@halix/action-sdk 1.0.45 → 1.0.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/access.js +149 -12
- package/lib/cjs/index.js +14 -2
- package/lib/cjs/sdk-general.js +0 -3
- package/lib/cjs/types/access.d.ts +104 -6
- package/lib/cjs/types/access.d.ts.map +1 -1
- package/lib/cjs/types/index.d.ts +1 -1
- package/lib/cjs/types/index.d.ts.map +1 -1
- package/lib/cjs/types/sdk-general.d.ts +5 -1
- package/lib/cjs/types/sdk-general.d.ts.map +1 -1
- package/lib/esm/access.js +131 -13
- package/lib/esm/access.js.map +1 -1
- package/lib/esm/index.js.map +1 -1
- package/lib/esm/index.mjs +1 -1
- package/lib/esm/sdk-general.js +0 -3
- package/lib/esm/sdk-general.js.map +1 -1
- package/lib/esm/types/access.d.ts +104 -6
- package/lib/esm/types/index.d.ts +1 -1
- package/lib/esm/types/sdk-general.d.ts +5 -1
- package/package.json +1 -1
package/lib/cjs/access.js
CHANGED
|
@@ -35,7 +35,19 @@ exports.updateUserAccessAsObservable = updateUserAccessAsObservable;
|
|
|
35
35
|
exports.removeUserAccess = removeUserAccess;
|
|
36
36
|
exports.removeUserAccessAsObservable = removeUserAccessAsObservable;
|
|
37
37
|
exports.hasBusinessPrivilege = hasBusinessPrivilege;
|
|
38
|
+
exports.hasBusinessPrivilegeAsObservable = hasBusinessPrivilegeAsObservable;
|
|
38
39
|
exports.userPrivileges = userPrivileges;
|
|
40
|
+
exports.userPrivilegesAsObservable = userPrivilegesAsObservable;
|
|
41
|
+
exports.dataElementAccess = dataElementAccess;
|
|
42
|
+
exports.dataElementAccessAsObservable = dataElementAccessAsObservable;
|
|
43
|
+
exports.hasDataElementAccess = hasDataElementAccess;
|
|
44
|
+
exports.hasDataElementAccessAsObservable = hasDataElementAccessAsObservable;
|
|
45
|
+
exports.canReadDataElement = canReadDataElement;
|
|
46
|
+
exports.canReadDataElementAsObservable = canReadDataElementAsObservable;
|
|
47
|
+
exports.canWriteDataElement = canWriteDataElement;
|
|
48
|
+
exports.canWriteDataElementAsObservable = canWriteDataElementAsObservable;
|
|
49
|
+
exports.canDeleteDataElement = canDeleteDataElement;
|
|
50
|
+
exports.canDeleteDataElementAsObservable = canDeleteDataElementAsObservable;
|
|
39
51
|
/**
|
|
40
52
|
* @module @halix/action-sdk/access
|
|
41
53
|
* @description Access, roles, business privileges, invitations, and user scope assignment for the Halix Platform action SDK.
|
|
@@ -45,7 +57,8 @@ exports.userPrivileges = userPrivileges;
|
|
|
45
57
|
* Key concepts:
|
|
46
58
|
* - `Role.id` is the stable semantic role identifier used by configuration and generated code.
|
|
47
59
|
* - `Role.objKey` is the persisted role object key. APIs that accept `roleKeys` require `Role.objKey`, not `Role.id`.
|
|
48
|
-
* - `BusinessPrivilege.id` is the stable privilege identifier used by
|
|
60
|
+
* - `BusinessPrivilege.id` is the stable privilege identifier used by server-validated checks such as `hasBusinessPrivilege`.
|
|
61
|
+
* - Data element access checks use stable data element IDs and resolve to persisted keys on the server.
|
|
49
62
|
* - `ScopeKeyItem` entries define the data scope a user receives for an organization, user proxy, or custom data scope.
|
|
50
63
|
*
|
|
51
64
|
* @usage
|
|
@@ -74,8 +87,13 @@ exports.userPrivileges = userPrivileges;
|
|
|
74
87
|
* | `inviteUser` | Invite a new user and assign initial role keys/scopes |
|
|
75
88
|
* | `updateUserAccess` | Add or update one user scope entry |
|
|
76
89
|
* | `removeUserAccess` | Remove one user scope entry |
|
|
77
|
-
* | `hasBusinessPrivilege` |
|
|
78
|
-
* | `userPrivileges` |
|
|
90
|
+
* | `hasBusinessPrivilege` | Server-check whether the current user has a privilege ID |
|
|
91
|
+
* | `userPrivileges` | Server-read the current user's privilege IDs |
|
|
92
|
+
* | `dataElementAccess` | Server-check current user's read/write/delete access to a data element ID |
|
|
93
|
+
* | `hasDataElementAccess` | Server-check one read/write/delete access mode |
|
|
94
|
+
* | `canReadDataElement` | Server-check read access to a data element ID |
|
|
95
|
+
* | `canWriteDataElement` | Server-check write access to a data element ID |
|
|
96
|
+
* | `canDeleteDataElement` | Server-check delete access to a data element ID |
|
|
79
97
|
*
|
|
80
98
|
* @example
|
|
81
99
|
* // Resolve a semantic role ID to the persisted object key before assignment
|
|
@@ -91,9 +109,15 @@ exports.userPrivileges = userPrivileges;
|
|
|
91
109
|
*
|
|
92
110
|
* @example
|
|
93
111
|
* // Check the current user's business privilege
|
|
94
|
-
* if (hx.hasBusinessPrivilege('manageSharedLists')) {
|
|
112
|
+
* if (await hx.hasBusinessPrivilege('manageSharedLists')) {
|
|
95
113
|
* // Show controls for sharing list access
|
|
96
114
|
* }
|
|
115
|
+
*
|
|
116
|
+
* @example
|
|
117
|
+
* // Check current user's data access before showing a CRUD control
|
|
118
|
+
* if (await hx.canWriteDataElement('shoppingList')) {
|
|
119
|
+
* // Show controls that create or update shopping list records
|
|
120
|
+
* }
|
|
97
121
|
*/
|
|
98
122
|
const axios_1 = __importDefault(require("axios"));
|
|
99
123
|
const rxjs_1 = require("rxjs");
|
|
@@ -259,21 +283,134 @@ function removeUserAccessAsObservable(userKey, scopeElementId) {
|
|
|
259
283
|
return (0, rxjs_1.from)(removeUserAccess(userKey, scopeElementId));
|
|
260
284
|
}
|
|
261
285
|
/**
|
|
262
|
-
* Checks whether the
|
|
286
|
+
* Checks whether the authenticated user has a business privilege ID by calling the access service.
|
|
287
|
+
*
|
|
288
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
289
|
+
* Treat this as an authorization check and await the server response.
|
|
263
290
|
*
|
|
264
291
|
* @param privilegeId - Stable business privilege ID
|
|
265
|
-
* @returns
|
|
292
|
+
* @returns Promise resolving to true when the current user has the privilege
|
|
266
293
|
*/
|
|
267
294
|
function hasBusinessPrivilege(privilegeId) {
|
|
268
|
-
|
|
269
|
-
|
|
295
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
296
|
+
const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/businessPrivileges/${encodeURIComponent(privilegeId)}/currentUserHasPrivilege`, {
|
|
297
|
+
headers: yield authHeaders(),
|
|
298
|
+
});
|
|
299
|
+
return response.data.hasPrivilege;
|
|
300
|
+
});
|
|
270
301
|
}
|
|
271
302
|
/**
|
|
272
|
-
*
|
|
303
|
+
* Observable version of `hasBusinessPrivilege`. See `hasBusinessPrivilege` for details.
|
|
304
|
+
*/
|
|
305
|
+
function hasBusinessPrivilegeAsObservable(privilegeId) {
|
|
306
|
+
return (0, rxjs_1.from)(hasBusinessPrivilege(privilegeId));
|
|
307
|
+
}
|
|
308
|
+
/**
|
|
309
|
+
* Returns the authenticated user's business privilege IDs by calling the access service.
|
|
310
|
+
*
|
|
311
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
273
312
|
*
|
|
274
|
-
* @returns
|
|
313
|
+
* @returns Promise resolving to business privilege IDs for the current user
|
|
275
314
|
*/
|
|
276
315
|
function userPrivileges() {
|
|
277
|
-
|
|
278
|
-
|
|
316
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
317
|
+
var _a;
|
|
318
|
+
const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/currentBusinessPrivileges`, {
|
|
319
|
+
headers: yield authHeaders(),
|
|
320
|
+
});
|
|
321
|
+
return (_a = response.data.businessPrivileges) !== null && _a !== void 0 ? _a : [];
|
|
322
|
+
});
|
|
323
|
+
}
|
|
324
|
+
/**
|
|
325
|
+
* Observable version of `userPrivileges`. See `userPrivileges` for details.
|
|
326
|
+
*/
|
|
327
|
+
function userPrivilegesAsObservable() {
|
|
328
|
+
return (0, rxjs_1.from)(userPrivileges());
|
|
329
|
+
}
|
|
330
|
+
/**
|
|
331
|
+
* Checks the authenticated user's data element read/write/delete access through the access service.
|
|
332
|
+
*
|
|
333
|
+
* The caller passes the stable data element ID. The server resolves that ID to the persisted data element key before
|
|
334
|
+
* checking the user's token, so generated code does not need to manage ID-to-key mappings.
|
|
335
|
+
*
|
|
336
|
+
* @param dataElementId - Stable data element ID
|
|
337
|
+
* @returns Promise resolving to the current user's data element access flags
|
|
338
|
+
*/
|
|
339
|
+
function dataElementAccess(dataElementId) {
|
|
340
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
341
|
+
const response = yield axios_1.default.get(`${sdk_general_1.serviceAddress}/access/sandboxes/${sdk_general_1.sandboxKey}/dataElements/${encodeURIComponent(dataElementId)}/currentUserAccess`, {
|
|
342
|
+
headers: yield authHeaders(),
|
|
343
|
+
});
|
|
344
|
+
return response.data;
|
|
345
|
+
});
|
|
346
|
+
}
|
|
347
|
+
/**
|
|
348
|
+
* Observable version of `dataElementAccess`. See `dataElementAccess` for details.
|
|
349
|
+
*/
|
|
350
|
+
function dataElementAccessAsObservable(dataElementId) {
|
|
351
|
+
return (0, rxjs_1.from)(dataElementAccess(dataElementId));
|
|
352
|
+
}
|
|
353
|
+
/**
|
|
354
|
+
* Checks one data element access mode for the authenticated user through the access service.
|
|
355
|
+
*
|
|
356
|
+
* @param dataElementId - Stable data element ID
|
|
357
|
+
* @param access - Access mode to check: `read`, `write`, or `delete`
|
|
358
|
+
* @returns Promise resolving to true when the current user has the requested data access
|
|
359
|
+
*/
|
|
360
|
+
function hasDataElementAccess(dataElementId, access) {
|
|
361
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
362
|
+
const result = yield dataElementAccess(dataElementId);
|
|
363
|
+
switch (access) {
|
|
364
|
+
case 'read':
|
|
365
|
+
return result.canRead;
|
|
366
|
+
case 'write':
|
|
367
|
+
return result.canWrite;
|
|
368
|
+
case 'delete':
|
|
369
|
+
return result.canDelete;
|
|
370
|
+
default:
|
|
371
|
+
return false;
|
|
372
|
+
}
|
|
373
|
+
});
|
|
374
|
+
}
|
|
375
|
+
/**
|
|
376
|
+
* Observable version of `hasDataElementAccess`. See `hasDataElementAccess` for details.
|
|
377
|
+
*/
|
|
378
|
+
function hasDataElementAccessAsObservable(dataElementId, access) {
|
|
379
|
+
return (0, rxjs_1.from)(hasDataElementAccess(dataElementId, access));
|
|
380
|
+
}
|
|
381
|
+
/**
|
|
382
|
+
* Checks whether the authenticated user can read records for a data element ID.
|
|
383
|
+
*/
|
|
384
|
+
function canReadDataElement(dataElementId) {
|
|
385
|
+
return hasDataElementAccess(dataElementId, 'read');
|
|
386
|
+
}
|
|
387
|
+
/**
|
|
388
|
+
* Observable version of `canReadDataElement`. See `canReadDataElement` for details.
|
|
389
|
+
*/
|
|
390
|
+
function canReadDataElementAsObservable(dataElementId) {
|
|
391
|
+
return (0, rxjs_1.from)(canReadDataElement(dataElementId));
|
|
392
|
+
}
|
|
393
|
+
/**
|
|
394
|
+
* Checks whether the authenticated user can create or update records for a data element ID.
|
|
395
|
+
*/
|
|
396
|
+
function canWriteDataElement(dataElementId) {
|
|
397
|
+
return hasDataElementAccess(dataElementId, 'write');
|
|
398
|
+
}
|
|
399
|
+
/**
|
|
400
|
+
* Observable version of `canWriteDataElement`. See `canWriteDataElement` for details.
|
|
401
|
+
*/
|
|
402
|
+
function canWriteDataElementAsObservable(dataElementId) {
|
|
403
|
+
return (0, rxjs_1.from)(canWriteDataElement(dataElementId));
|
|
404
|
+
}
|
|
405
|
+
/**
|
|
406
|
+
* Checks whether the authenticated user can delete records for a data element ID.
|
|
407
|
+
*/
|
|
408
|
+
function canDeleteDataElement(dataElementId) {
|
|
409
|
+
return hasDataElementAccess(dataElementId, 'delete');
|
|
410
|
+
}
|
|
411
|
+
/**
|
|
412
|
+
* Observable version of `canDeleteDataElement`. See `canDeleteDataElement` for details.
|
|
413
|
+
*/
|
|
414
|
+
function canDeleteDataElementAsObservable(dataElementId) {
|
|
415
|
+
return (0, rxjs_1.from)(canDeleteDataElement(dataElementId));
|
|
279
416
|
}
|
package/lib/cjs/index.js
CHANGED
|
@@ -8,8 +8,8 @@
|
|
|
8
8
|
// Unauthorized use outside the Halix platform is prohibited.
|
|
9
9
|
// Full license terms available in the LICENSE file.
|
|
10
10
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
-
exports.
|
|
12
|
-
exports.debounceFn = exports.getValueFromObject = exports.compareValues = exports.sortObjectArray = exports.sendAIMessageAsObservable = exports.sendAIMessage = exports.submitStandalonePaymentAsObservable = exports.submitStandalonePayment = exports.getAggregateDataAsObservable = exports.getAggregateData = exports.AggregationResponse = exports.massDeleteAsObservable = exports.massDelete = exports.massEditAsObservable = exports.massEdit = exports.getListDataAsObservable = exports.getListData = exports.getOrganizationPreferenceAsObservable = exports.getUserPreferenceAsObservable = exports.getOrganizationPreference = exports.getUserPreference = exports.sendMessageAsObservable = exports.sendMessage = exports.MessageMethod = exports.downloadResourceAsObservable = exports.downloadResource = exports.createOrUpdateResourceAsObservable = exports.createOrUpdateResource = void 0;
|
|
11
|
+
exports.hasDataElementAccessAsObservable = exports.hasDataElementAccess = exports.dataElementAccessAsObservable = exports.dataElementAccess = exports.userPrivilegesAsObservable = exports.userPrivileges = exports.hasBusinessPrivilegeAsObservable = exports.hasBusinessPrivilege = exports.removeUserAccessAsObservable = exports.removeUserAccess = exports.updateUserAccessAsObservable = exports.updateUserAccess = exports.inviteUserAsObservable = exports.inviteUser = exports.getUserAccessAsObservable = exports.getUserAccess = exports.listSandboxUsersAsObservable = exports.listSandboxUsers = exports.listBusinessPrivilegesAsObservable = exports.listBusinessPrivileges = exports.listRolesAsObservable = exports.listRoles = exports.deleteRelatedObjectsAsObservable = exports.deleteRelatedObjects = exports.deleteRelatedObjectAsObservable = exports.deleteRelatedObject = exports.deleteObjectAsObservable = exports.deleteObject = exports.saveRelatedObjectAsObservable = exports.saveRelatedObject = exports.saveObjectAsObservable = exports.saveObject = exports.getObjectsAsObservable = exports.getObjects = exports.getAccessibleObjectsAsObservable = exports.getAccessibleObjects = exports.getRelatedObjectsAsObservable = exports.getRelatedObjects = exports.getObjectAsObservable = exports.getObject = exports.prepareErrorResponse = exports.prepareSuccessResponse = exports.initialize = exports.useBody = exports.params = exports.userContext = exports.actionSubject = exports.serviceAddress = exports.sandboxKey = exports.getAuthToken = void 0;
|
|
12
|
+
exports.debounceFn = exports.getValueFromObject = exports.compareValues = exports.sortObjectArray = exports.sendAIMessageAsObservable = exports.sendAIMessage = exports.submitStandalonePaymentAsObservable = exports.submitStandalonePayment = exports.getAggregateDataAsObservable = exports.getAggregateData = exports.AggregationResponse = exports.massDeleteAsObservable = exports.massDelete = exports.massEditAsObservable = exports.massEdit = exports.getListDataAsObservable = exports.getListData = exports.getOrganizationPreferenceAsObservable = exports.getUserPreferenceAsObservable = exports.getOrganizationPreference = exports.getUserPreference = exports.sendMessageAsObservable = exports.sendMessage = exports.MessageMethod = exports.downloadResourceAsObservable = exports.downloadResource = exports.createOrUpdateResourceAsObservable = exports.createOrUpdateResource = exports.sendFileContentsAsObservable = exports.sendFileContents = exports.saveResourceAsObservable = exports.saveResource = exports.getOrCreateResourceAsObservable = exports.getOrCreateResource = exports.canDeleteDataElementAsObservable = exports.canDeleteDataElement = exports.canWriteDataElementAsObservable = exports.canWriteDataElement = exports.canReadDataElementAsObservable = exports.canReadDataElement = void 0;
|
|
13
13
|
/**
|
|
14
14
|
* @module @halix/action-sdk
|
|
15
15
|
* @description Halix Platform action SDK for developing NodeJS Lambda-based actions on the Halix
|
|
@@ -76,7 +76,19 @@ Object.defineProperty(exports, "updateUserAccessAsObservable", { enumerable: tru
|
|
|
76
76
|
Object.defineProperty(exports, "removeUserAccess", { enumerable: true, get: function () { return access_1.removeUserAccess; } });
|
|
77
77
|
Object.defineProperty(exports, "removeUserAccessAsObservable", { enumerable: true, get: function () { return access_1.removeUserAccessAsObservable; } });
|
|
78
78
|
Object.defineProperty(exports, "hasBusinessPrivilege", { enumerable: true, get: function () { return access_1.hasBusinessPrivilege; } });
|
|
79
|
+
Object.defineProperty(exports, "hasBusinessPrivilegeAsObservable", { enumerable: true, get: function () { return access_1.hasBusinessPrivilegeAsObservable; } });
|
|
79
80
|
Object.defineProperty(exports, "userPrivileges", { enumerable: true, get: function () { return access_1.userPrivileges; } });
|
|
81
|
+
Object.defineProperty(exports, "userPrivilegesAsObservable", { enumerable: true, get: function () { return access_1.userPrivilegesAsObservable; } });
|
|
82
|
+
Object.defineProperty(exports, "dataElementAccess", { enumerable: true, get: function () { return access_1.dataElementAccess; } });
|
|
83
|
+
Object.defineProperty(exports, "dataElementAccessAsObservable", { enumerable: true, get: function () { return access_1.dataElementAccessAsObservable; } });
|
|
84
|
+
Object.defineProperty(exports, "hasDataElementAccess", { enumerable: true, get: function () { return access_1.hasDataElementAccess; } });
|
|
85
|
+
Object.defineProperty(exports, "hasDataElementAccessAsObservable", { enumerable: true, get: function () { return access_1.hasDataElementAccessAsObservable; } });
|
|
86
|
+
Object.defineProperty(exports, "canReadDataElement", { enumerable: true, get: function () { return access_1.canReadDataElement; } });
|
|
87
|
+
Object.defineProperty(exports, "canReadDataElementAsObservable", { enumerable: true, get: function () { return access_1.canReadDataElementAsObservable; } });
|
|
88
|
+
Object.defineProperty(exports, "canWriteDataElement", { enumerable: true, get: function () { return access_1.canWriteDataElement; } });
|
|
89
|
+
Object.defineProperty(exports, "canWriteDataElementAsObservable", { enumerable: true, get: function () { return access_1.canWriteDataElementAsObservable; } });
|
|
90
|
+
Object.defineProperty(exports, "canDeleteDataElement", { enumerable: true, get: function () { return access_1.canDeleteDataElement; } });
|
|
91
|
+
Object.defineProperty(exports, "canDeleteDataElementAsObservable", { enumerable: true, get: function () { return access_1.canDeleteDataElementAsObservable; } });
|
|
80
92
|
// ================================================================================
|
|
81
93
|
// CONTENT FUNCTIONS
|
|
82
94
|
// ================================================================================
|
package/lib/cjs/sdk-general.js
CHANGED
|
@@ -39,9 +39,6 @@ function initialize(event) {
|
|
|
39
39
|
}
|
|
40
40
|
if (body) {
|
|
41
41
|
({ sandboxKey: exports.sandboxKey, serviceAddress: exports.serviceAddress, actionSubject: exports.actionSubject, userContext: exports.userContext, params: exports.params } = body);
|
|
42
|
-
if (exports.userContext && !exports.userContext.businessPrivileges) {
|
|
43
|
-
exports.userContext.businessPrivileges = [];
|
|
44
|
-
}
|
|
45
42
|
if (body.authToken) {
|
|
46
43
|
exports.getAuthToken = () => (0, rxjs_1.of)(body.authToken);
|
|
47
44
|
}
|
|
@@ -126,6 +126,41 @@ export interface UpdateAccessRequest {
|
|
|
126
126
|
/** Whether this scope entry should apply globally instead of being limited to the provided scopes. */
|
|
127
127
|
globalAccess?: boolean;
|
|
128
128
|
}
|
|
129
|
+
/**
|
|
130
|
+
* Server response for current-user business privilege checks.
|
|
131
|
+
*/
|
|
132
|
+
export interface BusinessPrivilegeCheckResult {
|
|
133
|
+
/** Checked business privilege ID. */
|
|
134
|
+
businessPrivilegeId: string;
|
|
135
|
+
/** Whether the authenticated user has the privilege in the current sandbox. */
|
|
136
|
+
hasPrivilege: boolean;
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* Server response for current-user business privilege lists.
|
|
140
|
+
*/
|
|
141
|
+
export interface CurrentBusinessPrivilegesResult {
|
|
142
|
+
/** Business privilege IDs granted to the authenticated user in the current sandbox. */
|
|
143
|
+
businessPrivileges: string[];
|
|
144
|
+
}
|
|
145
|
+
/**
|
|
146
|
+
* Data element access mode for current-user R/W/D privilege checks.
|
|
147
|
+
*/
|
|
148
|
+
export type DataElementAccessMode = 'read' | 'write' | 'delete';
|
|
149
|
+
/**
|
|
150
|
+
* Server response for current-user data element access checks.
|
|
151
|
+
*/
|
|
152
|
+
export interface DataElementAccessResult {
|
|
153
|
+
/** Stable data element ID requested by the caller. */
|
|
154
|
+
dataElementId: string;
|
|
155
|
+
/** Persisted data element object key resolved by the server. */
|
|
156
|
+
dataElementKey: string;
|
|
157
|
+
/** Whether the authenticated user can read records for this data element. */
|
|
158
|
+
canRead: boolean;
|
|
159
|
+
/** Whether the authenticated user can create or update records for this data element. */
|
|
160
|
+
canWrite: boolean;
|
|
161
|
+
/** Whether the authenticated user can delete records for this data element. */
|
|
162
|
+
canDelete: boolean;
|
|
163
|
+
}
|
|
129
164
|
/**
|
|
130
165
|
* Lists roles available in the current sandbox.
|
|
131
166
|
*
|
|
@@ -215,16 +250,79 @@ export declare function removeUserAccess(userKey: string, scopeElementId: string
|
|
|
215
250
|
*/
|
|
216
251
|
export declare function removeUserAccessAsObservable(userKey: string, scopeElementId: string): Observable<void>;
|
|
217
252
|
/**
|
|
218
|
-
* Checks whether the
|
|
253
|
+
* Checks whether the authenticated user has a business privilege ID by calling the access service.
|
|
254
|
+
*
|
|
255
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
256
|
+
* Treat this as an authorization check and await the server response.
|
|
219
257
|
*
|
|
220
258
|
* @param privilegeId - Stable business privilege ID
|
|
221
|
-
* @returns
|
|
259
|
+
* @returns Promise resolving to true when the current user has the privilege
|
|
260
|
+
*/
|
|
261
|
+
export declare function hasBusinessPrivilege(privilegeId: string): Promise<boolean>;
|
|
262
|
+
/**
|
|
263
|
+
* Observable version of `hasBusinessPrivilege`. See `hasBusinessPrivilege` for details.
|
|
264
|
+
*/
|
|
265
|
+
export declare function hasBusinessPrivilegeAsObservable(privilegeId: string): Observable<boolean>;
|
|
266
|
+
/**
|
|
267
|
+
* Returns the authenticated user's business privilege IDs by calling the access service.
|
|
268
|
+
*
|
|
269
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
270
|
+
*
|
|
271
|
+
* @returns Promise resolving to business privilege IDs for the current user
|
|
272
|
+
*/
|
|
273
|
+
export declare function userPrivileges(): Promise<string[]>;
|
|
274
|
+
/**
|
|
275
|
+
* Observable version of `userPrivileges`. See `userPrivileges` for details.
|
|
222
276
|
*/
|
|
223
|
-
export declare function
|
|
277
|
+
export declare function userPrivilegesAsObservable(): Observable<string[]>;
|
|
224
278
|
/**
|
|
225
|
-
*
|
|
279
|
+
* Checks the authenticated user's data element read/write/delete access through the access service.
|
|
226
280
|
*
|
|
227
|
-
*
|
|
281
|
+
* The caller passes the stable data element ID. The server resolves that ID to the persisted data element key before
|
|
282
|
+
* checking the user's token, so generated code does not need to manage ID-to-key mappings.
|
|
283
|
+
*
|
|
284
|
+
* @param dataElementId - Stable data element ID
|
|
285
|
+
* @returns Promise resolving to the current user's data element access flags
|
|
286
|
+
*/
|
|
287
|
+
export declare function dataElementAccess(dataElementId: string): Promise<DataElementAccessResult>;
|
|
288
|
+
/**
|
|
289
|
+
* Observable version of `dataElementAccess`. See `dataElementAccess` for details.
|
|
290
|
+
*/
|
|
291
|
+
export declare function dataElementAccessAsObservable(dataElementId: string): Observable<DataElementAccessResult>;
|
|
292
|
+
/**
|
|
293
|
+
* Checks one data element access mode for the authenticated user through the access service.
|
|
294
|
+
*
|
|
295
|
+
* @param dataElementId - Stable data element ID
|
|
296
|
+
* @param access - Access mode to check: `read`, `write`, or `delete`
|
|
297
|
+
* @returns Promise resolving to true when the current user has the requested data access
|
|
298
|
+
*/
|
|
299
|
+
export declare function hasDataElementAccess(dataElementId: string, access: DataElementAccessMode): Promise<boolean>;
|
|
300
|
+
/**
|
|
301
|
+
* Observable version of `hasDataElementAccess`. See `hasDataElementAccess` for details.
|
|
302
|
+
*/
|
|
303
|
+
export declare function hasDataElementAccessAsObservable(dataElementId: string, access: DataElementAccessMode): Observable<boolean>;
|
|
304
|
+
/**
|
|
305
|
+
* Checks whether the authenticated user can read records for a data element ID.
|
|
306
|
+
*/
|
|
307
|
+
export declare function canReadDataElement(dataElementId: string): Promise<boolean>;
|
|
308
|
+
/**
|
|
309
|
+
* Observable version of `canReadDataElement`. See `canReadDataElement` for details.
|
|
310
|
+
*/
|
|
311
|
+
export declare function canReadDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
|
312
|
+
/**
|
|
313
|
+
* Checks whether the authenticated user can create or update records for a data element ID.
|
|
314
|
+
*/
|
|
315
|
+
export declare function canWriteDataElement(dataElementId: string): Promise<boolean>;
|
|
316
|
+
/**
|
|
317
|
+
* Observable version of `canWriteDataElement`. See `canWriteDataElement` for details.
|
|
318
|
+
*/
|
|
319
|
+
export declare function canWriteDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
|
320
|
+
/**
|
|
321
|
+
* Checks whether the authenticated user can delete records for a data element ID.
|
|
322
|
+
*/
|
|
323
|
+
export declare function canDeleteDataElement(dataElementId: string): Promise<boolean>;
|
|
324
|
+
/**
|
|
325
|
+
* Observable version of `canDeleteDataElement`. See `canDeleteDataElement` for details.
|
|
228
326
|
*/
|
|
229
|
-
export declare function
|
|
327
|
+
export declare function canDeleteDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
|
230
328
|
//# sourceMappingURL=access.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access.d.ts","sourceRoot":"","sources":["../../../src/access.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"access.d.ts","sourceRoot":"","sources":["../../../src/access.ts"],"names":[],"mappings":"AAkFA,OAAO,EAAuB,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvD;;GAEG;AACH,MAAM,WAAW,YAAY;IACzB,0FAA0F;IAC1F,QAAQ,EAAE,MAAM,CAAC;IACjB,6CAA6C;IAC7C,aAAa,EAAE,MAAM,CAAC;IACtB,kDAAkD;IAClD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2EAA2E;IAC3E,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;;;GAIG;AACH,MAAM,WAAW,IAAI;IACjB,mFAAmF;IACnF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,EAAE,EAAE,MAAM,CAAC;IACX,gCAAgC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,uCAAuC;IACvC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,sDAAsD;IACtD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,sDAAsD;IACtD,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,uDAAuD;IACvD,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IACjC,kDAAkD;IAClD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,mDAAmD;IACnD,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAC9B,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,4EAA4E;IAC5E,EAAE,EAAE,MAAM,CAAC;IACX,qCAAqC;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0CAA0C;IAC1C,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IACxB,iCAAiC;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,oCAAoC;IACpC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,qCAAqC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,aAAa,CAAC,EAAE,OAAO,EAAE,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAC9B,uDAAuD;IACvD,IAAI,EAAE,OAAO,CAAC;IACd,sCAAsC;IACtC,aAAa,EAAE,OAAO,EAAE,CAAC;IACzB,sEAAsE;IACtE,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAC9B,0CAA0C;IAC1C,KAAK,EAAE,MAAM,CAAC;IACd,gDAAgD;IAChD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+EAA+E;IAC/E,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kFAAkF;IAClF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6FAA6F;IAC7F,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,wDAAwD;IACxD,aAAa,CAAC,EAAE,YAAY,EAAE,CAAC;IAC/B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IACzB,sEAAsE;IACtE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sEAAsE;IACtE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6BAA6B;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,2EAA2E;IAC3E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,6FAA6F;IAC7F,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,+CAA+C;IAC/C,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,sGAAsG;IACtG,YAAY,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IACzC,qCAAqC;IACrC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,+EAA+E;IAC/E,YAAY,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,+BAA+B;IAC5C,uFAAuF;IACvF,kBAAkB,EAAE,MAAM,EAAE,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEhE;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACpC,sDAAsD;IACtD,aAAa,EAAE,MAAM,CAAC;IACtB,gEAAgE;IAChE,cAAc,EAAE,MAAM,CAAC;IACvB,6EAA6E;IAC7E,OAAO,EAAE,OAAO,CAAC;IACjB,yFAAyF;IACzF,QAAQ,EAAE,OAAO,CAAC;IAClB,+EAA+E;IAC/E,SAAS,EAAE,OAAO,CAAC;CACtB;AAWD;;;;;;;GAOG;AACH,wBAAsB,SAAS,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAKjD;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,CAE1D;AAED;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAK3E;AAED;;GAEG;AACH,wBAAgB,kCAAkC,IAAI,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAEpF;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,CAK/D;AAED;;GAEG;AACH,wBAAgB,4BAA4B,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC,CAExE;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAK/E;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAAC,iBAAiB,CAAC,CAExF;AAED;;;;;;;;GAQG;AACH,wBAAsB,UAAU,CAAC,GAAG,EAAE,iBAAiB,GAAG,OAAO,CAAC,YAAY,CAAC,CAK9E;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,iBAAiB,GAAG,UAAU,CAAC,YAAY,CAAC,CAEvF;AAED;;;;;;;;GAQG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC,CAK/F;AAED;;GAEG;AACH,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,GAAG,UAAU,CAAC,IAAI,CAAC,CAExG;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAK7F;AAED;;GAEG;AACH,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAEtG;AAED;;;;;;;;GAQG;AACH,wBAAsB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAQhF;AAED;;GAEG;AACH,wBAAgB,gCAAgC,CAAC,WAAW,EAAE,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAEzF;AAED;;;;;;GAMG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAQxD;AAED;;GAEG;AACH,wBAAgB,0BAA0B,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC,CAEjE;AAED;;;;;;;;GAQG;AACH,wBAAsB,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAQ/F;AAED;;GAEG;AACH,wBAAgB,6BAA6B,CAAC,aAAa,EAAE,MAAM,GAAG,UAAU,CAAC,uBAAuB,CAAC,CAExG;AAED;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,CAYjH;AAED;;GAEG;AACH,wBAAgB,gCAAgC,CAC5C,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,qBAAqB,GAC9B,UAAU,CAAC,OAAO,CAAC,CAErB;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAE1E;AAED;;GAEG;AACH,wBAAgB,8BAA8B,CAAC,aAAa,EAAE,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAEzF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAE3E;AAED;;GAEG;AACH,wBAAgB,+BAA+B,CAAC,aAAa,EAAE,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAE1F;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAE5E;AAED;;GAEG;AACH,wBAAgB,gCAAgC,CAAC,aAAa,EAAE,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAE3F"}
|
package/lib/cjs/types/index.d.ts
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
*/
|
|
6
6
|
export { getAuthToken, sandboxKey, serviceAddress, actionSubject, userContext, params, useBody, initialize, type UserContext, type IncomingEventBody, type BaseActionResponse, type ActionResponse, type NotificationConfig, type ListActionResponse, type FormTemplateActionResponse, type PageTemplateActionResponse, type ObjectSaveActionResponse, type CalculatedFieldActionResponse, type SingleValueActionResponse, type ErrorResponse, prepareSuccessResponse, prepareErrorResponse } from './sdk-general';
|
|
7
7
|
export { type SaveOptions, getObject, getObjectAsObservable, getRelatedObjects, getRelatedObjectsAsObservable, getAccessibleObjects, getAccessibleObjectsAsObservable, getObjects, getObjectsAsObservable, saveObject, saveObjectAsObservable, saveRelatedObject, saveRelatedObjectAsObservable, deleteObject, deleteObjectAsObservable, deleteRelatedObject, deleteRelatedObjectAsObservable, deleteRelatedObjects, deleteRelatedObjectsAsObservable } from './data-crud';
|
|
8
|
-
export { type ScopeKeyItem, type Role, type BusinessPrivilege, type SandboxUser, type UserAccessWrapper, type InviteUserRequest, type InviteResult, type UpdateAccessRequest, listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, userPrivileges, } from './access';
|
|
8
|
+
export { type ScopeKeyItem, type Role, type BusinessPrivilege, type SandboxUser, type UserAccessWrapper, type InviteUserRequest, type InviteResult, type UpdateAccessRequest, type BusinessPrivilegeCheckResult, type CurrentBusinessPrivilegesResult, type DataElementAccessMode, type DataElementAccessResult, listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, hasBusinessPrivilegeAsObservable, userPrivileges, userPrivilegesAsObservable, dataElementAccess, dataElementAccessAsObservable, hasDataElementAccess, hasDataElementAccessAsObservable, canReadDataElement, canReadDataElementAsObservable, canWriteDataElement, canWriteDataElementAsObservable, canDeleteDataElement, canDeleteDataElementAsObservable, } from './access';
|
|
9
9
|
export { type ContentResource, getOrCreateResource, getOrCreateResourceAsObservable, saveResource, saveResourceAsObservable, sendFileContents, sendFileContentsAsObservable, createOrUpdateResource, createOrUpdateResourceAsObservable, downloadResource, downloadResourceAsObservable } from './content';
|
|
10
10
|
export { MessageMethod, type MessageRequest, sendMessage, sendMessageAsObservable } from './messaging';
|
|
11
11
|
export { getUserPreference, getOrganizationPreference, getUserPreferenceAsObservable, getOrganizationPreferenceAsObservable } from './preferences';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AASA;;;;GAIG;AAMH,OAAO,EAEH,YAAY,EACZ,UAAU,EACV,cAAc,EACd,aAAa,EACb,WAAW,EACX,MAAM,EACN,OAAO,EAGP,UAAU,EAGV,KAAK,WAAW,EAChB,KAAK,iBAAiB,EAGtB,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,0BAA0B,EAC/B,KAAK,0BAA0B,EAC/B,KAAK,wBAAwB,EAC7B,KAAK,6BAA6B,EAClC,KAAK,yBAAyB,EAC9B,KAAK,aAAa,EAGlB,sBAAsB,EACtB,oBAAoB,EACvB,MAAM,eAAe,CAAC;AAMvB,OAAO,EAEH,KAAK,WAAW,EAGhB,SAAS,EACT,qBAAqB,EACrB,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EAGtB,UAAU,EACV,sBAAsB,EACtB,iBAAiB,EACjB,6BAA6B,EAG7B,YAAY,EACZ,wBAAwB,EACxB,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,EACnC,MAAM,aAAa,CAAC;AAMrB,OAAO,EACH,KAAK,YAAY,EACjB,KAAK,IAAI,EACT,KAAK,iBAAiB,EACtB,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,SAAS,EACT,qBAAqB,EACrB,sBAAsB,EACtB,kCAAkC,EAClC,gBAAgB,EAChB,4BAA4B,EAC5B,aAAa,EACb,yBAAyB,EACzB,UAAU,EACV,sBAAsB,EACtB,gBAAgB,EAChB,4BAA4B,EAC5B,gBAAgB,EAChB,4BAA4B,EAC5B,oBAAoB,EACpB,cAAc,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AASA;;;;GAIG;AAMH,OAAO,EAEH,YAAY,EACZ,UAAU,EACV,cAAc,EACd,aAAa,EACb,WAAW,EACX,MAAM,EACN,OAAO,EAGP,UAAU,EAGV,KAAK,WAAW,EAChB,KAAK,iBAAiB,EAGtB,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,0BAA0B,EAC/B,KAAK,0BAA0B,EAC/B,KAAK,wBAAwB,EAC7B,KAAK,6BAA6B,EAClC,KAAK,yBAAyB,EAC9B,KAAK,aAAa,EAGlB,sBAAsB,EACtB,oBAAoB,EACvB,MAAM,eAAe,CAAC;AAMvB,OAAO,EAEH,KAAK,WAAW,EAGhB,SAAS,EACT,qBAAqB,EACrB,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,UAAU,EACV,sBAAsB,EAGtB,UAAU,EACV,sBAAsB,EACtB,iBAAiB,EACjB,6BAA6B,EAG7B,YAAY,EACZ,wBAAwB,EACxB,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,EACnC,MAAM,aAAa,CAAC;AAMrB,OAAO,EACH,KAAK,YAAY,EACjB,KAAK,IAAI,EACT,KAAK,iBAAiB,EACtB,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,KAAK,4BAA4B,EACjC,KAAK,+BAA+B,EACpC,KAAK,qBAAqB,EAC1B,KAAK,uBAAuB,EAC5B,SAAS,EACT,qBAAqB,EACrB,sBAAsB,EACtB,kCAAkC,EAClC,gBAAgB,EAChB,4BAA4B,EAC5B,aAAa,EACb,yBAAyB,EACzB,UAAU,EACV,sBAAsB,EACtB,gBAAgB,EAChB,4BAA4B,EAC5B,gBAAgB,EAChB,4BAA4B,EAC5B,oBAAoB,EACpB,gCAAgC,EAChC,cAAc,EACd,0BAA0B,EAC1B,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,kBAAkB,EAClB,8BAA8B,EAC9B,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,GACnC,MAAM,UAAU,CAAC;AAMlB,OAAO,EAEH,KAAK,eAAe,EAGpB,mBAAmB,EACnB,+BAA+B,EAC/B,YAAY,EACZ,wBAAwB,EACxB,gBAAgB,EAChB,4BAA4B,EAC5B,sBAAsB,EACtB,kCAAkC,EAClC,gBAAgB,EAChB,4BAA4B,EAC/B,MAAM,WAAW,CAAC;AAMnB,OAAO,EAEH,aAAa,EAGb,KAAK,cAAc,EAGnB,WAAW,EACX,uBAAuB,EAC1B,MAAM,aAAa,CAAC;AAMrB,OAAO,EAEH,iBAAiB,EACjB,yBAAyB,EACzB,6BAA6B,EAC7B,qCAAqC,EACxC,MAAM,eAAe,CAAC;AAMvB,OAAO,EAEH,KAAK,SAAS,EACd,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,qBAAqB,EAC1B,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EAGvB,WAAW,EACX,uBAAuB,EACvB,QAAQ,EACR,oBAAoB,EACpB,UAAU,EACV,sBAAsB,EACzB,MAAM,SAAS,CAAC;AAMjB,OAAO,EAEH,mBAAmB,EAGnB,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,yBAAyB,EAC9B,KAAK,aAAa,EAClB,KAAK,eAAe,EAGpB,gBAAgB,EAChB,4BAA4B,EAC/B,MAAM,kBAAkB,CAAC;AAM1B,OAAO,EAEH,KAAK,2BAA2B,EAChC,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAG5B,uBAAuB,EACvB,mCAAmC,EACtC,MAAM,YAAY,CAAC;AAMpB,OAAO,EAEH,KAAK,gBAAgB,EAGrB,aAAa,EACb,yBAAyB,EAC5B,MAAM,MAAM,CAAC;AAMd,OAAO,EACH,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,UAAU,EACb,MAAM,aAAa,CAAC"}
|
|
@@ -58,7 +58,11 @@ export interface UserContext {
|
|
|
58
58
|
orgProxyKey: string;
|
|
59
59
|
orgKey: string;
|
|
60
60
|
userProxyKey: string;
|
|
61
|
-
|
|
61
|
+
/**
|
|
62
|
+
* Business privilege IDs included in the initial context for display/navigation state.
|
|
63
|
+
* Do not use this client-side value for authorization checks; use access SDK server calls instead.
|
|
64
|
+
*/
|
|
65
|
+
businessPrivileges?: string[];
|
|
62
66
|
navigationContext: {
|
|
63
67
|
navigationKey: string;
|
|
64
68
|
navLevel: "organization" | "user";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdk-general.d.ts","sourceRoot":"","sources":["../../../src/sdk-general.ts"],"names":[],"mappings":"AASA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,UAAU,EAAM,MAAM,MAAM,CAAC;AAMtC;;GAEG;AACH,eAAO,IAAI,YAAY,EAAE,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;AAElD;;GAEG;AACH,eAAO,IAAI,UAAU,EAAE,MAAM,CAAC;AAE9B;;GAEG;AACH,eAAO,IAAI,cAAc,EAAE,MAAM,CAAC;AAElC;;GAEG;AACH,eAAO,IAAI,aAAa,EAAE,GAAG,CAAC;AAE9B;;GAEG;AACH,eAAO,IAAI,WAAW,EAAE,WAAW,CAAC;AAEpC;;GAEG;AACH,eAAO,IAAI,MAAM,EAAE,MAAM,CAAC;AAE1B;;GAEG;AACH,eAAO,IAAI,OAAO,EAAE,OAAO,CAAC;AAE5B;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE;IAAE,IAAI,CAAC,EAAE,iBAAiB,CAAA;CAAE,
|
|
1
|
+
{"version":3,"file":"sdk-general.d.ts","sourceRoot":"","sources":["../../../src/sdk-general.ts"],"names":[],"mappings":"AASA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,UAAU,EAAM,MAAM,MAAM,CAAC;AAMtC;;GAEG;AACH,eAAO,IAAI,YAAY,EAAE,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;AAElD;;GAEG;AACH,eAAO,IAAI,UAAU,EAAE,MAAM,CAAC;AAE9B;;GAEG;AACH,eAAO,IAAI,cAAc,EAAE,MAAM,CAAC;AAElC;;GAEG;AACH,eAAO,IAAI,aAAa,EAAE,GAAG,CAAC;AAE9B;;GAEG;AACH,eAAO,IAAI,WAAW,EAAE,WAAW,CAAC;AAEpC;;GAEG;AACH,eAAO,IAAI,MAAM,EAAE,MAAM,CAAC;AAE1B;;GAEG;AACH,eAAO,IAAI,OAAO,EAAE,OAAO,CAAC;AAE5B;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE;IAAE,IAAI,CAAC,EAAE,iBAAiB,CAAA;CAAE,QAiB7D;AAMD;;GAEG;AACH,MAAM,WAAW,WAAW;IACxB,IAAI,EAAE,GAAG,CAAC;IACV,SAAS,EAAE,GAAG,CAAC;IACf,QAAQ,EAAE,GAAG,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,iBAAiB,EAAE;QACf,aAAa,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,cAAc,GAAG,MAAM,CAAC;QAClC,kBAAkB,EAAE,MAAM,CAAC;QAC3B,iBAAiB,EAAE,MAAM,CAAC;QAC1B,iBAAiB,EAAE,OAAO,CAAC;QAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;KACxB,CAAA;CACJ;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kBAAkB,CAAC,EAAE,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;IAC9C,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,GAAG,CAAC;IACnB,WAAW,EAAE,WAAW,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,8IAA8I;IAC9I,YAAY,EAAE,YAAY,GAAG,oBAAoB,GAAG,oBAAoB,GAAG,kBAAkB,GAAG,uBAAuB,GAAG,mBAAmB,GAAG,OAAO,CAAC;IACxJ,qCAAqC;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,2CAA2C;IAC3C,mBAAmB,CAAC,EAAE,kBAAkB,EAAE,CAAC;CAC9C;AAED;;GAEG;AACH,MAAM,MAAM,cAAc,GAAG,kBAAkB,GAAG,0BAA0B,GAAG,0BAA0B,GAAG,wBAAwB,GAAG,6BAA6B,GAAG,yBAAyB,CAAC;AAEjM;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,oEAAoE;IACpE,wBAAwB,EAAE,MAAM,CAAC;IACjC,wCAAwC;IACxC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mEAAmE;IACnE,cAAc,EAAE,MAAM,CAAC;IACvB,kEAAkE;IAClE,aAAa,EAAE,MAAM,CAAC;IACtB,iDAAiD;IACjD,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAE5B,WAAW,CAAC,EAAE;QACV,kDAAkD;QAClD,sBAAsB,EAAE,MAAM,CAAC;QAC/B,wDAAwD;QACxD,sBAAsB,EAAE,MAAM,EAAE,CAAC;QACjC,sCAAsC;QACtC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,6BAA6B;QAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,oCAAoC;QACpC,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,2KAA2K;QAC3K,cAAc,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;IAEF,SAAS,CAAC,EAAE;QACR,gDAAgD;QAChD,sBAAsB,EAAE,MAAM,CAAC;QAC/B,sDAAsD;QACtD,sBAAsB,EAAE,MAAM,EAAE,CAAC;QACjC,+FAA+F;QAC/F,cAAc,EAAE,MAAM,CAAC;KAC1B,CAAC;IAEF,UAAU,CAAC,EAAE;QACT,8DAA8D;QAC9D,sBAAsB,EAAE,MAAM,CAAC;QAC/B,oEAAoE;QACpE,sBAAsB,EAAE,MAAM,EAAE,CAAC;QACjC,2DAA2D;QAC3D,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC3C,CAAC;CACL;AAED;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,kBAAkB;IAC1D,YAAY,EAAE,YAAY,CAAC;IAC3B,cAAc,EAAE,GAAG,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,0BAA2B,SAAQ,kBAAkB;IAClE,YAAY,EAAE,oBAAoB,CAAC;IACnC,cAAc,EAAE,GAAG,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,0BAA2B,SAAQ,kBAAkB;IAClE,YAAY,EAAE,oBAAoB,CAAC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACrC,WAAW,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,wBAAyB,SAAQ,kBAAkB;IAChE,YAAY,EAAE,kBAAkB,CAAC;IACjC,cAAc,EAAE,GAAG,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,6BAA8B,SAAQ,kBAAkB;IACrE,YAAY,EAAE,uBAAuB,CAAC;IACtC,eAAe,EAAE,GAAG,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,yBAA0B,SAAQ,kBAAkB;IACjE,YAAY,EAAE,mBAAmB,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,KAAK,EAAE,GAAG,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC1B,YAAY,EAAE,OAAO,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACxB;AAMD;;;;GAIG;AACH,wBAAgB,sBAAsB,CAAC,eAAe,EAAE,cAAc,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG,cAAc,CAS7H;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAS/G"}
|
package/lib/esm/access.js
CHANGED
|
@@ -15,7 +15,8 @@
|
|
|
15
15
|
* Key concepts:
|
|
16
16
|
* - `Role.id` is the stable semantic role identifier used by configuration and generated code.
|
|
17
17
|
* - `Role.objKey` is the persisted role object key. APIs that accept `roleKeys` require `Role.objKey`, not `Role.id`.
|
|
18
|
-
* - `BusinessPrivilege.id` is the stable privilege identifier used by
|
|
18
|
+
* - `BusinessPrivilege.id` is the stable privilege identifier used by server-validated checks such as `hasBusinessPrivilege`.
|
|
19
|
+
* - Data element access checks use stable data element IDs and resolve to persisted keys on the server.
|
|
19
20
|
* - `ScopeKeyItem` entries define the data scope a user receives for an organization, user proxy, or custom data scope.
|
|
20
21
|
*
|
|
21
22
|
* @usage
|
|
@@ -44,8 +45,13 @@
|
|
|
44
45
|
* | `inviteUser` | Invite a new user and assign initial role keys/scopes |
|
|
45
46
|
* | `updateUserAccess` | Add or update one user scope entry |
|
|
46
47
|
* | `removeUserAccess` | Remove one user scope entry |
|
|
47
|
-
* | `hasBusinessPrivilege` |
|
|
48
|
-
* | `userPrivileges` |
|
|
48
|
+
* | `hasBusinessPrivilege` | Server-check whether the current user has a privilege ID |
|
|
49
|
+
* | `userPrivileges` | Server-read the current user's privilege IDs |
|
|
50
|
+
* | `dataElementAccess` | Server-check current user's read/write/delete access to a data element ID |
|
|
51
|
+
* | `hasDataElementAccess` | Server-check one read/write/delete access mode |
|
|
52
|
+
* | `canReadDataElement` | Server-check read access to a data element ID |
|
|
53
|
+
* | `canWriteDataElement` | Server-check write access to a data element ID |
|
|
54
|
+
* | `canDeleteDataElement` | Server-check delete access to a data element ID |
|
|
49
55
|
*
|
|
50
56
|
* @example
|
|
51
57
|
* // Resolve a semantic role ID to the persisted object key before assignment
|
|
@@ -61,13 +67,19 @@
|
|
|
61
67
|
*
|
|
62
68
|
* @example
|
|
63
69
|
* // Check the current user's business privilege
|
|
64
|
-
* if (hx.hasBusinessPrivilege('manageSharedLists')) {
|
|
70
|
+
* if (await hx.hasBusinessPrivilege('manageSharedLists')) {
|
|
65
71
|
* // Show controls for sharing list access
|
|
66
72
|
* }
|
|
73
|
+
*
|
|
74
|
+
* @example
|
|
75
|
+
* // Check current user's data access before showing a CRUD control
|
|
76
|
+
* if (await hx.canWriteDataElement('shoppingList')) {
|
|
77
|
+
* // Show controls that create or update shopping list records
|
|
78
|
+
* }
|
|
67
79
|
*/
|
|
68
80
|
import axios from 'axios';
|
|
69
81
|
import { from, lastValueFrom } from 'rxjs';
|
|
70
|
-
import { getAuthToken, sandboxKey, serviceAddress
|
|
82
|
+
import { getAuthToken, sandboxKey, serviceAddress } from './sdk-general';
|
|
71
83
|
async function authHeaders() {
|
|
72
84
|
if (!getAuthToken) {
|
|
73
85
|
throw new Error('SDK not initialized.');
|
|
@@ -213,20 +225,126 @@ export function removeUserAccessAsObservable(userKey, scopeElementId) {
|
|
|
213
225
|
return from(removeUserAccess(userKey, scopeElementId));
|
|
214
226
|
}
|
|
215
227
|
/**
|
|
216
|
-
* Checks whether the
|
|
228
|
+
* Checks whether the authenticated user has a business privilege ID by calling the access service.
|
|
229
|
+
*
|
|
230
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
231
|
+
* Treat this as an authorization check and await the server response.
|
|
217
232
|
*
|
|
218
233
|
* @param privilegeId - Stable business privilege ID
|
|
219
|
-
* @returns
|
|
234
|
+
* @returns Promise resolving to true when the current user has the privilege
|
|
235
|
+
*/
|
|
236
|
+
export async function hasBusinessPrivilege(privilegeId) {
|
|
237
|
+
const response = await axios.get(`${serviceAddress}/access/sandboxes/${sandboxKey}/businessPrivileges/${encodeURIComponent(privilegeId)}/currentUserHasPrivilege`, {
|
|
238
|
+
headers: await authHeaders(),
|
|
239
|
+
});
|
|
240
|
+
return response.data.hasPrivilege;
|
|
241
|
+
}
|
|
242
|
+
/**
|
|
243
|
+
* Observable version of `hasBusinessPrivilege`. See `hasBusinessPrivilege` for details.
|
|
244
|
+
*/
|
|
245
|
+
export function hasBusinessPrivilegeAsObservable(privilegeId) {
|
|
246
|
+
return from(hasBusinessPrivilege(privilegeId));
|
|
247
|
+
}
|
|
248
|
+
/**
|
|
249
|
+
* Returns the authenticated user's business privilege IDs by calling the access service.
|
|
250
|
+
*
|
|
251
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
252
|
+
*
|
|
253
|
+
* @returns Promise resolving to business privilege IDs for the current user
|
|
254
|
+
*/
|
|
255
|
+
export async function userPrivileges() {
|
|
256
|
+
const response = await axios.get(`${serviceAddress}/access/sandboxes/${sandboxKey}/currentBusinessPrivileges`, {
|
|
257
|
+
headers: await authHeaders(),
|
|
258
|
+
});
|
|
259
|
+
return response.data.businessPrivileges ?? [];
|
|
260
|
+
}
|
|
261
|
+
/**
|
|
262
|
+
* Observable version of `userPrivileges`. See `userPrivileges` for details.
|
|
263
|
+
*/
|
|
264
|
+
export function userPrivilegesAsObservable() {
|
|
265
|
+
return from(userPrivileges());
|
|
266
|
+
}
|
|
267
|
+
/**
|
|
268
|
+
* Checks the authenticated user's data element read/write/delete access through the access service.
|
|
269
|
+
*
|
|
270
|
+
* The caller passes the stable data element ID. The server resolves that ID to the persisted data element key before
|
|
271
|
+
* checking the user's token, so generated code does not need to manage ID-to-key mappings.
|
|
272
|
+
*
|
|
273
|
+
* @param dataElementId - Stable data element ID
|
|
274
|
+
* @returns Promise resolving to the current user's data element access flags
|
|
275
|
+
*/
|
|
276
|
+
export async function dataElementAccess(dataElementId) {
|
|
277
|
+
const response = await axios.get(`${serviceAddress}/access/sandboxes/${sandboxKey}/dataElements/${encodeURIComponent(dataElementId)}/currentUserAccess`, {
|
|
278
|
+
headers: await authHeaders(),
|
|
279
|
+
});
|
|
280
|
+
return response.data;
|
|
281
|
+
}
|
|
282
|
+
/**
|
|
283
|
+
* Observable version of `dataElementAccess`. See `dataElementAccess` for details.
|
|
220
284
|
*/
|
|
221
|
-
export function
|
|
222
|
-
return
|
|
285
|
+
export function dataElementAccessAsObservable(dataElementId) {
|
|
286
|
+
return from(dataElementAccess(dataElementId));
|
|
223
287
|
}
|
|
224
288
|
/**
|
|
225
|
-
*
|
|
289
|
+
* Checks one data element access mode for the authenticated user through the access service.
|
|
226
290
|
*
|
|
227
|
-
* @
|
|
291
|
+
* @param dataElementId - Stable data element ID
|
|
292
|
+
* @param access - Access mode to check: `read`, `write`, or `delete`
|
|
293
|
+
* @returns Promise resolving to true when the current user has the requested data access
|
|
294
|
+
*/
|
|
295
|
+
export async function hasDataElementAccess(dataElementId, access) {
|
|
296
|
+
const result = await dataElementAccess(dataElementId);
|
|
297
|
+
switch (access) {
|
|
298
|
+
case 'read':
|
|
299
|
+
return result.canRead;
|
|
300
|
+
case 'write':
|
|
301
|
+
return result.canWrite;
|
|
302
|
+
case 'delete':
|
|
303
|
+
return result.canDelete;
|
|
304
|
+
default:
|
|
305
|
+
return false;
|
|
306
|
+
}
|
|
307
|
+
}
|
|
308
|
+
/**
|
|
309
|
+
* Observable version of `hasDataElementAccess`. See `hasDataElementAccess` for details.
|
|
310
|
+
*/
|
|
311
|
+
export function hasDataElementAccessAsObservable(dataElementId, access) {
|
|
312
|
+
return from(hasDataElementAccess(dataElementId, access));
|
|
313
|
+
}
|
|
314
|
+
/**
|
|
315
|
+
* Checks whether the authenticated user can read records for a data element ID.
|
|
316
|
+
*/
|
|
317
|
+
export function canReadDataElement(dataElementId) {
|
|
318
|
+
return hasDataElementAccess(dataElementId, 'read');
|
|
319
|
+
}
|
|
320
|
+
/**
|
|
321
|
+
* Observable version of `canReadDataElement`. See `canReadDataElement` for details.
|
|
322
|
+
*/
|
|
323
|
+
export function canReadDataElementAsObservable(dataElementId) {
|
|
324
|
+
return from(canReadDataElement(dataElementId));
|
|
325
|
+
}
|
|
326
|
+
/**
|
|
327
|
+
* Checks whether the authenticated user can create or update records for a data element ID.
|
|
328
|
+
*/
|
|
329
|
+
export function canWriteDataElement(dataElementId) {
|
|
330
|
+
return hasDataElementAccess(dataElementId, 'write');
|
|
331
|
+
}
|
|
332
|
+
/**
|
|
333
|
+
* Observable version of `canWriteDataElement`. See `canWriteDataElement` for details.
|
|
334
|
+
*/
|
|
335
|
+
export function canWriteDataElementAsObservable(dataElementId) {
|
|
336
|
+
return from(canWriteDataElement(dataElementId));
|
|
337
|
+
}
|
|
338
|
+
/**
|
|
339
|
+
* Checks whether the authenticated user can delete records for a data element ID.
|
|
340
|
+
*/
|
|
341
|
+
export function canDeleteDataElement(dataElementId) {
|
|
342
|
+
return hasDataElementAccess(dataElementId, 'delete');
|
|
343
|
+
}
|
|
344
|
+
/**
|
|
345
|
+
* Observable version of `canDeleteDataElement`. See `canDeleteDataElement` for details.
|
|
228
346
|
*/
|
|
229
|
-
export function
|
|
230
|
-
return
|
|
347
|
+
export function canDeleteDataElementAsObservable(dataElementId) {
|
|
348
|
+
return from(canDeleteDataElement(dataElementId));
|
|
231
349
|
}
|
|
232
350
|
//# sourceMappingURL=access.js.map
|
package/lib/esm/access.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access.js","sourceRoot":"","sources":["../../src/access.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD
|
|
1
|
+
{"version":3,"file":"access.js","sourceRoot":"","sources":["../../src/access.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsEG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,IAAI,EAAE,aAAa,EAAc,MAAM,MAAM,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAgLzE,KAAK,UAAU,WAAW;IACtB,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,CAAC,CAAC;IACtD,OAAO,EAAE,aAAa,EAAE,UAAU,SAAS,EAAE,EAAE,CAAC;AACpD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS;IAC3B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,cAAc,qBAAqB,UAAU,WAAW,EAAE;QAC1F,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACjC,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;AAC7B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IACxC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,cAAc,qBAAqB,UAAU,qBAAqB,EAAE;QACpG,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kCAAkC;IAC9C,OAAO,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IAClC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,cAAc,qBAAqB,UAAU,QAAQ,EAAE;QACvF,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B;IACxC,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;AACpC,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe;IAC/C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,cAAc,qBAAqB,UAAU,SAAS,OAAO,SAAS,EAAE;QACxG,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe;IACrD,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAsB;IACnD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,qBAAqB,UAAU,gBAAgB,EAAE,GAAG,EAAE;QACrG,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,GAAsB;IACzD,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,GAAwB;IAC5E,MAAM,IAAI,GAAG,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAC3E,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,qBAAqB,UAAU,SAAS,OAAO,IAAI,IAAI,EAAE,EAAE,GAAG,EAAE;QAC9F,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CAAC,CAAC;AACP,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,OAAe,EAAE,GAAwB;IAClF,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,cAAsB;IAC1E,MAAM,KAAK,CAAC,MAAM,CAAC,GAAG,cAAc,qBAAqB,UAAU,SAAS,OAAO,sBAAsB,EAAE;QACvG,OAAO,EAAE,MAAM,WAAW,EAAE;QAC5B,IAAI,EAAE,EAAE,eAAe,EAAE,CAAC,cAAc,CAAC,EAAE;KAC9C,CAAC,CAAC;AACP,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,OAAe,EAAE,cAAsB;IAChF,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,WAAmB;IAC1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAC5B,GAAG,cAAc,qBAAqB,UAAU,uBAAuB,kBAAkB,CAAC,WAAW,CAAC,0BAA0B,EAChI;QACI,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CACJ,CAAC;IACF,OAAO,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAAC,WAAmB;IAChE,OAAO,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAChC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAC5B,GAAG,cAAc,qBAAqB,UAAU,4BAA4B,EAC5E;QACI,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CACJ,CAAC;IACF,OAAO,QAAQ,CAAC,IAAI,CAAC,kBAAkB,IAAI,EAAE,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B;IACtC,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;AAClC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,aAAqB;IACzD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAC5B,GAAG,cAAc,qBAAqB,UAAU,iBAAiB,kBAAkB,CAAC,aAAa,CAAC,oBAAoB,EACtH;QACI,OAAO,EAAE,MAAM,WAAW,EAAE;KAC/B,CACJ,CAAC;IACF,OAAO,QAAQ,CAAC,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,6BAA6B,CAAC,aAAqB;IAC/D,OAAO,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,aAAqB,EAAE,MAA6B;IAC3F,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,aAAa,CAAC,CAAC;IACtD,QAAQ,MAAM,EAAE,CAAC;QACb,KAAK,MAAM;YACP,OAAO,MAAM,CAAC,OAAO,CAAC;QAC1B,KAAK,OAAO;YACR,OAAO,MAAM,CAAC,QAAQ,CAAC;QAC3B,KAAK,QAAQ;YACT,OAAO,MAAM,CAAC,SAAS,CAAC;QAC5B;YACI,OAAO,KAAK,CAAC;IACrB,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAC5C,aAAqB,EACrB,MAA6B;IAE7B,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,aAAqB;IACpD,OAAO,oBAAoB,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,8BAA8B,CAAC,aAAqB;IAChE,OAAO,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,aAAqB;IACrD,OAAO,oBAAoB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,+BAA+B,CAAC,aAAqB;IACjE,OAAO,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,aAAqB;IACtD,OAAO,oBAAoB,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAAC,aAAqB;IAClE,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC,CAAC;AACrD,CAAC"}
|
package/lib/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD;;;;GAIG;AAEH,mFAAmF;AACnF,sDAAsD;AACtD,mFAAmF;AAEnF,OAAO;AACH,UAAU;AACV,YAAY,EACZ,UAAU,EACV,cAAc,EACd,aAAa,EACb,WAAW,EACX,MAAM,EACN,OAAO;AAEP,iBAAiB;AACjB,UAAU;AAkBV,mBAAmB;AACnB,sBAAsB,EACtB,oBAAoB,EACvB,MAAM,eAAe,CAAC;AAEvB,mFAAmF;AACnF,sBAAsB;AACtB,mFAAmF;AAEnF,OAAO;AAIH,iBAAiB;AACjB,SAAS,EACT,qBAAqB,EACrB,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,UAAU,EACV,sBAAsB;AAEtB,YAAY;AACZ,UAAU,EACV,sBAAsB,EACtB,iBAAiB,EACjB,6BAA6B;AAE7B,cAAc;AACd,YAAY,EACZ,wBAAwB,EACxB,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,EACnC,MAAM,aAAa,CAAC;AAErB,mFAAmF;AACnF,mBAAmB;AACnB,mFAAmF;AAEnF,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD;;;;GAIG;AAEH,mFAAmF;AACnF,sDAAsD;AACtD,mFAAmF;AAEnF,OAAO;AACH,UAAU;AACV,YAAY,EACZ,UAAU,EACV,cAAc,EACd,aAAa,EACb,WAAW,EACX,MAAM,EACN,OAAO;AAEP,iBAAiB;AACjB,UAAU;AAkBV,mBAAmB;AACnB,sBAAsB,EACtB,oBAAoB,EACvB,MAAM,eAAe,CAAC;AAEvB,mFAAmF;AACnF,sBAAsB;AACtB,mFAAmF;AAEnF,OAAO;AAIH,iBAAiB;AACjB,SAAS,EACT,qBAAqB,EACrB,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,UAAU,EACV,sBAAsB;AAEtB,YAAY;AACZ,UAAU,EACV,sBAAsB,EACtB,iBAAiB,EACjB,6BAA6B;AAE7B,cAAc;AACd,YAAY,EACZ,wBAAwB,EACxB,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,EACnC,MAAM,aAAa,CAAC;AAErB,mFAAmF;AACnF,mBAAmB;AACnB,mFAAmF;AAEnF,OAAO,EAaH,SAAS,EACT,qBAAqB,EACrB,sBAAsB,EACtB,kCAAkC,EAClC,gBAAgB,EAChB,4BAA4B,EAC5B,aAAa,EACb,yBAAyB,EACzB,UAAU,EACV,sBAAsB,EACtB,gBAAgB,EAChB,4BAA4B,EAC5B,gBAAgB,EAChB,4BAA4B,EAC5B,oBAAoB,EACpB,gCAAgC,EAChC,cAAc,EACd,0BAA0B,EAC1B,iBAAiB,EACjB,6BAA6B,EAC7B,oBAAoB,EACpB,gCAAgC,EAChC,kBAAkB,EAClB,8BAA8B,EAC9B,mBAAmB,EACnB,+BAA+B,EAC/B,oBAAoB,EACpB,gCAAgC,GACnC,MAAM,UAAU,CAAC;AAElB,mFAAmF;AACnF,oBAAoB;AACpB,mFAAmF;AAEnF,OAAO;AAIH,oBAAoB;AACpB,mBAAmB,EACnB,+BAA+B,EAC/B,YAAY,EACZ,wBAAwB,EACxB,gBAAgB,EAChB,4BAA4B,EAC5B,sBAAsB,EACtB,kCAAkC,EAClC,gBAAgB,EAChB,4BAA4B,EAC/B,MAAM,WAAW,CAAC;AAEnB,mFAAmF;AACnF,sBAAsB;AACtB,mFAAmF;AAEnF,OAAO;AACH,kBAAkB;AAClB,aAAa;AAKb,sBAAsB;AACtB,WAAW,EACX,uBAAuB,EAC1B,MAAM,aAAa,CAAC;AAErB,mFAAmF;AACnF,uBAAuB;AACvB,mFAAmF;AAEnF,OAAO;AACH,uBAAuB;AACvB,iBAAiB,EACjB,yBAAyB,EACzB,6BAA6B,EAC7B,qCAAqC,EACxC,MAAM,eAAe,CAAC;AAEvB,mFAAmF;AACnF,sBAAsB;AACtB,mFAAmF;AAEnF,OAAO;AAcH,YAAY;AACZ,WAAW,EACX,uBAAuB,EACvB,QAAQ,EACR,oBAAoB,EACpB,UAAU,EACV,sBAAsB,EACzB,MAAM,SAAS,CAAC;AAEjB,mFAAmF;AACnF,2BAA2B;AAC3B,mFAAmF;AAEnF,OAAO;AACH,UAAU;AACV,mBAAmB;AAYnB,YAAY;AACZ,gBAAgB,EAChB,4BAA4B,EAC/B,MAAM,kBAAkB,CAAC;AAE1B,mFAAmF;AACnF,oBAAoB;AACpB,mFAAmF;AAEnF,OAAO;AAMH,YAAY;AACZ,uBAAuB,EACvB,mCAAmC,EACtC,MAAM,YAAY,CAAC;AAEpB,mFAAmF;AACnF,eAAe;AACf,mFAAmF;AAEnF,OAAO;AAIH,eAAe;AACf,aAAa,EACb,yBAAyB,EAC5B,MAAM,MAAM,CAAC;AAEd,mFAAmF;AACnF,oBAAoB;AACpB,mFAAmF;AAEnF,OAAO,EACH,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,UAAU,EACb,MAAM,aAAa,CAAC"}
|
package/lib/esm/index.mjs
CHANGED
|
@@ -34,7 +34,7 @@ deleteObject, deleteObjectAsObservable, deleteRelatedObject, deleteRelatedObject
|
|
|
34
34
|
// ================================================================================
|
|
35
35
|
// ACCESS FUNCTIONS
|
|
36
36
|
// ================================================================================
|
|
37
|
-
export { listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, userPrivileges, } from './access';
|
|
37
|
+
export { listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, hasBusinessPrivilegeAsObservable, userPrivileges, userPrivilegesAsObservable, dataElementAccess, dataElementAccessAsObservable, hasDataElementAccess, hasDataElementAccessAsObservable, canReadDataElement, canReadDataElementAsObservable, canWriteDataElement, canWriteDataElementAsObservable, canDeleteDataElement, canDeleteDataElementAsObservable, } from './access';
|
|
38
38
|
// ================================================================================
|
|
39
39
|
// CONTENT FUNCTIONS
|
|
40
40
|
// ================================================================================
|
package/lib/esm/sdk-general.js
CHANGED
|
@@ -64,9 +64,6 @@ export function initialize(event) {
|
|
|
64
64
|
}
|
|
65
65
|
if (body) {
|
|
66
66
|
({ sandboxKey, serviceAddress, actionSubject, userContext, params } = body);
|
|
67
|
-
if (userContext && !userContext.businessPrivileges) {
|
|
68
|
-
userContext.businessPrivileges = [];
|
|
69
|
-
}
|
|
70
67
|
if (body.authToken) {
|
|
71
68
|
getAuthToken = () => of(body.authToken);
|
|
72
69
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdk-general.js","sourceRoot":"","sources":["../../src/sdk-general.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAc,EAAE,EAAE,MAAM,MAAM,CAAC;AAEtC,mFAAmF;AACnF,sCAAsC;AACtC,mFAAmF;AAEnF;;GAEG;AACH,MAAM,CAAC,IAAI,YAAsC,CAAC;AAElD;;GAEG;AACH,MAAM,CAAC,IAAI,UAAkB,CAAC;AAE9B;;GAEG;AACH,MAAM,CAAC,IAAI,cAAsB,CAAC;AAElC;;GAEG;AACH,MAAM,CAAC,IAAI,aAAkB,CAAC;AAE9B;;GAEG;AACH,MAAM,CAAC,IAAI,WAAwB,CAAC;AAEpC;;GAEG;AACH,MAAM,CAAC,IAAI,MAAc,CAAC;AAE1B;;GAEG;AACH,MAAM,CAAC,IAAI,OAAgB,CAAC;AAE5B;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,KAAmC;IAE1D,IAAI,IAAI,GAAQ,KAAK,CAAC;IACtB,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QACb,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;QAClB,OAAO,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACP,CAAC,EAAE,UAAU,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"sdk-general.js","sourceRoot":"","sources":["../../src/sdk-general.ts"],"names":[],"mappings":"AAAA,yBAAyB;AACzB,mCAAmC;AACnC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,EAAE;AACF,6DAA6D;AAC7D,oDAAoD;AAEpD;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAc,EAAE,EAAE,MAAM,MAAM,CAAC;AAEtC,mFAAmF;AACnF,sCAAsC;AACtC,mFAAmF;AAEnF;;GAEG;AACH,MAAM,CAAC,IAAI,YAAsC,CAAC;AAElD;;GAEG;AACH,MAAM,CAAC,IAAI,UAAkB,CAAC;AAE9B;;GAEG;AACH,MAAM,CAAC,IAAI,cAAsB,CAAC;AAElC;;GAEG;AACH,MAAM,CAAC,IAAI,aAAkB,CAAC;AAE9B;;GAEG;AACH,MAAM,CAAC,IAAI,WAAwB,CAAC;AAEpC;;GAEG;AACH,MAAM,CAAC,IAAI,MAAc,CAAC;AAE1B;;GAEG;AACH,MAAM,CAAC,IAAI,OAAgB,CAAC;AAE5B;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,KAAmC;IAE1D,IAAI,IAAI,GAAQ,KAAK,CAAC;IACtB,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QACb,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;QAClB,OAAO,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACP,CAAC,EAAE,UAAU,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;QAE5E,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACjB,YAAY,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACjC,YAAY,GAAG,IAAI,CAAC,kBAAkB,CAAC;QAC3C,CAAC;IACL,CAAC;AACL,CAAC;AA6KD,mFAAmF;AACnF,4BAA4B;AAC5B,mFAAmF;AAEnF;;;;GAIG;AACH,MAAM,UAAU,sBAAsB,CAAC,eAA+B;IAClE,IAAI,OAAO,EAAE,CAAC;QACV,OAAO;YACH,UAAU,EAAE,GAAG;YACf,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC;SACxC,CAAC;IACN,CAAC;IAED,OAAO,eAAe,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,YAAoB;IACrD,IAAI,OAAO,EAAE,CAAC;QACV,OAAO;YACH,UAAU,EAAE,GAAG;YACf,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,CAAC;SACzC,CAAC;IACN,CAAC;IAED,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC"}
|
|
@@ -126,6 +126,41 @@ export interface UpdateAccessRequest {
|
|
|
126
126
|
/** Whether this scope entry should apply globally instead of being limited to the provided scopes. */
|
|
127
127
|
globalAccess?: boolean;
|
|
128
128
|
}
|
|
129
|
+
/**
|
|
130
|
+
* Server response for current-user business privilege checks.
|
|
131
|
+
*/
|
|
132
|
+
export interface BusinessPrivilegeCheckResult {
|
|
133
|
+
/** Checked business privilege ID. */
|
|
134
|
+
businessPrivilegeId: string;
|
|
135
|
+
/** Whether the authenticated user has the privilege in the current sandbox. */
|
|
136
|
+
hasPrivilege: boolean;
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* Server response for current-user business privilege lists.
|
|
140
|
+
*/
|
|
141
|
+
export interface CurrentBusinessPrivilegesResult {
|
|
142
|
+
/** Business privilege IDs granted to the authenticated user in the current sandbox. */
|
|
143
|
+
businessPrivileges: string[];
|
|
144
|
+
}
|
|
145
|
+
/**
|
|
146
|
+
* Data element access mode for current-user R/W/D privilege checks.
|
|
147
|
+
*/
|
|
148
|
+
export type DataElementAccessMode = 'read' | 'write' | 'delete';
|
|
149
|
+
/**
|
|
150
|
+
* Server response for current-user data element access checks.
|
|
151
|
+
*/
|
|
152
|
+
export interface DataElementAccessResult {
|
|
153
|
+
/** Stable data element ID requested by the caller. */
|
|
154
|
+
dataElementId: string;
|
|
155
|
+
/** Persisted data element object key resolved by the server. */
|
|
156
|
+
dataElementKey: string;
|
|
157
|
+
/** Whether the authenticated user can read records for this data element. */
|
|
158
|
+
canRead: boolean;
|
|
159
|
+
/** Whether the authenticated user can create or update records for this data element. */
|
|
160
|
+
canWrite: boolean;
|
|
161
|
+
/** Whether the authenticated user can delete records for this data element. */
|
|
162
|
+
canDelete: boolean;
|
|
163
|
+
}
|
|
129
164
|
/**
|
|
130
165
|
* Lists roles available in the current sandbox.
|
|
131
166
|
*
|
|
@@ -215,15 +250,78 @@ export declare function removeUserAccess(userKey: string, scopeElementId: string
|
|
|
215
250
|
*/
|
|
216
251
|
export declare function removeUserAccessAsObservable(userKey: string, scopeElementId: string): Observable<void>;
|
|
217
252
|
/**
|
|
218
|
-
* Checks whether the
|
|
253
|
+
* Checks whether the authenticated user has a business privilege ID by calling the access service.
|
|
254
|
+
*
|
|
255
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
256
|
+
* Treat this as an authorization check and await the server response.
|
|
219
257
|
*
|
|
220
258
|
* @param privilegeId - Stable business privilege ID
|
|
221
|
-
* @returns
|
|
259
|
+
* @returns Promise resolving to true when the current user has the privilege
|
|
260
|
+
*/
|
|
261
|
+
export declare function hasBusinessPrivilege(privilegeId: string): Promise<boolean>;
|
|
262
|
+
/**
|
|
263
|
+
* Observable version of `hasBusinessPrivilege`. See `hasBusinessPrivilege` for details.
|
|
264
|
+
*/
|
|
265
|
+
export declare function hasBusinessPrivilegeAsObservable(privilegeId: string): Observable<boolean>;
|
|
266
|
+
/**
|
|
267
|
+
* Returns the authenticated user's business privilege IDs by calling the access service.
|
|
268
|
+
*
|
|
269
|
+
* This intentionally does not read `userContext.businessPrivileges`, because browser-local context can be manipulated.
|
|
270
|
+
*
|
|
271
|
+
* @returns Promise resolving to business privilege IDs for the current user
|
|
272
|
+
*/
|
|
273
|
+
export declare function userPrivileges(): Promise<string[]>;
|
|
274
|
+
/**
|
|
275
|
+
* Observable version of `userPrivileges`. See `userPrivileges` for details.
|
|
222
276
|
*/
|
|
223
|
-
export declare function
|
|
277
|
+
export declare function userPrivilegesAsObservable(): Observable<string[]>;
|
|
224
278
|
/**
|
|
225
|
-
*
|
|
279
|
+
* Checks the authenticated user's data element read/write/delete access through the access service.
|
|
226
280
|
*
|
|
227
|
-
*
|
|
281
|
+
* The caller passes the stable data element ID. The server resolves that ID to the persisted data element key before
|
|
282
|
+
* checking the user's token, so generated code does not need to manage ID-to-key mappings.
|
|
283
|
+
*
|
|
284
|
+
* @param dataElementId - Stable data element ID
|
|
285
|
+
* @returns Promise resolving to the current user's data element access flags
|
|
286
|
+
*/
|
|
287
|
+
export declare function dataElementAccess(dataElementId: string): Promise<DataElementAccessResult>;
|
|
288
|
+
/**
|
|
289
|
+
* Observable version of `dataElementAccess`. See `dataElementAccess` for details.
|
|
290
|
+
*/
|
|
291
|
+
export declare function dataElementAccessAsObservable(dataElementId: string): Observable<DataElementAccessResult>;
|
|
292
|
+
/**
|
|
293
|
+
* Checks one data element access mode for the authenticated user through the access service.
|
|
294
|
+
*
|
|
295
|
+
* @param dataElementId - Stable data element ID
|
|
296
|
+
* @param access - Access mode to check: `read`, `write`, or `delete`
|
|
297
|
+
* @returns Promise resolving to true when the current user has the requested data access
|
|
298
|
+
*/
|
|
299
|
+
export declare function hasDataElementAccess(dataElementId: string, access: DataElementAccessMode): Promise<boolean>;
|
|
300
|
+
/**
|
|
301
|
+
* Observable version of `hasDataElementAccess`. See `hasDataElementAccess` for details.
|
|
302
|
+
*/
|
|
303
|
+
export declare function hasDataElementAccessAsObservable(dataElementId: string, access: DataElementAccessMode): Observable<boolean>;
|
|
304
|
+
/**
|
|
305
|
+
* Checks whether the authenticated user can read records for a data element ID.
|
|
306
|
+
*/
|
|
307
|
+
export declare function canReadDataElement(dataElementId: string): Promise<boolean>;
|
|
308
|
+
/**
|
|
309
|
+
* Observable version of `canReadDataElement`. See `canReadDataElement` for details.
|
|
310
|
+
*/
|
|
311
|
+
export declare function canReadDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
|
312
|
+
/**
|
|
313
|
+
* Checks whether the authenticated user can create or update records for a data element ID.
|
|
314
|
+
*/
|
|
315
|
+
export declare function canWriteDataElement(dataElementId: string): Promise<boolean>;
|
|
316
|
+
/**
|
|
317
|
+
* Observable version of `canWriteDataElement`. See `canWriteDataElement` for details.
|
|
318
|
+
*/
|
|
319
|
+
export declare function canWriteDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
|
320
|
+
/**
|
|
321
|
+
* Checks whether the authenticated user can delete records for a data element ID.
|
|
322
|
+
*/
|
|
323
|
+
export declare function canDeleteDataElement(dataElementId: string): Promise<boolean>;
|
|
324
|
+
/**
|
|
325
|
+
* Observable version of `canDeleteDataElement`. See `canDeleteDataElement` for details.
|
|
228
326
|
*/
|
|
229
|
-
export declare function
|
|
327
|
+
export declare function canDeleteDataElementAsObservable(dataElementId: string): Observable<boolean>;
|
package/lib/esm/types/index.d.ts
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
*/
|
|
6
6
|
export { getAuthToken, sandboxKey, serviceAddress, actionSubject, userContext, params, useBody, initialize, type UserContext, type IncomingEventBody, type BaseActionResponse, type ActionResponse, type NotificationConfig, type ListActionResponse, type FormTemplateActionResponse, type PageTemplateActionResponse, type ObjectSaveActionResponse, type CalculatedFieldActionResponse, type SingleValueActionResponse, type ErrorResponse, prepareSuccessResponse, prepareErrorResponse } from './sdk-general';
|
|
7
7
|
export { type SaveOptions, getObject, getObjectAsObservable, getRelatedObjects, getRelatedObjectsAsObservable, getAccessibleObjects, getAccessibleObjectsAsObservable, getObjects, getObjectsAsObservable, saveObject, saveObjectAsObservable, saveRelatedObject, saveRelatedObjectAsObservable, deleteObject, deleteObjectAsObservable, deleteRelatedObject, deleteRelatedObjectAsObservable, deleteRelatedObjects, deleteRelatedObjectsAsObservable } from './data-crud';
|
|
8
|
-
export { type ScopeKeyItem, type Role, type BusinessPrivilege, type SandboxUser, type UserAccessWrapper, type InviteUserRequest, type InviteResult, type UpdateAccessRequest, listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, userPrivileges, } from './access';
|
|
8
|
+
export { type ScopeKeyItem, type Role, type BusinessPrivilege, type SandboxUser, type UserAccessWrapper, type InviteUserRequest, type InviteResult, type UpdateAccessRequest, type BusinessPrivilegeCheckResult, type CurrentBusinessPrivilegesResult, type DataElementAccessMode, type DataElementAccessResult, listRoles, listRolesAsObservable, listBusinessPrivileges, listBusinessPrivilegesAsObservable, listSandboxUsers, listSandboxUsersAsObservable, getUserAccess, getUserAccessAsObservable, inviteUser, inviteUserAsObservable, updateUserAccess, updateUserAccessAsObservable, removeUserAccess, removeUserAccessAsObservable, hasBusinessPrivilege, hasBusinessPrivilegeAsObservable, userPrivileges, userPrivilegesAsObservable, dataElementAccess, dataElementAccessAsObservable, hasDataElementAccess, hasDataElementAccessAsObservable, canReadDataElement, canReadDataElementAsObservable, canWriteDataElement, canWriteDataElementAsObservable, canDeleteDataElement, canDeleteDataElementAsObservable, } from './access';
|
|
9
9
|
export { type ContentResource, getOrCreateResource, getOrCreateResourceAsObservable, saveResource, saveResourceAsObservable, sendFileContents, sendFileContentsAsObservable, createOrUpdateResource, createOrUpdateResourceAsObservable, downloadResource, downloadResourceAsObservable } from './content';
|
|
10
10
|
export { MessageMethod, type MessageRequest, sendMessage, sendMessageAsObservable } from './messaging';
|
|
11
11
|
export { getUserPreference, getOrganizationPreference, getUserPreferenceAsObservable, getOrganizationPreferenceAsObservable } from './preferences';
|
|
@@ -58,7 +58,11 @@ export interface UserContext {
|
|
|
58
58
|
orgProxyKey: string;
|
|
59
59
|
orgKey: string;
|
|
60
60
|
userProxyKey: string;
|
|
61
|
-
|
|
61
|
+
/**
|
|
62
|
+
* Business privilege IDs included in the initial context for display/navigation state.
|
|
63
|
+
* Do not use this client-side value for authorization checks; use access SDK server calls instead.
|
|
64
|
+
*/
|
|
65
|
+
businessPrivileges?: string[];
|
|
62
66
|
navigationContext: {
|
|
63
67
|
navigationKey: string;
|
|
64
68
|
navLevel: "organization" | "user";
|