@halix/action-sdk 1.0.44 → 1.0.46

package/lib/cjs/access.js

@@ -0,0 +1,416 @@
+"use strict";
+// Halix SDK License v1.0
+// Copyright (c) 2025 halix.io LLC.
+//
+// This source code is licensed for use **only** within applications
+// running on the Halix platform, in accordance with Halix SDK guidelines.
+//
+// Unauthorized use outside the Halix platform is prohibited.
+// Full license terms available in the LICENSE file.
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.listRoles = listRoles;
+exports.listRolesAsObservable = listRolesAsObservable;
+exports.listBusinessPrivileges = listBusinessPrivileges;
+exports.listBusinessPrivilegesAsObservable = listBusinessPrivilegesAsObservable;
+exports.listSandboxUsers = listSandboxUsers;
+exports.listSandboxUsersAsObservable = listSandboxUsersAsObservable;
+exports.getUserAccess = getUserAccess;
+exports.getUserAccessAsObservable = getUserAccessAsObservable;
+exports.inviteUser = inviteUser;
+exports.inviteUserAsObservable = inviteUserAsObservable;
+exports.updateUserAccess = updateUserAccess;
+exports.updateUserAccessAsObservable = updateUserAccessAsObservable;
+exports.removeUserAccess = removeUserAccess;
+exports.removeUserAccessAsObservable = removeUserAccessAsObservable;
+exports.hasBusinessPrivilege = hasBusinessPrivilege;
+exports.hasBusinessPrivilegeAsObservable = hasBusinessPrivilegeAsObservable;
+exports.userPrivileges = userPrivileges;
+exports.userPrivilegesAsObservable = userPrivilegesAsObservable;
+exports.dataElementAccess = dataElementAccess;
+exports.dataElementAccessAsObservable = dataElementAccessAsObservable;
+exports.hasDataElementAccess = hasDataElementAccess;
+exports.hasDataElementAccessAsObservable = hasDataElementAccessAsObservable;
+exports.canReadDataElement = canReadDataElement;
+exports.canReadDataElementAsObservable = canReadDataElementAsObservable;
+exports.canWriteDataElement = canWriteDataElement;
+exports.canWriteDataElementAsObservable = canWriteDataElementAsObservable;
+exports.canDeleteDataElement = canDeleteDataElement;
+exports.canDeleteDataElementAsObservable = canDeleteDataElementAsObservable;
+/**
+ * @module @halix/action-sdk/access
+ * @description Access, roles, business privileges, invitations, and user scope assignment for the Halix Platform action SDK.
+ * This module lets custom code inspect role and privilege metadata, invite users, and update a user's access inside the
+ * current sandbox.
+ *
+ * Key concepts:
+ * - `Role.id` is the stable semantic role identifier used by configuration and generated code.
+ * - `Role.objKey` is the persisted role object key. APIs that accept `roleKeys` require `Role.objKey`, not `Role.id`.
+ * - `BusinessPrivilege.id` is the stable privilege identifier used by server-validated checks such as `hasBusinessPrivilege`.
+ * - Data element access checks use stable data element IDs and resolve to persisted keys on the server.
+ * - `ScopeKeyItem` entries define the data scope a user receives for an organization, user proxy, or custom data scope.
+ *
+ * @usage
+ * ## When to Use
+ * - **Build role assignment UI** -> `listRoles`, then submit matching `role.objKey` values as `roleKeys`
+ * - **Show or check business privileges** -> `listBusinessPrivileges`, `hasBusinessPrivilege`, `userPrivileges`
+ * - **List users in the current sandbox** -> `listSandboxUsers`
+ * - **Inspect one user's access** -> `getUserAccess`
+ * - **Invite a user by email** -> `inviteUser`
+ * - **Add or update a user's scope entry** -> `updateUserAccess`
+ * - **Remove one user scope entry** -> `removeUserAccess`
+ *
+ * ## Role Key Rule
+ * Never submit semantic role IDs as `roleKeys`. Resolve them first:
+ * 1. call `listRoles()`
+ * 2. find the role where `role.id` matches the semantic ID
+ * 3. submit `role.objKey` in `InviteUserRequest.roleKeys` or `UpdateAccessRequest.roleKeys`
+ *
+ * ## Key Functions
+ * | Function | Use For |
+ * |----------|---------|
+ * | `listRoles` | Read assignable roles for the current sandbox |
+ * | `listBusinessPrivileges` | Read business privilege metadata |
+ * | `listSandboxUsers` | Read users with access to the current sandbox |
+ * | `getUserAccess` | Read one user's current scope entries and roles |
+ * | `inviteUser` | Invite a new user and assign initial role keys/scopes |
+ * | `updateUserAccess` | Add or update one user scope entry |
+ * | `removeUserAccess` | Remove one user scope entry |
+ * | `hasBusinessPrivilege` | Server-check whether the current user has a privilege ID |
+ * | `userPrivileges` | Server-read the current user's privilege IDs |
+ * | `dataElementAccess` | Server-check current user's read/write/delete access to a data element ID |
+ * | `hasDataElementAccess` | Server-check one read/write/delete access mode |
+ * | `canReadDataElement` | Server-check read access to a data element ID |
+ * | `canWriteDataElement` | Server-check write access to a data element ID |
+ * | `canDeleteDataElement` | Server-check delete access to a data element ID |
+ *
+ * @example
+ * // Resolve a semantic role ID to the persisted object key before assignment
+ * const roles = await hx.listRoles();
+ * const memberRole = roles.find((role) => role.id === 'householdMember');
+ * if (!memberRole?.objKey) {
+ *   throw new Error('Required role not found.');
+ * }
+ * await hx.updateUserAccess(userKey, {
+ *   roleKeys: [memberRole.objKey],
+ *   scopeKeyItems: [{ scopeKey: orgKey, dataElementId: 'family' }],
+ * });
+ *
+ * @example
+ * // Check the current user's business privilege
+ * if (await hx.hasBusinessPrivilege('manageSharedLists')) {
+ *   // Show controls for sharing list access
+ * }
+ *
+ * @example
+ * // Check current user's data access before showing a CRUD control
+ * if (await hx.canWriteDataElement('shoppingList')) {
+ *   // Show controls that create or update shopping list records
+ * }
+ */
+const axios_1 = __importDefault(require("axios"));
+const rxjs_1 = require("rxjs");
+const sdk_general_1 = require("./sdk-general");
+function authHeaders() {
+    return __awaiter(this, void 0, void 0, function* () {
+        if (!sdk_general_1.getAuthToken) {
+            throw new Error('SDK not initialized.');
+        }
+        const authToken = yield (0, rxjs_1.lastValueFrom)((0, sdk_general_1.getAuthToken)());
+        return { Authorization: `Bearer ${authToken}` };
+    });
+}
+/**
+ * Lists roles available in the current sandbox.
+ *
+ * Use this before assigning roles so semantic role IDs can be resolved to persisted `objKey` values. Assignment
+ * requests must send `Role.objKey` values in `roleKeys`.
+ *
+ * @returns Promise resolving to role metadata for the current sandbox
+ */
+function listRoles() {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/allRoles`, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `listRoles`. See `listRoles` for details.
+ */
+function listRolesAsObservable() {
+    return (0, rxjs_1.from)(listRoles());
+}
+/**
+ * Lists business privileges available in the current sandbox.
+ *
+ * Business privilege IDs are used by `hasBusinessPrivilege`, current-user privilege checks, and role
+ * `businessPrivilegeIds`.
+ *
+ * @returns Promise resolving to business privilege metadata
+ */
+function listBusinessPrivileges() {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/businessPrivileges`, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `listBusinessPrivileges`. See `listBusinessPrivileges` for details.
+ */
+function listBusinessPrivilegesAsObservable() {
+    return (0, rxjs_1.from)(listBusinessPrivileges());
+}
+/**
+ * Lists users with access to the current sandbox.
+ *
+ * Use `getUserAccess` when full scope-entry details are needed for a specific user.
+ *
+ * @returns Promise resolving to sandbox user summaries
+ */
+function listSandboxUsers() {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/users`, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `listSandboxUsers`. See `listSandboxUsers` for details.
+ */
+function listSandboxUsersAsObservable() {
+    return (0, rxjs_1.from)(listSandboxUsers());
+}
+/**
+ * Gets one user's current sandbox access, including scope entries and any role metadata returned by the access service.
+ *
+ * @param userKey - Persisted user object key
+ * @returns Promise resolving to the user's access wrapper
+ */
+function getUserAccess(userKey) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/user/${userKey}/access`, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `getUserAccess`. See `getUserAccess` for details.
+ */
+function getUserAccessAsObservable(userKey) {
+    return (0, rxjs_1.from)(getUserAccess(userKey));
+}
+/**
+ * Invites a user by email and assigns initial sandbox access.
+ *
+ * `req.roleKeys` must contain persisted role object keys from `Role.objKey`, not semantic role IDs. Resolve desired
+ * semantic IDs with `listRoles` before calling this function.
+ *
+ * @param req - Invitation and initial access request
+ * @returns Promise resolving to invitation result metadata
+ */
+function inviteUser(req) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.post(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/inviteByEmail`, req, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `inviteUser`. See `inviteUser` for details.
+ */
+function inviteUserAsObservable(req) {
+    return (0, rxjs_1.from)(inviteUser(req));
+}
+/**
+ * Adds or updates one user's sandbox scope entry.
+ *
+ * If `req.scopeElementId` is present, the existing scope entry is updated. If it is omitted, a new scope entry is
+ * added. `req.roleKeys` must contain persisted role object keys from `Role.objKey`, not semantic role IDs.
+ *
+ * @param userKey - Persisted user object key
+ * @param req - Scope-entry access update request
+ */
+function updateUserAccess(userKey, req) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const path = req.scopeElementId ? 'updateScopeElement' : 'addScopeElement';
+        yield axios_1.default.post(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/user/${userKey}/${path}`, req, {
+            headers: yield authHeaders(),
+        });
+    });
+}
+/**
+ * Observable version of `updateUserAccess`. See `updateUserAccess` for details.
+ */
+function updateUserAccessAsObservable(userKey, req) {
+    return (0, rxjs_1.from)(updateUserAccess(userKey, req));
+}
+/**
+ * Removes one sandbox scope entry from a user.
+ *
+ * @param userKey - Persisted user object key
+ * @param scopeElementId - Scope element ID to remove from the user
+ */
+function removeUserAccess(userKey, scopeElementId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield axios_1.default.delete(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/user/${userKey}/removeScopeElements`, {
+            headers: yield authHeaders(),
+            data: { scopeElementIds: [scopeElementId] },
+        });
+    });
+}
+/**
+ * Observable version of `removeUserAccess`. See `removeUserAccess` for details.
+ */
+function removeUserAccessAsObservable(userKey, scopeElementId) {
+    return (0, rxjs_1.from)(removeUserAccess(userKey, scopeElementId));
+}
+/**
+ * Checks whether the authenticated user has a business privilege ID by calling the access service.
+ *
+ * This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
+ * Treat this as an authorization check and await the server response.
+ *
+ * @param privilegeId - Stable business privilege ID
+ * @returns Promise resolving to true when the current user has the privilege
+ */
+function hasBusinessPrivilege(privilegeId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/businessPrivileges/${encodeURIComponent(privilegeId)}/currentUserHasPrivilege`, {
+            headers: yield authHeaders(),
+        });
+        return response.data.hasPrivilege;
+    });
+}
+/**
+ * Observable version of `hasBusinessPrivilege`. See `hasBusinessPrivilege` for details.
+ */
+function hasBusinessPrivilegeAsObservable(privilegeId) {
+    return (0, rxjs_1.from)(hasBusinessPrivilege(privilegeId));
+}
+/**
+ * Returns the authenticated user's business privilege IDs by calling the access service.
+ *
+ * This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
+ *
+ * @returns Promise resolving to business privilege IDs for the current user
+ */
+function userPrivileges() {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a;
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/currentBusinessPrivileges`, {
+            headers: yield authHeaders(),
+        });
+        return (_a = response.data.businessPrivileges) !== null && _a !== void 0 ? _a : [];
+    });
+}
+/**
+ * Observable version of `userPrivileges`. See `userPrivileges` for details.
+ */
+function userPrivilegesAsObservable() {
+    return (0, rxjs_1.from)(userPrivileges());
+}
+/**
+ * Checks the authenticated user's data element read/write/delete access through the access service.
+ *
+ * The caller passes the stable data element ID. The server resolves that ID to the persisted data element key before
+ * checking the user's token, so generated code does not need to manage ID-to-key mappings.
+ *
+ * @param dataElementId - Stable data element ID
+ * @returns Promise resolving to the current user's data element access flags
+ */
+function dataElementAccess(dataElementId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/dataElements/${encodeURIComponent(dataElementId)}/currentUserAccess`, {
+            headers: yield authHeaders(),
+        });
+        return response.data;
+    });
+}
+/**
+ * Observable version of `dataElementAccess`. See `dataElementAccess` for details.
+ */
+function dataElementAccessAsObservable(dataElementId) {
+    return (0, rxjs_1.from)(dataElementAccess(dataElementId));
+}
+/**
+ * Checks one data element access mode for the authenticated user through the access service.
+ *
+ * @param dataElementId - Stable data element ID
+ * @param access - Access mode to check: `read`, `write`, or `delete`
+ * @returns Promise resolving to true when the current user has the requested data access
+ */
+function hasDataElementAccess(dataElementId, access) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const result = yield dataElementAccess(dataElementId);
+        switch (access) {
+            case 'read':
+                return result.canRead;
+            case 'write':
+                return result.canWrite;
+            case 'delete':
+                return result.canDelete;
+            default:
+                return false;
+        }
+    });
+}
+/**
+ * Observable version of `hasDataElementAccess`. See `hasDataElementAccess` for details.
+ */
+function hasDataElementAccessAsObservable(dataElementId, access) {
+    return (0, rxjs_1.from)(hasDataElementAccess(dataElementId, access));
+}
+/**
+ * Checks whether the authenticated user can read records for a data element ID.
+ */
+function canReadDataElement(dataElementId) {
+    return hasDataElementAccess(dataElementId, 'read');
+}
+/**
+ * Observable version of `canReadDataElement`. See `canReadDataElement` for details.
+ */
+function canReadDataElementAsObservable(dataElementId) {
+    return (0, rxjs_1.from)(canReadDataElement(dataElementId));
+}
+/**
+ * Checks whether the authenticated user can create or update records for a data element ID.
+ */
+function canWriteDataElement(dataElementId) {
+    return hasDataElementAccess(dataElementId, 'write');
+}
+/**
+ * Observable version of `canWriteDataElement`. See `canWriteDataElement` for details.
+ */
+function canWriteDataElementAsObservable(dataElementId) {
+    return (0, rxjs_1.from)(canWriteDataElement(dataElementId));
+}
+/**
+ * Checks whether the authenticated user can delete records for a data element ID.
+ */
+function canDeleteDataElement(dataElementId) {
+    return hasDataElementAccess(dataElementId, 'delete');
+}
+/**
+ * Observable version of `canDeleteDataElement`. See `canDeleteDataElement` for details.
+ */
+function canDeleteDataElementAsObservable(dataElementId) {
+    return (0, rxjs_1.from)(canDeleteDataElement(dataElementId));
+}

package/lib/cjs/index.js

@@ -8,8 +8,8 @@
 // Unauthorized use outside the Halix platform is prohibited.
 // Full license terms available in the LICENSE file.
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.massDelete = exports.massEditAsObservable = exports.massEdit = exports.getListDataAsObservable = exports.getListData = exports.getOrganizationPreferenceAsObservable = exports.getUserPreferenceAsObservable = exports.getOrganizationPreference = exports.getUserPreference = exports.sendMessageAsObservable = exports.sendMessage = exports.MessageMethod = exports.downloadResourceAsObservable = exports.downloadResource = exports.createOrUpdateResourceAsObservable = exports.createOrUpdateResource = exports.sendFileContentsAsObservable = exports.sendFileContents = exports.saveResourceAsObservable = exports.saveResource = exports.getOrCreateResourceAsObservable = exports.getOrCreateResource = exports.deleteRelatedObjectsAsObservable = exports.deleteRelatedObjects = exports.deleteRelatedObjectAsObservable = exports.deleteRelatedObject = exports.deleteObjectAsObservable = exports.deleteObject = exports.saveRelatedObjectAsObservable = exports.saveRelatedObject = exports.saveObjectAsObservable = exports.saveObject = exports.getObjectsAsObservable = exports.getObjects = exports.getAccessibleObjectsAsObservable = exports.getAccessibleObjects = exports.getRelatedObjectsAsObservable = exports.getRelatedObjects = exports.getObjectAsObservable = exports.getObject = exports.prepareErrorResponse = exports.prepareSuccessResponse = exports.initialize = exports.useBody = exports.params = exports.userContext = exports.actionSubject = exports.serviceAddress = exports.sandboxKey = exports.getAuthToken = void 0;
-exports.debounceFn = exports.getValueFromObject = exports.compareValues = exports.sortObjectArray = exports.sendAIMessageAsObservable = exports.sendAIMessage = exports.submitStandalonePaymentAsObservable = exports.submitStandalonePayment = exports.getAggregateDataAsObservable = exports.getAggregateData = exports.AggregationResponse = exports.massDeleteAsObservable = void 0;
+exports.hasDataElementAccessAsObservable = exports.hasDataElementAccess = exports.dataElementAccessAsObservable = exports.dataElementAccess = exports.userPrivilegesAsObservable = exports.userPrivileges = exports.hasBusinessPrivilegeAsObservable = exports.hasBusinessPrivilege = exports.removeUserAccessAsObservable = exports.removeUserAccess = exports.updateUserAccessAsObservable = exports.updateUserAccess = exports.inviteUserAsObservable = exports.inviteUser = exports.getUserAccessAsObservable = exports.getUserAccess = exports.listSandboxUsersAsObservable = exports.listSandboxUsers = exports.listBusinessPrivilegesAsObservable = exports.listBusinessPrivileges = exports.listRolesAsObservable = exports.listRoles = exports.deleteRelatedObjectsAsObservable = exports.deleteRelatedObjects = exports.deleteRelatedObjectAsObservable = exports.deleteRelatedObject = exports.deleteObjectAsObservable = exports.deleteObject = exports.saveRelatedObjectAsObservable = exports.saveRelatedObject = exports.saveObjectAsObservable = exports.saveObject = exports.getObjectsAsObservable = exports.getObjects = exports.getAccessibleObjectsAsObservable = exports.getAccessibleObjects = exports.getRelatedObjectsAsObservable = exports.getRelatedObjects = exports.getObjectAsObservable = exports.getObject = exports.prepareErrorResponse = exports.prepareSuccessResponse = exports.initialize = exports.useBody = exports.params = exports.userContext = exports.actionSubject = exports.serviceAddress = exports.sandboxKey = exports.getAuthToken = void 0;
+exports.debounceFn = exports.getValueFromObject = exports.compareValues = exports.sortObjectArray = exports.sendAIMessageAsObservable = exports.sendAIMessage = exports.submitStandalonePaymentAsObservable = exports.submitStandalonePayment = exports.getAggregateDataAsObservable = exports.getAggregateData = exports.AggregationResponse = exports.massDeleteAsObservable = exports.massDelete = exports.massEditAsObservable = exports.massEdit = exports.getListDataAsObservable = exports.getListData = exports.getOrganizationPreferenceAsObservable = exports.getUserPreferenceAsObservable = exports.getOrganizationPreference = exports.getUserPreference = exports.sendMessageAsObservable = exports.sendMessage = exports.MessageMethod = exports.downloadResourceAsObservable = exports.downloadResource = exports.createOrUpdateResourceAsObservable = exports.createOrUpdateResource = exports.sendFileContentsAsObservable = exports.sendFileContents = exports.saveResourceAsObservable = exports.saveResource = exports.getOrCreateResourceAsObservable = exports.getOrCreateResource = exports.canDeleteDataElementAsObservable = exports.canDeleteDataElement = exports.canWriteDataElementAsObservable = exports.canWriteDataElement = exports.canReadDataElementAsObservable = exports.canReadDataElement = void 0;
 /**
  * @module @halix/action-sdk
  * @description Halix Platform action SDK for developing NodeJS Lambda-based actions on the Halix
@@ -58,6 +58,38 @@ Object.defineProperty(exports, "deleteRelatedObjectAsObservable", { enumerable:
 Object.defineProperty(exports, "deleteRelatedObjects", { enumerable: true, get: function () { return data_crud_1.deleteRelatedObjects; } });
 Object.defineProperty(exports, "deleteRelatedObjectsAsObservable", { enumerable: true, get: function () { return data_crud_1.deleteRelatedObjectsAsObservable; } });
 // ================================================================================
+// ACCESS FUNCTIONS
+// ================================================================================
+var access_1 = require("./access");
+Object.defineProperty(exports, "listRoles", { enumerable: true, get: function () { return access_1.listRoles; } });
+Object.defineProperty(exports, "listRolesAsObservable", { enumerable: true, get: function () { return access_1.listRolesAsObservable; } });
+Object.defineProperty(exports, "listBusinessPrivileges", { enumerable: true, get: function () { return access_1.listBusinessPrivileges; } });
+Object.defineProperty(exports, "listBusinessPrivilegesAsObservable", { enumerable: true, get: function () { return access_1.listBusinessPrivilegesAsObservable; } });
+Object.defineProperty(exports, "listSandboxUsers", { enumerable: true, get: function () { return access_1.listSandboxUsers; } });
+Object.defineProperty(exports, "listSandboxUsersAsObservable", { enumerable: true, get: function () { return access_1.listSandboxUsersAsObservable; } });
+Object.defineProperty(exports, "getUserAccess", { enumerable: true, get: function () { return access_1.getUserAccess; } });
+Object.defineProperty(exports, "getUserAccessAsObservable", { enumerable: true, get: function () { return access_1.getUserAccessAsObservable; } });
+Object.defineProperty(exports, "inviteUser", { enumerable: true, get: function () { return access_1.inviteUser; } });
+Object.defineProperty(exports, "inviteUserAsObservable", { enumerable: true, get: function () { return access_1.inviteUserAsObservable; } });
+Object.defineProperty(exports, "updateUserAccess", { enumerable: true, get: function () { return access_1.updateUserAccess; } });
+Object.defineProperty(exports, "updateUserAccessAsObservable", { enumerable: true, get: function () { return access_1.updateUserAccessAsObservable; } });
+Object.defineProperty(exports, "removeUserAccess", { enumerable: true, get: function () { return access_1.removeUserAccess; } });
+Object.defineProperty(exports, "removeUserAccessAsObservable", { enumerable: true, get: function () { return access_1.removeUserAccessAsObservable; } });
+Object.defineProperty(exports, "hasBusinessPrivilege", { enumerable: true, get: function () { return access_1.hasBusinessPrivilege; } });
+Object.defineProperty(exports, "hasBusinessPrivilegeAsObservable", { enumerable: true, get: function () { return access_1.hasBusinessPrivilegeAsObservable; } });
+Object.defineProperty(exports, "userPrivileges", { enumerable: true, get: function () { return access_1.userPrivileges; } });
+Object.defineProperty(exports, "userPrivilegesAsObservable", { enumerable: true, get: function () { return access_1.userPrivilegesAsObservable; } });
+Object.defineProperty(exports, "dataElementAccess", { enumerable: true, get: function () { return access_1.dataElementAccess; } });
+Object.defineProperty(exports, "dataElementAccessAsObservable", { enumerable: true, get: function () { return access_1.dataElementAccessAsObservable; } });
+Object.defineProperty(exports, "hasDataElementAccess", { enumerable: true, get: function () { return access_1.hasDataElementAccess; } });
+Object.defineProperty(exports, "hasDataElementAccessAsObservable", { enumerable: true, get: function () { return access_1.hasDataElementAccessAsObservable; } });
+Object.defineProperty(exports, "canReadDataElement", { enumerable: true, get: function () { return access_1.canReadDataElement; } });
+Object.defineProperty(exports, "canReadDataElementAsObservable", { enumerable: true, get: function () { return access_1.canReadDataElementAsObservable; } });
+Object.defineProperty(exports, "canWriteDataElement", { enumerable: true, get: function () { return access_1.canWriteDataElement; } });
+Object.defineProperty(exports, "canWriteDataElementAsObservable", { enumerable: true, get: function () { return access_1.canWriteDataElementAsObservable; } });
+Object.defineProperty(exports, "canDeleteDataElement", { enumerable: true, get: function () { return access_1.canDeleteDataElement; } });
+Object.defineProperty(exports, "canDeleteDataElementAsObservable", { enumerable: true, get: function () { return access_1.canDeleteDataElementAsObservable; } });
+// ================================================================================
 // CONTENT FUNCTIONS
 // ================================================================================
 var content_1 = require("./content");