@icure/api 8.0.0-RC.1 → 8.0.0-RC.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (208) hide show
  1. package/icc-api/api/IccDocumentApi.d.ts +6 -0
  2. package/icc-api/api/IccDocumentApi.js +15 -0
  3. package/icc-api/api/IccDocumentApi.js.map +1 -1
  4. package/icc-api/api/IccExchangeDataApi.d.ts +1 -1
  5. package/icc-api/api/IccExchangeDataApi.js +1 -1
  6. package/icc-api/api/IccExchangeDataApi.js.map +1 -1
  7. package/icc-api/api/IccExchangeDataMapApi.d.ts +1 -1
  8. package/icc-api/api/IccExchangeDataMapApi.js +1 -1
  9. package/icc-api/api/IccExchangeDataMapApi.js.map +1 -1
  10. package/icc-api/api/IccMessageApi.d.ts +16 -0
  11. package/icc-api/api/IccMessageApi.js +38 -1
  12. package/icc-api/api/IccMessageApi.js.map +1 -1
  13. package/icc-api/api/IccSecureDelegationKeyMapApi.d.ts +26 -0
  14. package/icc-api/api/IccSecureDelegationKeyMapApi.js +71 -0
  15. package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +1 -0
  16. package/icc-api/api/IccTopicApi.d.ts +90 -0
  17. package/icc-api/api/IccTopicApi.js +193 -0
  18. package/icc-api/api/IccTopicApi.js.map +1 -0
  19. package/icc-api/index.d.ts +1 -0
  20. package/icc-api/index.js +1 -0
  21. package/icc-api/index.js.map +1 -1
  22. package/icc-api/model/AbstractFilterMessage.d.ts +15 -0
  23. package/icc-api/model/AbstractFilterMessage.js +21 -0
  24. package/icc-api/model/AbstractFilterMessage.js.map +1 -0
  25. package/icc-api/model/AbstractFilterTopic.d.ts +15 -0
  26. package/icc-api/model/AbstractFilterTopic.js +21 -0
  27. package/icc-api/model/AbstractFilterTopic.js.map +1 -0
  28. package/icc-api/model/AccessLog.d.ts +0 -2
  29. package/icc-api/model/AccessLog.js +0 -1
  30. package/icc-api/model/AccessLog.js.map +1 -1
  31. package/icc-api/model/Article.d.ts +0 -2
  32. package/icc-api/model/Article.js +0 -1
  33. package/icc-api/model/Article.js.map +1 -1
  34. package/icc-api/model/CalendarItem.d.ts +0 -2
  35. package/icc-api/model/CalendarItem.js +0 -1
  36. package/icc-api/model/CalendarItem.js.map +1 -1
  37. package/icc-api/model/Classification.d.ts +0 -2
  38. package/icc-api/model/Classification.js +0 -1
  39. package/icc-api/model/Classification.js.map +1 -1
  40. package/icc-api/model/Connection.d.ts +1 -1
  41. package/icc-api/model/Connection.js.map +1 -1
  42. package/icc-api/model/Contact.d.ts +0 -2
  43. package/icc-api/model/Contact.js +0 -1
  44. package/icc-api/model/Contact.js.map +1 -1
  45. package/icc-api/model/Document.d.ts +0 -2
  46. package/icc-api/model/Document.js +0 -1
  47. package/icc-api/model/Document.js.map +1 -1
  48. package/icc-api/model/FilterChainMessage.d.ts +19 -0
  49. package/icc-api/model/FilterChainMessage.js +11 -0
  50. package/icc-api/model/FilterChainMessage.js.map +1 -0
  51. package/icc-api/model/FilterChainTopic.d.ts +19 -0
  52. package/icc-api/model/FilterChainTopic.js +11 -0
  53. package/icc-api/model/FilterChainTopic.js.map +1 -0
  54. package/icc-api/model/Form.d.ts +0 -2
  55. package/icc-api/model/Form.js +0 -1
  56. package/icc-api/model/Form.js.map +1 -1
  57. package/icc-api/model/HealthElement.d.ts +0 -2
  58. package/icc-api/model/HealthElement.js +0 -1
  59. package/icc-api/model/HealthElement.js.map +1 -1
  60. package/icc-api/model/HealthcareParty.js +13 -1
  61. package/icc-api/model/HealthcareParty.js.map +1 -1
  62. package/icc-api/model/Invoice.d.ts +0 -2
  63. package/icc-api/model/Invoice.js +0 -1
  64. package/icc-api/model/Invoice.js.map +1 -1
  65. package/icc-api/model/MaintenanceTask.d.ts +11 -10
  66. package/icc-api/model/MaintenanceTask.js +13 -12
  67. package/icc-api/model/MaintenanceTask.js.map +1 -1
  68. package/icc-api/model/Message.d.ts +0 -2
  69. package/icc-api/model/Message.js +0 -1
  70. package/icc-api/model/Message.js.map +1 -1
  71. package/icc-api/model/PaginatedListExchangeData.d.ts +1 -1
  72. package/icc-api/model/PaginatedListExchangeData.js.map +1 -1
  73. package/icc-api/model/PaginatedListTopic.d.ts +20 -0
  74. package/icc-api/model/PaginatedListTopic.js +10 -0
  75. package/icc-api/model/PaginatedListTopic.js.map +1 -0
  76. package/icc-api/model/Patient.d.ts +0 -2
  77. package/icc-api/model/Patient.js +0 -1
  78. package/icc-api/model/Patient.js.map +1 -1
  79. package/icc-api/model/Receipt.d.ts +0 -2
  80. package/icc-api/model/Receipt.js +0 -1
  81. package/icc-api/model/Receipt.js.map +1 -1
  82. package/icc-api/model/TimeTable.d.ts +0 -2
  83. package/icc-api/model/TimeTable.js +0 -1
  84. package/icc-api/model/TimeTable.js.map +1 -1
  85. package/icc-api/model/Topic.d.ts +95 -0
  86. package/icc-api/model/Topic.js +16 -0
  87. package/icc-api/model/Topic.js.map +1 -0
  88. package/icc-api/model/{ExchangeData.d.ts → internal/ExchangeData.d.ts} +3 -0
  89. package/icc-api/model/{ExchangeData.js → internal/ExchangeData.js} +3 -0
  90. package/icc-api/model/internal/ExchangeData.js.map +1 -0
  91. package/icc-api/model/{ExchangeDataMap.d.ts → internal/ExchangeDataMap.d.ts} +3 -0
  92. package/icc-api/model/{ExchangeDataMap.js → internal/ExchangeDataMap.js} +3 -0
  93. package/icc-api/model/internal/ExchangeDataMap.js.map +1 -0
  94. package/icc-api/model/internal/SecureDelegationKeyMap.d.ts +14 -0
  95. package/icc-api/model/internal/SecureDelegationKeyMap.js +13 -0
  96. package/icc-api/model/internal/SecureDelegationKeyMap.js.map +1 -0
  97. package/icc-api/model/models.d.ts +6 -1
  98. package/icc-api/model/models.js +4 -0
  99. package/icc-api/model/models.js.map +1 -1
  100. package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +52 -4
  101. package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -1
  102. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.d.ts +2 -0
  103. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js +13 -4
  104. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -1
  105. package/icc-x-api/crypto/AccessControlSecretUtils.d.ts +1 -0
  106. package/icc-x-api/crypto/AccessControlSecretUtils.js +11 -0
  107. package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -1
  108. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +1 -1
  109. package/icc-x-api/crypto/BaseExchangeDataManager.js +1 -1
  110. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  111. package/icc-x-api/crypto/DelegationsDeAnonymization.d.ts +44 -0
  112. package/icc-x-api/crypto/DelegationsDeAnonymization.js +235 -0
  113. package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -0
  114. package/icc-x-api/crypto/ExchangeDataManager.d.ts +3 -1
  115. package/icc-x-api/crypto/ExchangeDataManager.js +27 -19
  116. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  117. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +1 -1
  118. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
  119. package/icc-x-api/crypto/ExtendedApisUtils.d.ts +0 -10
  120. package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -1
  121. package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +0 -7
  122. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +4 -7
  123. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
  124. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.d.ts +0 -6
  125. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js +0 -9
  126. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js.map +1 -1
  127. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  128. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.d.ts +14 -5
  129. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js +44 -26
  130. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js.map +1 -1
  131. package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +1 -18
  132. package/icc-x-api/crypto/SecurityMetadataDecryptor.js +4 -23
  133. package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -1
  134. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.d.ts +8 -0
  135. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js +13 -0
  136. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js.map +1 -0
  137. package/icc-x-api/filters/MessageByHcPartyFilter.d.ts +7 -0
  138. package/icc-x-api/filters/MessageByHcPartyFilter.js +13 -0
  139. package/icc-x-api/filters/MessageByHcPartyFilter.js.map +1 -0
  140. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.d.ts +8 -0
  141. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js +13 -0
  142. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js.map +1 -0
  143. package/icc-x-api/filters/TopicByHcPartyFilter.d.ts +7 -0
  144. package/icc-x-api/filters/TopicByHcPartyFilter.js +13 -0
  145. package/icc-x-api/filters/TopicByHcPartyFilter.js.map +1 -0
  146. package/icc-x-api/filters/TopicByParticipantFilter.d.ts +7 -0
  147. package/icc-x-api/filters/TopicByParticipantFilter.js +13 -0
  148. package/icc-x-api/filters/TopicByParticipantFilter.js.map +1 -0
  149. package/icc-x-api/filters/filters.d.ts +5 -0
  150. package/icc-x-api/filters/filters.js +5 -0
  151. package/icc-x-api/filters/filters.js.map +1 -1
  152. package/icc-x-api/icc-accesslog-x-api.d.ts +3 -1
  153. package/icc-x-api/icc-accesslog-x-api.js +7 -3
  154. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  155. package/icc-x-api/icc-calendar-item-x-api.d.ts +3 -1
  156. package/icc-x-api/icc-calendar-item-x-api.js +7 -3
  157. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  158. package/icc-x-api/icc-classification-x-api.d.ts +3 -1
  159. package/icc-x-api/icc-classification-x-api.js +7 -3
  160. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  161. package/icc-x-api/icc-contact-x-api.d.ts +3 -1
  162. package/icc-x-api/icc-contact-x-api.js +8 -4
  163. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  164. package/icc-x-api/icc-crypto-x-api.d.ts +7 -1
  165. package/icc-x-api/icc-crypto-x-api.js +8 -1
  166. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  167. package/icc-x-api/icc-document-x-api.d.ts +3 -1
  168. package/icc-x-api/icc-document-x-api.js +8 -4
  169. package/icc-x-api/icc-document-x-api.js.map +1 -1
  170. package/icc-x-api/icc-form-x-api.d.ts +3 -1
  171. package/icc-x-api/icc-form-x-api.js +7 -3
  172. package/icc-x-api/icc-form-x-api.js.map +1 -1
  173. package/icc-x-api/icc-helement-x-api.d.ts +4 -2
  174. package/icc-x-api/icc-helement-x-api.js +8 -8
  175. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  176. package/icc-x-api/icc-invoice-x-api.d.ts +3 -1
  177. package/icc-x-api/icc-invoice-x-api.js +7 -3
  178. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  179. package/icc-x-api/icc-maintenance-task-x-api.d.ts +3 -1
  180. package/icc-x-api/icc-maintenance-task-x-api.js +7 -3
  181. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  182. package/icc-x-api/icc-message-x-api.d.ts +24 -6
  183. package/icc-x-api/icc-message-x-api.js +66 -6
  184. package/icc-x-api/icc-message-x-api.js.map +1 -1
  185. package/icc-x-api/icc-patient-x-api.d.ts +3 -1
  186. package/icc-x-api/icc-patient-x-api.js +7 -3
  187. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  188. package/icc-x-api/icc-receipt-x-api.d.ts +3 -1
  189. package/icc-x-api/icc-receipt-x-api.js +7 -3
  190. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  191. package/icc-x-api/icc-time-table-x-api.d.ts +3 -1
  192. package/icc-x-api/icc-time-table-x-api.js +7 -3
  193. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  194. package/icc-x-api/icc-topic-x-api.d.ts +191 -0
  195. package/icc-x-api/icc-topic-x-api.js +307 -0
  196. package/icc-x-api/icc-topic-x-api.js.map +1 -0
  197. package/icc-x-api/index.d.ts +15 -0
  198. package/icc-x-api/index.js +99 -70
  199. package/icc-x-api/index.js.map +1 -1
  200. package/icc-x-api/maintenance/KeyPairUpdateRequest.d.ts +1 -1
  201. package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +1 -1
  202. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
  203. package/icc-x-api/utils/websocket.d.ts +4 -0
  204. package/icc-x-api/utils/websocket.js +8 -0
  205. package/icc-x-api/utils/websocket.js.map +1 -1
  206. package/package.json +1 -1
  207. package/icc-api/model/ExchangeData.js.map +0 -1
  208. package/icc-api/model/ExchangeDataMap.js.map +0 -1
@@ -40,34 +40,35 @@ class SecureDelegationsSecurityMetadataDecryptor {
40
40
  decryptSecretIdsOf(typedEntity, dataOwnersHierarchySubset) {
41
41
  return this.decryptSecureDelegations(typedEntity, dataOwnersHierarchySubset, (d) => { var _a; return (_a = d.secretIds) !== null && _a !== void 0 ? _a : []; }, (e, k) => this.secureDelegationsEncryption.decryptSecretId(e, k));
42
42
  }
43
- getDataOwnersWithAccessTo(typedEntity) {
43
+ /**
44
+ * Get information for members of secure delegations in the entity. Also provides information for delegations with anonymous delegate and/or
45
+ * delegator if one of the delegation members is the current data owner (or a parent) AND has still access to the exchange data used in the .
46
+ */
47
+ getDelegationMemberDetails(typedEntity) {
44
48
  var _a, _b, _c, _d, _e, _f;
45
49
  return __awaiter(this, void 0, void 0, function* () {
46
- const accumulatedPermissions = {};
47
- let hasUnknownAnonymousDataOwners = false;
48
- function addPermission(delegateId, level) {
49
- if (accumulatedPermissions[delegateId] !== AccessLevel.WRITE) {
50
- accumulatedPermissions[delegateId] = level;
51
- }
52
- }
50
+ const res = {};
53
51
  // 1. Add all explicit data owners, keep only delegations with at least an anonymous data owner to check later
54
52
  let remainingDelegations = Object.entries((_b = (_a = typedEntity.entity.securityMetadata) === null || _a === void 0 ? void 0 : _a.secureDelegations) !== null && _b !== void 0 ? _b : {});
55
53
  let updatedRemainingDelegations = [];
56
54
  for (const delegationEntry of remainingDelegations) {
57
55
  const delegation = delegationEntry[1];
58
- if (delegation.delegator) {
59
- addPermission(delegation.delegator, delegation.permissions);
56
+ if (delegation.delegator && delegation.delegate) {
57
+ res[delegationEntry[0]] = {
58
+ delegate: delegation.delegate,
59
+ delegator: delegation.delegator,
60
+ fullyExplicit: true,
61
+ accessLevel: delegation.permissions,
62
+ accessControlSecret: undefined,
63
+ };
60
64
  }
61
- if (delegation.delegate) {
62
- addPermission(delegation.delegate, delegation.permissions);
63
- }
64
- if (!delegation.delegator || !delegation.delegate) {
65
+ else {
65
66
  updatedRemainingDelegations.push(delegationEntry);
66
67
  }
67
68
  }
68
69
  remainingDelegations = updatedRemainingDelegations;
69
70
  if (!remainingDelegations.length)
70
- return { permissionsByDataOwnerId: accumulatedPermissions, hasUnknownAnonymousDataOwners };
71
+ return res;
71
72
  updatedRemainingDelegations = [];
72
73
  // 2. Attempt to identify the anonymous data owner of remaining delegations by checking if we have the exchange data cached by hash
73
74
  // Note: we can find exchange data by hash only if we could successfully decrypt it
@@ -75,8 +76,13 @@ class SecureDelegationsSecurityMetadataDecryptor {
75
76
  for (const delegationEntry of remainingDelegations) {
76
77
  const exchangeDataOfDelegation = cachedExchangeData[delegationEntry[0]];
77
78
  if (exchangeDataOfDelegation) {
78
- addPermission(exchangeDataOfDelegation.exchangeData.delegator, delegationEntry[1].permissions);
79
- addPermission(exchangeDataOfDelegation.exchangeData.delegate, delegationEntry[1].permissions);
79
+ res[delegationEntry[0]] = {
80
+ delegate: exchangeDataOfDelegation.exchangeData.delegate,
81
+ delegator: exchangeDataOfDelegation.exchangeData.delegator,
82
+ fullyExplicit: false,
83
+ accessLevel: delegationEntry[1].permissions,
84
+ accessControlSecret: exchangeDataOfDelegation.accessControlSecret,
85
+ };
80
86
  }
81
87
  else {
82
88
  updatedRemainingDelegations.push(delegationEntry);
@@ -84,7 +90,8 @@ class SecureDelegationsSecurityMetadataDecryptor {
84
90
  }
85
91
  remainingDelegations = updatedRemainingDelegations;
86
92
  if (!remainingDelegations.length)
87
- return { permissionsByDataOwnerId: accumulatedPermissions, hasUnknownAnonymousDataOwners };
93
+ return res;
94
+ updatedRemainingDelegations = [];
88
95
  // 3. Attempt to identify the anonymous data owner of remaining delegations between us (or one of our parents) and an anonymous data owner
89
96
  const hierarchy = yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds();
90
97
  const allHashes = [
@@ -103,21 +110,32 @@ class SecureDelegationsSecurityMetadataDecryptor {
103
110
  ? yield this.exchangeData.getDecryptionDataKeyById(dataId, typedEntity.type, (_f = typedEntity.entity.secretForeignKeys) !== null && _f !== void 0 ? _f : [], true)
104
111
  : undefined;
105
112
  if (exchangeDataInfo) {
106
- addPermission(exchangeDataInfo.exchangeData.delegator, delegation.permissions);
107
- addPermission(exchangeDataInfo.exchangeData.delegate, delegation.permissions);
113
+ res[hash] = {
114
+ delegator: exchangeDataInfo.exchangeData.delegator,
115
+ delegate: exchangeDataInfo.exchangeData.delegate,
116
+ fullyExplicit: false,
117
+ accessLevel: delegation.permissions,
118
+ accessControlSecret: exchangeDataInfo.accessControlSecret,
119
+ };
108
120
  }
109
121
  else {
110
- hasUnknownAnonymousDataOwners = true;
122
+ updatedRemainingDelegations.push([hash, delegation]);
111
123
  }
112
124
  }
113
125
  else {
114
- hasUnknownAnonymousDataOwners = true;
126
+ updatedRemainingDelegations.push([hash, delegation]);
115
127
  }
116
128
  }
117
- return {
118
- permissionsByDataOwnerId: accumulatedPermissions,
119
- hasUnknownAnonymousDataOwners,
120
- };
129
+ return Object.assign(Object.assign({}, res), Object.fromEntries(updatedRemainingDelegations.map(([hash, secureDelegation]) => [
130
+ hash,
131
+ {
132
+ delegator: secureDelegation.delegator,
133
+ delegate: secureDelegation.delegate,
134
+ fullyExplicit: false,
135
+ accessLevel: secureDelegation.permissions,
136
+ accessControlSecret: undefined,
137
+ },
138
+ ])));
121
139
  });
122
140
  }
123
141
  hasAnyEncryptionKeys(entity) {
@@ -1 +1 @@
1
- {"version":3,"file":"SecureDelegationsSecurityMetadataDecryptor.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AACA,2EAAuE;AAKvE,IAAO,WAAW,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAWrD,MAAa,0CAA0C;IACrD,YACmB,YAAiC,EACjC,eAAuC,EACvC,2BAAwD,EACxD,YAA8B;QAH9B,iBAAY,GAAZ,YAAY,CAAqB;QACjC,oBAAe,GAAf,eAAe,CAAwB;QACvC,gCAA2B,GAA3B,2BAA2B,CAA6B;QACxD,iBAAY,GAAZ,YAAY,CAAkB;IAC9C,CAAC;IAEJ,uBAAuB,CACrB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,cAAc,mCAAI,EAAE,CAAA,EAAA,EAC7B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,CAAC,CACtE,CAAA;IACH,CAAC;IAED,wBAAwB,CACtB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,eAAe,mCAAI,EAAE,CAAA,EAAA,EAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,CAAC,EAAE,CAAC,CAAC,CACvE,CAAA;IACH,CAAC;IAED,kBAAkB,CAChB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,SAAS,mCAAI,EAAE,CAAA,EAAA,EACxB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CACjE,CAAA;IACH,CAAC;IAEK,yBAAyB,CAAC,WAAoC;;;YAIlE,MAAM,sBAAsB,GAA+D,EAAE,CAAA;YAC7F,IAAI,6BAA6B,GAAG,KAAK,CAAA;YACzC,SAAS,aAAa,CAAC,UAAkB,EAAE,KAAuC;gBAChF,IAAI,sBAAsB,CAAC,UAAU,CAAC,KAAK,WAAW,CAAC,KAAK,EAAE;oBAC5D,sBAAsB,CAAC,UAAU,CAAC,GAAG,KAAK,CAAA;iBAC3C;YACH,CAAC;YACD,8GAA8G;YAC9G,IAAI,oBAAoB,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAA;YACvG,IAAI,2BAA2B,GAAiC,EAAE,CAAA;YAClE,KAAK,MAAM,eAAe,IAAI,oBAAoB,EAAE;gBAClD,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,UAAU,CAAC,SAAS,EAAE;oBACxB,aAAa,CAAC,UAAU,CAAC,SAAS,EAAE,UAAU,CAAC,WAAW,CAAC,CAAA;iBAC5D;gBACD,IAAI,UAAU,CAAC,QAAQ,EAAE;oBACvB,aAAa,CAAC,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,WAAW,CAAC,CAAA;iBAC3D;gBACD,IAAI,CAAC,UAAU,CAAC,SAAS,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE;oBACjD,2BAA2B,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;iBAClD;aACF;YACD,oBAAoB,GAAG,2BAA2B,CAAA;YAClD,IAAI,CAAC,oBAAoB,CAAC,MAAM;gBAAE,OAAO,EAAE,wBAAwB,EAAE,sBAAsB,EAAE,6BAA6B,EAAE,CAAA;YAC5H,2BAA2B,GAAG,EAAE,CAAA;YAChC,mIAAmI;YACnI,mFAAmF;YACnF,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CAC9F,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACrC,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CAAA;YACD,KAAK,MAAM,eAAe,IAAI,oBAAoB,EAAE;gBAClD,MAAM,wBAAwB,GAAG,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvE,IAAI,wBAAwB,EAAE;oBAC5B,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;oBAC9F,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;iBAC9F;qBAAM;oBACL,2BAA2B,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;iBAClD;aACF;YACD,oBAAoB,GAAG,2BAA2B,CAAA;YAClD,IAAI,CAAC,oBAAoB,CAAC,MAAM;gBAAE,OAAO,EAAE,wBAAwB,EAAE,sBAAsB,EAAE,6BAA6B,EAAE,CAAA;YAC5H,0IAA0I;YAC1I,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAA;YAC3E,MAAM,SAAS,GAAG;gBAChB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBACpD,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;aAC5E,CAAA;YACD,MAAM,wBAAwB,GAAG,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;gBACxH,uCACK,IAAI,KACP,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,OAAO,IACtB;YACH,CAAC,EAAE,EAAyC,CAAC,CAAA;YAC7C,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,oBAAoB,EAAE;gBACrD,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,UAAU,CAAC,QAAQ,IAAI,CAAC,KAAK,UAAU,CAAC,SAAS,CAAC,EAAE;oBAClF,MAAM,MAAM,GAAG,CAAC,CAAC,wBAAwB,CAAC,IAAI,CAAC;wBAC7C,CAAC,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,wBAAwB,CAAC;wBACvH,CAAC,CAAC,SAAS,CAAA;oBACb,MAAM,gBAAgB,GAAG,MAAM;wBAC7B,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAAC,MAAM,EAAE,WAAW,CAAC,IAAI,EAAE,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAAE,IAAI,CAAC;wBAC9H,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,gBAAgB,EAAE;wBACpB,aAAa,CAAC,gBAAgB,CAAC,YAAY,CAAC,SAAS,EAAE,UAAU,CAAC,WAAW,CAAC,CAAA;wBAC9E,aAAa,CAAC,gBAAgB,CAAC,YAAY,CAAC,QAAQ,EAAE,UAAU,CAAC,WAAW,CAAC,CAAA;qBAC9E;yBAAM;wBACL,6BAA6B,GAAG,IAAI,CAAA;qBACrC;iBACF;qBAAM;oBACL,6BAA6B,GAAG,IAAI,CAAA;iBACrC;aACF;YACD,OAAO;gBACL,wBAAwB,EAAE,sBAAsB;gBAChD,6BAA6B;aAC9B,CAAA;;KACF;IAED,oBAAoB,CAAC,MAA6C;;QAChE,OAAO,MAAM,CAAC,MAAM,CAAC,MAAA,MAAA,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,cAAc,0CAAE,MAAM,CAAA,EAAA,CAAC,CAAA;IAC9G,CAAC;IAEK,oBAAoB,CAAC,WAAoC,EAAE,yBAAmC;;;YAClG,IAAI,CAAC,yBAAyB,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;YACpG,0IAA0I;YAC1I,kDAAkD;YAClD,IAAI,qBAAqB,GAAuB,MAAM,CAAC,MAAM,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,MAAM,CAChI,CAAC,gBAAgB,EAAE,EAAE,CACnB,yBAAyB,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,gBAAgB,CAAC,SAAS,IAAI,SAAS,KAAK,gBAAgB,CAAC,QAAQ,CAAC,CACrI,CAAA;YACD,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE;gBACjC,MAAM,YAAY,GAAG,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,CAAA;gBAC1E,MAAM,wBAAwB,GAAG,KAAK,CAAC,IAAI,CACzC,IAAI,GAAG,CACL,MAAM,CAAC,IAAI,CACT,MAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CACnE;oBACE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC;oBAC5E,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,EACD,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;oBACb,MAAM,oBAAoB,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;oBAC1E,OAAO,oBAAoB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,CAAA;gBAC3D,CAAC,CAAC,CACH,CACF,CAAA;gBACD,qBAAqB,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,eAAC,OAAA,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA,EAAA,CAAC,CAAA;aACrI;YAED,MAAM,WAAW,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,gBAAgB,EAAE,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACjG,IAAI,QAAQ,GAA4B,SAAS,CAAA;YACjD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;gBACpC,IAAI,UAAU,KAAK,WAAW,CAAC,KAAK,EAAE;oBACpC,OAAO,WAAW,CAAC,KAAK,CAAA;iBACzB;gBACD,IAAI,UAAU,KAAK,WAAW,CAAC,IAAI,EAAE;oBACnC,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAA;iBAC5B;aACF;YACD,OAAO,QAAQ,CAAA;;KAChB;IAEO,wBAAwB,CAC9B,WAAoC,EACpC,yBAAmC,EACnC,gBAA4D,EAC5D,kBAA8E;QAE9E,IAAI,CAAC,yBAAyB,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;QACpG,MAAM,IAAI,GAAG,IAAI,CAAA;QAEjB,SAAe,sCAAsC,CACnD,MAAgB,EAChB,uCAA4E;;;gBAE5E,KAAK,MAAM,IAAI,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE;oBAClC,MAAM,uBAAuB,GAAG,CAAC,CAAC,uCAAuC,CAAC,IAAI,CAAC;wBAC7E,CAAC,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,MAAA,uCAAuC,CAAC,IAAI,CAAC,0CAAE,wBAAwB,CAAC;wBACvI,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,uBAAuB;wBAAE,OAAO,uBAAuB,CAAA;iBAC9D;;SACF;QAED,SAAe,OAAO,CACpB,UAA4B,EAC5B,mBAAuF;;gBAEvF,IAAI,CAAC,mBAAmB,CAAC,WAAW;oBAAE,OAAO,EAAE,CAAA;gBAC/C,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAA;gBAClD,IAAI,CAAC,aAAa,CAAC,MAAM;oBAAE,OAAO,EAAE,CAAA;gBACpC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC,SAAS,IAAI,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC,QAAQ,CAAC;oBAC7I,OAAO,EAAE,CAAA;gBACX,MAAM,oBAAoB,GAAG,CAAC,mBAAmB,CAAC,YAAY,CAAC,SAAS,EAAE,mBAAmB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;gBACpH,MAAM,GAAG,GAAG,EAAE,CAAA;gBACd,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE;oBAChC,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC,IAAI,EAAE,mBAAmB,CAAC,WAAW,CAAC,EAAE,oBAAoB,EAAE,CAAC,CAAA;iBAC/G;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;SAAA;QAED,SAAgB,SAAS;;;gBACvB,IAAI,oBAAoB,GAAkC,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,GAAG,CACxI,CAAC,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE,EAAE;;oBAAC,OAAA,CAAC;wBAChC,UAAU;wBACV,MAAM,EAAE;4BACN,aAAa;4BACb,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iCAC3E,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC;iCACpC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;yBACpB;qBACF,CAAC,CAAA;iBAAA,CACH,CAAA;gBAED;;;;;;mBAMG;gBAEH,+DAA+D;gBAC/D,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,MAAM,gBAAgB,GAAG,cAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CAC5F;oBACE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC;oBAC5E,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,EACD,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CAAA,CAAA;gBACD,IAAI,2BAA2B,GAAkC,EAAE,CAAA;gBACnE,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;oBACvG,IAAI,mBAAmB,EAAE;wBACvB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM,IACL,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,SAAS,CAAC;wBACrF,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,iBAAiB,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,KAAK,iBAAiB,CAAC,UAAU,CAAC,SAAS,CAAC,EAClI;wBACA,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAClD,2BAA2B,GAAG,EAAE,CAAA;gBAEhC,gJAAgJ;gBAChJ,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,UAAU,CAAC,cAAc;wBACrE,CAAC,CAAC,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC9C,iBAAiB,CAAC,UAAU,CAAC,cAAc,EAC3C,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,KAAK,CACN,CAAA;wBACH,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,mBAAmB,EAAE;wBACzB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM;wBACL,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAClD,2BAA2B,GAAG,EAAE,CAAA;gBAEhC,2HAA2H;gBAC3H,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,UAAU,CAAC,cAAc;wBACrE,CAAC,CAAC,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC9C,iBAAiB,CAAC,UAAU,CAAC,cAAc,EAC3C,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,IAAI,CACL,CAAA;wBACH,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,mBAAmB,EAAE;wBACzB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM;wBACL,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAElD,qHAAqH;gBACrH,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,MAAM,SAAS,GAAG;oBAChB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;oBAChD,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,CAAA;gBACD,MAAM,uCAAuC,GAAG,CAAC,cAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAA,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;oBACvI,uCACK,IAAI,KACP,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,OAAO,IACtB;gBACH,CAAC,EAAE,EAAyC,CAAC,CAAA;gBAC7C,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,uBAAuB,GAAG,cAAM,sCAAsC,CAC1E,iBAAiB,CAAC,MAAM,EACxB,uCAAuC,CACxC,CAAA,CAAA;oBACD,IAAI,uBAAuB,EAAE;wBAC3B,MAAM,mBAAmB,GAAG,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC1E,uBAAuB,EACvB,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,IAAI,CACL,CAAA,CAAA;wBACD,IAAI,mBAAmB,EAAE;4BACvB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;gCAAE,oBAAM,SAAS,CAAA,CAAA;yBAC1G;qBACF;iBACF;;SACF;QAED,OAAO,SAAS,EAAE,CAAA;IACpB,CAAC;CACF;AA1UD,gGA0UC","sourcesContent":["import { SecurityMetadataDecryptor } from './SecurityMetadataDecryptor'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { ExchangeDataManager } from './ExchangeDataManager'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { ExchangeData } from '../../icc-api/model/ExchangeData'\nimport { SecureDelegationsEncryption } from './SecureDelegationsEncryption'\nimport AccessLevel = SecureDelegation.AccessLevelEnum\nimport { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { ExchangeDataMapManager } from './ExchangeDataMapManager'\nimport { ExchangeDataMap } from '../../icc-api/model/ExchangeDataMap'\n\ntype DelegationDecryptionDetails = {\n delegation: SecureDelegation\n hashes: string[]\n}\n\nexport class SecureDelegationsSecurityMetadataDecryptor implements SecurityMetadataDecryptor {\n constructor(\n private readonly exchangeData: ExchangeDataManager,\n private readonly exchangeDataMap: ExchangeDataMapManager,\n private readonly secureDelegationsEncryption: SecureDelegationsEncryption,\n private readonly dataOwnerApi: IccDataOwnerXApi\n ) {}\n\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.encryptionKeys ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptEncryptionKey(e, k)\n )\n }\n\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.owningEntityIds ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptOwningEntityId(e, k)\n )\n }\n\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.secretIds ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptSecretId(e, k)\n )\n }\n\n async getDataOwnersWithAccessTo(typedEntity: EncryptedEntityWithType): Promise<{\n permissionsByDataOwnerId: { [delegateId: string]: SecureDelegation.AccessLevelEnum }\n hasUnknownAnonymousDataOwners: boolean\n }> {\n const accumulatedPermissions: { [delegateId: string]: SecureDelegation.AccessLevelEnum } = {}\n let hasUnknownAnonymousDataOwners = false\n function addPermission(delegateId: string, level: SecureDelegation.AccessLevelEnum): void {\n if (accumulatedPermissions[delegateId] !== AccessLevel.WRITE) {\n accumulatedPermissions[delegateId] = level\n }\n }\n // 1. Add all explicit data owners, keep only delegations with at least an anonymous data owner to check later\n let remainingDelegations = Object.entries(typedEntity.entity.securityMetadata?.secureDelegations ?? {})\n let updatedRemainingDelegations: [string, SecureDelegation][] = []\n for (const delegationEntry of remainingDelegations) {\n const delegation = delegationEntry[1]\n if (delegation.delegator) {\n addPermission(delegation.delegator, delegation.permissions)\n }\n if (delegation.delegate) {\n addPermission(delegation.delegate, delegation.permissions)\n }\n if (!delegation.delegator || !delegation.delegate) {\n updatedRemainingDelegations.push(delegationEntry)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n if (!remainingDelegations.length) return { permissionsByDataOwnerId: accumulatedPermissions, hasUnknownAnonymousDataOwners }\n updatedRemainingDelegations = []\n // 2. Attempt to identify the anonymous data owner of remaining delegations by checking if we have the exchange data cached by hash\n // Note: we can find exchange data by hash only if we could successfully decrypt it\n const cachedExchangeData = await this.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n remainingDelegations.map((d) => d[0]),\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n for (const delegationEntry of remainingDelegations) {\n const exchangeDataOfDelegation = cachedExchangeData[delegationEntry[0]]\n if (exchangeDataOfDelegation) {\n addPermission(exchangeDataOfDelegation.exchangeData.delegator, delegationEntry[1].permissions)\n addPermission(exchangeDataOfDelegation.exchangeData.delegate, delegationEntry[1].permissions)\n } else {\n updatedRemainingDelegations.push(delegationEntry)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n if (!remainingDelegations.length) return { permissionsByDataOwnerId: accumulatedPermissions, hasUnknownAnonymousDataOwners }\n // 3. Attempt to identify the anonymous data owner of remaining delegations between us (or one of our parents) and an anonymous data owner\n const hierarchy = await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()\n const allHashes = [\n ...remainingDelegations.flatMap(([hash, _]) => hash),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ]\n const encryptedExchangeDataIds = (await this.exchangeDataMap.getExchangeDataMapBatch(allHashes)).reduce((maps, current) => {\n return {\n ...maps,\n [current.id]: current,\n }\n }, {} as { [hash: string]: ExchangeDataMap })\n for (const [hash, delegation] of remainingDelegations) {\n if (hierarchy.some((x) => x === delegation.delegate || x === delegation.delegator)) {\n const dataId = !!encryptedExchangeDataIds[hash]\n ? await this.secureDelegationsEncryption.decryptExchangeDataId(encryptedExchangeDataIds[hash].encryptedExchangeDataIds)\n : undefined\n const exchangeDataInfo = dataId\n ? await this.exchangeData.getDecryptionDataKeyById(dataId, typedEntity.type, typedEntity.entity.secretForeignKeys ?? [], true)\n : undefined\n if (exchangeDataInfo) {\n addPermission(exchangeDataInfo.exchangeData.delegator, delegation.permissions)\n addPermission(exchangeDataInfo.exchangeData.delegate, delegation.permissions)\n } else {\n hasUnknownAnonymousDataOwners = true\n }\n } else {\n hasUnknownAnonymousDataOwners = true\n }\n }\n return {\n permissionsByDataOwnerId: accumulatedPermissions,\n hasUnknownAnonymousDataOwners,\n }\n }\n\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean {\n return Object.values(entity.securityMetadata?.secureDelegations ?? {}).some((d) => d.encryptionKeys?.length)\n }\n\n async getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevel | undefined> {\n if (!dataOwnersHierarchySubset.length) throw new Error(\"`dataOwnersHierarchySubset` can't be empty\")\n // If the data owner is explicit all delegations he can access has his id. If the delegator is anonymous all delegations he can access are\n // accessible by hash. No mixed scenario possible.\n let accessibleDelegations: SecureDelegation[] = Object.values(typedEntity.entity.securityMetadata?.secureDelegations ?? {}).filter(\n (secureDelegation) =>\n dataOwnersHierarchySubset.some((dataOwner) => dataOwner === secureDelegation.delegator || dataOwner === secureDelegation.delegate)\n )\n if (!accessibleDelegations.length) {\n const equivalences = typedEntity.entity.securityMetadata?.keysEquivalences\n const availableCanonicalHashes = Array.from(\n new Set(\n Object.keys(\n await this.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n [\n ...Object.keys(typedEntity.entity.securityMetadata?.secureDelegations ?? {}),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ],\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n ).map((hash) => {\n const canonicalEquivalence = equivalences ? equivalences[hash] : undefined\n return canonicalEquivalence ? canonicalEquivalence : hash\n })\n )\n )\n accessibleDelegations = availableCanonicalHashes.map((hash) => (typedEntity.entity.securityMetadata?.secureDelegations ?? {})[hash])\n }\n\n const permissions = accessibleDelegations.map((secureDelegation) => secureDelegation.permissions)\n let maxLevel: AccessLevel | undefined = undefined\n for (const permission of permissions) {\n if (permission === AccessLevel.WRITE) {\n return AccessLevel.WRITE\n }\n if (permission === AccessLevel.READ) {\n maxLevel = AccessLevel.READ\n }\n }\n return maxLevel\n }\n\n private decryptSecureDelegations(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[],\n getDataToDecrypt: (delegation: SecureDelegation) => string[],\n decryptDataWithKey: (encryptedData: string, key: CryptoKey) => Promise<string>\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n if (!dataOwnersHierarchySubset.length) throw new Error(\"`dataOwnersHierarchySubset` can't be empty\")\n const self = this\n\n async function getFirstDecryptedExchangeDataIdForHash(\n hashes: string[],\n encryptedExchangeDataIdsByDelegationKey: { [hash: string]: ExchangeDataMap }\n ): Promise<string | undefined> {\n for (const hash of new Set(hashes)) {\n const decryptedExchangeDataId = !!encryptedExchangeDataIdsByDelegationKey[hash]\n ? await self.secureDelegationsEncryption.decryptExchangeDataId(encryptedExchangeDataIdsByDelegationKey[hash]?.encryptedExchangeDataIds)\n : undefined\n if (!!decryptedExchangeDataId) return decryptedExchangeDataId\n }\n }\n\n async function decrypt(\n delegation: SecureDelegation,\n exchangeDataDetails: { exchangeData: ExchangeData; exchangeKey: CryptoKey | undefined }\n ): Promise<{ decrypted: string; dataOwnersWithAccess: string[] }[]> {\n if (!exchangeDataDetails.exchangeKey) return []\n const dataToDecrypt = getDataToDecrypt(delegation)\n if (!dataToDecrypt.length) return []\n if (!dataOwnersHierarchySubset.some((x) => x === exchangeDataDetails.exchangeData.delegator || x === exchangeDataDetails.exchangeData.delegate))\n return []\n const dataOwnersWithAccess = [exchangeDataDetails.exchangeData.delegator, exchangeDataDetails.exchangeData.delegate]\n const res = []\n for (const curr of dataToDecrypt) {\n res.push({ decrypted: await decryptDataWithKey(curr, exchangeDataDetails.exchangeKey), dataOwnersWithAccess })\n }\n return res\n }\n\n async function* generator(): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n let remainingDelegations: DelegationDecryptionDetails[] = Object.entries(typedEntity.entity.securityMetadata?.secureDelegations ?? {}).map(\n ([canonicalHash, delegation]) => ({\n delegation,\n hashes: [\n canonicalHash,\n ...Object.entries(typedEntity.entity.securityMetadata?.keysEquivalences ?? {})\n .filter((x) => x[1] == canonicalHash)\n .map((x) => x[0]),\n ],\n })\n )\n\n /*\n * Generate from least expensive to most (in terms of time to decrypt). 1 and 2a have equivalent costs.\n * 1) Secure delegations with cached exchange data by hash\n * 2) Secure delegations with cached exchange data by id for explicit->explicit delegations where delegator and/or delegate is me or parent\n * 3) Non cached secure delegations for explicit->explicit delegations where delegator and/or delegate is me or parent (half of old 3)\n * 4) Decrypt secure delegation id for explicit->anonymous or anonymous->explicit where explicit is me or parent (2b and half of old3)\n */\n\n // Step 1) Secure delegations with cached exchange data by hash\n if (!remainingDelegations.length) return\n const cachedDataByHash = await self.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n [\n ...Object.keys(typedEntity.entity.securityMetadata?.secureDelegations ?? {}),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ],\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n let updatedRemainingDelegations: DelegationDecryptionDetails[] = []\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.hashes.map((h) => cachedDataByHash?.[h]).find((x) => !!x)\n if (exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else if (\n (!!decryptionDetails.delegation.delegate || !!decryptionDetails.delegation.delegator) &&\n dataOwnersHierarchySubset.some((x) => x === decryptionDetails.delegation.delegate || x === decryptionDetails.delegation.delegator)\n ) {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n updatedRemainingDelegations = []\n\n // Step 2) Secure delegations with cached exchange data by id for explicit->explicit delegations where delegator and/or delegate is me or parent\n if (!remainingDelegations.length) return\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.delegation.exchangeDataId\n ? await self.exchangeData.getDecryptionDataKeyById(\n decryptionDetails.delegation.exchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n false\n )\n : undefined\n if (!!exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n updatedRemainingDelegations = []\n\n // Step 3) Non cached secure delegations for explicit->explicit delegations where delegator and/or delegate is me or parent\n if (!remainingDelegations.length) return\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.delegation.exchangeDataId\n ? await self.exchangeData.getDecryptionDataKeyById(\n decryptionDetails.delegation.exchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n true\n )\n : undefined\n if (!!exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n\n // Step 4) Decrypt secure delegation id for explicit->anonymous or anonymous->explicit where explicit is me or parent\n if (!remainingDelegations.length) return\n const allHashes = [\n ...remainingDelegations.flatMap((x) => x.hashes),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ]\n const encryptedExchangeDataIdsByDelegationKey = (await self.exchangeDataMap.getExchangeDataMapBatch(allHashes)).reduce((maps, current) => {\n return {\n ...maps,\n [current.id]: current,\n }\n }, {} as { [hash: string]: ExchangeDataMap })\n for (const decryptionDetails of remainingDelegations) {\n const decryptedExchangeDataId = await getFirstDecryptedExchangeDataIdForHash(\n decryptionDetails.hashes,\n encryptedExchangeDataIdsByDelegationKey\n )\n if (decryptedExchangeDataId) {\n const exchangeDataDetails = await self.exchangeData.getDecryptionDataKeyById(\n decryptedExchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n true\n )\n if (exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n }\n }\n }\n }\n\n return generator()\n }\n}\n"]}
1
+ {"version":3,"file":"SecureDelegationsSecurityMetadataDecryptor.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AACA,2EAAuE;AAKvE,IAAO,WAAW,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAoBrD,MAAa,0CAA0C;IACrD,YACmB,YAAiC,EACjC,eAAuC,EACvC,2BAAwD,EACxD,YAA8B;QAH9B,iBAAY,GAAZ,YAAY,CAAqB;QACjC,oBAAe,GAAf,eAAe,CAAwB;QACvC,gCAA2B,GAA3B,2BAA2B,CAA6B;QACxD,iBAAY,GAAZ,YAAY,CAAkB;IAC9C,CAAC;IAEJ,uBAAuB,CACrB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,cAAc,mCAAI,EAAE,CAAA,EAAA,EAC7B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,CAAC,CACtE,CAAA;IACH,CAAC;IAED,wBAAwB,CACtB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,eAAe,mCAAI,EAAE,CAAA,EAAA,EAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,CAAC,EAAE,CAAC,CAAC,CACvE,CAAA;IACH,CAAC;IAED,kBAAkB,CAChB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,wBAAwB,CAClC,WAAW,EACX,yBAAyB,EACzB,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,SAAS,mCAAI,EAAE,CAAA,EAAA,EACxB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CACjE,CAAA;IACH,CAAC;IAED;;;OAGG;IACG,0BAA0B,CAAC,WAAoC;;;YAGnE,MAAM,GAAG,GAA0D,EAAE,CAAA;YACrE,8GAA8G;YAC9G,IAAI,oBAAoB,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAA;YACvG,IAAI,2BAA2B,GAAiC,EAAE,CAAA;YAClE,KAAK,MAAM,eAAe,IAAI,oBAAoB,EAAE;gBAClD,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAC,CAAA;gBACrC,IAAI,UAAU,CAAC,SAAS,IAAI,UAAU,CAAC,QAAQ,EAAE;oBAC/C,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG;wBACxB,QAAQ,EAAE,UAAU,CAAC,QAAQ;wBAC7B,SAAS,EAAE,UAAU,CAAC,SAAS;wBAC/B,aAAa,EAAE,IAAI;wBACnB,WAAW,EAAE,UAAU,CAAC,WAAW;wBACnC,mBAAmB,EAAE,SAAS;qBAC/B,CAAA;iBACF;qBAAM;oBACL,2BAA2B,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;iBAClD;aACF;YACD,oBAAoB,GAAG,2BAA2B,CAAA;YAClD,IAAI,CAAC,oBAAoB,CAAC,MAAM;gBAAE,OAAO,GAAG,CAAA;YAC5C,2BAA2B,GAAG,EAAE,CAAA;YAChC,mIAAmI;YACnI,mFAAmF;YACnF,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CAC9F,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACrC,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CAAA;YACD,KAAK,MAAM,eAAe,IAAI,oBAAoB,EAAE;gBAClD,MAAM,wBAAwB,GAAG,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;gBACvE,IAAI,wBAAwB,EAAE;oBAC5B,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG;wBACxB,QAAQ,EAAE,wBAAwB,CAAC,YAAY,CAAC,QAAQ;wBACxD,SAAS,EAAE,wBAAwB,CAAC,YAAY,CAAC,SAAS;wBAC1D,aAAa,EAAE,KAAK;wBACpB,WAAW,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,WAAW;wBAC3C,mBAAmB,EAAE,wBAAwB,CAAC,mBAAmB;qBAClE,CAAA;iBACF;qBAAM;oBACL,2BAA2B,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;iBAClD;aACF;YACD,oBAAoB,GAAG,2BAA2B,CAAA;YAClD,IAAI,CAAC,oBAAoB,CAAC,MAAM;gBAAE,OAAO,GAAG,CAAA;YAC5C,2BAA2B,GAAG,EAAE,CAAA;YAChC,0IAA0I;YAC1I,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAA;YAC3E,MAAM,SAAS,GAAG;gBAChB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;gBACpD,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;aAC5E,CAAA;YACD,MAAM,wBAAwB,GAAG,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;gBACxH,uCACK,IAAI,KACP,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,OAAO,IACtB;YACH,CAAC,EAAE,EAAyC,CAAC,CAAA;YAC7C,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,oBAAoB,EAAE;gBACrD,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,UAAU,CAAC,QAAQ,IAAI,CAAC,KAAK,UAAU,CAAC,SAAS,CAAC,EAAE;oBAClF,MAAM,MAAM,GAAG,CAAC,CAAC,wBAAwB,CAAC,IAAI,CAAC;wBAC7C,CAAC,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,wBAAwB,CAAC;wBACvH,CAAC,CAAC,SAAS,CAAA;oBACb,MAAM,gBAAgB,GAAG,MAAM;wBAC7B,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAAC,MAAM,EAAE,WAAW,CAAC,IAAI,EAAE,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAAE,IAAI,CAAC;wBAC9H,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,gBAAgB,EAAE;wBACpB,GAAG,CAAC,IAAI,CAAC,GAAG;4BACV,SAAS,EAAE,gBAAgB,CAAC,YAAY,CAAC,SAAS;4BAClD,QAAQ,EAAE,gBAAgB,CAAC,YAAY,CAAC,QAAQ;4BAChD,aAAa,EAAE,KAAK;4BACpB,WAAW,EAAE,UAAU,CAAC,WAAW;4BACnC,mBAAmB,EAAE,gBAAgB,CAAC,mBAAmB;yBAC1D,CAAA;qBACF;yBAAM;wBACL,2BAA2B,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;qBACrD;iBACF;qBAAM;oBACL,2BAA2B,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAA;iBACrD;aACF;YACD,uCACK,GAAG,GACH,MAAM,CAAC,WAAW,CACnB,2BAA2B,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,gBAAgB,CAAC,EAAE,EAAE,CAAC;gBAC5D,IAAI;gBACJ;oBACE,SAAS,EAAE,gBAAgB,CAAC,SAAS;oBACrC,QAAQ,EAAE,gBAAgB,CAAC,QAAQ;oBACnC,aAAa,EAAE,KAAK;oBACpB,WAAW,EAAE,gBAAgB,CAAC,WAAW;oBACzC,mBAAmB,EAAE,SAAS;iBAC/B;aACF,CAAC,CACH,EACF;;KACF;IAED,oBAAoB,CAAC,MAA6C;;QAChE,OAAO,MAAM,CAAC,MAAM,CAAC,MAAA,MAAA,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,cAAc,0CAAE,MAAM,CAAA,EAAA,CAAC,CAAA;IAC9G,CAAC;IAEK,oBAAoB,CAAC,WAAoC,EAAE,yBAAmC;;;YAClG,IAAI,CAAC,yBAAyB,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;YACpG,0IAA0I;YAC1I,kDAAkD;YAClD,IAAI,qBAAqB,GAAuB,MAAM,CAAC,MAAM,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,MAAM,CAChI,CAAC,gBAAgB,EAAE,EAAE,CACnB,yBAAyB,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,gBAAgB,CAAC,SAAS,IAAI,SAAS,KAAK,gBAAgB,CAAC,QAAQ,CAAC,CACrI,CAAA;YACD,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE;gBACjC,MAAM,YAAY,GAAG,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,CAAA;gBAC1E,MAAM,wBAAwB,GAAG,KAAK,CAAC,IAAI,CACzC,IAAI,GAAG,CACL,MAAM,CAAC,IAAI,CACT,MAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CACnE;oBACE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC;oBAC5E,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,EACD,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CACF,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;oBACb,MAAM,oBAAoB,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;oBAC1E,OAAO,oBAAoB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,CAAA;gBAC3D,CAAC,CAAC,CACH,CACF,CAAA;gBACD,qBAAqB,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,eAAC,OAAA,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA,EAAA,CAAC,CAAA;aACrI;YAED,MAAM,WAAW,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,gBAAgB,EAAE,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACjG,IAAI,QAAQ,GAA4B,SAAS,CAAA;YACjD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;gBACpC,IAAI,UAAU,KAAK,WAAW,CAAC,KAAK,EAAE;oBACpC,OAAO,WAAW,CAAC,KAAK,CAAA;iBACzB;gBACD,IAAI,UAAU,KAAK,WAAW,CAAC,IAAI,EAAE;oBACnC,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAA;iBAC5B;aACF;YACD,OAAO,QAAQ,CAAA;;KAChB;IAEO,wBAAwB,CAC9B,WAAoC,EACpC,yBAAmC,EACnC,gBAA4D,EAC5D,kBAA8E;QAE9E,IAAI,CAAC,yBAAyB,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;QACpG,MAAM,IAAI,GAAG,IAAI,CAAA;QAEjB,SAAe,sCAAsC,CACnD,MAAgB,EAChB,uCAA4E;;;gBAE5E,KAAK,MAAM,IAAI,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE;oBAClC,MAAM,uBAAuB,GAAG,CAAC,CAAC,uCAAuC,CAAC,IAAI,CAAC;wBAC7E,CAAC,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,MAAA,uCAAuC,CAAC,IAAI,CAAC,0CAAE,wBAAwB,CAAC;wBACvI,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,uBAAuB;wBAAE,OAAO,uBAAuB,CAAA;iBAC9D;;SACF;QAED,SAAe,OAAO,CACpB,UAA4B,EAC5B,mBAAuF;;gBAEvF,IAAI,CAAC,mBAAmB,CAAC,WAAW;oBAAE,OAAO,EAAE,CAAA;gBAC/C,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAA;gBAClD,IAAI,CAAC,aAAa,CAAC,MAAM;oBAAE,OAAO,EAAE,CAAA;gBACpC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC,SAAS,IAAI,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC,QAAQ,CAAC;oBAC7I,OAAO,EAAE,CAAA;gBACX,MAAM,oBAAoB,GAAG,CAAC,mBAAmB,CAAC,YAAY,CAAC,SAAS,EAAE,mBAAmB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;gBACpH,MAAM,GAAG,GAAG,EAAE,CAAA;gBACd,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE;oBAChC,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC,IAAI,EAAE,mBAAmB,CAAC,WAAW,CAAC,EAAE,oBAAoB,EAAE,CAAC,CAAA;iBAC/G;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;SAAA;QAED,SAAgB,SAAS;;;gBACvB,IAAI,oBAAoB,GAAkC,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC,CAAC,GAAG,CACxI,CAAC,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE,EAAE;;oBAAC,OAAA,CAAC;wBAChC,UAAU;wBACV,MAAM,EAAE;4BACN,aAAa;4BACb,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iCAC3E,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC;iCACpC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;yBACpB;qBACF,CAAC,CAAA;iBAAA,CACH,CAAA;gBAED;;;;;;mBAMG;gBAEH,+DAA+D;gBAC/D,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,MAAM,gBAAgB,GAAG,cAAM,IAAI,CAAC,YAAY,CAAC,6CAA6C,CAC5F;oBACE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,iBAAiB,mCAAI,EAAE,CAAC;oBAC5E,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,EACD,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC3C,CAAA,CAAA;gBACD,IAAI,2BAA2B,GAAkC,EAAE,CAAA;gBACnE,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;oBACvG,IAAI,mBAAmB,EAAE;wBACvB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM,IACL,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,SAAS,CAAC;wBACrF,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,iBAAiB,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,KAAK,iBAAiB,CAAC,UAAU,CAAC,SAAS,CAAC,EAClI;wBACA,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAClD,2BAA2B,GAAG,EAAE,CAAA;gBAEhC,gJAAgJ;gBAChJ,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,UAAU,CAAC,cAAc;wBACrE,CAAC,CAAC,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC9C,iBAAiB,CAAC,UAAU,CAAC,cAAc,EAC3C,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,KAAK,CACN,CAAA;wBACH,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,mBAAmB,EAAE;wBACzB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM;wBACL,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAClD,2BAA2B,GAAG,EAAE,CAAA;gBAEhC,2HAA2H;gBAC3H,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,UAAU,CAAC,cAAc;wBACrE,CAAC,CAAC,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC9C,iBAAiB,CAAC,UAAU,CAAC,cAAc,EAC3C,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,IAAI,CACL,CAAA;wBACH,CAAC,CAAC,SAAS,CAAA;oBACb,IAAI,CAAC,CAAC,mBAAmB,EAAE;wBACzB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;4BAAE,oBAAM,SAAS,CAAA,CAAA;qBAC1G;yBAAM;wBACL,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;qBACpD;iBACF;gBACD,oBAAoB,GAAG,2BAA2B,CAAA;gBAElD,qHAAqH;gBACrH,IAAI,CAAC,oBAAoB,CAAC,MAAM;oBAAE,6BAAM;gBACxC,MAAM,SAAS,GAAG;oBAChB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;oBAChD,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,MAAA,WAAW,CAAC,MAAM,CAAC,gBAAgB,0CAAE,gBAAgB,mCAAI,EAAE,CAAC;iBAC5E,CAAA;gBACD,MAAM,uCAAuC,GAAG,CAAC,cAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAA,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;oBACvI,uCACK,IAAI,KACP,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,OAAO,IACtB;gBACH,CAAC,EAAE,EAAyC,CAAC,CAAA;gBAC7C,KAAK,MAAM,iBAAiB,IAAI,oBAAoB,EAAE;oBACpD,MAAM,uBAAuB,GAAG,cAAM,sCAAsC,CAC1E,iBAAiB,CAAC,MAAM,EACxB,uCAAuC,CACxC,CAAA,CAAA;oBACD,IAAI,uBAAuB,EAAE;wBAC3B,MAAM,mBAAmB,GAAG,cAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC1E,uBAAuB,EACvB,WAAW,CAAC,IAAI,EAChB,MAAA,WAAW,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,EAC1C,IAAI,CACL,CAAA,CAAA;wBACD,IAAI,mBAAmB,EAAE;4BACvB,KAAK,MAAM,SAAS,IAAI,cAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;gCAAE,oBAAM,SAAS,CAAA,CAAA;yBAC1G;qBACF;iBACF;;SACF;QAED,OAAO,SAAS,EAAE,CAAA;IACpB,CAAC;CACF;AA/VD,gGA+VC","sourcesContent":["import { SecurityMetadataDecryptor } from './SecurityMetadataDecryptor'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { ExchangeDataManager } from './ExchangeDataManager'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { SecureDelegationsEncryption } from './SecureDelegationsEncryption'\nimport AccessLevel = SecureDelegation.AccessLevelEnum\nimport { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { ExchangeDataMapManager } from './ExchangeDataMapManager'\nimport { ExchangeDataMap } from '../../icc-api/model/internal/ExchangeDataMap'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\ntype DelegationDecryptionDetails = {\n delegation: SecureDelegation\n hashes: string[]\n}\n\nexport type DelegationMembersDetails = {\n delegator: string | undefined\n delegate: string | undefined\n fullyExplicit: boolean\n accessControlSecret: string | undefined\n accessLevel: AccessLevelEnum\n}\n\nexport class SecureDelegationsSecurityMetadataDecryptor implements SecurityMetadataDecryptor {\n constructor(\n private readonly exchangeData: ExchangeDataManager,\n private readonly exchangeDataMap: ExchangeDataMapManager,\n private readonly secureDelegationsEncryption: SecureDelegationsEncryption,\n private readonly dataOwnerApi: IccDataOwnerXApi\n ) {}\n\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.encryptionKeys ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptEncryptionKey(e, k)\n )\n }\n\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.owningEntityIds ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptOwningEntityId(e, k)\n )\n }\n\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.decryptSecureDelegations(\n typedEntity,\n dataOwnersHierarchySubset,\n (d) => d.secretIds ?? [],\n (e, k) => this.secureDelegationsEncryption.decryptSecretId(e, k)\n )\n }\n\n /**\n * Get information for members of secure delegations in the entity. Also provides information for delegations with anonymous delegate and/or\n * delegator if one of the delegation members is the current data owner (or a parent) AND has still access to the exchange data used in the .\n */\n async getDelegationMemberDetails(typedEntity: EncryptedEntityWithType): Promise<{\n [delegationKey: string]: DelegationMembersDetails\n }> {\n const res: { [delegationKey: string]: DelegationMembersDetails } = {}\n // 1. Add all explicit data owners, keep only delegations with at least an anonymous data owner to check later\n let remainingDelegations = Object.entries(typedEntity.entity.securityMetadata?.secureDelegations ?? {})\n let updatedRemainingDelegations: [string, SecureDelegation][] = []\n for (const delegationEntry of remainingDelegations) {\n const delegation = delegationEntry[1]\n if (delegation.delegator && delegation.delegate) {\n res[delegationEntry[0]] = {\n delegate: delegation.delegate,\n delegator: delegation.delegator,\n fullyExplicit: true,\n accessLevel: delegation.permissions,\n accessControlSecret: undefined,\n }\n } else {\n updatedRemainingDelegations.push(delegationEntry)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n if (!remainingDelegations.length) return res\n updatedRemainingDelegations = []\n // 2. Attempt to identify the anonymous data owner of remaining delegations by checking if we have the exchange data cached by hash\n // Note: we can find exchange data by hash only if we could successfully decrypt it\n const cachedExchangeData = await this.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n remainingDelegations.map((d) => d[0]),\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n for (const delegationEntry of remainingDelegations) {\n const exchangeDataOfDelegation = cachedExchangeData[delegationEntry[0]]\n if (exchangeDataOfDelegation) {\n res[delegationEntry[0]] = {\n delegate: exchangeDataOfDelegation.exchangeData.delegate,\n delegator: exchangeDataOfDelegation.exchangeData.delegator,\n fullyExplicit: false,\n accessLevel: delegationEntry[1].permissions,\n accessControlSecret: exchangeDataOfDelegation.accessControlSecret,\n }\n } else {\n updatedRemainingDelegations.push(delegationEntry)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n if (!remainingDelegations.length) return res\n updatedRemainingDelegations = []\n // 3. Attempt to identify the anonymous data owner of remaining delegations between us (or one of our parents) and an anonymous data owner\n const hierarchy = await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()\n const allHashes = [\n ...remainingDelegations.flatMap(([hash, _]) => hash),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ]\n const encryptedExchangeDataIds = (await this.exchangeDataMap.getExchangeDataMapBatch(allHashes)).reduce((maps, current) => {\n return {\n ...maps,\n [current.id]: current,\n }\n }, {} as { [hash: string]: ExchangeDataMap })\n for (const [hash, delegation] of remainingDelegations) {\n if (hierarchy.some((x) => x === delegation.delegate || x === delegation.delegator)) {\n const dataId = !!encryptedExchangeDataIds[hash]\n ? await this.secureDelegationsEncryption.decryptExchangeDataId(encryptedExchangeDataIds[hash].encryptedExchangeDataIds)\n : undefined\n const exchangeDataInfo = dataId\n ? await this.exchangeData.getDecryptionDataKeyById(dataId, typedEntity.type, typedEntity.entity.secretForeignKeys ?? [], true)\n : undefined\n if (exchangeDataInfo) {\n res[hash] = {\n delegator: exchangeDataInfo.exchangeData.delegator,\n delegate: exchangeDataInfo.exchangeData.delegate,\n fullyExplicit: false,\n accessLevel: delegation.permissions,\n accessControlSecret: exchangeDataInfo.accessControlSecret,\n }\n } else {\n updatedRemainingDelegations.push([hash, delegation])\n }\n } else {\n updatedRemainingDelegations.push([hash, delegation])\n }\n }\n return {\n ...res,\n ...Object.fromEntries(\n updatedRemainingDelegations.map(([hash, secureDelegation]) => [\n hash,\n {\n delegator: secureDelegation.delegator,\n delegate: secureDelegation.delegate,\n fullyExplicit: false,\n accessLevel: secureDelegation.permissions,\n accessControlSecret: undefined,\n },\n ])\n ),\n }\n }\n\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean {\n return Object.values(entity.securityMetadata?.secureDelegations ?? {}).some((d) => d.encryptionKeys?.length)\n }\n\n async getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevel | undefined> {\n if (!dataOwnersHierarchySubset.length) throw new Error(\"`dataOwnersHierarchySubset` can't be empty\")\n // If the data owner is explicit all delegations he can access has his id. If the delegator is anonymous all delegations he can access are\n // accessible by hash. No mixed scenario possible.\n let accessibleDelegations: SecureDelegation[] = Object.values(typedEntity.entity.securityMetadata?.secureDelegations ?? {}).filter(\n (secureDelegation) =>\n dataOwnersHierarchySubset.some((dataOwner) => dataOwner === secureDelegation.delegator || dataOwner === secureDelegation.delegate)\n )\n if (!accessibleDelegations.length) {\n const equivalences = typedEntity.entity.securityMetadata?.keysEquivalences\n const availableCanonicalHashes = Array.from(\n new Set(\n Object.keys(\n await this.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n [\n ...Object.keys(typedEntity.entity.securityMetadata?.secureDelegations ?? {}),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ],\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n ).map((hash) => {\n const canonicalEquivalence = equivalences ? equivalences[hash] : undefined\n return canonicalEquivalence ? canonicalEquivalence : hash\n })\n )\n )\n accessibleDelegations = availableCanonicalHashes.map((hash) => (typedEntity.entity.securityMetadata?.secureDelegations ?? {})[hash])\n }\n\n const permissions = accessibleDelegations.map((secureDelegation) => secureDelegation.permissions)\n let maxLevel: AccessLevel | undefined = undefined\n for (const permission of permissions) {\n if (permission === AccessLevel.WRITE) {\n return AccessLevel.WRITE\n }\n if (permission === AccessLevel.READ) {\n maxLevel = AccessLevel.READ\n }\n }\n return maxLevel\n }\n\n private decryptSecureDelegations(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[],\n getDataToDecrypt: (delegation: SecureDelegation) => string[],\n decryptDataWithKey: (encryptedData: string, key: CryptoKey) => Promise<string>\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n if (!dataOwnersHierarchySubset.length) throw new Error(\"`dataOwnersHierarchySubset` can't be empty\")\n const self = this\n\n async function getFirstDecryptedExchangeDataIdForHash(\n hashes: string[],\n encryptedExchangeDataIdsByDelegationKey: { [hash: string]: ExchangeDataMap }\n ): Promise<string | undefined> {\n for (const hash of new Set(hashes)) {\n const decryptedExchangeDataId = !!encryptedExchangeDataIdsByDelegationKey[hash]\n ? await self.secureDelegationsEncryption.decryptExchangeDataId(encryptedExchangeDataIdsByDelegationKey[hash]?.encryptedExchangeDataIds)\n : undefined\n if (!!decryptedExchangeDataId) return decryptedExchangeDataId\n }\n }\n\n async function decrypt(\n delegation: SecureDelegation,\n exchangeDataDetails: { exchangeData: ExchangeData; exchangeKey: CryptoKey | undefined }\n ): Promise<{ decrypted: string; dataOwnersWithAccess: string[] }[]> {\n if (!exchangeDataDetails.exchangeKey) return []\n const dataToDecrypt = getDataToDecrypt(delegation)\n if (!dataToDecrypt.length) return []\n if (!dataOwnersHierarchySubset.some((x) => x === exchangeDataDetails.exchangeData.delegator || x === exchangeDataDetails.exchangeData.delegate))\n return []\n const dataOwnersWithAccess = [exchangeDataDetails.exchangeData.delegator, exchangeDataDetails.exchangeData.delegate]\n const res = []\n for (const curr of dataToDecrypt) {\n res.push({ decrypted: await decryptDataWithKey(curr, exchangeDataDetails.exchangeKey), dataOwnersWithAccess })\n }\n return res\n }\n\n async function* generator(): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n let remainingDelegations: DelegationDecryptionDetails[] = Object.entries(typedEntity.entity.securityMetadata?.secureDelegations ?? {}).map(\n ([canonicalHash, delegation]) => ({\n delegation,\n hashes: [\n canonicalHash,\n ...Object.entries(typedEntity.entity.securityMetadata?.keysEquivalences ?? {})\n .filter((x) => x[1] == canonicalHash)\n .map((x) => x[0]),\n ],\n })\n )\n\n /*\n * Generate from least expensive to most (in terms of time to decrypt). 1 and 2a have equivalent costs.\n * 1) Secure delegations with cached exchange data by hash\n * 2) Secure delegations with cached exchange data by id for explicit->explicit delegations where delegator and/or delegate is me or parent\n * 3) Non cached secure delegations for explicit->explicit delegations where delegator and/or delegate is me or parent (half of old 3)\n * 4) Decrypt secure delegation id for explicit->anonymous or anonymous->explicit where explicit is me or parent (2b and half of old3)\n */\n\n // Step 1) Secure delegations with cached exchange data by hash\n if (!remainingDelegations.length) return\n const cachedDataByHash = await self.exchangeData.getCachedDecryptionDataKeyByAccessControlHash(\n [\n ...Object.keys(typedEntity.entity.securityMetadata?.secureDelegations ?? {}),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ],\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? []\n )\n let updatedRemainingDelegations: DelegationDecryptionDetails[] = []\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.hashes.map((h) => cachedDataByHash?.[h]).find((x) => !!x)\n if (exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else if (\n (!!decryptionDetails.delegation.delegate || !!decryptionDetails.delegation.delegator) &&\n dataOwnersHierarchySubset.some((x) => x === decryptionDetails.delegation.delegate || x === decryptionDetails.delegation.delegator)\n ) {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n updatedRemainingDelegations = []\n\n // Step 2) Secure delegations with cached exchange data by id for explicit->explicit delegations where delegator and/or delegate is me or parent\n if (!remainingDelegations.length) return\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.delegation.exchangeDataId\n ? await self.exchangeData.getDecryptionDataKeyById(\n decryptionDetails.delegation.exchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n false\n )\n : undefined\n if (!!exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n updatedRemainingDelegations = []\n\n // Step 3) Non cached secure delegations for explicit->explicit delegations where delegator and/or delegate is me or parent\n if (!remainingDelegations.length) return\n for (const decryptionDetails of remainingDelegations) {\n const exchangeDataDetails = decryptionDetails.delegation.exchangeDataId\n ? await self.exchangeData.getDecryptionDataKeyById(\n decryptionDetails.delegation.exchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n true\n )\n : undefined\n if (!!exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n } else {\n updatedRemainingDelegations.push(decryptionDetails)\n }\n }\n remainingDelegations = updatedRemainingDelegations\n\n // Step 4) Decrypt secure delegation id for explicit->anonymous or anonymous->explicit where explicit is me or parent\n if (!remainingDelegations.length) return\n const allHashes = [\n ...remainingDelegations.flatMap((x) => x.hashes),\n ...Object.keys(typedEntity.entity.securityMetadata?.keysEquivalences ?? {}),\n ]\n const encryptedExchangeDataIdsByDelegationKey = (await self.exchangeDataMap.getExchangeDataMapBatch(allHashes)).reduce((maps, current) => {\n return {\n ...maps,\n [current.id]: current,\n }\n }, {} as { [hash: string]: ExchangeDataMap })\n for (const decryptionDetails of remainingDelegations) {\n const decryptedExchangeDataId = await getFirstDecryptedExchangeDataIdForHash(\n decryptionDetails.hashes,\n encryptedExchangeDataIdsByDelegationKey\n )\n if (decryptedExchangeDataId) {\n const exchangeDataDetails = await self.exchangeData.getDecryptionDataKeyById(\n decryptedExchangeDataId,\n typedEntity.type,\n typedEntity.entity.secretForeignKeys ?? [],\n true\n )\n if (exchangeDataDetails) {\n for (const decrypted of await decrypt(decryptionDetails.delegation, exchangeDataDetails)) yield decrypted\n }\n }\n }\n }\n\n return generator()\n }\n}\n"]}
@@ -1,7 +1,6 @@
1
1
  import { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models';
2
2
  import { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName';
3
3
  import { SecureDelegation } from '../../icc-api/model/SecureDelegation';
4
- import AccessLevel = SecureDelegation.AccessLevelEnum;
5
4
  import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
6
5
  /**
7
6
  * @internal this class is for internal use only and may be changed without notice.
@@ -66,17 +65,7 @@ export interface SecurityMetadataDecryptor {
66
65
  * access level. This array should contain only data owners from the current data owner hierarchy.
67
66
  * @return the access level to the entity or undefined if none of the data owners has full access to the entity.
68
67
  */
69
- getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevel | undefined>;
70
- /**
71
- * Get the access level of each data owner with access to the entity according to the metadata supported by this decryptor.
72
- * See {@link EncryptedEntityXApi.getDataOwnersWithAccessTo} for details on the expected behaviour.
73
- */
74
- getDataOwnersWithAccessTo(typedEntity: EncryptedEntityWithType): Promise<{
75
- permissionsByDataOwnerId: {
76
- [dataOwnerId: string]: AccessLevelEnum;
77
- };
78
- hasUnknownAnonymousDataOwners: boolean;
79
- }>;
68
+ getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevelEnum | undefined>;
80
69
  /**
81
70
  * Verifies if there is at least one (encrypted) encryption key in the metadata supported by this decryptor, even if it can't be decrypted by the
82
71
  * current data owner.
@@ -104,11 +93,5 @@ export declare class SecurityMetadataDecryptorChain implements SecurityMetadataD
104
93
  }, void, never>;
105
94
  getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<SecureDelegation.AccessLevelEnum | undefined>;
106
95
  hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean;
107
- getDataOwnersWithAccessTo(typedEntity: EncryptedEntityWithType): Promise<{
108
- permissionsByDataOwnerId: {
109
- [dataOwnerId: string]: AccessLevelEnum;
110
- };
111
- hasUnknownAnonymousDataOwners: boolean;
112
- }>;
113
96
  private concatenate;
114
97
  }
@@ -23,7 +23,7 @@ var __asyncGenerator = (this && this.__asyncGenerator) || function (thisArg, _ar
23
23
  Object.defineProperty(exports, "__esModule", { value: true });
24
24
  exports.SecurityMetadataDecryptorChain = void 0;
25
25
  const SecureDelegation_1 = require("../../icc-api/model/SecureDelegation");
26
- var AccessLevel = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
26
+ var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
27
27
  /**
28
28
  * @internal this class is meant for internal use only and may be changed without notice.
29
29
  * Security metadata decryptor which combines other existing decryptors.
@@ -46,11 +46,11 @@ class SecurityMetadataDecryptorChain {
46
46
  let currMaxLevel = undefined;
47
47
  for (const d of this.decryptors) {
48
48
  const currLevel = yield d.getEntityAccessLevel(typedEntity, dataOwnersHierarchySubset);
49
- if (currLevel === AccessLevel.WRITE) {
49
+ if (currLevel === AccessLevelEnum.WRITE) {
50
50
  return currLevel;
51
51
  }
52
- if (currLevel === AccessLevel.READ) {
53
- currMaxLevel = AccessLevel.READ;
52
+ if (currLevel === AccessLevelEnum.READ) {
53
+ currMaxLevel = AccessLevelEnum.READ;
54
54
  }
55
55
  }
56
56
  return currMaxLevel;
@@ -59,25 +59,6 @@ class SecurityMetadataDecryptorChain {
59
59
  hasAnyEncryptionKeys(entity) {
60
60
  return this.decryptors.some((d) => d.hasAnyEncryptionKeys(entity));
61
61
  }
62
- getDataOwnersWithAccessTo(typedEntity) {
63
- return __awaiter(this, void 0, void 0, function* () {
64
- const accumulatedPermissions = {};
65
- let hasUnknownAnonymousDataOwners = false;
66
- for (const d of this.decryptors) {
67
- const currAccess = yield d.getDataOwnersWithAccessTo(typedEntity);
68
- hasUnknownAnonymousDataOwners = hasUnknownAnonymousDataOwners || currAccess.hasUnknownAnonymousDataOwners;
69
- for (const [dataOwnerId, level] of Object.entries(currAccess.permissionsByDataOwnerId)) {
70
- if (accumulatedPermissions[dataOwnerId] !== AccessLevel.WRITE) {
71
- accumulatedPermissions[dataOwnerId] = level;
72
- }
73
- }
74
- }
75
- return {
76
- permissionsByDataOwnerId: accumulatedPermissions,
77
- hasUnknownAnonymousDataOwners,
78
- };
79
- });
80
- }
81
62
  concatenate(getGenerator) {
82
63
  function generator(decryptors) {
83
64
  return __asyncGenerator(this, arguments, function* generator_1() {
@@ -1 +1 @@
1
- {"version":3,"file":"SecurityMetadataDecryptor.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecurityMetadataDecryptor.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAEA,2EAAuE;AACvE,IAAO,WAAW,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAuFrD;;;GAGG;AACH,MAAa,8BAA8B;IACzC,YAA6B,UAAuC;QAAvC,eAAU,GAAV,UAAU,CAA6B;IAAG,CAAC;IAExE,uBAAuB,CACrB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IACnG,CAAC;IAED,wBAAwB,CACtB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,wBAAwB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,kBAAkB,CAChB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IAC9F,CAAC;IAEK,oBAAoB,CACxB,WAAoC,EACpC,yBAAmC;;YAEnC,IAAI,YAAY,GAAiD,SAAS,CAAA;YAC1E,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE;gBAC/B,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,oBAAoB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAA;gBACtF,IAAI,SAAS,KAAK,WAAW,CAAC,KAAK,EAAE;oBACnC,OAAO,SAAS,CAAA;iBACjB;gBACD,IAAI,SAAS,KAAK,WAAW,CAAC,IAAI,EAAE;oBAClC,YAAY,GAAG,WAAW,CAAC,IAAI,CAAA;iBAChC;aACF;YACD,OAAO,YAAY,CAAA;QACrB,CAAC;KAAA;IAED,oBAAoB,CAAC,MAA6C;QAChE,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAA;IACpE,CAAC;IAEK,yBAAyB,CAAC,WAAoC;;YAIlE,MAAM,sBAAsB,GAA+C,EAAE,CAAA;YAC7E,IAAI,6BAA6B,GAAG,KAAK,CAAA;YACzC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE;gBAC/B,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAA;gBACjE,6BAA6B,GAAG,6BAA6B,IAAI,UAAU,CAAC,6BAA6B,CAAA;gBACzG,KAAK,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,wBAAwB,CAAC,EAAE;oBACtF,IAAI,sBAAsB,CAAC,WAAW,CAAC,KAAK,WAAW,CAAC,KAAK,EAAE;wBAC7D,sBAAsB,CAAC,WAAW,CAAC,GAAG,KAAK,CAAA;qBAC5C;iBACF;aACF;YACD,OAAO;gBACL,wBAAwB,EAAE,sBAAsB;gBAChD,6BAA6B;aAC9B,CAAA;QACH,CAAC;KAAA;IAEO,WAAW,CAAI,YAA8E;QACnG,SAAgB,SAAS,CAAC,UAAuC;;gBAC/D,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE;oBAC1B,MAAM,aAAa,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;oBACrC,IAAI,IAAI,GAAG,cAAM,aAAa,CAAC,IAAI,EAAE,CAAA,CAAA;oBACrC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE;wBACjB,oBAAM,IAAI,CAAC,KAAK,CAAA,CAAA;wBAChB,IAAI,GAAG,cAAM,aAAa,CAAC,IAAI,EAAE,CAAA,CAAA;qBAClC;iBACF;YACH,CAAC;SAAA;QACD,OAAO,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACnC,CAAC;CACF;AA/ED,wEA+EC","sourcesContent":["import { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport AccessLevel = SecureDelegation.AccessLevelEnum\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n * Logic for the decryption of the metadata used for access control, encryption, and other security features in an entity.\n */\nexport interface SecurityMetadataDecryptor {\n /**\n * Decrypt the encryption keys for an entity. Keys must be returned in raw hex format, removing dashes if they were generated from a UUID.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted exchange key which yields objects containing:\n * - `decrypted`: a decrypted encryption key for {@link typedEntity}. Note that the same key may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * key was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Decrypt the secret ids for an entity.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted secret ids which yields objects containing:\n * - `decrypted`: a decrypted secret id of {@link entity}. Note that the same id may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * id was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Decrypt the owning entity ids of an entity.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted owning entity ids which yields objects containing:\n * - `decrypted`: a decrypted owning entity id of {@link entity}. Note that the same id may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * id was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Get the maximum access level that any data owner in {@link dataOwnersHierarchySubset} has to {@link typedEntity}, according to the metadata\n * supported by this decryptor.\n * - If at least a data owner in {@link dataOwnersHierarchySubset} has write access the method returns {@link AccessLevel.WRITE}.\n * - If at least a data owner in {@link dataOwnersHierarchySubset} has read access and no data owner has write access the method returns\n * {@link AccessLevel.READ}.\n * - If a data owner has no access to the entity the method returns undefined (this can happen if the data owner has access to an entity through\n * some metadata which is not supported by this decryptor).\n * @param typedEntity an entity\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when calculating the\n * access level. This array should contain only data owners from the current data owner hierarchy.\n * @return the access level to the entity or undefined if none of the data owners has full access to the entity.\n */\n getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevel | undefined>\n\n /**\n * Get the access level of each data owner with access to the entity according to the metadata supported by this decryptor.\n * See {@link EncryptedEntityXApi.getDataOwnersWithAccessTo} for details on the expected behaviour.\n */\n getDataOwnersWithAccessTo(typedEntity: EncryptedEntityWithType): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: AccessLevelEnum }\n hasUnknownAnonymousDataOwners: boolean\n }>\n\n /**\n * Verifies if there is at least one (encrypted) encryption key in the metadata supported by this decryptor, even if it can't be decrypted by the\n * current data owner.\n */\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean\n}\n\n/**\n * @internal this class is meant for internal use only and may be changed without notice.\n * Security metadata decryptor which combines other existing decryptors.\n */\nexport class SecurityMetadataDecryptorChain implements SecurityMetadataDecryptor {\n constructor(private readonly decryptors: SecurityMetadataDecryptor[]) {}\n\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptEncryptionKeysOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptOwningEntityIdsOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptSecretIdsOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n async getEntityAccessLevel(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): Promise<SecureDelegation.AccessLevelEnum | undefined> {\n let currMaxLevel: SecureDelegation.AccessLevelEnum | undefined = undefined\n for (const d of this.decryptors) {\n const currLevel = await d.getEntityAccessLevel(typedEntity, dataOwnersHierarchySubset)\n if (currLevel === AccessLevel.WRITE) {\n return currLevel\n }\n if (currLevel === AccessLevel.READ) {\n currMaxLevel = AccessLevel.READ\n }\n }\n return currMaxLevel\n }\n\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean {\n return this.decryptors.some((d) => d.hasAnyEncryptionKeys(entity))\n }\n\n async getDataOwnersWithAccessTo(typedEntity: EncryptedEntityWithType): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: AccessLevelEnum }\n hasUnknownAnonymousDataOwners: boolean\n }> {\n const accumulatedPermissions: { [dataOwnerId: string]: AccessLevelEnum } = {}\n let hasUnknownAnonymousDataOwners = false\n for (const d of this.decryptors) {\n const currAccess = await d.getDataOwnersWithAccessTo(typedEntity)\n hasUnknownAnonymousDataOwners = hasUnknownAnonymousDataOwners || currAccess.hasUnknownAnonymousDataOwners\n for (const [dataOwnerId, level] of Object.entries(currAccess.permissionsByDataOwnerId)) {\n if (accumulatedPermissions[dataOwnerId] !== AccessLevel.WRITE) {\n accumulatedPermissions[dataOwnerId] = level\n }\n }\n }\n return {\n permissionsByDataOwnerId: accumulatedPermissions,\n hasUnknownAnonymousDataOwners,\n }\n }\n\n private concatenate<T>(getGenerator: (d: SecurityMetadataDecryptor) => AsyncGenerator<T, void, never>): AsyncGenerator<T, void, never> {\n async function* generator(decryptors: SecurityMetadataDecryptor[]): AsyncGenerator<T, void, never> {\n for (const d of decryptors) {\n const currGenerator = getGenerator(d)\n let next = await currGenerator.next()\n while (!next.done) {\n yield next.value\n next = await currGenerator.next()\n }\n }\n }\n return generator(this.decryptors)\n }\n}\n"]}
1
+ {"version":3,"file":"SecurityMetadataDecryptor.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecurityMetadataDecryptor.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAEA,2EAAuE;AACvE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AA6EzD;;;GAGG;AACH,MAAa,8BAA8B;IACzC,YAA6B,UAAuC;QAAvC,eAAU,GAAV,UAAU,CAA6B;IAAG,CAAC;IAExE,uBAAuB,CACrB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IACnG,CAAC;IAED,wBAAwB,CACtB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,wBAAwB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,kBAAkB,CAChB,WAAoC,EACpC,yBAAmC;QAEnC,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAA;IAC9F,CAAC;IAEK,oBAAoB,CACxB,WAAoC,EACpC,yBAAmC;;YAEnC,IAAI,YAAY,GAAiD,SAAS,CAAA;YAC1E,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE;gBAC/B,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,oBAAoB,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAA;gBACtF,IAAI,SAAS,KAAK,eAAe,CAAC,KAAK,EAAE;oBACvC,OAAO,SAAS,CAAA;iBACjB;gBACD,IAAI,SAAS,KAAK,eAAe,CAAC,IAAI,EAAE;oBACtC,YAAY,GAAG,eAAe,CAAC,IAAI,CAAA;iBACpC;aACF;YACD,OAAO,YAAY,CAAA;QACrB,CAAC;KAAA;IAED,oBAAoB,CAAC,MAA6C;QAChE,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAA;IACpE,CAAC;IAEO,WAAW,CAAI,YAA8E;QACnG,SAAgB,SAAS,CAAC,UAAuC;;gBAC/D,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE;oBAC1B,MAAM,aAAa,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;oBACrC,IAAI,IAAI,GAAG,cAAM,aAAa,CAAC,IAAI,EAAE,CAAA,CAAA;oBACrC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE;wBACjB,oBAAM,IAAI,CAAC,KAAK,CAAA,CAAA;wBAChB,IAAI,GAAG,cAAM,aAAa,CAAC,IAAI,EAAE,CAAA,CAAA;qBAClC;iBACF;YACH,CAAC;SAAA;QACD,OAAO,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACnC,CAAC;CACF;AA1DD,wEA0DC","sourcesContent":["import { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n * Logic for the decryption of the metadata used for access control, encryption, and other security features in an entity.\n */\nexport interface SecurityMetadataDecryptor {\n /**\n * Decrypt the encryption keys for an entity. Keys must be returned in raw hex format, removing dashes if they were generated from a UUID.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted exchange key which yields objects containing:\n * - `decrypted`: a decrypted encryption key for {@link typedEntity}. Note that the same key may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * key was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Decrypt the secret ids for an entity.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted secret ids which yields objects containing:\n * - `decrypted`: a decrypted secret id of {@link entity}. Note that the same id may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * id was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Decrypt the owning entity ids of an entity.\n * @param typedEntity an encrypted entity or its stub.\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when decrypting. It should\n * contain only data owners from the current data owner hierarchy.\n * @throws if dataOwnersHierarchySubset is empty\n * @return a generator for the decrypted owning entity ids which yields objects containing:\n * - `decrypted`: a decrypted owning entity id of {@link entity}. Note that the same id may be yielded multiple times by the generator.\n * - `dataOwnersWithAccess`: data owners which have access to the exchange data necessary for the decryption of the encrypted data from which this\n * id was extracted. The generator may yield more elements with the same `decrypted` but different `dataOwnersWithAccess`\n */\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never>\n\n /**\n * Get the maximum access level that any data owner in {@link dataOwnersHierarchySubset} has to {@link typedEntity}, according to the metadata\n * supported by this decryptor.\n * - If at least a data owner in {@link dataOwnersHierarchySubset} has write access the method returns {@link AccessLevel.WRITE}.\n * - If at least a data owner in {@link dataOwnersHierarchySubset} has read access and no data owner has write access the method returns\n * {@link AccessLevel.READ}.\n * - If a data owner has no access to the entity the method returns undefined (this can happen if the data owner has access to an entity through\n * some metadata which is not supported by this decryptor).\n * @param typedEntity an entity\n * @param dataOwnersHierarchySubset only exchange data that is accessible to data owners in this array will be considered when calculating the\n * access level. This array should contain only data owners from the current data owner hierarchy.\n * @return the access level to the entity or undefined if none of the data owners has full access to the entity.\n */\n getEntityAccessLevel(typedEntity: EncryptedEntityWithType, dataOwnersHierarchySubset: string[]): Promise<AccessLevelEnum | undefined>\n\n /**\n * Verifies if there is at least one (encrypted) encryption key in the metadata supported by this decryptor, even if it can't be decrypted by the\n * current data owner.\n */\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean\n}\n\n/**\n * @internal this class is meant for internal use only and may be changed without notice.\n * Security metadata decryptor which combines other existing decryptors.\n */\nexport class SecurityMetadataDecryptorChain implements SecurityMetadataDecryptor {\n constructor(private readonly decryptors: SecurityMetadataDecryptor[]) {}\n\n decryptEncryptionKeysOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptEncryptionKeysOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n decryptOwningEntityIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptOwningEntityIdsOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n decryptSecretIdsOf(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): AsyncGenerator<{ decrypted: string; dataOwnersWithAccess: string[] }, void, never> {\n return this.concatenate((d) => d.decryptSecretIdsOf(typedEntity, dataOwnersHierarchySubset))\n }\n\n async getEntityAccessLevel(\n typedEntity: EncryptedEntityWithType,\n dataOwnersHierarchySubset: string[]\n ): Promise<SecureDelegation.AccessLevelEnum | undefined> {\n let currMaxLevel: SecureDelegation.AccessLevelEnum | undefined = undefined\n for (const d of this.decryptors) {\n const currLevel = await d.getEntityAccessLevel(typedEntity, dataOwnersHierarchySubset)\n if (currLevel === AccessLevelEnum.WRITE) {\n return currLevel\n }\n if (currLevel === AccessLevelEnum.READ) {\n currMaxLevel = AccessLevelEnum.READ\n }\n }\n return currMaxLevel\n }\n\n hasAnyEncryptionKeys(entity: EncryptedEntity | EncryptedEntityStub): boolean {\n return this.decryptors.some((d) => d.hasAnyEncryptionKeys(entity))\n }\n\n private concatenate<T>(getGenerator: (d: SecurityMetadataDecryptor) => AsyncGenerator<T, void, never>): AsyncGenerator<T, void, never> {\n async function* generator(decryptors: SecurityMetadataDecryptor[]): AsyncGenerator<T, void, never> {\n for (const d of decryptors) {\n const currGenerator = getGenerator(d)\n let next = await currGenerator.next()\n while (!next.done) {\n yield next.value\n next = await currGenerator.next()\n }\n }\n }\n return generator(this.decryptors)\n }\n}\n"]}
@@ -0,0 +1,8 @@
1
+ import { AbstractFilterMessage } from "../../icc-api/model/AbstractFilterMessage";
2
+ export declare class LatestMessageByHcPartyTransportGuidFilter extends AbstractFilterMessage {
3
+ $type: string;
4
+ constructor(json: JSON | any);
5
+ healthcarePartyId?: string;
6
+ transportGuid?: string;
7
+ desc?: string;
8
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.LatestMessageByHcPartyTransportGuidFilter = void 0;
4
+ const AbstractFilterMessage_1 = require("../../icc-api/model/AbstractFilterMessage");
5
+ class LatestMessageByHcPartyTransportGuidFilter extends AbstractFilterMessage_1.AbstractFilterMessage {
6
+ constructor(json) {
7
+ super(json);
8
+ this.$type = 'LatestMessageByHcPartyTransportGuidFilter';
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.LatestMessageByHcPartyTransportGuidFilter = LatestMessageByHcPartyTransportGuidFilter;
13
+ //# sourceMappingURL=LatestMessageByHcPartyTransportGuidFilter.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"LatestMessageByHcPartyTransportGuidFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.ts"],"names":[],"mappings":";;;AAAA,qFAAgF;AAEhF,MAAa,yCAA0C,SAAQ,6CAAqB;IAEhF,YAAY,IAAgB;QACxB,KAAK,CAAC,IAAI,CAAC,CAAA;QAFf,UAAK,GAAW,2CAA2C,CAAA;QAIvD,MAAM,CAAC,MAAM,CAAC,IAAiD,EAAE,IAAI,CAAC,CAAA;IAC1E,CAAC;CAKJ;AAXD,8FAWC","sourcesContent":["import {AbstractFilterMessage} from \"../../icc-api/model/AbstractFilterMessage\";\n\nexport class LatestMessageByHcPartyTransportGuidFilter extends AbstractFilterMessage {\n $type: string = 'LatestMessageByHcPartyTransportGuidFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as LatestMessageByHcPartyTransportGuidFilter, json)\n }\n\n healthcarePartyId?: string\n transportGuid?: string\n desc?: string\n}\n"]}
@@ -0,0 +1,7 @@
1
+ import { AbstractFilterMessage } from "../../icc-api/model/AbstractFilterMessage";
2
+ export declare class MessageByHcPartyFilter extends AbstractFilterMessage {
3
+ $type: string;
4
+ constructor(json: JSON | any);
5
+ hcpId?: string;
6
+ desc?: string;
7
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.MessageByHcPartyFilter = void 0;
4
+ const AbstractFilterMessage_1 = require("../../icc-api/model/AbstractFilterMessage");
5
+ class MessageByHcPartyFilter extends AbstractFilterMessage_1.AbstractFilterMessage {
6
+ constructor(json) {
7
+ super(json);
8
+ this.$type = 'MessageByHcPartyFilter';
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.MessageByHcPartyFilter = MessageByHcPartyFilter;
13
+ //# sourceMappingURL=MessageByHcPartyFilter.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"MessageByHcPartyFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/MessageByHcPartyFilter.ts"],"names":[],"mappings":";;;AAAA,qFAAgF;AAEhF,MAAa,sBAAuB,SAAQ,6CAAqB;IAE7D,YAAY,IAAgB;QACxB,KAAK,CAAC,IAAI,CAAC,CAAA;QAFf,UAAK,GAAW,wBAAwB,CAAA;QAIpC,MAAM,CAAC,MAAM,CAAC,IAA8B,EAAE,IAAI,CAAC,CAAA;IACvD,CAAC;CAIJ;AAVD,wDAUC","sourcesContent":["import {AbstractFilterMessage} from \"../../icc-api/model/AbstractFilterMessage\";\n\nexport class MessageByHcPartyFilter extends AbstractFilterMessage {\n $type: string = 'MessageByHcPartyFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as MessageByHcPartyFilter, json)\n }\n\n hcpId?: string\n desc?: string\n}\n"]}
@@ -0,0 +1,8 @@
1
+ import { AbstractFilterMessage } from "../../icc-api/model/AbstractFilterMessage";
2
+ export declare class MessageByHcPartyTransportGuidFilter extends AbstractFilterMessage {
3
+ $type: string;
4
+ constructor(json: JSON | any);
5
+ healthcarePartyId?: string;
6
+ transportGuid?: string;
7
+ desc?: string;
8
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.MessageByHcPartyTransportGuidFilter = void 0;
4
+ const AbstractFilterMessage_1 = require("../../icc-api/model/AbstractFilterMessage");
5
+ class MessageByHcPartyTransportGuidFilter extends AbstractFilterMessage_1.AbstractFilterMessage {
6
+ constructor(json) {
7
+ super(json);
8
+ this.$type = 'MessageByHcPartyTransportGuidFilter';
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.MessageByHcPartyTransportGuidFilter = MessageByHcPartyTransportGuidFilter;
13
+ //# sourceMappingURL=MessageByHcPartyTransportGuidFilter.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"MessageByHcPartyTransportGuidFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/MessageByHcPartyTransportGuidFilter.ts"],"names":[],"mappings":";;;AAAA,qFAAgF;AAEhF,MAAa,mCAAoC,SAAQ,6CAAqB;IAE1E,YAAY,IAAgB;QACxB,KAAK,CAAC,IAAI,CAAC,CAAA;QAFf,UAAK,GAAW,qCAAqC,CAAA;QAIjD,MAAM,CAAC,MAAM,CAAC,IAA2C,EAAE,IAAI,CAAC,CAAA;IACpE,CAAC;CAKJ;AAXD,kFAWC","sourcesContent":["import {AbstractFilterMessage} from \"../../icc-api/model/AbstractFilterMessage\";\n\nexport class MessageByHcPartyTransportGuidFilter extends AbstractFilterMessage {\n $type: string = 'MessageByHcPartyTransportGuidFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as MessageByHcPartyTransportGuidFilter, json)\n }\n\n healthcarePartyId?: string\n transportGuid?: string\n desc?: string\n}\n"]}
@@ -0,0 +1,7 @@
1
+ import { AbstractFilterTopic } from "../../icc-api/model/AbstractFilterTopic";
2
+ export declare class TopicByHcPartyFilter extends AbstractFilterTopic {
3
+ $type: string;
4
+ constructor(json: JSON | any);
5
+ hcpId?: string;
6
+ desc?: string;
7
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.TopicByHcPartyFilter = void 0;
4
+ const AbstractFilterTopic_1 = require("../../icc-api/model/AbstractFilterTopic");
5
+ class TopicByHcPartyFilter extends AbstractFilterTopic_1.AbstractFilterTopic {
6
+ constructor(json) {
7
+ super(json);
8
+ this.$type = 'TopicByHcPartyFilter';
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.TopicByHcPartyFilter = TopicByHcPartyFilter;
13
+ //# sourceMappingURL=TopicByHcPartyFilter.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"TopicByHcPartyFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/TopicByHcPartyFilter.ts"],"names":[],"mappings":";;;AAAA,iFAA4E;AAE5E,MAAa,oBAAqB,SAAQ,yCAAmB;IAEzD,YAAY,IAAgB;QACxB,KAAK,CAAC,IAAI,CAAC,CAAA;QAFf,UAAK,GAAW,sBAAsB,CAAA;QAIlC,MAAM,CAAC,MAAM,CAAC,IAA4B,EAAE,IAAI,CAAC,CAAA;IACrD,CAAC;CAIJ;AAVD,oDAUC","sourcesContent":["import {AbstractFilterTopic} from \"../../icc-api/model/AbstractFilterTopic\";\n\nexport class TopicByHcPartyFilter extends AbstractFilterTopic {\n $type: string = 'TopicByHcPartyFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as TopicByHcPartyFilter, json)\n }\n\n hcpId?: string\n desc?: string\n}\n"]}
@@ -0,0 +1,7 @@
1
+ import { AbstractFilterTopic } from "../../icc-api/model/AbstractFilterTopic";
2
+ export declare class TopicByParticipantFilter extends AbstractFilterTopic {
3
+ $type: string;
4
+ constructor(json: JSON | any);
5
+ participantId?: string;
6
+ desc?: string;
7
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.TopicByParticipantFilter = void 0;
4
+ const AbstractFilterTopic_1 = require("../../icc-api/model/AbstractFilterTopic");
5
+ class TopicByParticipantFilter extends AbstractFilterTopic_1.AbstractFilterTopic {
6
+ constructor(json) {
7
+ super(json);
8
+ this.$type = 'TopicByParticipantFilter';
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.TopicByParticipantFilter = TopicByParticipantFilter;
13
+ //# sourceMappingURL=TopicByParticipantFilter.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"TopicByParticipantFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/TopicByParticipantFilter.ts"],"names":[],"mappings":";;;AAAA,iFAA4E;AAE5E,MAAa,wBAAyB,SAAQ,yCAAmB;IAE7D,YAAY,IAAgB;QACxB,KAAK,CAAC,IAAI,CAAC,CAAA;QAFf,UAAK,GAAW,0BAA0B,CAAA;QAItC,MAAM,CAAC,MAAM,CAAC,IAAgC,EAAE,IAAI,CAAC,CAAA;IACzD,CAAC;CAIJ;AAVD,4DAUC","sourcesContent":["import {AbstractFilterTopic} from \"../../icc-api/model/AbstractFilterTopic\";\n\nexport class TopicByParticipantFilter extends AbstractFilterTopic {\n $type: string = 'TopicByParticipantFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as TopicByParticipantFilter, json)\n }\n\n participantId?: string\n desc?: string\n}\n"]}
@@ -73,6 +73,11 @@ export * from './MaintenanceTaskByHcPartyAndIdentifiersFilter';
73
73
  export * from './MaintenanceTaskByHcPartyAndTypeFilter';
74
74
  export * from './MaintenanceTaskByIdsFilter';
75
75
  export * from './MaintenanceTaskAfterDateFilter';
76
+ export * from './TopicByHcPartyFilter';
77
+ export * from './TopicByParticipantFilter';
78
+ export * from './MessageByHcPartyFilter';
79
+ export * from './MessageByHcPartyTransportGuidFilter';
80
+ export * from './LatestMessageByHcPartyTransportGuidFilter';
76
81
  export declare class Filter {
77
82
  static patient(): PatientFilterBuilder;
78
83
  }
@@ -81,6 +81,11 @@ __exportStar(require("./MaintenanceTaskByHcPartyAndIdentifiersFilter"), exports)
81
81
  __exportStar(require("./MaintenanceTaskByHcPartyAndTypeFilter"), exports);
82
82
  __exportStar(require("./MaintenanceTaskByIdsFilter"), exports);
83
83
  __exportStar(require("./MaintenanceTaskAfterDateFilter"), exports);
84
+ __exportStar(require("./TopicByHcPartyFilter"), exports);
85
+ __exportStar(require("./TopicByParticipantFilter"), exports);
86
+ __exportStar(require("./MessageByHcPartyFilter"), exports);
87
+ __exportStar(require("./MessageByHcPartyTransportGuidFilter"), exports);
88
+ __exportStar(require("./LatestMessageByHcPartyTransportGuidFilter"), exports);
84
89
  class Filter {
85
90
  static patient() {
86
91
  return new PatientFilterBuilder();