@icure/api 7.1.16 → 8.0.0-RC.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (363) hide show
  1. package/icc-api/api/IccAccesslogApi.d.ts +12 -1
  2. package/icc-api/api/IccAccesslogApi.js +142 -98
  3. package/icc-api/api/IccAccesslogApi.js.map +1 -1
  4. package/icc-api/api/IccBemikronoApi.d.ts +81 -0
  5. package/icc-api/api/IccBemikronoApi.js +163 -0
  6. package/icc-api/api/IccBemikronoApi.js.map +1 -0
  7. package/icc-api/api/IccCalendarItemApi.d.ts +21 -1
  8. package/icc-api/api/IccCalendarItemApi.js +183 -117
  9. package/icc-api/api/IccCalendarItemApi.js.map +1 -1
  10. package/icc-api/api/IccClassificationApi.d.ts +21 -1
  11. package/icc-api/api/IccClassificationApi.js +119 -63
  12. package/icc-api/api/IccClassificationApi.js.map +1 -1
  13. package/icc-api/api/IccContactApi.d.ts +21 -1
  14. package/icc-api/api/IccContactApi.js +385 -294
  15. package/icc-api/api/IccContactApi.js.map +1 -1
  16. package/icc-api/api/IccDocumentApi.d.ts +38 -25
  17. package/icc-api/api/IccDocumentApi.js +279 -212
  18. package/icc-api/api/IccDocumentApi.js.map +1 -1
  19. package/icc-api/api/IccExchangeDataApi.d.ts +19 -0
  20. package/icc-api/api/IccExchangeDataApi.js +85 -0
  21. package/icc-api/api/IccExchangeDataApi.js.map +1 -0
  22. package/icc-api/api/IccExchangeDataMapApi.d.ts +18 -0
  23. package/icc-api/api/IccExchangeDataMapApi.js +65 -0
  24. package/icc-api/api/IccExchangeDataMapApi.js.map +1 -0
  25. package/icc-api/api/IccFormApi.d.ts +21 -1
  26. package/icc-api/api/IccFormApi.js +321 -229
  27. package/icc-api/api/IccFormApi.js.map +1 -1
  28. package/icc-api/api/IccHelementApi.d.ts +21 -1
  29. package/icc-api/api/IccHelementApi.js +207 -137
  30. package/icc-api/api/IccHelementApi.js.map +1 -1
  31. package/icc-api/api/IccInvoiceApi.d.ts +21 -1
  32. package/icc-api/api/IccInvoiceApi.js +404 -298
  33. package/icc-api/api/IccInvoiceApi.js.map +1 -1
  34. package/icc-api/api/IccMaintenanceTaskApi.d.ts +12 -1
  35. package/icc-api/api/IccMaintenanceTaskApi.js +79 -43
  36. package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
  37. package/icc-api/api/IccMessageApi.d.ts +28 -1
  38. package/icc-api/api/IccMessageApi.js +294 -191
  39. package/icc-api/api/IccMessageApi.js.map +1 -1
  40. package/icc-api/api/IccPatientApi.d.ts +12 -1
  41. package/icc-api/api/IccPatientApi.js +447 -351
  42. package/icc-api/api/IccPatientApi.js.map +1 -1
  43. package/icc-api/api/IccReceiptApi.d.ts +22 -8
  44. package/icc-api/api/IccReceiptApi.js +121 -64
  45. package/icc-api/api/IccReceiptApi.js.map +1 -1
  46. package/icc-api/api/IccRestApiPath.js +1 -1
  47. package/icc-api/api/IccRestApiPath.js.map +1 -1
  48. package/icc-api/api/IccSecureDelegationKeyMapApi.d.ts +26 -0
  49. package/icc-api/api/IccSecureDelegationKeyMapApi.js +71 -0
  50. package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +1 -0
  51. package/icc-api/api/IccTimeTableApi.d.ts +12 -1
  52. package/icc-api/api/IccTimeTableApi.js +86 -48
  53. package/icc-api/api/IccTimeTableApi.js.map +1 -1
  54. package/icc-api/api/IccTopicApi.d.ts +90 -0
  55. package/icc-api/api/IccTopicApi.js +193 -0
  56. package/icc-api/api/IccTopicApi.js.map +1 -0
  57. package/icc-api/index.d.ts +2 -0
  58. package/icc-api/index.js +2 -0
  59. package/icc-api/index.js.map +1 -1
  60. package/icc-api/model/AbstractFilterMessage.d.ts +15 -0
  61. package/icc-api/model/AbstractFilterMessage.js +21 -0
  62. package/icc-api/model/AbstractFilterMessage.js.map +1 -0
  63. package/icc-api/model/AbstractFilterTopic.d.ts +15 -0
  64. package/icc-api/model/AbstractFilterTopic.js +21 -0
  65. package/icc-api/model/AbstractFilterTopic.js.map +1 -0
  66. package/icc-api/model/AccessLog.d.ts +2 -0
  67. package/icc-api/model/AccessLog.js.map +1 -1
  68. package/icc-api/model/Article.d.ts +2 -0
  69. package/icc-api/model/Article.js.map +1 -1
  70. package/icc-api/model/CalendarItem.d.ts +2 -0
  71. package/icc-api/model/CalendarItem.js.map +1 -1
  72. package/icc-api/model/Classification.d.ts +2 -0
  73. package/icc-api/model/Classification.js.map +1 -1
  74. package/icc-api/model/ClassificationTemplate.d.ts +2 -0
  75. package/icc-api/model/ClassificationTemplate.js.map +1 -1
  76. package/icc-api/model/Connection.d.ts +1 -1
  77. package/icc-api/model/Connection.js.map +1 -1
  78. package/icc-api/model/Contact.d.ts +2 -0
  79. package/icc-api/model/Contact.js.map +1 -1
  80. package/icc-api/model/Device.d.ts +4 -4
  81. package/icc-api/model/Device.js.map +1 -1
  82. package/icc-api/model/Document.d.ts +2 -0
  83. package/icc-api/model/Document.js.map +1 -1
  84. package/icc-api/model/ExchangeDataMapCreationBatch.d.ts +13 -0
  85. package/icc-api/model/ExchangeDataMapCreationBatch.js +10 -0
  86. package/icc-api/model/ExchangeDataMapCreationBatch.js.map +1 -0
  87. package/icc-api/model/FilterChainMessage.d.ts +19 -0
  88. package/icc-api/model/FilterChainMessage.js +11 -0
  89. package/icc-api/model/FilterChainMessage.js.map +1 -0
  90. package/icc-api/model/FilterChainTopic.d.ts +19 -0
  91. package/icc-api/model/FilterChainTopic.js +11 -0
  92. package/icc-api/model/FilterChainTopic.js.map +1 -0
  93. package/icc-api/model/Form.d.ts +2 -0
  94. package/icc-api/model/Form.js.map +1 -1
  95. package/icc-api/model/HealthElement.d.ts +2 -0
  96. package/icc-api/model/HealthElement.js.map +1 -1
  97. package/icc-api/model/HealthcareParty.d.ts +2 -2
  98. package/icc-api/model/HealthcareParty.js +13 -1
  99. package/icc-api/model/HealthcareParty.js.map +1 -1
  100. package/icc-api/model/IcureStub.d.ts +2 -0
  101. package/icc-api/model/IcureStub.js.map +1 -1
  102. package/icc-api/model/Invoice.d.ts +2 -0
  103. package/icc-api/model/Invoice.js.map +1 -1
  104. package/icc-api/model/MaintenanceTask.d.ts +13 -10
  105. package/icc-api/model/MaintenanceTask.js +13 -11
  106. package/icc-api/model/MaintenanceTask.js.map +1 -1
  107. package/icc-api/model/Message.d.ts +2 -0
  108. package/icc-api/model/Message.js.map +1 -1
  109. package/icc-api/model/PaginatedListExchangeData.d.ts +9 -0
  110. package/icc-api/model/PaginatedListExchangeData.js +10 -0
  111. package/icc-api/model/PaginatedListExchangeData.js.map +1 -0
  112. package/icc-api/model/PaginatedListTopic.d.ts +20 -0
  113. package/icc-api/model/PaginatedListTopic.js +10 -0
  114. package/icc-api/model/PaginatedListTopic.js.map +1 -0
  115. package/icc-api/model/Patient.d.ts +4 -2
  116. package/icc-api/model/Patient.js.map +1 -1
  117. package/icc-api/model/PatientByHcPartyGenderEducationProfession.d.ts +31 -0
  118. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +32 -0
  119. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -0
  120. package/icc-api/model/Receipt.d.ts +2 -0
  121. package/icc-api/model/Receipt.js.map +1 -1
  122. package/icc-api/model/SecureDelegation.d.ts +52 -0
  123. package/icc-api/model/SecureDelegation.js +16 -0
  124. package/icc-api/model/SecureDelegation.js.map +1 -0
  125. package/icc-api/model/SecurityMetadata.d.ts +33 -0
  126. package/icc-api/model/SecurityMetadata.js +13 -0
  127. package/icc-api/model/SecurityMetadata.js.map +1 -0
  128. package/icc-api/model/Service.d.ts +2 -0
  129. package/icc-api/model/Service.js.map +1 -1
  130. package/icc-api/model/TimeTable.d.ts +2 -0
  131. package/icc-api/model/TimeTable.js.map +1 -1
  132. package/icc-api/model/Topic.d.ts +95 -0
  133. package/icc-api/model/Topic.js +16 -0
  134. package/icc-api/model/Topic.js.map +1 -0
  135. package/icc-api/model/internal/ExchangeData.d.ts +64 -0
  136. package/icc-api/model/internal/ExchangeData.js +15 -0
  137. package/icc-api/model/internal/ExchangeData.js.map +1 -0
  138. package/icc-api/model/internal/ExchangeDataMap.d.ts +24 -0
  139. package/icc-api/model/internal/ExchangeDataMap.js +13 -0
  140. package/icc-api/model/internal/ExchangeDataMap.js.map +1 -0
  141. package/icc-api/model/internal/SecureDelegationKeyMap.d.ts +14 -0
  142. package/icc-api/model/internal/SecureDelegationKeyMap.js +13 -0
  143. package/icc-api/model/internal/SecureDelegationKeyMap.js.map +1 -0
  144. package/icc-api/model/models.d.ts +26 -40
  145. package/icc-api/model/models.js +19 -37
  146. package/icc-api/model/models.js.map +1 -1
  147. package/icc-api/model/requests/EntityBulkShareResult.d.ts +28 -0
  148. package/icc-api/model/requests/EntityBulkShareResult.js +16 -0
  149. package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -0
  150. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.d.ts +10 -0
  151. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js +17 -0
  152. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -0
  153. package/icc-api/model/requests/EntityShareRequest.d.ts +110 -0
  154. package/icc-api/model/requests/EntityShareRequest.js +63 -0
  155. package/icc-api/model/requests/EntityShareRequest.js.map +1 -0
  156. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.d.ts +54 -0
  157. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +24 -0
  158. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -0
  159. package/icc-api/model/requests/MinimalEntityBulkShareResult.d.ts +23 -0
  160. package/icc-api/model/requests/MinimalEntityBulkShareResult.js +13 -0
  161. package/icc-api/model/requests/MinimalEntityBulkShareResult.js.map +1 -0
  162. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.d.ts +21 -0
  163. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js +14 -0
  164. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js.map +1 -0
  165. package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +55 -6
  166. package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -1
  167. package/icc-x-api/crypto/AES.js +1 -1
  168. package/icc-x-api/crypto/AES.js.map +1 -1
  169. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.d.ts +18 -0
  170. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js +50 -0
  171. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -0
  172. package/icc-x-api/crypto/AccessControlSecretUtils.d.ts +43 -0
  173. package/icc-x-api/crypto/AccessControlSecretUtils.js +97 -0
  174. package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -0
  175. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +146 -0
  176. package/icc-x-api/crypto/BaseExchangeDataManager.js +342 -0
  177. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -0
  178. package/icc-x-api/crypto/BaseExchangeKeysManager.d.ts +0 -18
  179. package/icc-x-api/crypto/BaseExchangeKeysManager.js +11 -85
  180. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  181. package/icc-x-api/crypto/ConfidentialEntities.d.ts +26 -16
  182. package/icc-x-api/crypto/ConfidentialEntities.js +30 -17
  183. package/icc-x-api/crypto/ConfidentialEntities.js.map +1 -1
  184. package/icc-x-api/crypto/CryptoStrategies.d.ts +8 -1
  185. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  186. package/icc-x-api/crypto/DelegationsDeAnonymization.d.ts +44 -0
  187. package/icc-x-api/crypto/DelegationsDeAnonymization.js +235 -0
  188. package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -0
  189. package/icc-x-api/crypto/ExchangeDataManager.d.ts +97 -0
  190. package/icc-x-api/crypto/ExchangeDataManager.js +501 -0
  191. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -0
  192. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +32 -0
  193. package/icc-x-api/crypto/ExchangeDataMapManager.js +70 -0
  194. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -0
  195. package/icc-x-api/crypto/ExchangeKeysManager.d.ts +4 -16
  196. package/icc-x-api/crypto/ExchangeKeysManager.js +4 -62
  197. package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
  198. package/icc-x-api/crypto/ExtendedApisUtils.d.ts +326 -0
  199. package/icc-x-api/crypto/ExtendedApisUtils.js +3 -0
  200. package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -0
  201. package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +174 -0
  202. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +559 -0
  203. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -0
  204. package/icc-x-api/crypto/KeyRecovery.d.ts +5 -2
  205. package/icc-x-api/crypto/KeyRecovery.js +59 -29
  206. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  207. package/icc-x-api/crypto/LegacyCryptoStrategies.d.ts +7 -2
  208. package/icc-x-api/crypto/LegacyCryptoStrategies.js +8 -1
  209. package/icc-x-api/crypto/LegacyCryptoStrategies.js.map +1 -1
  210. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.d.ts +33 -0
  211. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js +141 -0
  212. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js.map +1 -0
  213. package/icc-x-api/crypto/RSA.d.ts +34 -8
  214. package/icc-x-api/crypto/RSA.js +80 -13
  215. package/icc-x-api/crypto/RSA.js.map +1 -1
  216. package/icc-x-api/crypto/SecureDelegationsEncryption.d.ts +54 -0
  217. package/icc-x-api/crypto/SecureDelegationsEncryption.js +178 -0
  218. package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -0
  219. package/icc-x-api/crypto/SecureDelegationsManager.d.ts +66 -0
  220. package/icc-x-api/crypto/SecureDelegationsManager.js +261 -0
  221. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -0
  222. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.d.ts +46 -0
  223. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js +312 -0
  224. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js.map +1 -0
  225. package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +97 -0
  226. package/icc-x-api/crypto/SecurityMetadataDecryptor.js +79 -0
  227. package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -0
  228. package/icc-x-api/crypto/ShamirKeysManager.d.ts +5 -5
  229. package/icc-x-api/crypto/ShamirKeysManager.js +6 -9
  230. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  231. package/icc-x-api/crypto/TransferKeysManager.d.ts +8 -6
  232. package/icc-x-api/crypto/TransferKeysManager.js +75 -52
  233. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  234. package/icc-x-api/crypto/{KeyManager.d.ts → UserEncryptionKeysManager.d.ts} +4 -6
  235. package/icc-x-api/crypto/{KeyManager.js → UserEncryptionKeysManager.js} +43 -23
  236. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -0
  237. package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +26 -0
  238. package/icc-x-api/crypto/UserSignatureKeysManager.js +74 -0
  239. package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -0
  240. package/icc-x-api/crypto/utils.d.ts +61 -11
  241. package/icc-x-api/crypto/utils.js +113 -44
  242. package/icc-x-api/crypto/utils.js.map +1 -1
  243. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.d.ts +8 -0
  244. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js +13 -0
  245. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js.map +1 -0
  246. package/icc-x-api/filters/MessageByHcPartyFilter.d.ts +7 -0
  247. package/icc-x-api/filters/MessageByHcPartyFilter.js +13 -0
  248. package/icc-x-api/filters/MessageByHcPartyFilter.js.map +1 -0
  249. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.d.ts +8 -0
  250. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js +13 -0
  251. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js.map +1 -0
  252. package/icc-x-api/filters/TopicByHcPartyFilter.d.ts +7 -0
  253. package/icc-x-api/filters/TopicByHcPartyFilter.js +13 -0
  254. package/icc-x-api/filters/TopicByHcPartyFilter.js.map +1 -0
  255. package/icc-x-api/filters/TopicByParticipantFilter.d.ts +7 -0
  256. package/icc-x-api/filters/TopicByParticipantFilter.js +13 -0
  257. package/icc-x-api/filters/TopicByParticipantFilter.js.map +1 -0
  258. package/icc-x-api/filters/filters.d.ts +5 -0
  259. package/icc-x-api/filters/filters.js +5 -0
  260. package/icc-x-api/filters/filters.js.map +1 -1
  261. package/icc-x-api/icc-accesslog-x-api.d.ts +49 -12
  262. package/icc-x-api/icc-accesslog-x-api.js +81 -44
  263. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  264. package/icc-x-api/icc-calendar-item-x-api.d.ts +53 -15
  265. package/icc-x-api/icc-calendar-item-x-api.js +105 -51
  266. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  267. package/icc-x-api/icc-classification-x-api.d.ts +47 -10
  268. package/icc-x-api/icc-classification-x-api.js +62 -33
  269. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  270. package/icc-x-api/icc-contact-x-api.d.ts +59 -33
  271. package/icc-x-api/icc-contact-x-api.js +101 -66
  272. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  273. package/icc-x-api/icc-crypto-x-api.d.ts +33 -333
  274. package/icc-x-api/icc-crypto-x-api.js +47 -764
  275. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  276. package/icc-x-api/icc-data-owner-x-api.d.ts +20 -8
  277. package/icc-x-api/icc-data-owner-x-api.js +31 -10
  278. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  279. package/icc-x-api/icc-document-x-api.d.ts +51 -12
  280. package/icc-x-api/icc-document-x-api.js +117 -66
  281. package/icc-x-api/icc-document-x-api.js.map +1 -1
  282. package/icc-x-api/icc-form-x-api.d.ts +48 -11
  283. package/icc-x-api/icc-form-x-api.js +71 -37
  284. package/icc-x-api/icc-form-x-api.js.map +1 -1
  285. package/icc-x-api/icc-hcparty-x-api.d.ts +2 -2
  286. package/icc-x-api/icc-hcparty-x-api.js +3 -3
  287. package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
  288. package/icc-x-api/icc-helement-x-api.d.ts +59 -20
  289. package/icc-x-api/icc-helement-x-api.js +78 -43
  290. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  291. package/icc-x-api/icc-icure-maintenance-x-api.d.ts +7 -2
  292. package/icc-x-api/icc-icure-maintenance-x-api.js +38 -27
  293. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  294. package/icc-x-api/icc-invoice-x-api.d.ts +53 -16
  295. package/icc-x-api/icc-invoice-x-api.js +69 -35
  296. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  297. package/icc-x-api/icc-maintenance-task-x-api.d.ts +56 -22
  298. package/icc-x-api/icc-maintenance-task-x-api.js +77 -36
  299. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  300. package/icc-x-api/icc-message-x-api.d.ts +75 -19
  301. package/icc-x-api/icc-message-x-api.js +126 -37
  302. package/icc-x-api/icc-message-x-api.js.map +1 -1
  303. package/icc-x-api/icc-patient-x-api.d.ts +86 -29
  304. package/icc-x-api/icc-patient-x-api.js +318 -379
  305. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  306. package/icc-x-api/icc-receipt-x-api.d.ts +47 -13
  307. package/icc-x-api/icc-receipt-x-api.js +72 -36
  308. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  309. package/icc-x-api/icc-time-table-x-api.d.ts +46 -13
  310. package/icc-x-api/icc-time-table-x-api.js +61 -27
  311. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  312. package/icc-x-api/icc-topic-x-api.d.ts +191 -0
  313. package/icc-x-api/icc-topic-x-api.js +307 -0
  314. package/icc-x-api/icc-topic-x-api.js.map +1 -0
  315. package/icc-x-api/icc-user-x-api.d.ts +2 -2
  316. package/icc-x-api/icc-user-x-api.js +3 -3
  317. package/icc-x-api/icc-user-x-api.js.map +1 -1
  318. package/icc-x-api/index.d.ts +18 -2
  319. package/icc-x-api/index.js +203 -156
  320. package/icc-x-api/index.js.map +1 -1
  321. package/icc-x-api/maintenance/KeyPairUpdateRequest.d.ts +1 -1
  322. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.d.ts +2 -0
  323. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js +9 -2
  324. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js.map +1 -1
  325. package/icc-x-api/storage/IcureStorageFacade.d.ts +23 -2
  326. package/icc-x-api/storage/IcureStorageFacade.js +36 -2
  327. package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
  328. package/icc-x-api/storage/KeyStorageFacade.d.ts +12 -0
  329. package/icc-x-api/storage/KeyStorageFacade.js.map +1 -1
  330. package/icc-x-api/storage/KeyStorageImpl.d.ts +2 -0
  331. package/icc-x-api/storage/KeyStorageImpl.js +10 -0
  332. package/icc-x-api/storage/KeyStorageImpl.js.map +1 -1
  333. package/icc-x-api/storage/StorageEntryKeysFactory.d.ts +14 -1
  334. package/icc-x-api/storage/StorageEntryKeysFactory.js.map +1 -1
  335. package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +32 -0
  336. package/icc-x-api/utils/EntityWithDelegationTypeName.js +75 -0
  337. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -0
  338. package/icc-x-api/utils/ShareResult.d.ts +74 -0
  339. package/icc-x-api/utils/ShareResult.js +61 -0
  340. package/icc-x-api/utils/ShareResult.js.map +1 -0
  341. package/icc-x-api/utils/binary-utils.d.ts +1 -0
  342. package/icc-x-api/utils/binary-utils.js +8 -1
  343. package/icc-x-api/utils/binary-utils.js.map +1 -1
  344. package/icc-x-api/utils/collection-utils.d.ts +5 -0
  345. package/icc-x-api/utils/collection-utils.js +26 -1
  346. package/icc-x-api/utils/collection-utils.js.map +1 -1
  347. package/icc-x-api/utils/crypto-utils.d.ts +4 -3
  348. package/icc-x-api/utils/crypto-utils.js +5 -4
  349. package/icc-x-api/utils/crypto-utils.js.map +1 -1
  350. package/icc-x-api/utils/lru-temporised-async-cache.d.ts +26 -3
  351. package/icc-x-api/utils/lru-temporised-async-cache.js +75 -15
  352. package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
  353. package/icc-x-api/utils/websocket.d.ts +14 -10
  354. package/icc-x-api/utils/websocket.js +26 -9
  355. package/icc-x-api/utils/websocket.js.map +1 -1
  356. package/index.d.ts +1 -1
  357. package/index.js +3 -1
  358. package/index.js.map +1 -1
  359. package/package.json +2 -3
  360. package/icc-x-api/crypto/EntitiesEncryption.d.ts +0 -275
  361. package/icc-x-api/crypto/EntitiesEncryption.js +0 -734
  362. package/icc-x-api/crypto/EntitiesEncryption.js.map +0 -1
  363. package/icc-x-api/crypto/KeyManager.js.map +0 -1
@@ -0,0 +1,28 @@
1
+ import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest';
2
+ import { EncryptedEntity } from '../models';
3
+ /**
4
+ * Result of a bulk share operation.
5
+ */
6
+ export declare class EntityBulkShareResult<T extends EncryptedEntity> {
7
+ constructor(json: JSON | any, entityConstructor: new (json: JSON | any) => T);
8
+ /**
9
+ * The updated entity. Non-null if at least one of the requests succeeded.
10
+ */
11
+ updatedEntity?: T;
12
+ /**
13
+ * Id of the entity for which the update was requested.
14
+ */
15
+ entityId: string;
16
+ /**
17
+ * Last known revision of the entity before any update, non-null only if an entity matching the requests could be
18
+ * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.
19
+ */
20
+ entityRev?: string;
21
+ /**
22
+ * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the
23
+ * original failed request to the reason of failure.
24
+ */
25
+ rejectedRequests?: {
26
+ [requestId: string]: RejectedShareOrMetadataUpdateRequest;
27
+ };
28
+ }
@@ -0,0 +1,16 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntityBulkShareResult = void 0;
4
+ /**
5
+ * Result of a bulk share operation.
6
+ */
7
+ class EntityBulkShareResult {
8
+ constructor(json, entityConstructor) {
9
+ Object.assign(this, json);
10
+ if (json['updatedEntity']) {
11
+ this.updatedEntity = new entityConstructor(json['updatedEntity']);
12
+ }
13
+ }
14
+ }
15
+ exports.EntityBulkShareResult = EntityBulkShareResult;
16
+ //# sourceMappingURL=EntityBulkShareResult.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntityBulkShareResult.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntityBulkShareResult.ts"],"names":[],"mappings":";;;AAGA;;GAEG;AACH,MAAa,qBAAqB;IAChC,YAAY,IAAgB,EAAE,iBAA8C;QAC1E,MAAM,CAAC,MAAM,CAAC,IAAgC,EAAE,IAAI,CAAC,CAAA;QACrD,IAAI,IAAI,CAAC,eAAe,CAAC,EAAE;YACzB,IAAI,CAAC,aAAa,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAA;SAClE;IACH,CAAC;CAoBF;AA1BD,sDA0BC","sourcesContent":["import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest'\nimport { EncryptedEntity } from '../models'\n\n/**\n * Result of a bulk share operation.\n */\nexport class EntityBulkShareResult<T extends EncryptedEntity> {\n constructor(json: JSON | any, entityConstructor: new (json: JSON | any) => T) {\n Object.assign(this as EntityBulkShareResult<T>, json)\n if (json['updatedEntity']) {\n this.updatedEntity = new entityConstructor(json['updatedEntity'])\n }\n }\n\n /**\n * The updated entity. Non-null if at least one of the requests succeeded.\n */\n updatedEntity?: T\n /**\n * Id of the entity for which the update was requested.\n */\n entityId!: string\n /**\n * Last known revision of the entity before any update, non-null only if an entity matching the requests could be\n * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.\n */\n entityRev?: string\n /**\n * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the\n * original failed request to the reason of failure.\n */\n rejectedRequests?: { [requestId: string]: RejectedShareOrMetadataUpdateRequest }\n}\n"]}
@@ -0,0 +1,10 @@
1
+ import { EntityShareRequest } from './EntityShareRequest';
2
+ import { EntitySharedMetadataUpdateRequest } from './EntitySharedMetadataUpdateRequest';
3
+ export declare class EntityShareOrMetadataUpdateRequest {
4
+ constructor(params: {
5
+ share?: EntityShareRequest;
6
+ update?: EntitySharedMetadataUpdateRequest;
7
+ });
8
+ share?: EntityShareRequest;
9
+ update?: EntitySharedMetadataUpdateRequest;
10
+ }
@@ -0,0 +1,17 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntityShareOrMetadataUpdateRequest = void 0;
4
+ class EntityShareOrMetadataUpdateRequest {
5
+ constructor(params) {
6
+ if (params.share && !params.update) {
7
+ this.share = params.share;
8
+ }
9
+ else if (!params.share && params.update) {
10
+ this.update = params.update;
11
+ }
12
+ else
13
+ throw new Error('Exactly one of share or update should be set');
14
+ }
15
+ }
16
+ exports.EntityShareOrMetadataUpdateRequest = EntityShareOrMetadataUpdateRequest;
17
+ //# sourceMappingURL=EntityShareOrMetadataUpdateRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntityShareOrMetadataUpdateRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntityShareOrMetadataUpdateRequest.ts"],"names":[],"mappings":";;;AAGA,MAAa,kCAAkC;IAC7C,YAAY,MAAkF;QAC5F,IAAI,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAA;SAC1B;aAAM,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE;YACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;SAC5B;;YAAM,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;IACxE,CAAC;CAIF;AAXD,gFAWC","sourcesContent":["import { EntityShareRequest } from './EntityShareRequest'\nimport { EntitySharedMetadataUpdateRequest } from './EntitySharedMetadataUpdateRequest'\n\nexport class EntityShareOrMetadataUpdateRequest {\n constructor(params: { share?: EntityShareRequest; update?: EntitySharedMetadataUpdateRequest }) {\n if (params.share && !params.update) {\n this.share = params.share\n } else if (!params.share && params.update) {\n this.update = params.update\n } else throw new Error('Exactly one of share or update should be set')\n }\n\n share?: EntityShareRequest\n update?: EntitySharedMetadataUpdateRequest\n}\n"]}
@@ -0,0 +1,110 @@
1
+ export declare class EntityShareRequest {
2
+ constructor(params: {
3
+ explicitDelegator?: string;
4
+ explicitDelegate?: string;
5
+ accessControlKeys: string[];
6
+ secretIds?: string[];
7
+ encryptionKeys?: string[];
8
+ owningEntityIds?: string[];
9
+ exchangeDataId?: string;
10
+ encryptedExchangeDataId?: {
11
+ [fp: string]: string;
12
+ };
13
+ requestedPermissions?: EntityShareRequest.RequestedPermissionInternal;
14
+ });
15
+ /**
16
+ * Id of the data owner which is sharing the entity (delegator), if it should be explicitly indicated or null if the
17
+ * delegator requires anonymous delegations. If not null this must match the logged data owner id.
18
+ */
19
+ explicitDelegator?: string;
20
+ /**
21
+ * Id of the data owner which will gain access to the entity (delegate), if it should be explicitly indicated or
22
+ * null if the delegate requires anonymous delegations.
23
+ */
24
+ explicitDelegate?: string;
25
+ /**
26
+ * The access control keys obtained from the access control secrets of the exchange data used for the encryption of the ids and keys
27
+ * to share. These are also used to uniquely identify an instance of share metadata.
28
+ */
29
+ accessControlKeys: string[];
30
+ /**
31
+ * Encrypted secret ids to share with the delegate.
32
+ */
33
+ secretIds?: string[];
34
+ /**
35
+ * Encrypted encryption keys to share with the delegate.
36
+ */
37
+ encryptionKeys?: string[];
38
+ /**
39
+ * Encrypted owning entity ids to share with the delegate.
40
+ */
41
+ owningEntityIds?: string[];
42
+ /**
43
+ * Id of the exchange data used for the encryption of the ids and keys to share. Must be null at least one of
44
+ * delegator or delegate is not explicit.
45
+ */
46
+ exchangeDataId?: string;
47
+ /**
48
+ * Must be non-empty if exactly one of delegator or delegate is explicit and the other is not, empty in all other
49
+ * cases.
50
+ */
51
+ encryptedExchangeDataId?: {
52
+ [fp: string]: string;
53
+ };
54
+ /**
55
+ * Permissions requested for the delegate.
56
+ */
57
+ requestedPermissions: EntityShareRequest.RequestedPermissionInternal;
58
+ }
59
+ export declare namespace EntityShareRequest {
60
+ /**
61
+ * Strategy to use for the calculation of permissions for the new [SecureDelegation.permissions]
62
+ */
63
+ type RequestedPermissionEnum = 'FULL_READ' | 'MAX_WRITE' | 'FULL_WRITE';
64
+ const RequestedPermissionEnum: {
65
+ /**
66
+ * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support
67
+ * fine-grained access control a user may have limited read access to an entity, and in such case the request
68
+ * would fail (similarly to [FULL_WRITE]).
69
+ */
70
+ FULL_READ: RequestedPermissionEnum;
71
+ /**
72
+ * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.
73
+ * If the delegator has full-write access the delegate will also have full-write access else the delegate will
74
+ * have full-read access.
75
+ */
76
+ MAX_WRITE: RequestedPermissionEnum;
77
+ /**
78
+ * The new secure delegation will give full-write access to the delegate. If the delegator does not have
79
+ * full-write access to the entity the request will fail.
80
+ */
81
+ FULL_WRITE: RequestedPermissionEnum;
82
+ };
83
+ /**
84
+ * @internal this type is for internal use only and may be changed without notice.
85
+ * Additional values for requested permissions which are used automatically by the extended apis and should not
86
+ * be used directly by the user.
87
+ */
88
+ type RequestedPermissionInternal = 'ROOT' | RequestedPermissionEnum;
89
+ const RequestedPermissionInternal: {
90
+ /**
91
+ * Request to create a root delegation on the entity. Usually new entities are created with a root delegation
92
+ * for the creator data owner and no other data owners will be able to obtain root permissions, but there are
93
+ * some situations where other data owners can create root delegations on existing entities:
94
+ * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in
95
+ * cases where the data owner wants to share an entity with another data owner using the new delegation format
96
+ * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self
97
+ * and then creates a delegation self->other).
98
+ * - A patient data owner is always allowed to create a root delegation for himself
99
+ *
100
+ * A root delegation gives full write permissions to the data owners which can access it (usually a root
101
+ * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend
102
+ * on any other delegation: this means that no data owners except for the data owners with the root permission
103
+ * can revoke it.
104
+ */
105
+ ROOT: RequestedPermissionInternal;
106
+ FULL_READ: RequestedPermissionInternal;
107
+ MAX_WRITE: RequestedPermissionInternal;
108
+ FULL_WRITE: RequestedPermissionInternal;
109
+ };
110
+ }
@@ -0,0 +1,63 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntityShareRequest = void 0;
4
+ class EntityShareRequest {
5
+ constructor(params) {
6
+ var _a;
7
+ if (!params.accessControlKeys.length)
8
+ throw new Error('Access control keys should not be empty');
9
+ this.explicitDelegator = params.explicitDelegator;
10
+ this.explicitDelegate = params.explicitDelegate;
11
+ this.accessControlKeys = params.accessControlKeys;
12
+ this.secretIds = params.secretIds;
13
+ this.encryptionKeys = params.encryptionKeys;
14
+ this.owningEntityIds = params.owningEntityIds;
15
+ this.exchangeDataId = params.exchangeDataId;
16
+ this.encryptedExchangeDataId = params.encryptedExchangeDataId;
17
+ this.requestedPermissions = (_a = params.requestedPermissions) !== null && _a !== void 0 ? _a : EntityShareRequest.RequestedPermissionInternal.MAX_WRITE;
18
+ }
19
+ }
20
+ exports.EntityShareRequest = EntityShareRequest;
21
+ (function (EntityShareRequest) {
22
+ EntityShareRequest.RequestedPermissionEnum = {
23
+ /**
24
+ * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support
25
+ * fine-grained access control a user may have limited read access to an entity, and in such case the request
26
+ * would fail (similarly to [FULL_WRITE]).
27
+ */
28
+ FULL_READ: 'FULL_READ',
29
+ /**
30
+ * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.
31
+ * If the delegator has full-write access the delegate will also have full-write access else the delegate will
32
+ * have full-read access.
33
+ */
34
+ MAX_WRITE: 'MAX_WRITE',
35
+ /**
36
+ * The new secure delegation will give full-write access to the delegate. If the delegator does not have
37
+ * full-write access to the entity the request will fail.
38
+ */
39
+ FULL_WRITE: 'FULL_WRITE',
40
+ };
41
+ EntityShareRequest.RequestedPermissionInternal = {
42
+ /**
43
+ * Request to create a root delegation on the entity. Usually new entities are created with a root delegation
44
+ * for the creator data owner and no other data owners will be able to obtain root permissions, but there are
45
+ * some situations where other data owners can create root delegations on existing entities:
46
+ * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in
47
+ * cases where the data owner wants to share an entity with another data owner using the new delegation format
48
+ * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self
49
+ * and then creates a delegation self->other).
50
+ * - A patient data owner is always allowed to create a root delegation for himself
51
+ *
52
+ * A root delegation gives full write permissions to the data owners which can access it (usually a root
53
+ * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend
54
+ * on any other delegation: this means that no data owners except for the data owners with the root permission
55
+ * can revoke it.
56
+ */
57
+ ROOT: 'ROOT',
58
+ FULL_READ: EntityShareRequest.RequestedPermissionEnum.FULL_READ,
59
+ MAX_WRITE: EntityShareRequest.RequestedPermissionEnum.MAX_WRITE,
60
+ FULL_WRITE: EntityShareRequest.RequestedPermissionEnum.FULL_WRITE,
61
+ };
62
+ })(EntityShareRequest = exports.EntityShareRequest || (exports.EntityShareRequest = {}));
63
+ //# sourceMappingURL=EntityShareRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntityShareRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntityShareRequest.ts"],"names":[],"mappings":";;;AAAA,MAAa,kBAAkB;IAC7B,YAAY,MAUX;;QACC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;QAChG,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAA;QACjD,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAA;QAC/C,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAA;QACjD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAA;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAA;QAC7C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,uBAAuB,GAAG,MAAM,CAAC,uBAAuB,CAAA;QAC7D,IAAI,CAAC,oBAAoB,GAAG,MAAA,MAAM,CAAC,oBAAoB,mCAAI,kBAAkB,CAAC,2BAA2B,CAAC,SAAS,CAAA;IACrH,CAAC;CA2CF;AAjED,gDAiEC;AAED,WAAiB,kBAAkB;IAKpB,0CAAuB,GAAG;QACrC;;;;WAIG;QACH,SAAS,EAAE,WAAsC;QAEjD;;;;WAIG;QACH,SAAS,EAAE,WAAsC;QAEjD;;;WAGG;QACH,UAAU,EAAE,YAAuC;KACpD,CAAA;IAQY,8CAA2B,GAAG;QACzC;;;;;;;;;;;;;;WAcG;QACH,IAAI,EAAE,MAAqC;QAC3C,SAAS,EAAE,mBAAA,uBAAuB,CAAC,SAAwC;QAC3E,SAAS,EAAE,mBAAA,uBAAuB,CAAC,SAAwC;QAC3E,UAAU,EAAE,mBAAA,uBAAuB,CAAC,UAAyC;KAC9E,CAAA;AACH,CAAC,EAtDgB,kBAAkB,GAAlB,0BAAkB,KAAlB,0BAAkB,QAsDlC","sourcesContent":["export class EntityShareRequest {\n constructor(params: {\n explicitDelegator?: string\n explicitDelegate?: string\n accessControlKeys: string[]\n secretIds?: string[]\n encryptionKeys?: string[]\n owningEntityIds?: string[]\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n requestedPermissions?: EntityShareRequest.RequestedPermissionInternal\n }) {\n if (!params.accessControlKeys.length) throw new Error('Access control keys should not be empty')\n this.explicitDelegator = params.explicitDelegator\n this.explicitDelegate = params.explicitDelegate\n this.accessControlKeys = params.accessControlKeys\n this.secretIds = params.secretIds\n this.encryptionKeys = params.encryptionKeys\n this.owningEntityIds = params.owningEntityIds\n this.exchangeDataId = params.exchangeDataId\n this.encryptedExchangeDataId = params.encryptedExchangeDataId\n this.requestedPermissions = params.requestedPermissions ?? EntityShareRequest.RequestedPermissionInternal.MAX_WRITE\n }\n\n /**\n * Id of the data owner which is sharing the entity (delegator), if it should be explicitly indicated or null if the\n * delegator requires anonymous delegations. If not null this must match the logged data owner id.\n */\n explicitDelegator?: string\n /**\n * Id of the data owner which will gain access to the entity (delegate), if it should be explicitly indicated or\n * null if the delegate requires anonymous delegations.\n */\n explicitDelegate?: string\n /**\n * The access control keys obtained from the access control secrets of the exchange data used for the encryption of the ids and keys\n * to share. These are also used to uniquely identify an instance of share metadata.\n */\n accessControlKeys: string[]\n /**\n * Encrypted secret ids to share with the delegate.\n */\n secretIds?: string[]\n /**\n * Encrypted encryption keys to share with the delegate.\n */\n encryptionKeys?: string[]\n /**\n * Encrypted owning entity ids to share with the delegate.\n */\n owningEntityIds?: string[]\n /**\n * Id of the exchange data used for the encryption of the ids and keys to share. Must be null at least one of\n * delegator or delegate is not explicit.\n */\n exchangeDataId?: string\n /**\n * Must be non-empty if exactly one of delegator or delegate is explicit and the other is not, empty in all other\n * cases.\n */\n encryptedExchangeDataId?: { [fp: string]: string }\n /**\n * Permissions requested for the delegate.\n */\n requestedPermissions: EntityShareRequest.RequestedPermissionInternal\n}\n\nexport namespace EntityShareRequest {\n /**\n * Strategy to use for the calculation of permissions for the new [SecureDelegation.permissions]\n */\n export type RequestedPermissionEnum = 'FULL_READ' | 'MAX_WRITE' | 'FULL_WRITE'\n export const RequestedPermissionEnum = {\n /**\n * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support\n * fine-grained access control a user may have limited read access to an entity, and in such case the request\n * would fail (similarly to [FULL_WRITE]).\n */\n FULL_READ: 'FULL_READ' as RequestedPermissionEnum,\n\n /**\n * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.\n * If the delegator has full-write access the delegate will also have full-write access else the delegate will\n * have full-read access.\n */\n MAX_WRITE: 'MAX_WRITE' as RequestedPermissionEnum,\n\n /**\n * The new secure delegation will give full-write access to the delegate. If the delegator does not have\n * full-write access to the entity the request will fail.\n */\n FULL_WRITE: 'FULL_WRITE' as RequestedPermissionEnum,\n }\n\n /**\n * @internal this type is for internal use only and may be changed without notice.\n * Additional values for requested permissions which are used automatically by the extended apis and should not\n * be used directly by the user.\n */\n export type RequestedPermissionInternal = 'ROOT' | RequestedPermissionEnum\n export const RequestedPermissionInternal = {\n /**\n * Request to create a root delegation on the entity. Usually new entities are created with a root delegation\n * for the creator data owner and no other data owners will be able to obtain root permissions, but there are\n * some situations where other data owners can create root delegations on existing entities:\n * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in\n * cases where the data owner wants to share an entity with another data owner using the new delegation format\n * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self\n * and then creates a delegation self->other).\n * - A patient data owner is always allowed to create a root delegation for himself\n *\n * A root delegation gives full write permissions to the data owners which can access it (usually a root\n * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend\n * on any other delegation: this means that no data owners except for the data owners with the root permission\n * can revoke it.\n */\n ROOT: 'ROOT' as RequestedPermissionInternal,\n FULL_READ: RequestedPermissionEnum.FULL_READ as RequestedPermissionInternal,\n MAX_WRITE: RequestedPermissionEnum.MAX_WRITE as RequestedPermissionInternal,\n FULL_WRITE: RequestedPermissionEnum.FULL_WRITE as RequestedPermissionInternal,\n }\n}\n"]}
@@ -0,0 +1,54 @@
1
+ /**
2
+ * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity
3
+ * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the
4
+ * shared metadata.
5
+ */
6
+ export declare class EntitySharedMetadataUpdateRequest {
7
+ constructor(params: {
8
+ metadataAccessControlHash: string;
9
+ secretIds?: {
10
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
11
+ };
12
+ encryptionKeys?: {
13
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
14
+ };
15
+ owningEntityIds?: {
16
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
17
+ };
18
+ });
19
+ /**
20
+ * Access control hash of the metadata to update.
21
+ */
22
+ metadataAccessControlHash: string;
23
+ /**
24
+ * Updates for secret ids: the key is an encrypted secret id and the value is if an entry with that encrypted secret
25
+ * id should be created or deleted.
26
+ */
27
+ secretIds?: {
28
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
29
+ };
30
+ /**
31
+ * Updates for encryption keys: a key in the map is an encrypted encrpytion key and the value is if an entry with
32
+ * that encrypted encryption key should be created or deleted.
33
+ */
34
+ encryptionKeys?: {
35
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
36
+ };
37
+ /**
38
+ * Updates for owning entity ids: the key is the encrypted id of an owning entity and the value is if an entry with
39
+ * that encrypted owning entity id should be created or deleted.
40
+ */
41
+ owningEntityIds?: {
42
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
43
+ };
44
+ }
45
+ export declare namespace EntitySharedMetadataUpdateRequest {
46
+ /**
47
+ * Specifies if an entry should be created anew or deleted
48
+ */
49
+ type EntryUpdateTypeEnum = 'CREATE' | 'DELETE';
50
+ const EntryUpdateTypeEnum: {
51
+ CREATE: EntryUpdateTypeEnum;
52
+ DELETE: EntryUpdateTypeEnum;
53
+ };
54
+ }
@@ -0,0 +1,24 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntitySharedMetadataUpdateRequest = void 0;
4
+ /**
5
+ * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity
6
+ * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the
7
+ * shared metadata.
8
+ */
9
+ class EntitySharedMetadataUpdateRequest {
10
+ constructor(params) {
11
+ this.metadataAccessControlHash = params.metadataAccessControlHash;
12
+ this.secretIds = params.secretIds;
13
+ this.encryptionKeys = params.encryptionKeys;
14
+ this.owningEntityIds = params.owningEntityIds;
15
+ }
16
+ }
17
+ exports.EntitySharedMetadataUpdateRequest = EntitySharedMetadataUpdateRequest;
18
+ (function (EntitySharedMetadataUpdateRequest) {
19
+ EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum = {
20
+ CREATE: 'CREATE',
21
+ DELETE: 'DELETE',
22
+ };
23
+ })(EntitySharedMetadataUpdateRequest = exports.EntitySharedMetadataUpdateRequest || (exports.EntitySharedMetadataUpdateRequest = {}));
24
+ //# sourceMappingURL=EntitySharedMetadataUpdateRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntitySharedMetadataUpdateRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACH,MAAa,iCAAiC;IAC5C,YAAY,MAKX;QACC,IAAI,CAAC,yBAAyB,GAAG,MAAM,CAAC,yBAAyB,CAAA;QACjE,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAA;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAA;IAC/C,CAAC;CAqBF;AAhCD,8EAgCC;AACD,WAAiB,iCAAiC;IAKnC,qDAAmB,GAAG;QACjC,MAAM,EAAE,QAA+B;QACvC,MAAM,EAAE,QAA+B;KACxC,CAAA;AACH,CAAC,EATgB,iCAAiC,GAAjC,yCAAiC,KAAjC,yCAAiC,QASjD","sourcesContent":["/**\n * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity\n * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the\n * shared metadata.\n */\nexport class EntitySharedMetadataUpdateRequest {\n constructor(params: {\n metadataAccessControlHash: string\n secretIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n encryptionKeys?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n owningEntityIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n }) {\n this.metadataAccessControlHash = params.metadataAccessControlHash\n this.secretIds = params.secretIds\n this.encryptionKeys = params.encryptionKeys\n this.owningEntityIds = params.owningEntityIds\n }\n\n /**\n * Access control hash of the metadata to update.\n */\n metadataAccessControlHash: string\n /**\n * Updates for secret ids: the key is an encrypted secret id and the value is if an entry with that encrypted secret\n * id should be created or deleted.\n */\n secretIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n /**\n * Updates for encryption keys: a key in the map is an encrypted encrpytion key and the value is if an entry with\n * that encrypted encryption key should be created or deleted.\n */\n encryptionKeys?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n /**\n * Updates for owning entity ids: the key is the encrypted id of an owning entity and the value is if an entry with\n * that encrypted owning entity id should be created or deleted.\n */\n owningEntityIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n}\nexport namespace EntitySharedMetadataUpdateRequest {\n /**\n * Specifies if an entry should be created anew or deleted\n */\n export type EntryUpdateTypeEnum = 'CREATE' | 'DELETE'\n export const EntryUpdateTypeEnum = {\n CREATE: 'CREATE' as EntryUpdateTypeEnum,\n DELETE: 'DELETE' as EntryUpdateTypeEnum,\n }\n}\n"]}
@@ -0,0 +1,23 @@
1
+ import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest';
2
+ /**
3
+ * Result of a bulk share operation.
4
+ */
5
+ export declare class MinimalEntityBulkShareResult {
6
+ constructor(json: JSON | any);
7
+ /**
8
+ * Id of the entity for which the update was requested.
9
+ */
10
+ entityId: string;
11
+ /**
12
+ * Last known revision of the entity before any update, non-null only if an entity matching the requests could be
13
+ * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.
14
+ */
15
+ entityRev?: string;
16
+ /**
17
+ * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the
18
+ * original failed request to the reason of failure.
19
+ */
20
+ rejectedRequests?: {
21
+ [requestId: string]: RejectedShareOrMetadataUpdateRequest;
22
+ };
23
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.MinimalEntityBulkShareResult = void 0;
4
+ /**
5
+ * Result of a bulk share operation.
6
+ */
7
+ class MinimalEntityBulkShareResult {
8
+ constructor(json) {
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.MinimalEntityBulkShareResult = MinimalEntityBulkShareResult;
13
+ //# sourceMappingURL=MinimalEntityBulkShareResult.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"MinimalEntityBulkShareResult.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/MinimalEntityBulkShareResult.ts"],"names":[],"mappings":";;;AAGA;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAoC,EAAE,IAAI,CAAC,CAAA;IAC3D,CAAC;CAgBF;AAnBD,oEAmBC","sourcesContent":["import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest'\nimport { EncryptedEntity } from '../models'\n\n/**\n * Result of a bulk share operation.\n */\nexport class MinimalEntityBulkShareResult {\n constructor(json: JSON | any) {\n Object.assign(this as MinimalEntityBulkShareResult, json)\n }\n\n /**\n * Id of the entity for which the update was requested.\n */\n entityId!: string\n /**\n * Last known revision of the entity before any update, non-null only if an entity matching the requests could be\n * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.\n */\n entityRev?: string\n /**\n * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the\n * original failed request to the reason of failure.\n */\n rejectedRequests?: { [requestId: string]: RejectedShareOrMetadataUpdateRequest }\n}\n"]}
@@ -0,0 +1,21 @@
1
+ /**
2
+ * Represents a reason why a share requests failed or was rejected.
3
+ */
4
+ export declare class RejectedShareOrMetadataUpdateRequest {
5
+ constructor(json: JSON | any);
6
+ /**
7
+ * Code of the error, mimics an http status code (400 general user error, 409 conflict, ...).
8
+ */
9
+ code?: number;
10
+ /**
11
+ * If true a new share request with the same content may succeed so the user is encouraged to retry. This could
12
+ * happen if the entity to share changed while verifying the validity of the request (correctness, permissions,
13
+ * ...), and if the entity did not change in ways incompatible with the request re-performing the request in
14
+ * the same way may succeed.
15
+ */
16
+ shouldRetry: boolean;
17
+ /**
18
+ * Human-friendly message explaining the reason of the failure.
19
+ */
20
+ reason?: string;
21
+ }
@@ -0,0 +1,14 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.RejectedShareOrMetadataUpdateRequest = void 0;
4
+ /**
5
+ * Represents a reason why a share requests failed or was rejected.
6
+ */
7
+ class RejectedShareOrMetadataUpdateRequest {
8
+ constructor(json) {
9
+ Object.assign(this, json);
10
+ this.shouldRetry = !!json['shouldRetry'];
11
+ }
12
+ }
13
+ exports.RejectedShareOrMetadataUpdateRequest = RejectedShareOrMetadataUpdateRequest;
14
+ //# sourceMappingURL=RejectedShareOrMetadataUpdateRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"RejectedShareOrMetadataUpdateRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,MAAa,oCAAoC;IAC/C,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAA4C,EAAE,IAAI,CAAC,CAAA;QACjE,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;IAC1C,CAAC;CAiBF;AArBD,oFAqBC","sourcesContent":["/**\n * Represents a reason why a share requests failed or was rejected.\n */\nexport class RejectedShareOrMetadataUpdateRequest {\n constructor(json: JSON | any) {\n Object.assign(this as RejectedShareOrMetadataUpdateRequest, json)\n this.shouldRetry = !!json['shouldRetry']\n }\n\n /**\n * Code of the error, mimics an http status code (400 general user error, 409 conflict, ...).\n */\n code?: number\n /**\n * If true a new share request with the same content may succeed so the user is encouraged to retry. This could\n * happen if the entity to share changed while verifying the validity of the request (correctness, permissions,\n * ...), and if the entity did not change in ways incompatible with the request re-performing the request in\n * the same way may succeed.\n */\n shouldRetry: boolean\n /**\n * Human-friendly message explaining the reason of the failure.\n */\n reason?: string\n}\n"]}
@@ -1,14 +1,20 @@
1
- import { EncryptedEntity } from '../../icc-api/model/models';
1
+ import { EncryptedEntity, SecureDelegation } from '../../icc-api/model/models';
2
+ import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
2
3
  /**
3
4
  * Interface of common methods for XApis of any encryptable entities.
4
5
  */
5
6
  export interface EncryptedEntityXApi<T extends EncryptedEntity> {
6
7
  /**
7
8
  * Get the ids of all data owners with access to the provided entity, including their permissions on the entity. This method also uses the
8
- * information available to the current user to attempt to identify the anonymous data owners with access to this entity. Note however that
9
- * the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least an anonymous
10
- * data owner with access to the entity the value of `hasUnknownAnonymousDataOwners` in the returned object will be `true` (`false` otherwise).
11
- * Note that users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a
9
+ * information available to the current user to attempt to identify the anonymous data owners with access to this entity.
10
+ *
11
+ * Note however that the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least
12
+ * an anonymous data owner with access to the entity that the current data owner can't identify the value of `hasUnknownAnonymousDataOwners` in the
13
+ * returned object will be `true` (`false` otherwise).
14
+ *
15
+ * ## Basic anonymous data owners identification
16
+ *
17
+ * Initially users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a
12
18
  * specific anonymous data owners has access to an entity through two delegations, one accessible to the current user and one not, the anonymous
13
19
  * data owner will appear in the `permissionsByDataOwnerId`, but the `hasUnknownAnonymousDataOwners` will also be `true`, since the user can't know
14
20
  * if the other delegation refers to the same anonymous data owner or not.
@@ -27,6 +33,31 @@ export interface EncryptedEntityXApi<T extends EncryptedEntity> {
27
33
  * - `P` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: false }` (`P` knows the
28
34
  * delegations that he is part of)
29
35
  *
36
+ * ## Anonymous data owner identification through de-anonymization metadata
37
+ *
38
+ * You also have the possibility of identifying anonymous data owners through the de-anonymization metadata. This metadata is created on request
39
+ * by data owners that have access to the delegation anonymous data owners involved in the delegations, but can later be shared also by other
40
+ * data owners.
41
+ *
42
+ * For example consider an entity with the following delegations, where `A`, `B` and `C` are unrelated explicit data owners, and `P` is an
43
+ * anonymous data owner:
44
+ * - A -> A
45
+ * - A -> B
46
+ * - A -> P
47
+ *
48
+ * As we know initially B will not be able to identify P (B only knows that [A,B] have access to the entity), but if A creates the
49
+ * de-anonymization metadata for the delegation A->P, then B will be to do so.
50
+ *
51
+ * If later B shares the entity with C, resulting in the following delegations:
52
+ * - A -> A
53
+ * - A -> B
54
+ * - A -> P
55
+ * - B -> C
56
+ *
57
+ * C will initially be only aware of [A, B, C] having access to the entity, but now B can share with C the information that P has also
58
+ * access to the entity through the delegation A->P. Note that if A had not created the de-anonymization metadata for the delegation A->P,
59
+ * then B would not be able to share this information with C.
60
+ *
30
61
  * @param entity an entity.
31
62
  * @return an object containing:
32
63
  * - `permissionsByDataOwnerId`: a map associating each data owner id with the access level to the entity. Currently only WRITE access is supported.
@@ -35,10 +66,28 @@ export interface EncryptedEntityXApi<T extends EncryptedEntity> {
35
66
  */
36
67
  getDataOwnersWithAccessTo(entity: T): Promise<{
37
68
  permissionsByDataOwnerId: {
38
- [dataOwnerId: string]: 'WRITE';
69
+ [dataOwnerId: string]: AccessLevelEnum;
39
70
  };
40
71
  hasUnknownAnonymousDataOwners: boolean;
41
72
  }>;
73
+ /**
74
+ * Creates the metadata to support {@link delegates} in the de-anonymization of the delegations in the provided entity.
75
+ *
76
+ * Refer to {@link getDataOwnersWithAccessTo} for more information on how this metadata is used.
77
+ *
78
+ * # Important information
79
+ *
80
+ * while the metadata is created based on the delegations of the provided entity, the metadata may be used to de-anonymize
81
+ * equivalent delegations in other entities of the same type.
82
+ *
83
+ * For example if A creates an entity of type T, shares it with B and P, and then creates the de-anonymization metadata
84
+ * to allow B to de-anonymize the delegation A->P, then B will be able to de-anonymize any delegation A->P in any other
85
+ * entity of type T that B can access (through the iCure cloud or directly through database replicas).
86
+ *
87
+ * @param entity an entity.
88
+ * @param delegates users
89
+ */
90
+ createDelegationDeAnonymizationMetadata(entity: T, delegates: string[]): Promise<void>;
42
91
  /**
43
92
  * @param entity an entity.
44
93
  * @return the available encryption keys for the entity, which could be decrypted by the current data owner. Normally this array should contain at
@@ -1 +1 @@
1
- {"version":3,"file":"EncryptedEntityXApi.js","sourceRoot":"","sources":["../../../icc-x-api/basexapi/EncryptedEntityXApi.ts"],"names":[],"mappings":"","sourcesContent":["import { EncryptedEntity } from '../../icc-api/model/models'\n\n/**\n * Interface of common methods for XApis of any encryptable entities.\n */\nexport interface EncryptedEntityXApi<T extends EncryptedEntity> {\n /**\n * Get the ids of all data owners with access to the provided entity, including their permissions on the entity. This method also uses the\n * information available to the current user to attempt to identify the anonymous data owners with access to this entity. Note however that\n * the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least an anonymous\n * data owner with access to the entity the value of `hasUnknownAnonymousDataOwners` in the returned object will be `true` (`false` otherwise).\n * Note that users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a\n * specific anonymous data owners has access to an entity through two delegations, one accessible to the current user and one not, the anonymous\n * data owner will appear in the `permissionsByDataOwnerId`, but the `hasUnknownAnonymousDataOwners` will also be `true`, since the user can't know\n * if the other delegation refers to the same anonymous data owner or not.\n *\n * For example consider an entity with the following delegations, where `A` and `B` are unrelated explicit data owners, and `P` is an anonymous\n * data owner:\n * - A -> A - r/w\n * - A -> B - r/w\n * - A -> P - r\n * - B -> P - r/w\n * In this case we can get the following results, depending on whether the current user is `A`, `B` or `P`:\n * - `A` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'READ' }, hasUnknownAnonymousDataOwners: true }` (`A` does not know that\n * `B->P` actually refers to `P`, but only that it was created by `B`)\n * - `B` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: true }` (`B` does not know that\n * `A->P` actually refers to `P`, but only that it was created by `A`)\n * - `P` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: false }` (`P` knows the\n * delegations that he is part of)\n *\n * @param entity an entity.\n * @return an object containing:\n * - `permissionsByDataOwnerId`: a map associating each data owner id with the access level to the entity. Currently only WRITE access is supported.\n * - `hasUnknownAnonymousDataOwners`: a boolean indicating if there are anonymous data owners with access to the entity that the current user can\n * not identify.\n */\n getDataOwnersWithAccessTo(entity: T): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: 'WRITE' }\n hasUnknownAnonymousDataOwners: boolean\n }>\n\n /**\n * @param entity an entity.\n * @return the available encryption keys for the entity, which could be decrypted by the current data owner. Normally this array should contain at\n * most one element but this method in case of entity merges there could be multiple values.\n */\n getEncryptionKeysOf(entity: T): Promise<string[]>\n}\n"]}
1
+ {"version":3,"file":"EncryptedEntityXApi.js","sourceRoot":"","sources":["../../../icc-x-api/basexapi/EncryptedEntityXApi.ts"],"names":[],"mappings":"","sourcesContent":["import { EncryptedEntity, SecureDelegation } from '../../icc-api/model/models'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\n/**\n * Interface of common methods for XApis of any encryptable entities.\n */\nexport interface EncryptedEntityXApi<T extends EncryptedEntity> {\n /**\n * Get the ids of all data owners with access to the provided entity, including their permissions on the entity. This method also uses the\n * information available to the current user to attempt to identify the anonymous data owners with access to this entity.\n *\n * Note however that the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least\n * an anonymous data owner with access to the entity that the current data owner can't identify the value of `hasUnknownAnonymousDataOwners` in the\n * returned object will be `true` (`false` otherwise).\n *\n * ## Basic anonymous data owners identification\n *\n * Initially users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a\n * specific anonymous data owners has access to an entity through two delegations, one accessible to the current user and one not, the anonymous\n * data owner will appear in the `permissionsByDataOwnerId`, but the `hasUnknownAnonymousDataOwners` will also be `true`, since the user can't know\n * if the other delegation refers to the same anonymous data owner or not.\n *\n * For example consider an entity with the following delegations, where `A` and `B` are unrelated explicit data owners, and `P` is an anonymous\n * data owner:\n * - A -> A - r/w\n * - A -> B - r/w\n * - A -> P - r\n * - B -> P - r/w\n * In this case we can get the following results, depending on whether the current user is `A`, `B` or `P`:\n * - `A` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'READ' }, hasUnknownAnonymousDataOwners: true }` (`A` does not know that\n * `B->P` actually refers to `P`, but only that it was created by `B`)\n * - `B` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: true }` (`B` does not know that\n * `A->P` actually refers to `P`, but only that it was created by `A`)\n * - `P` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: false }` (`P` knows the\n * delegations that he is part of)\n *\n * ## Anonymous data owner identification through de-anonymization metadata\n *\n * You also have the possibility of identifying anonymous data owners through the de-anonymization metadata. This metadata is created on request\n * by data owners that have access to the delegation anonymous data owners involved in the delegations, but can later be shared also by other\n * data owners.\n *\n * For example consider an entity with the following delegations, where `A`, `B` and `C` are unrelated explicit data owners, and `P` is an\n * anonymous data owner:\n * - A -> A\n * - A -> B\n * - A -> P\n *\n * As we know initially B will not be able to identify P (B only knows that [A,B] have access to the entity), but if A creates the\n * de-anonymization metadata for the delegation A->P, then B will be to do so.\n *\n * If later B shares the entity with C, resulting in the following delegations:\n * - A -> A\n * - A -> B\n * - A -> P\n * - B -> C\n *\n * C will initially be only aware of [A, B, C] having access to the entity, but now B can share with C the information that P has also\n * access to the entity through the delegation A->P. Note that if A had not created the de-anonymization metadata for the delegation A->P,\n * then B would not be able to share this information with C.\n *\n * @param entity an entity.\n * @return an object containing:\n * - `permissionsByDataOwnerId`: a map associating each data owner id with the access level to the entity. Currently only WRITE access is supported.\n * - `hasUnknownAnonymousDataOwners`: a boolean indicating if there are anonymous data owners with access to the entity that the current user can\n * not identify.\n */\n getDataOwnersWithAccessTo(entity: T): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: AccessLevelEnum }\n hasUnknownAnonymousDataOwners: boolean\n }>\n\n /**\n * Creates the metadata to support {@link delegates} in the de-anonymization of the delegations in the provided entity.\n *\n * Refer to {@link getDataOwnersWithAccessTo} for more information on how this metadata is used.\n *\n * # Important information\n *\n * while the metadata is created based on the delegations of the provided entity, the metadata may be used to de-anonymize\n * equivalent delegations in other entities of the same type.\n *\n * For example if A creates an entity of type T, shares it with B and P, and then creates the de-anonymization metadata\n * to allow B to de-anonymize the delegation A->P, then B will be able to de-anonymize any delegation A->P in any other\n * entity of type T that B can access (through the iCure cloud or directly through database replicas).\n *\n * @param entity an entity.\n * @param delegates users\n */\n createDelegationDeAnonymizationMetadata(entity: T, delegates: string[]): Promise<void>\n\n /**\n * @param entity an entity.\n * @return the available encryption keys for the entity, which could be decrypted by the current data owner. Normally this array should contain at\n * most one element but this method in case of entity merges there could be multiple values.\n */\n getEncryptionKeysOf(entity: T): Promise<string[]>\n}\n"]}
@@ -95,7 +95,7 @@ class AESUtils {
95
95
  this._debug && console.log(`decipheredData: ${(0, utils_1.ua2hex)(decipheredData)}`);
96
96
  resolve(decipheredData);
97
97
  }, (err) => {
98
- reject('AES decryption failed: ' + err);
98
+ reject(new Error('AES decryption failed: ' + err));
99
99
  });
100
100
  });
101
101
  }