsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLElBQUksRUFBRSxHQUFHLENBQUMsRUFBRSxPQUFPLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQzFFLE9BQU8sQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDbEIsT0FBTyxDQUFDLEtBQUssQ0FBQyxvREFBb0QsQ0FBQyxDQUFDO1FBQ3BFLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxPQUFPLENBQUMsTUFBTSxZQUFZLE9BQU8sQ0FBQyxJQUFJLFlBQVksS0FBSyxTQUFTLENBQUMsQ0FBQztRQUVuRixJQUFJLE9BQU8sQ0FBQyxNQUFNLEtBQUssTUFBTSxJQUFJLE9BQU8sQ0FBQyxNQUFNLEtBQUssS0FBSyxJQUFJLE9BQU8sQ0FBQyxNQUFNLEtBQUssT0FBTyxFQUFFO1lBQ3ZGLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsR0FBRyxDQUFDLEVBQUUsT0FBTyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztZQUN4RSxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2xCLE9BQU8sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLElBQUksU0FBUyxDQUFDLENBQUM7U0FDOUM7UUFFRCxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2xCLE9BQU8sQ0FBQyxLQUFLLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxPQUFPLEVBQUUsU0FBUyxDQUFDLENBQUM7UUFDcEQsT0FBTyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNsQixPQUFPLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMzQixPQUFPLENBQUMsS0FBSyxDQUFDLG9EQUFvRCxDQUFDLENBQUM7UUFDcEUsT0FBTyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNwQixDQUFDO0NBQ0Y7QUFqREQsZ0NBaURDIn0=

package/dist/agent/routes/system/healthcheck.d.ts

@@ -0,0 +1,11 @@
+/// <reference types="koa__router" />
+import { Context } from 'koa';
+import Router from '@koa/router';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class HealthCheck extends BaseRoute {
+    type: RouteType;
+    setupRoutes(router: Router): void;
+    handleRequest(ctx: Context): Promise<void>;
+}
+//# sourceMappingURL=healthcheck.d.ts.map

package/dist/agent/routes/system/healthcheck.js

@@ -0,0 +1,22 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const types_1 = require("../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+class HealthCheck extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.PublicRoute;
+    }
+    setupRoutes(router) {
+        router.get('/', this.handleRequest.bind(this));
+    }
+    async handleRequest(ctx) {
+        ctx.response.body = { error: null, message: 'Agent is running' };
+        ctx.response.status = types_1.HttpCode.Ok;
+    }
+}
+exports.default = HealthCheck;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVhbHRoY2hlY2suanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYWdlbnQvcm91dGVzL3N5c3RlbS9oZWFsdGhjaGVjay50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUdBLHVDQUFrRDtBQUNsRCwrREFBc0M7QUFFdEMsTUFBcUIsV0FBWSxTQUFRLG9CQUFTO0lBQWxEOztRQUNFLFNBQUksR0FBRyxpQkFBUyxDQUFDLFdBQVcsQ0FBQztJQVUvQixDQUFDO0lBUkMsV0FBVyxDQUFDLE1BQWM7UUFDeEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRU0sS0FBSyxDQUFDLGFBQWEsQ0FBQyxHQUFZO1FBQ3JDLEdBQUcsQ0FBQyxRQUFRLENBQUMsSUFBSSxHQUFHLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsQ0FBQztRQUNqRSxHQUFHLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxnQkFBUSxDQUFDLEVBQUUsQ0FBQztJQUNwQyxDQUFDO0NBQ0Y7QUFYRCw4QkFXQyJ9

package/dist/agent/routes/system/logger.d.ts

@@ -0,0 +1,10 @@
+/// <reference types="koa__router" />
+import Router from '@koa/router';
+import { RouteType } from '../../types';
+import BaseRoute from '../base-route';
+export default class Logger extends BaseRoute {
+    type: RouteType;
+    setupRoutes(router: Router): void;
+    private logger;
+}
+//# sourceMappingURL=logger.d.ts.map

package/dist/agent/routes/system/logger.js

@@ -0,0 +1,36 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const types_1 = require("../../types");
+const types_2 = require("../../../types");
+const base_route_1 = __importDefault(require("../base-route"));
+class Logger extends base_route_1.default {
+    constructor() {
+        super(...arguments);
+        this.type = types_1.RouteType.Logger;
+    }
+    setupRoutes(router) {
+        router.use(this.logger.bind(this));
+    }
+    async logger(context, next) {
+        const timer = Date.now();
+        try {
+            await next();
+        }
+        finally {
+            let logLevel = types_2.LoggerLevel.Info;
+            if (context.response.status >= types_1.HttpCode.BadRequest)
+                logLevel = types_2.LoggerLevel.Warn;
+            if (context.response.status >= types_1.HttpCode.InternalServerError)
+                logLevel = types_2.LoggerLevel.Error;
+            let message = `[${context.response.status}]`;
+            message += ` ${context.request.method} ${context.request.path}`;
+            message += ` - ${Date.now() - timer}ms`;
+            this.options?.logger(logLevel, message);
+        }
+    }
+}
+exports.default = Logger;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9nZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FnZW50L3JvdXRlcy9zeXN0ZW0vbG9nZ2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBR0EsdUNBQWtEO0FBQ2xELDBDQUE2QztBQUM3QywrREFBc0M7QUFFdEMsTUFBcUIsTUFBTyxTQUFRLG9CQUFTO0lBQTdDOztRQUNFLFNBQUksR0FBRyxpQkFBUyxDQUFDLE1BQU0sQ0FBQztJQXVCMUIsQ0FBQztJQXJCQyxXQUFXLENBQUMsTUFBYztRQUN4QixNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVPLEtBQUssQ0FBQyxNQUFNLENBQUMsT0FBZ0IsRUFBRSxJQUFVO1FBQy9DLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUV6QixJQUFJO1lBQ0YsTUFBTSxJQUFJLEVBQUUsQ0FBQztTQUNkO2dCQUFTO1lBQ1IsSUFBSSxRQUFRLEdBQUcsbUJBQVcsQ0FBQyxJQUFJLENBQUM7WUFDaEMsSUFBSSxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sSUFBSSxnQkFBUSxDQUFDLFVBQVU7Z0JBQUUsUUFBUSxHQUFHLG1CQUFXLENBQUMsSUFBSSxDQUFDO1lBQ2hGLElBQUksT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLElBQUksZ0JBQVEsQ0FBQyxtQkFBbUI7Z0JBQUUsUUFBUSxHQUFHLG1CQUFXLENBQUMsS0FBSyxDQUFDO1lBRTFGLElBQUksT0FBTyxHQUFHLElBQUksT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsQ0FBQztZQUM3QyxPQUFPLElBQUksSUFBSSxPQUFPLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ2hFLE9BQU8sSUFBSSxNQUFNLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxLQUFLLElBQUksQ0FBQztZQUV4QyxJQUFJLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxRQUFRLEVBQUUsT0FBTyxDQUFDLENBQUM7U0FDekM7SUFDSCxDQUFDO0NBQ0Y7QUF4QkQseUJBd0JDIn0=

package/dist/agent/services/index.d.ts

@@ -0,0 +1,10 @@
+import { AgentOptionsWithDefaults } from '../types';
+import PermissionService from './permissions';
+import Serializer from './serializer';
+export declare type ForestAdminHttpDriverServices = {
+    permissions: PermissionService;
+    serializer: Serializer;
+};
+declare const _default: (options: AgentOptionsWithDefaults) => ForestAdminHttpDriverServices;
+export default _default;
+//# sourceMappingURL=index.d.ts.map

package/dist/agent/services/index.js

@@ -0,0 +1,12 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const permissions_1 = __importDefault(require("./permissions"));
+const serializer_1 = __importDefault(require("./serializer"));
+exports.default = (options) => ({
+    permissions: new permissions_1.default(options),
+    serializer: new serializer_1.default(options),
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYWdlbnQvc2VydmljZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFDQSxnRUFBOEM7QUFDOUMsOERBQXNDO0FBT3RDLGtCQUFlLENBQUMsT0FBaUMsRUFBaUMsRUFBRSxDQUFDLENBQUM7SUFDcEYsV0FBVyxFQUFFLElBQUkscUJBQWlCLENBQUMsT0FBTyxDQUFDO0lBQzNDLFVBQVUsRUFBRSxJQUFJLG9CQUFVLENBQUMsT0FBTyxDQUFDO0NBQ3BDLENBQUMsQ0FBQyJ9

package/dist/agent/services/permissions.d.ts

@@ -0,0 +1,19 @@
+import { Collection, ConditionTree } from '@forestadmin/datasource-toolkit';
+import { Context } from 'koa';
+import { AgentOptionsWithDefaults } from '../types';
+declare type RolesOptions = Pick<AgentOptionsWithDefaults, 'forestServerUrl' | 'envSecret' | 'isProduction' | 'permissionsCacheDurationInSeconds'>;
+export default class PermissionService {
+    private options;
+    private cache;
+    constructor(options: RolesOptions);
+    invalidateCache(renderingId: number): void;
+    /** Checks that a charting query is in the list of allowed queries */
+    canChart(context: Context): Promise<void>;
+    /** Check if a user is allowed to perform a specific action */
+    can(context: Context, action: string, allowRefetch?: boolean): Promise<void>;
+    getScope(collection: Collection, context: Context): Promise<ConditionTree>;
+    /** Get cached version of "rendering permissions" */
+    private getRenderingPermissions;
+}
+export {};
+//# sourceMappingURL=permissions.d.ts.map